diff options
Diffstat (limited to 'crypto/openssl/apps')
96 files changed, 0 insertions, 25564 deletions
diff --git a/crypto/openssl/apps/CA.pl b/crypto/openssl/apps/CA.pl deleted file mode 100755 index 4eef57e6e3919..0000000000000 --- a/crypto/openssl/apps/CA.pl +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/local/bin/perl -# -# CA - wrapper around ca to make it easier to use ... basically ca requires -# some setup stuff to be done before you can use it and this makes -# things easier between now and when Eric is convinced to fix it :-) -# -# CA -newca ... will setup the right stuff -# CA -newreq ... will generate a certificate request -# CA -sign ... will sign the generated request and output -# -# At the end of that grab newreq.pem and newcert.pem (one has the key -# and the other the certificate) and cat them together and that is what -# you want/need ... I'll make even this a little cleaner later. -# -# -# 12-Jan-96 tjh Added more things ... including CA -signcert which -# converts a certificate to a request and then signs it. -# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG -# environment variable so this can be driven from -# a script. -# 25-Jul-96 eay Cleaned up filenames some more. -# 11-Jun-96 eay Fixed a few filename missmatches. -# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'. -# 18-Apr-96 tjh Original hacking -# -# Tim Hudson -# tjh@cryptsoft.com -# - -# 27-Apr-98 snh Translation into perl, fix existing CA bug. -# -# -# Steve Henson -# shenson@bigfoot.com - -# default openssl.cnf file has setup as per the following -# demoCA ... where everything is stored - -$DAYS="-days 365"; -$REQ="openssl req $SSLEAY_CONFIG"; -$CA="openssl ca $SSLEAY_CONFIG"; -$VERIFY="openssl verify"; -$X509="openssl x509"; -$PKCS12="openssl pkcs12"; - -$CATOP="./demoCA"; -$CAKEY="cakey.pem"; -$CACERT="cacert.pem"; - -$DIRMODE = 0777; - -$RET = 0; - -foreach (@ARGV) { - if ( /^(-\?|-h|-help)$/ ) { - print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n"; - exit 0; - } elsif (/^-newcert$/) { - # create a certificate - system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); - $RET=$?; - print "Certificate (and private key) is in newreq.pem\n" - } elsif (/^-newreq$/) { - # create a certificate request - system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); - $RET=$?; - print "Request (and private key) is in newreq.pem\n"; - } elsif (/^-newca$/) { - # if explicitly asked for or it doesn't exist then setup the - # directory structure that Eric likes to manage things - $NEW="1"; - if ( "$NEW" || ! -f "${CATOP}/serial" ) { - # create the directory hierarchy - mkdir $CATOP, $DIRMODE; - mkdir "${CATOP}/certs", $DIRMODE; - mkdir "${CATOP}/crl", $DIRMODE ; - mkdir "${CATOP}/newcerts", $DIRMODE; - mkdir "${CATOP}/private", $DIRMODE; - open OUT, ">${CATOP}/serial"; - print OUT "01\n"; - close OUT; - open OUT, ">${CATOP}/index.txt"; - close OUT; - } - if ( ! -f "${CATOP}/private/$CAKEY" ) { - print "CA certificate filename (or enter to create)\n"; - $FILE = <STDIN>; - - chop $FILE; - - # ask user for existing CA certificate - if ($FILE) { - cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE"); - cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE"); - $RET=$?; - } else { - print "Making CA certificate ...\n"; - system ("$REQ -new -x509 -keyout " . - "${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS"); - $RET=$?; - } - } - } elsif (/^-pkcs12$/) { - my $cname = $ARGV[1]; - $cname = "My Certificate" unless defined $cname; - system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . - "-certfile ${CATOP}/$CACERT -out newcert.p12 " . - "-export -name \"$cname\""); - $RET=$?; - exit $RET; - } elsif (/^-xsign$/) { - system ("$CA -policy policy_anything -infiles newreq.pem"); - $RET=$?; - } elsif (/^(-sign|-signreq)$/) { - system ("$CA -policy policy_anything -out newcert.pem " . - "-infiles newreq.pem"); - $RET=$?; - print "Signed certificate is in newcert.pem\n"; - } elsif (/^-signcert$/) { - system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " . - "-out tmp.pem"); - system ("$CA -policy policy_anything -out newcert.pem " . - "-infiles tmp.pem"); - $RET = $?; - print "Signed certificate is in newcert.pem\n"; - } elsif (/^-verify$/) { - if (shift) { - foreach $j (@ARGV) { - system ("$VERIFY -CAfile $CATOP/$CACERT $j"); - $RET=$? if ($? != 0); - } - exit $RET; - } else { - system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem"); - $RET=$?; - exit 0; - } - } else { - print STDERR "Unknown arg $_\n"; - print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n"; - exit 1; - } -} - -exit $RET; - -sub cp_pem { -my ($infile, $outfile, $bound) = @_; -open IN, $infile; -open OUT, ">$outfile"; -my $flag = 0; -while (<IN>) { - $flag = 1 if (/^-----BEGIN.*$bound/) ; - print OUT $_ if ($flag); - if (/^-----END.*$bound/) { - close IN; - close OUT; - return; - } -} -} - diff --git a/crypto/openssl/apps/CA.pl.in b/crypto/openssl/apps/CA.pl.in deleted file mode 100644 index 4eef57e6e3919..0000000000000 --- a/crypto/openssl/apps/CA.pl.in +++ /dev/null @@ -1,162 +0,0 @@ -#!/usr/local/bin/perl -# -# CA - wrapper around ca to make it easier to use ... basically ca requires -# some setup stuff to be done before you can use it and this makes -# things easier between now and when Eric is convinced to fix it :-) -# -# CA -newca ... will setup the right stuff -# CA -newreq ... will generate a certificate request -# CA -sign ... will sign the generated request and output -# -# At the end of that grab newreq.pem and newcert.pem (one has the key -# and the other the certificate) and cat them together and that is what -# you want/need ... I'll make even this a little cleaner later. -# -# -# 12-Jan-96 tjh Added more things ... including CA -signcert which -# converts a certificate to a request and then signs it. -# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG -# environment variable so this can be driven from -# a script. -# 25-Jul-96 eay Cleaned up filenames some more. -# 11-Jun-96 eay Fixed a few filename missmatches. -# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'. -# 18-Apr-96 tjh Original hacking -# -# Tim Hudson -# tjh@cryptsoft.com -# - -# 27-Apr-98 snh Translation into perl, fix existing CA bug. -# -# -# Steve Henson -# shenson@bigfoot.com - -# default openssl.cnf file has setup as per the following -# demoCA ... where everything is stored - -$DAYS="-days 365"; -$REQ="openssl req $SSLEAY_CONFIG"; -$CA="openssl ca $SSLEAY_CONFIG"; -$VERIFY="openssl verify"; -$X509="openssl x509"; -$PKCS12="openssl pkcs12"; - -$CATOP="./demoCA"; -$CAKEY="cakey.pem"; -$CACERT="cacert.pem"; - -$DIRMODE = 0777; - -$RET = 0; - -foreach (@ARGV) { - if ( /^(-\?|-h|-help)$/ ) { - print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n"; - exit 0; - } elsif (/^-newcert$/) { - # create a certificate - system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); - $RET=$?; - print "Certificate (and private key) is in newreq.pem\n" - } elsif (/^-newreq$/) { - # create a certificate request - system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); - $RET=$?; - print "Request (and private key) is in newreq.pem\n"; - } elsif (/^-newca$/) { - # if explicitly asked for or it doesn't exist then setup the - # directory structure that Eric likes to manage things - $NEW="1"; - if ( "$NEW" || ! -f "${CATOP}/serial" ) { - # create the directory hierarchy - mkdir $CATOP, $DIRMODE; - mkdir "${CATOP}/certs", $DIRMODE; - mkdir "${CATOP}/crl", $DIRMODE ; - mkdir "${CATOP}/newcerts", $DIRMODE; - mkdir "${CATOP}/private", $DIRMODE; - open OUT, ">${CATOP}/serial"; - print OUT "01\n"; - close OUT; - open OUT, ">${CATOP}/index.txt"; - close OUT; - } - if ( ! -f "${CATOP}/private/$CAKEY" ) { - print "CA certificate filename (or enter to create)\n"; - $FILE = <STDIN>; - - chop $FILE; - - # ask user for existing CA certificate - if ($FILE) { - cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE"); - cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE"); - $RET=$?; - } else { - print "Making CA certificate ...\n"; - system ("$REQ -new -x509 -keyout " . - "${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS"); - $RET=$?; - } - } - } elsif (/^-pkcs12$/) { - my $cname = $ARGV[1]; - $cname = "My Certificate" unless defined $cname; - system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . - "-certfile ${CATOP}/$CACERT -out newcert.p12 " . - "-export -name \"$cname\""); - $RET=$?; - exit $RET; - } elsif (/^-xsign$/) { - system ("$CA -policy policy_anything -infiles newreq.pem"); - $RET=$?; - } elsif (/^(-sign|-signreq)$/) { - system ("$CA -policy policy_anything -out newcert.pem " . - "-infiles newreq.pem"); - $RET=$?; - print "Signed certificate is in newcert.pem\n"; - } elsif (/^-signcert$/) { - system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " . - "-out tmp.pem"); - system ("$CA -policy policy_anything -out newcert.pem " . - "-infiles tmp.pem"); - $RET = $?; - print "Signed certificate is in newcert.pem\n"; - } elsif (/^-verify$/) { - if (shift) { - foreach $j (@ARGV) { - system ("$VERIFY -CAfile $CATOP/$CACERT $j"); - $RET=$? if ($? != 0); - } - exit $RET; - } else { - system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem"); - $RET=$?; - exit 0; - } - } else { - print STDERR "Unknown arg $_\n"; - print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n"; - exit 1; - } -} - -exit $RET; - -sub cp_pem { -my ($infile, $outfile, $bound) = @_; -open IN, $infile; -open OUT, ">$outfile"; -my $flag = 0; -while (<IN>) { - $flag = 1 if (/^-----BEGIN.*$bound/) ; - print OUT $_ if ($flag); - if (/^-----END.*$bound/) { - close IN; - close OUT; - return; - } -} -} - diff --git a/crypto/openssl/apps/CA.sh b/crypto/openssl/apps/CA.sh deleted file mode 100644 index d9f3069fb2a61..0000000000000 --- a/crypto/openssl/apps/CA.sh +++ /dev/null @@ -1,132 +0,0 @@ -#!/bin/sh -# -# CA - wrapper around ca to make it easier to use ... basically ca requires -# some setup stuff to be done before you can use it and this makes -# things easier between now and when Eric is convinced to fix it :-) -# -# CA -newca ... will setup the right stuff -# CA -newreq ... will generate a certificate request -# CA -sign ... will sign the generated request and output -# -# At the end of that grab newreq.pem and newcert.pem (one has the key -# and the other the certificate) and cat them together and that is what -# you want/need ... I'll make even this a little cleaner later. -# -# -# 12-Jan-96 tjh Added more things ... including CA -signcert which -# converts a certificate to a request and then signs it. -# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG -# environment variable so this can be driven from -# a script. -# 25-Jul-96 eay Cleaned up filenames some more. -# 11-Jun-96 eay Fixed a few filename missmatches. -# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'. -# 18-Apr-96 tjh Original hacking -# -# Tim Hudson -# tjh@cryptsoft.com -# - -# default openssl.cnf file has setup as per the following -# demoCA ... where everything is stored - -DAYS="-days 365" -REQ="openssl req $SSLEAY_CONFIG" -CA="openssl ca $SSLEAY_CONFIG" -VERIFY="openssl verify" -X509="openssl x509" - -CATOP=./demoCA -CAKEY=./cakey.pem -CACERT=./cacert.pem - -for i -do -case $i in --\?|-h|-help) - echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" >&2 - exit 0 - ;; --newcert) - # create a certificate - $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS - RET=$? - echo "Certificate (and private key) is in newreq.pem" - ;; --newreq) - # create a certificate request - $REQ -new -keyout newreq.pem -out newreq.pem $DAYS - RET=$? - echo "Request (and private key) is in newreq.pem" - ;; --newca) - # if explicitly asked for or it doesn't exist then setup the directory - # structure that Eric likes to manage things - NEW="1" - if [ "$NEW" -o ! -f ${CATOP}/serial ]; then - # create the directory hierarchy - mkdir ${CATOP} - mkdir ${CATOP}/certs - mkdir ${CATOP}/crl - mkdir ${CATOP}/newcerts - mkdir ${CATOP}/private - echo "01" > ${CATOP}/serial - touch ${CATOP}/index.txt - fi - if [ ! -f ${CATOP}/private/$CAKEY ]; then - echo "CA certificate filename (or enter to create)" - read FILE - - # ask user for existing CA certificate - if [ "$FILE" ]; then - cp $FILE ${CATOP}/private/$CAKEY - RET=$? - else - echo "Making CA certificate ..." - $REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \ - -out ${CATOP}/$CACERT $DAYS - RET=$? - fi - fi - ;; --xsign) - $CA -policy policy_anything -infiles newreq.pem - RET=$? - ;; --sign|-signreq) - $CA -policy policy_anything -out newcert.pem -infiles newreq.pem - RET=$? - cat newcert.pem - echo "Signed certificate is in newcert.pem" - ;; --signcert) - echo "Cert passphrase will be requested twice - bug?" - $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem - $CA -policy policy_anything -out newcert.pem -infiles tmp.pem - cat newcert.pem - echo "Signed certificate is in newcert.pem" - ;; --verify) - shift - if [ -z "$1" ]; then - $VERIFY -CAfile $CATOP/$CACERT newcert.pem - RET=$? - else - for j - do - $VERIFY -CAfile $CATOP/$CACERT $j - if [ $? != 0 ]; then - RET=$? - fi - done - fi - exit 0 - ;; -*) - echo "Unknown arg $i"; - exit 1 - ;; -esac -done -exit $RET - diff --git a/crypto/openssl/apps/Makefile.save b/crypto/openssl/apps/Makefile.save deleted file mode 100644 index b8d0b1b5dba43..0000000000000 --- a/crypto/openssl/apps/Makefile.save +++ /dev/null @@ -1,818 +0,0 @@ -# -# apps/Makefile.ssl -# - -DIR= apps -TOP= .. -CC= cc -INCLUDES= -I../include -CFLAG= -g -static -INSTALL_PREFIX= -INSTALLTOP= /usr/local/ssl -OPENSSLDIR= /usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MAKEFILE= Makefile.ssl -PERL=/usr/local/bin/perl -RM= rm -f - -PEX_LIBS= -EX_LIBS= - -CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG) - -GENERAL=Makefile makeapps.com install.com - -DLIBCRYPTO=../libcrypto.a -DLIBSSL=../libssl.a -LIBCRYPTO=-L.. -lcrypto -LIBSSL=-L.. -lssl - -PROGRAM= openssl - -SCRIPTS=CA.sh CA.pl der_chop - -EXE= $(PROGRAM) - -E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \ - ca crl rsa dsa dsaparam \ - x509 genrsa gendsa s_server s_client speed \ - s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \ - pkcs8 spkac smime rand - -PROGS= $(PROGRAM).c - -A_OBJ=apps.o -A_SRC=apps.c -S_OBJ= s_cb.o s_socket.o -S_SRC= s_cb.c s_socket.c -RAND_OBJ=app_rand.o -RAND_SRC=app_rand.c - -E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \ - ca.o pkcs7.o crl2p7.o crl.o \ - rsa.o dsa.o dsaparam.o \ - x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ - s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \ - ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o - -E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \ - pkcs7.c crl2p7.c crl.c \ - rsa.c dsa.c dsaparam.c \ - x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ - s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \ - ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c - -SRC=$(E_SRC) - -EXHEADER= -HEADER= apps.h progs.h s_apps.h \ - testdsa.h testrsa.h \ - $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - @(cd ..; $(MAKE) DIRS=$(DIR) all) - -all: exe - -exe: $(EXE) - -req: sreq.o $(A_OBJ) $(DLIBCRYPTO) - $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) - -sreq.o: req.c - $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -install: - @for i in $(EXE); \ - do \ - (echo installing $$i; \ - cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ - chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ - done; - @for i in $(SCRIPTS); \ - do \ - (echo installing $$i; \ - cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \ - chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ - done - @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR); \ - chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf - -tags: - ctags $(SRC) - -tests: - -links: - @$(TOP)/util/point.sh Makefile.ssl Makefile - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) - rm -f req - -$(DLIBSSL): - (cd ../ssl; $(MAKE)) - -$(DLIBCRYPTO): - (cd ../crypto; $(MAKE)) - -$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) - $(RM) $(PROGRAM) - $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) - @(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs) - -progs.h: progs.pl - $(PERL) progs.pl $(E_EXE) >progs.h - $(RM) $(PROGRAM).o - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -app_rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h -app_rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -app_rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h -app_rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -app_rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h -app_rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h -app_rand.o: ../include/openssl/md2.h ../include/openssl/md5.h -app_rand.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -app_rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h -app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -apps.o: ../include/openssl/asn1.h ../include/openssl/bio.h -apps.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -apps.o: ../include/openssl/buffer.h ../include/openssl/cast.h -apps.o: ../include/openssl/crypto.h ../include/openssl/des.h -apps.o: ../include/openssl/dh.h ../include/openssl/dsa.h -apps.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -apps.o: ../include/openssl/evp.h ../include/openssl/idea.h -apps.o: ../include/openssl/md2.h ../include/openssl/md5.h -apps.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -apps.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -apps.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -apps.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h -apps.o: ../include/openssl/stack.h ../include/openssl/x509.h -apps.o: ../include/openssl/x509_vfy.h apps.h -asn1pars.o: ../include/openssl/asn1.h ../include/openssl/bio.h -asn1pars.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -asn1pars.o: ../include/openssl/buffer.h ../include/openssl/cast.h -asn1pars.o: ../include/openssl/crypto.h ../include/openssl/des.h -asn1pars.o: ../include/openssl/dh.h ../include/openssl/dsa.h -asn1pars.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h -asn1pars.o: ../include/openssl/idea.h ../include/openssl/md2.h -asn1pars.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -asn1pars.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -asn1pars.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h -asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -ca.o: ../include/openssl/asn1.h ../include/openssl/bio.h -ca.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -ca.o: ../include/openssl/buffer.h ../include/openssl/cast.h -ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h -ca.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h -ca.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -ca.o: ../include/openssl/err.h ../include/openssl/evp.h -ca.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ca.o: ../include/openssl/md2.h ../include/openssl/md5.h -ca.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ca.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ca.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ca.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ca.o: ../include/openssl/stack.h ../include/openssl/txt_db.h -ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ca.o: ../include/openssl/x509v3.h apps.h -ciphers.o: ../include/openssl/asn1.h ../include/openssl/bio.h -ciphers.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -ciphers.o: ../include/openssl/buffer.h ../include/openssl/cast.h -ciphers.o: ../include/openssl/crypto.h ../include/openssl/des.h -ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h -ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h -ciphers.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ciphers.o: ../include/openssl/md2.h ../include/openssl/md5.h -ciphers.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ciphers.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ciphers.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ciphers.o: ../include/openssl/stack.h ../include/openssl/tls1.h -ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -crl.o: ../include/openssl/asn1.h ../include/openssl/bio.h -crl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -crl.o: ../include/openssl/buffer.h ../include/openssl/cast.h -crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -crl.o: ../include/openssl/des.h ../include/openssl/dh.h -crl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -crl.o: ../include/openssl/e_os2.h ../include/openssl/err.h -crl.o: ../include/openssl/evp.h ../include/openssl/idea.h -crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h -crl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -crl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl.o: ../include/openssl/sha.h ../include/openssl/stack.h -crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -crl.o: ../include/openssl/x509v3.h apps.h -crl2p7.o: ../include/openssl/asn1.h ../include/openssl/bio.h -crl2p7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -crl2p7.o: ../include/openssl/buffer.h ../include/openssl/cast.h -crl2p7.o: ../include/openssl/crypto.h ../include/openssl/des.h -crl2p7.o: ../include/openssl/dh.h ../include/openssl/dsa.h -crl2p7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h -crl2p7.o: ../include/openssl/idea.h ../include/openssl/md2.h -crl2p7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -crl2p7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl2p7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h -crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dgst.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dgst.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dgst.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dgst.o: ../include/openssl/crypto.h ../include/openssl/des.h -dgst.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dgst.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dgst.o: ../include/openssl/err.h ../include/openssl/evp.h -dgst.o: ../include/openssl/idea.h ../include/openssl/md2.h -dgst.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dgst.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dgst.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dgst.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dgst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h -dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dh.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dh.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dh.o: ../include/openssl/crypto.h ../include/openssl/des.h -dh.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dh.o: ../include/openssl/err.h ../include/openssl/evp.h -dh.o: ../include/openssl/idea.h ../include/openssl/md2.h -dh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dh.o: ../include/openssl/sha.h ../include/openssl/stack.h -dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dsa.o: ../include/openssl/err.h ../include/openssl/evp.h -dsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -dsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dsaparam.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dsaparam.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dsaparam.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dsaparam.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dsaparam.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dsaparam.o: ../include/openssl/err.h ../include/openssl/evp.h -dsaparam.o: ../include/openssl/idea.h ../include/openssl/md2.h -dsaparam.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dsaparam.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsaparam.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h -enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h -enc.o: ../include/openssl/crypto.h ../include/openssl/des.h -enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h -enc.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -enc.o: ../include/openssl/err.h ../include/openssl/evp.h -enc.o: ../include/openssl/idea.h ../include/openssl/md2.h -enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -enc.o: ../include/openssl/rand.h ../include/openssl/rc2.h -enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h -enc.o: ../include/openssl/stack.h ../include/openssl/x509.h -enc.o: ../include/openssl/x509_vfy.h apps.h -errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h -errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h -errstr.o: ../include/openssl/crypto.h ../include/openssl/des.h -errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h -errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -errstr.o: ../include/openssl/err.h ../include/openssl/evp.h -errstr.o: ../include/openssl/idea.h ../include/openssl/lhash.h -errstr.o: ../include/openssl/md2.h ../include/openssl/md5.h -errstr.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -errstr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -errstr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -errstr.o: ../include/openssl/stack.h ../include/openssl/tls1.h -errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -gendh.o: ../include/openssl/asn1.h ../include/openssl/bio.h -gendh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -gendh.o: ../include/openssl/buffer.h ../include/openssl/cast.h -gendh.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h -gendh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -gendh.o: ../include/openssl/err.h ../include/openssl/evp.h -gendh.o: ../include/openssl/idea.h ../include/openssl/md2.h -gendh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -gendh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -gendh.o: ../include/openssl/rand.h ../include/openssl/rc2.h -gendh.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -gendh.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h -gendh.o: ../include/openssl/stack.h ../include/openssl/x509.h -gendh.o: ../include/openssl/x509_vfy.h apps.h -gendsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -gendsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -gendsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -gendsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -gendsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h -gendsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -gendsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -gendsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -gendsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -gendsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -gendsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -genrsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -genrsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -genrsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -genrsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -genrsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -genrsa.o: ../include/openssl/err.h ../include/openssl/evp.h -genrsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -genrsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -genrsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -genrsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -genrsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -nseq.o: ../include/openssl/asn1.h ../include/openssl/bio.h -nseq.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -nseq.o: ../include/openssl/buffer.h ../include/openssl/cast.h -nseq.o: ../include/openssl/crypto.h ../include/openssl/des.h -nseq.o: ../include/openssl/dh.h ../include/openssl/dsa.h -nseq.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -nseq.o: ../include/openssl/err.h ../include/openssl/evp.h -nseq.o: ../include/openssl/idea.h ../include/openssl/md2.h -nseq.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -nseq.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -nseq.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -nseq.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h -nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -openssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h -openssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -openssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h -openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -openssl.o: ../include/openssl/des.h ../include/openssl/dh.h -openssl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h -openssl.o: ../include/openssl/evp.h ../include/openssl/idea.h -openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h -openssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -openssl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h -openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -openssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h -openssl.o: ../include/openssl/x509_vfy.h apps.h progs.h s_apps.h -passwd.o: ../include/openssl/asn1.h ../include/openssl/bio.h -passwd.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -passwd.o: ../include/openssl/buffer.h ../include/openssl/cast.h -passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h -passwd.o: ../include/openssl/dh.h ../include/openssl/dsa.h -passwd.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -passwd.o: ../include/openssl/err.h ../include/openssl/evp.h -passwd.o: ../include/openssl/idea.h ../include/openssl/md2.h -passwd.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -passwd.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -passwd.o: ../include/openssl/rand.h ../include/openssl/rc2.h -passwd.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -passwd.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h -passwd.o: ../include/openssl/stack.h ../include/openssl/x509.h -passwd.o: ../include/openssl/x509_vfy.h apps.h -pkcs12.o: ../include/openssl/asn1.h ../include/openssl/bio.h -pkcs12.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -pkcs12.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs12.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs12.o: ../include/openssl/dh.h ../include/openssl/dsa.h -pkcs12.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs12.o: ../include/openssl/idea.h ../include/openssl/md2.h -pkcs12.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h -pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -pkcs12.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs12.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs12.o: ../include/openssl/stack.h ../include/openssl/x509.h -pkcs12.o: ../include/openssl/x509_vfy.h apps.h -pkcs7.o: ../include/openssl/asn1.h ../include/openssl/bio.h -pkcs7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -pkcs7.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs7.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs7.o: ../include/openssl/dh.h ../include/openssl/dsa.h -pkcs7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs7.o: ../include/openssl/idea.h ../include/openssl/md2.h -pkcs7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -pkcs7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h -pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -pkcs8.o: ../include/openssl/asn1.h ../include/openssl/bio.h -pkcs8.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -pkcs8.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs8.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs8.o: ../include/openssl/dh.h ../include/openssl/dsa.h -pkcs8.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs8.o: ../include/openssl/idea.h ../include/openssl/md2.h -pkcs8.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h -pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -pkcs8.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs8.o: ../include/openssl/stack.h ../include/openssl/x509.h -pkcs8.o: ../include/openssl/x509_vfy.h apps.h -rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h -rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h -rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h -rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -rand.o: ../include/openssl/err.h ../include/openssl/evp.h -rand.o: ../include/openssl/idea.h ../include/openssl/md2.h -rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h -rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h -rand.o: ../include/openssl/stack.h ../include/openssl/x509.h -rand.o: ../include/openssl/x509_vfy.h apps.h -req.o: ../include/openssl/asn1.h ../include/openssl/bio.h -req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -req.o: ../include/openssl/buffer.h ../include/openssl/cast.h -req.o: ../include/openssl/conf.h ../include/openssl/crypto.h -req.o: ../include/openssl/des.h ../include/openssl/dh.h -req.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -req.o: ../include/openssl/e_os2.h ../include/openssl/err.h -req.o: ../include/openssl/evp.h ../include/openssl/idea.h -req.o: ../include/openssl/lhash.h ../include/openssl/md2.h -req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -req.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -req.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -req.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -req.o: ../include/openssl/sha.h ../include/openssl/stack.h -req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -req.o: ../include/openssl/x509v3.h apps.h -rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -rsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -rsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -rsa.o: ../include/openssl/err.h ../include/openssl/evp.h -rsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_cb.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_cb.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_cb.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_cb.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h -s_cb.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_cb.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_cb.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_cb.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_cb.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_cb.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_apps.h -s_client.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_client.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_client.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_client.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_client.o: ../include/openssl/err.h ../include/openssl/evp.h -s_client.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_client.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_client.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_client.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_client.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_client.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_client.o: s_apps.h -s_server.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_server.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_server.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_server.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_server.o: ../include/openssl/err.h ../include/openssl/evp.h -s_server.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_server.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_server.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_server.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_server.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_server.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_server.o: s_apps.h -s_socket.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_socket.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_socket.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_socket.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_socket.o: ../include/openssl/evp.h ../include/openssl/idea.h -s_socket.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s_socket.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_socket.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_socket.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_socket.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h -s_time.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_time.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_time.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_time.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_time.o: ../include/openssl/err.h ../include/openssl/evp.h -s_time.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_time.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_time.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_time.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_time.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_time.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_time.o: s_apps.h -sess_id.o: ../include/openssl/asn1.h ../include/openssl/bio.h -sess_id.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -sess_id.o: ../include/openssl/buffer.h ../include/openssl/cast.h -sess_id.o: ../include/openssl/crypto.h ../include/openssl/des.h -sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h -sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h -sess_id.o: ../include/openssl/idea.h ../include/openssl/lhash.h -sess_id.o: ../include/openssl/md2.h ../include/openssl/md5.h -sess_id.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h -sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -sess_id.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -sess_id.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h -sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -sess_id.o: ../include/openssl/stack.h ../include/openssl/tls1.h -sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -smime.o: ../include/openssl/asn1.h ../include/openssl/bio.h -smime.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -smime.o: ../include/openssl/buffer.h ../include/openssl/cast.h -smime.o: ../include/openssl/crypto.h ../include/openssl/des.h -smime.o: ../include/openssl/dh.h ../include/openssl/dsa.h -smime.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -smime.o: ../include/openssl/err.h ../include/openssl/evp.h -smime.o: ../include/openssl/idea.h ../include/openssl/md2.h -smime.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -smime.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -smime.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -smime.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -smime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -smime.o: ../include/openssl/sha.h ../include/openssl/stack.h -smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -speed.o: ../include/openssl/asn1.h ../include/openssl/bio.h -speed.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -speed.o: ../include/openssl/buffer.h ../include/openssl/cast.h -speed.o: ../include/openssl/crypto.h ../include/openssl/des.h -speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h -speed.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -speed.o: ../include/openssl/err.h ../include/openssl/evp.h -speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h -speed.o: ../include/openssl/md2.h ../include/openssl/md5.h -speed.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -speed.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -speed.o: ../include/openssl/sha.h ../include/openssl/stack.h -speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h -speed.o: ./testrsa.h apps.h -spkac.o: ../include/openssl/asn1.h ../include/openssl/bio.h -spkac.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -spkac.o: ../include/openssl/buffer.h ../include/openssl/cast.h -spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h -spkac.o: ../include/openssl/des.h ../include/openssl/dh.h -spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -spkac.o: ../include/openssl/e_os2.h ../include/openssl/err.h -spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h -spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h -spkac.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -spkac.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -spkac.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -spkac.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h -spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -verify.o: ../include/openssl/asn1.h ../include/openssl/bio.h -verify.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -verify.o: ../include/openssl/buffer.h ../include/openssl/cast.h -verify.o: ../include/openssl/conf.h ../include/openssl/crypto.h -verify.o: ../include/openssl/des.h ../include/openssl/dh.h -verify.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -verify.o: ../include/openssl/e_os2.h ../include/openssl/err.h -verify.o: ../include/openssl/evp.h ../include/openssl/idea.h -verify.o: ../include/openssl/lhash.h ../include/openssl/md2.h -verify.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -verify.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -verify.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -verify.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -verify.o: ../include/openssl/sha.h ../include/openssl/stack.h -verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -verify.o: ../include/openssl/x509v3.h apps.h -version.o: ../include/openssl/asn1.h ../include/openssl/bio.h -version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -version.o: ../include/openssl/buffer.h ../include/openssl/cast.h -version.o: ../include/openssl/crypto.h ../include/openssl/des.h -version.o: ../include/openssl/dh.h ../include/openssl/dsa.h -version.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -version.o: ../include/openssl/evp.h ../include/openssl/idea.h -version.o: ../include/openssl/md2.h ../include/openssl/md5.h -version.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -version.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -version.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -version.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -version.o: ../include/openssl/safestack.h ../include/openssl/sha.h -version.o: ../include/openssl/stack.h ../include/openssl/x509.h -version.o: ../include/openssl/x509_vfy.h apps.h -x509.o: ../include/openssl/asn1.h ../include/openssl/bio.h -x509.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -x509.o: ../include/openssl/buffer.h ../include/openssl/cast.h -x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h -x509.o: ../include/openssl/des.h ../include/openssl/dh.h -x509.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -x509.o: ../include/openssl/e_os2.h ../include/openssl/err.h -x509.o: ../include/openssl/evp.h ../include/openssl/idea.h -x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h -x509.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -x509.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -x509.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -x509.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -x509.o: ../include/openssl/sha.h ../include/openssl/stack.h -x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -x509.o: ../include/openssl/x509v3.h apps.h diff --git a/crypto/openssl/apps/Makefile.ssl b/crypto/openssl/apps/Makefile.ssl deleted file mode 100644 index b8d0b1b5dba43..0000000000000 --- a/crypto/openssl/apps/Makefile.ssl +++ /dev/null @@ -1,818 +0,0 @@ -# -# apps/Makefile.ssl -# - -DIR= apps -TOP= .. -CC= cc -INCLUDES= -I../include -CFLAG= -g -static -INSTALL_PREFIX= -INSTALLTOP= /usr/local/ssl -OPENSSLDIR= /usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MAKEFILE= Makefile.ssl -PERL=/usr/local/bin/perl -RM= rm -f - -PEX_LIBS= -EX_LIBS= - -CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG) - -GENERAL=Makefile makeapps.com install.com - -DLIBCRYPTO=../libcrypto.a -DLIBSSL=../libssl.a -LIBCRYPTO=-L.. -lcrypto -LIBSSL=-L.. -lssl - -PROGRAM= openssl - -SCRIPTS=CA.sh CA.pl der_chop - -EXE= $(PROGRAM) - -E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \ - ca crl rsa dsa dsaparam \ - x509 genrsa gendsa s_server s_client speed \ - s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \ - pkcs8 spkac smime rand - -PROGS= $(PROGRAM).c - -A_OBJ=apps.o -A_SRC=apps.c -S_OBJ= s_cb.o s_socket.o -S_SRC= s_cb.c s_socket.c -RAND_OBJ=app_rand.o -RAND_SRC=app_rand.c - -E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \ - ca.o pkcs7.o crl2p7.o crl.o \ - rsa.o dsa.o dsaparam.o \ - x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ - s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \ - ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o - -E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \ - pkcs7.c crl2p7.c crl.c \ - rsa.c dsa.c dsaparam.c \ - x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ - s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \ - ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c - -SRC=$(E_SRC) - -EXHEADER= -HEADER= apps.h progs.h s_apps.h \ - testdsa.h testrsa.h \ - $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - @(cd ..; $(MAKE) DIRS=$(DIR) all) - -all: exe - -exe: $(EXE) - -req: sreq.o $(A_OBJ) $(DLIBCRYPTO) - $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) - -sreq.o: req.c - $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -install: - @for i in $(EXE); \ - do \ - (echo installing $$i; \ - cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ - chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ - done; - @for i in $(SCRIPTS); \ - do \ - (echo installing $$i; \ - cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \ - chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ - done - @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR); \ - chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf - -tags: - ctags $(SRC) - -tests: - -links: - @$(TOP)/util/point.sh Makefile.ssl Makefile - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) - rm -f req - -$(DLIBSSL): - (cd ../ssl; $(MAKE)) - -$(DLIBCRYPTO): - (cd ../crypto; $(MAKE)) - -$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) - $(RM) $(PROGRAM) - $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) - @(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs) - -progs.h: progs.pl - $(PERL) progs.pl $(E_EXE) >progs.h - $(RM) $(PROGRAM).o - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -app_rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h -app_rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -app_rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h -app_rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -app_rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h -app_rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h -app_rand.o: ../include/openssl/md2.h ../include/openssl/md5.h -app_rand.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -app_rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h -app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -apps.o: ../include/openssl/asn1.h ../include/openssl/bio.h -apps.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -apps.o: ../include/openssl/buffer.h ../include/openssl/cast.h -apps.o: ../include/openssl/crypto.h ../include/openssl/des.h -apps.o: ../include/openssl/dh.h ../include/openssl/dsa.h -apps.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -apps.o: ../include/openssl/evp.h ../include/openssl/idea.h -apps.o: ../include/openssl/md2.h ../include/openssl/md5.h -apps.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -apps.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -apps.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -apps.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h -apps.o: ../include/openssl/stack.h ../include/openssl/x509.h -apps.o: ../include/openssl/x509_vfy.h apps.h -asn1pars.o: ../include/openssl/asn1.h ../include/openssl/bio.h -asn1pars.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -asn1pars.o: ../include/openssl/buffer.h ../include/openssl/cast.h -asn1pars.o: ../include/openssl/crypto.h ../include/openssl/des.h -asn1pars.o: ../include/openssl/dh.h ../include/openssl/dsa.h -asn1pars.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h -asn1pars.o: ../include/openssl/idea.h ../include/openssl/md2.h -asn1pars.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -asn1pars.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -asn1pars.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h -asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -ca.o: ../include/openssl/asn1.h ../include/openssl/bio.h -ca.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -ca.o: ../include/openssl/buffer.h ../include/openssl/cast.h -ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h -ca.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h -ca.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -ca.o: ../include/openssl/err.h ../include/openssl/evp.h -ca.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ca.o: ../include/openssl/md2.h ../include/openssl/md5.h -ca.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ca.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ca.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ca.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ca.o: ../include/openssl/stack.h ../include/openssl/txt_db.h -ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ca.o: ../include/openssl/x509v3.h apps.h -ciphers.o: ../include/openssl/asn1.h ../include/openssl/bio.h -ciphers.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -ciphers.o: ../include/openssl/buffer.h ../include/openssl/cast.h -ciphers.o: ../include/openssl/crypto.h ../include/openssl/des.h -ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h -ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h -ciphers.o: ../include/openssl/idea.h ../include/openssl/lhash.h -ciphers.o: ../include/openssl/md2.h ../include/openssl/md5.h -ciphers.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -ciphers.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ciphers.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ciphers.o: ../include/openssl/stack.h ../include/openssl/tls1.h -ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -crl.o: ../include/openssl/asn1.h ../include/openssl/bio.h -crl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -crl.o: ../include/openssl/buffer.h ../include/openssl/cast.h -crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -crl.o: ../include/openssl/des.h ../include/openssl/dh.h -crl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -crl.o: ../include/openssl/e_os2.h ../include/openssl/err.h -crl.o: ../include/openssl/evp.h ../include/openssl/idea.h -crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h -crl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -crl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl.o: ../include/openssl/sha.h ../include/openssl/stack.h -crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -crl.o: ../include/openssl/x509v3.h apps.h -crl2p7.o: ../include/openssl/asn1.h ../include/openssl/bio.h -crl2p7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -crl2p7.o: ../include/openssl/buffer.h ../include/openssl/cast.h -crl2p7.o: ../include/openssl/crypto.h ../include/openssl/des.h -crl2p7.o: ../include/openssl/dh.h ../include/openssl/dsa.h -crl2p7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h -crl2p7.o: ../include/openssl/idea.h ../include/openssl/md2.h -crl2p7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -crl2p7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl2p7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h -crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dgst.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dgst.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dgst.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dgst.o: ../include/openssl/crypto.h ../include/openssl/des.h -dgst.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dgst.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dgst.o: ../include/openssl/err.h ../include/openssl/evp.h -dgst.o: ../include/openssl/idea.h ../include/openssl/md2.h -dgst.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dgst.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dgst.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dgst.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dgst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h -dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dh.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dh.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dh.o: ../include/openssl/crypto.h ../include/openssl/des.h -dh.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dh.o: ../include/openssl/err.h ../include/openssl/evp.h -dh.o: ../include/openssl/idea.h ../include/openssl/md2.h -dh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dh.o: ../include/openssl/sha.h ../include/openssl/stack.h -dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dsa.o: ../include/openssl/err.h ../include/openssl/evp.h -dsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -dsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dsaparam.o: ../include/openssl/asn1.h ../include/openssl/bio.h -dsaparam.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -dsaparam.o: ../include/openssl/buffer.h ../include/openssl/cast.h -dsaparam.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dsaparam.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -dsaparam.o: ../include/openssl/err.h ../include/openssl/evp.h -dsaparam.o: ../include/openssl/idea.h ../include/openssl/md2.h -dsaparam.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dsaparam.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsaparam.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h -enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h -enc.o: ../include/openssl/crypto.h ../include/openssl/des.h -enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h -enc.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -enc.o: ../include/openssl/err.h ../include/openssl/evp.h -enc.o: ../include/openssl/idea.h ../include/openssl/md2.h -enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -enc.o: ../include/openssl/rand.h ../include/openssl/rc2.h -enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h -enc.o: ../include/openssl/stack.h ../include/openssl/x509.h -enc.o: ../include/openssl/x509_vfy.h apps.h -errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h -errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h -errstr.o: ../include/openssl/crypto.h ../include/openssl/des.h -errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h -errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -errstr.o: ../include/openssl/err.h ../include/openssl/evp.h -errstr.o: ../include/openssl/idea.h ../include/openssl/lhash.h -errstr.o: ../include/openssl/md2.h ../include/openssl/md5.h -errstr.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -errstr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -errstr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -errstr.o: ../include/openssl/stack.h ../include/openssl/tls1.h -errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -gendh.o: ../include/openssl/asn1.h ../include/openssl/bio.h -gendh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -gendh.o: ../include/openssl/buffer.h ../include/openssl/cast.h -gendh.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h -gendh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -gendh.o: ../include/openssl/err.h ../include/openssl/evp.h -gendh.o: ../include/openssl/idea.h ../include/openssl/md2.h -gendh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -gendh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -gendh.o: ../include/openssl/rand.h ../include/openssl/rc2.h -gendh.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -gendh.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h -gendh.o: ../include/openssl/stack.h ../include/openssl/x509.h -gendh.o: ../include/openssl/x509_vfy.h apps.h -gendsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -gendsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -gendsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -gendsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -gendsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h -gendsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -gendsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -gendsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -gendsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -gendsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -gendsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -genrsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -genrsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -genrsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -genrsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -genrsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -genrsa.o: ../include/openssl/err.h ../include/openssl/evp.h -genrsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -genrsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -genrsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -genrsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -genrsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -nseq.o: ../include/openssl/asn1.h ../include/openssl/bio.h -nseq.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -nseq.o: ../include/openssl/buffer.h ../include/openssl/cast.h -nseq.o: ../include/openssl/crypto.h ../include/openssl/des.h -nseq.o: ../include/openssl/dh.h ../include/openssl/dsa.h -nseq.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -nseq.o: ../include/openssl/err.h ../include/openssl/evp.h -nseq.o: ../include/openssl/idea.h ../include/openssl/md2.h -nseq.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -nseq.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -nseq.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -nseq.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h -nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -openssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h -openssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -openssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h -openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -openssl.o: ../include/openssl/des.h ../include/openssl/dh.h -openssl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h -openssl.o: ../include/openssl/evp.h ../include/openssl/idea.h -openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h -openssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -openssl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h -openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -openssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h -openssl.o: ../include/openssl/x509_vfy.h apps.h progs.h s_apps.h -passwd.o: ../include/openssl/asn1.h ../include/openssl/bio.h -passwd.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -passwd.o: ../include/openssl/buffer.h ../include/openssl/cast.h -passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h -passwd.o: ../include/openssl/dh.h ../include/openssl/dsa.h -passwd.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -passwd.o: ../include/openssl/err.h ../include/openssl/evp.h -passwd.o: ../include/openssl/idea.h ../include/openssl/md2.h -passwd.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -passwd.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -passwd.o: ../include/openssl/rand.h ../include/openssl/rc2.h -passwd.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -passwd.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h -passwd.o: ../include/openssl/stack.h ../include/openssl/x509.h -passwd.o: ../include/openssl/x509_vfy.h apps.h -pkcs12.o: ../include/openssl/asn1.h ../include/openssl/bio.h -pkcs12.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -pkcs12.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs12.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs12.o: ../include/openssl/dh.h ../include/openssl/dsa.h -pkcs12.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs12.o: ../include/openssl/idea.h ../include/openssl/md2.h -pkcs12.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h -pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -pkcs12.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs12.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs12.o: ../include/openssl/stack.h ../include/openssl/x509.h -pkcs12.o: ../include/openssl/x509_vfy.h apps.h -pkcs7.o: ../include/openssl/asn1.h ../include/openssl/bio.h -pkcs7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -pkcs7.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs7.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs7.o: ../include/openssl/dh.h ../include/openssl/dsa.h -pkcs7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs7.o: ../include/openssl/idea.h ../include/openssl/md2.h -pkcs7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -pkcs7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h -pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -pkcs8.o: ../include/openssl/asn1.h ../include/openssl/bio.h -pkcs8.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -pkcs8.o: ../include/openssl/buffer.h ../include/openssl/cast.h -pkcs8.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs8.o: ../include/openssl/dh.h ../include/openssl/dsa.h -pkcs8.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h -pkcs8.o: ../include/openssl/idea.h ../include/openssl/md2.h -pkcs8.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h -pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -pkcs8.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs8.o: ../include/openssl/stack.h ../include/openssl/x509.h -pkcs8.o: ../include/openssl/x509_vfy.h apps.h -rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h -rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h -rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h -rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -rand.o: ../include/openssl/err.h ../include/openssl/evp.h -rand.o: ../include/openssl/idea.h ../include/openssl/md2.h -rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h -rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h -rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h -rand.o: ../include/openssl/stack.h ../include/openssl/x509.h -rand.o: ../include/openssl/x509_vfy.h apps.h -req.o: ../include/openssl/asn1.h ../include/openssl/bio.h -req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -req.o: ../include/openssl/buffer.h ../include/openssl/cast.h -req.o: ../include/openssl/conf.h ../include/openssl/crypto.h -req.o: ../include/openssl/des.h ../include/openssl/dh.h -req.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -req.o: ../include/openssl/e_os2.h ../include/openssl/err.h -req.o: ../include/openssl/evp.h ../include/openssl/idea.h -req.o: ../include/openssl/lhash.h ../include/openssl/md2.h -req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -req.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -req.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -req.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -req.o: ../include/openssl/sha.h ../include/openssl/stack.h -req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -req.o: ../include/openssl/x509v3.h apps.h -rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h -rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h -rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -rsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -rsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -rsa.o: ../include/openssl/err.h ../include/openssl/evp.h -rsa.o: ../include/openssl/idea.h ../include/openssl/md2.h -rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_cb.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_cb.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_cb.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_cb.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h -s_cb.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_cb.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_cb.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_cb.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_cb.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_cb.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_apps.h -s_client.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_client.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_client.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_client.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_client.o: ../include/openssl/err.h ../include/openssl/evp.h -s_client.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_client.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_client.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_client.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_client.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_client.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_client.o: s_apps.h -s_server.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_server.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_server.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_server.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_server.o: ../include/openssl/err.h ../include/openssl/evp.h -s_server.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_server.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_server.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_server.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_server.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_server.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_server.o: s_apps.h -s_socket.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_socket.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_socket.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_socket.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_socket.o: ../include/openssl/evp.h ../include/openssl/idea.h -s_socket.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s_socket.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_socket.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_socket.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_socket.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h -s_time.o: ../include/openssl/asn1.h ../include/openssl/bio.h -s_time.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -s_time.o: ../include/openssl/buffer.h ../include/openssl/cast.h -s_time.o: ../include/openssl/crypto.h ../include/openssl/des.h -s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -s_time.o: ../include/openssl/err.h ../include/openssl/evp.h -s_time.o: ../include/openssl/idea.h ../include/openssl/lhash.h -s_time.o: ../include/openssl/md2.h ../include/openssl/md5.h -s_time.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -s_time.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -s_time.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_time.o: ../include/openssl/stack.h ../include/openssl/tls1.h -s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -s_time.o: s_apps.h -sess_id.o: ../include/openssl/asn1.h ../include/openssl/bio.h -sess_id.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -sess_id.o: ../include/openssl/buffer.h ../include/openssl/cast.h -sess_id.o: ../include/openssl/crypto.h ../include/openssl/des.h -sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h -sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h -sess_id.o: ../include/openssl/idea.h ../include/openssl/lhash.h -sess_id.o: ../include/openssl/md2.h ../include/openssl/md5.h -sess_id.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h -sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -sess_id.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -sess_id.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h -sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -sess_id.o: ../include/openssl/stack.h ../include/openssl/tls1.h -sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -smime.o: ../include/openssl/asn1.h ../include/openssl/bio.h -smime.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -smime.o: ../include/openssl/buffer.h ../include/openssl/cast.h -smime.o: ../include/openssl/crypto.h ../include/openssl/des.h -smime.o: ../include/openssl/dh.h ../include/openssl/dsa.h -smime.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -smime.o: ../include/openssl/err.h ../include/openssl/evp.h -smime.o: ../include/openssl/idea.h ../include/openssl/md2.h -smime.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -smime.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -smime.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -smime.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -smime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -smime.o: ../include/openssl/sha.h ../include/openssl/stack.h -smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -speed.o: ../include/openssl/asn1.h ../include/openssl/bio.h -speed.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -speed.o: ../include/openssl/buffer.h ../include/openssl/cast.h -speed.o: ../include/openssl/crypto.h ../include/openssl/des.h -speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h -speed.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -speed.o: ../include/openssl/err.h ../include/openssl/evp.h -speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h -speed.o: ../include/openssl/md2.h ../include/openssl/md5.h -speed.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -speed.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -speed.o: ../include/openssl/sha.h ../include/openssl/stack.h -speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h -speed.o: ./testrsa.h apps.h -spkac.o: ../include/openssl/asn1.h ../include/openssl/bio.h -spkac.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -spkac.o: ../include/openssl/buffer.h ../include/openssl/cast.h -spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h -spkac.o: ../include/openssl/des.h ../include/openssl/dh.h -spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -spkac.o: ../include/openssl/e_os2.h ../include/openssl/err.h -spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h -spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h -spkac.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -spkac.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -spkac.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -spkac.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h -spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -verify.o: ../include/openssl/asn1.h ../include/openssl/bio.h -verify.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -verify.o: ../include/openssl/buffer.h ../include/openssl/cast.h -verify.o: ../include/openssl/conf.h ../include/openssl/crypto.h -verify.o: ../include/openssl/des.h ../include/openssl/dh.h -verify.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -verify.o: ../include/openssl/e_os2.h ../include/openssl/err.h -verify.o: ../include/openssl/evp.h ../include/openssl/idea.h -verify.o: ../include/openssl/lhash.h ../include/openssl/md2.h -verify.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -verify.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -verify.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -verify.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -verify.o: ../include/openssl/sha.h ../include/openssl/stack.h -verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -verify.o: ../include/openssl/x509v3.h apps.h -version.o: ../include/openssl/asn1.h ../include/openssl/bio.h -version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -version.o: ../include/openssl/buffer.h ../include/openssl/cast.h -version.o: ../include/openssl/crypto.h ../include/openssl/des.h -version.o: ../include/openssl/dh.h ../include/openssl/dsa.h -version.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h -version.o: ../include/openssl/evp.h ../include/openssl/idea.h -version.o: ../include/openssl/md2.h ../include/openssl/md5.h -version.o: ../include/openssl/mdc2.h ../include/openssl/objects.h -version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -version.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h -version.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -version.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -version.o: ../include/openssl/safestack.h ../include/openssl/sha.h -version.o: ../include/openssl/stack.h ../include/openssl/x509.h -version.o: ../include/openssl/x509_vfy.h apps.h -x509.o: ../include/openssl/asn1.h ../include/openssl/bio.h -x509.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -x509.o: ../include/openssl/buffer.h ../include/openssl/cast.h -x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h -x509.o: ../include/openssl/des.h ../include/openssl/dh.h -x509.o: ../include/openssl/dsa.h ../include/openssl/e_os.h -x509.o: ../include/openssl/e_os2.h ../include/openssl/err.h -x509.o: ../include/openssl/evp.h ../include/openssl/idea.h -x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h -x509.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -x509.o: ../include/openssl/opensslv.h ../include/openssl/pem.h -x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -x509.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -x509.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -x509.o: ../include/openssl/sha.h ../include/openssl/stack.h -x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -x509.o: ../include/openssl/x509v3.h apps.h diff --git a/crypto/openssl/apps/app_rand.c b/crypto/openssl/apps/app_rand.c deleted file mode 100644 index 1146f9f7f38ad..0000000000000 --- a/crypto/openssl/apps/app_rand.c +++ /dev/null @@ -1,213 +0,0 @@ -/* apps/app_rand.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#define NON_MAIN -#include "apps.h" -#undef NON_MAIN -#include <openssl/bio.h> -#include <openssl/rand.h> - - -static int seeded = 0; -static int egdsocket = 0; - -int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) - { - int consider_randfile = (file == NULL); - char buffer[200]; - -#ifdef WINDOWS - BIO_printf(bio_e,"Loading 'screen' into random state -"); - BIO_flush(bio_e); - RAND_screen(); - BIO_printf(bio_e," done\n"); -#endif - - if (file == NULL) - file = RAND_file_name(buffer, sizeof buffer); - else if (RAND_egd(file) > 0) - { - /* we try if the given filename is an EGD socket. - if it is, we don't write anything back to the file. */ - egdsocket = 1; - return 1; - } - if (file == NULL || !RAND_load_file(file, -1)) - { - if (RAND_status() == 0 && !dont_warn) - { - BIO_printf(bio_e,"unable to load 'random state'\n"); - BIO_printf(bio_e,"This means that the random number generator has not been seeded\n"); - BIO_printf(bio_e,"with much random data.\n"); - if (consider_randfile) /* explanation does not apply when a file is explicitly named */ - { - BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n"); - BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n"); - } - } - return 0; - } - seeded = 1; - return 1; - } - -long app_RAND_load_files(char *name) - { - char *p,*n; - int last; - long tot=0; - int egd; - - for (;;) - { - last=0; - for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); - if (*p == '\0') last=1; - *p='\0'; - n=name; - name=p+1; - if (*n == '\0') break; - - egd=RAND_egd(n); - if (egd > 0) tot+=egd; - tot+=RAND_load_file(n,-1); - if (last) break; - } - if (tot > 512) - app_RAND_allow_write_file(); - return(tot); - } - -int app_RAND_write_file(const char *file, BIO *bio_e) - { - char buffer[200]; - - if (egdsocket || !seeded) - /* If we did not manage to read the seed file, - * we should not write a low-entropy seed file back -- - * it would suppress a crucial warning the next time - * we want to use it. */ - return 0; - - if (file == NULL) - file = RAND_file_name(buffer, sizeof buffer); - if (file == NULL || !RAND_write_file(file)) - { - BIO_printf(bio_e,"unable to write 'random state'\n"); - return 0; - } - return 1; - } - -void app_RAND_allow_write_file(void) - { - seeded = 1; - } diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c deleted file mode 100644 index a87d23bf3312e..0000000000000 --- a/crypto/openssl/apps/apps.c +++ /dev/null @@ -1,416 +0,0 @@ -/* apps/apps.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#define NON_MAIN -#include "apps.h" -#undef NON_MAIN - -#ifdef WINDOWS -# include "bss_file.c" -#endif - -int app_init(long mesgwin); -#ifdef undef /* never finished - probably never will be :-) */ -int args_from_file(char *file, int *argc, char **argv[]) - { - FILE *fp; - int num,i; - unsigned int len; - static char *buf=NULL; - static char **arg=NULL; - char *p; - struct stat stbuf; - - if (stat(file,&stbuf) < 0) return(0); - - fp=fopen(file,"r"); - if (fp == NULL) - return(0); - - *argc=0; - *argv=NULL; - - len=(unsigned int)stbuf.st_size; - if (buf != NULL) Free(buf); - buf=(char *)Malloc(len+1); - if (buf == NULL) return(0); - - len=fread(buf,1,len,fp); - if (len <= 1) return(0); - buf[len]='\0'; - - i=0; - for (p=buf; *p; p++) - if (*p == '\n') i++; - if (arg != NULL) Free(arg); - arg=(char **)Malloc(sizeof(char *)*(i*2)); - - *argv=arg; - num=0; - p=buf; - for (;;) - { - if (!*p) break; - if (*p == '#') /* comment line */ - { - while (*p && (*p != '\n')) p++; - continue; - } - /* else we have a line */ - *(arg++)=p; - num++; - while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n'))) - p++; - if (!*p) break; - if (*p == '\n') - { - *(p++)='\0'; - continue; - } - /* else it is a tab or space */ - p++; - while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) - p++; - if (!*p) break; - if (*p == '\n') - { - p++; - continue; - } - *(arg++)=p++; - num++; - while (*p && (*p != '\n')) p++; - if (!*p) break; - /* else *p == '\n' */ - *(p++)='\0'; - } - *argc=num; - return(1); - } -#endif - -int str2fmt(char *s) - { - if ((*s == 'D') || (*s == 'd')) - return(FORMAT_ASN1); - else if ((*s == 'T') || (*s == 't')) - return(FORMAT_TEXT); - else if ((*s == 'P') || (*s == 'p')) - return(FORMAT_PEM); - else if ((*s == 'N') || (*s == 'n')) - return(FORMAT_NETSCAPE); - else - return(FORMAT_UNDEF); - } - -#if defined(MSDOS) || defined(WIN32) || defined(WIN16) -void program_name(char *in, char *out, int size) - { - int i,n; - char *p=NULL; - - n=strlen(in); - /* find the last '/', '\' or ':' */ - for (i=n-1; i>0; i--) - { - if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) - { - p= &(in[i+1]); - break; - } - } - if (p == NULL) - p=in; - n=strlen(p); - /* strip off trailing .exe if present. */ - if ((n > 4) && (p[n-4] == '.') && - ((p[n-3] == 'e') || (p[n-3] == 'E')) && - ((p[n-2] == 'x') || (p[n-2] == 'X')) && - ((p[n-1] == 'e') || (p[n-1] == 'E'))) - n-=4; - if (n > size-1) - n=size-1; - - for (i=0; i<n; i++) - { - if ((p[i] >= 'A') && (p[i] <= 'Z')) - out[i]=p[i]-'A'+'a'; - else - out[i]=p[i]; - } - out[n]='\0'; - } -#else -#ifdef VMS -void program_name(char *in, char *out, int size) - { - char *p=in, *q; - char *chars=":]>"; - - while(*chars != '\0') - { - q=strrchr(p,*chars); - if (q > p) - p = q + 1; - chars++; - } - - q=strrchr(p,'.'); - if (q == NULL) - q = in+size; - strncpy(out,p,q-p); - out[q-p]='\0'; - } -#else -void program_name(char *in, char *out, int size) - { - char *p; - - p=strrchr(in,'/'); - if (p != NULL) - p++; - else - p=in; - strncpy(out,p,size-1); - out[size-1]='\0'; - } -#endif -#endif - -#ifdef WIN32 -int WIN32_rename(char *from, char *to) - { -#ifdef WINNT - int ret; -/* Note: MoveFileEx() doesn't work under Win95, Win98 */ - - ret=MoveFileEx(from,to,MOVEFILE_REPLACE_EXISTING|MOVEFILE_COPY_ALLOWED); - return(ret?0:-1); -#else - unlink(to); - return MoveFile(from, to); -#endif - } -#endif - -int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) - { - int num,len,i; - char *p; - - *argc=0; - *argv=NULL; - - len=strlen(buf); - i=0; - if (arg->count == 0) - { - arg->count=20; - arg->data=(char **)Malloc(sizeof(char *)*arg->count); - } - for (i=0; i<arg->count; i++) - arg->data[i]=NULL; - - num=0; - p=buf; - for (;;) - { - /* first scan over white space */ - if (!*p) break; - while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) - p++; - if (!*p) break; - - /* The start of something good :-) */ - if (num >= arg->count) - { - arg->count+=20; - arg->data=(char **)Realloc(arg->data, - sizeof(char *)*arg->count); - if (argc == 0) return(0); - } - arg->data[num++]=p; - - /* now look for the end of this */ - if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */ - { - i= *(p++); - arg->data[num-1]++; /* jump over quote */ - while (*p && (*p != i)) - p++; - *p='\0'; - } - else - { - while (*p && ((*p != ' ') && - (*p != '\t') && (*p != '\n'))) - p++; - - if (*p == '\0') - p--; - else - *p='\0'; - } - p++; - } - *argc=num; - *argv=arg->data; - return(1); - } - -#ifndef APP_INIT -int app_init(long mesgwin) - { - return(1); - } -#endif - - -int dump_cert_text (BIO *out, X509 *x) -{ - char buf[256]; - X509_NAME_oneline(X509_get_subject_name(x),buf,256); - BIO_puts(out,"subject="); - BIO_puts(out,buf); - - X509_NAME_oneline(X509_get_issuer_name(x),buf,256); - BIO_puts(out,"\nissuer= "); - BIO_puts(out,buf); - BIO_puts(out,"\n"); - return 0; -} - -static char *app_get_pass(BIO *err, char *arg, int keepbio); - -int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2) -{ - int same; - if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0; - else same = 1; - if(arg1) { - *pass1 = app_get_pass(err, arg1, same); - if(!*pass1) return 0; - } else if(pass1) *pass1 = NULL; - if(arg2) { - *pass2 = app_get_pass(err, arg2, same ? 2 : 0); - if(!*pass2) return 0; - } else if(pass2) *pass2 = NULL; - return 1; -} - -static char *app_get_pass(BIO *err, char *arg, int keepbio) -{ - char *tmp, tpass[APP_PASS_LEN]; - static BIO *pwdbio = NULL; - int i; - if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5); - if(!strncmp(arg, "env:", 4)) { - tmp = getenv(arg + 4); - if(!tmp) { - BIO_printf(err, "Can't read environment variable %s\n", arg + 4); - return NULL; - } - return BUF_strdup(tmp); - } - if(!keepbio || !pwdbio) { - if(!strncmp(arg, "file:", 5)) { - pwdbio = BIO_new_file(arg + 5, "r"); - if(!pwdbio) { - BIO_printf(err, "Can't open file %s\n", arg + 5); - return NULL; - } - } else if(!strncmp(arg, "fd:", 3)) { - BIO *btmp; - i = atoi(arg + 3); - if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); - if((i < 0) || !pwdbio) { - BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); - return NULL; - } - /* Can't do BIO_gets on an fd BIO so add a buffering BIO */ - btmp = BIO_new(BIO_f_buffer()); - pwdbio = BIO_push(btmp, pwdbio); - } else if(!strcmp(arg, "stdin")) { - pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); - if(!pwdbio) { - BIO_printf(err, "Can't open BIO for stdin\n"); - return NULL; - } - } else { - BIO_printf(err, "Invalid password argument \"%s\"\n", arg); - return NULL; - } - } - i = BIO_gets(pwdbio, tpass, APP_PASS_LEN); - if(keepbio != 1) { - BIO_free_all(pwdbio); - pwdbio = NULL; - } - if(i <= 0) { - BIO_printf(err, "Error reading password from BIO\n"); - return NULL; - } - tmp = strchr(tpass, '\n'); - if(tmp) *tmp = 0; - return BUF_strdup(tpass); -} diff --git a/crypto/openssl/apps/apps.h b/crypto/openssl/apps/apps.h deleted file mode 100644 index 2dcdb88c43151..0000000000000 --- a/crypto/openssl/apps/apps.h +++ /dev/null @@ -1,157 +0,0 @@ -/* apps/apps.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_APPS_H -#define HEADER_APPS_H - -#include "openssl/e_os.h" - -#include <openssl/buffer.h> -#include <openssl/bio.h> -#include <openssl/crypto.h> -#include <openssl/x509.h> - -int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); -int app_RAND_write_file(const char *file, BIO *bio_e); -/* When `file' is NULL, use defaults. - * `bio_e' is for error messages. */ -void app_RAND_allow_write_file(void); -long app_RAND_load_files(char *file); /* `file' is a list of files to read, - * separated by LIST_SEPARATOR_CHAR - * (see e_os.h). The string is - * destroyed! */ - -#ifdef NO_STDIO -BIO_METHOD *BIO_s_file(); -#endif - -#ifdef WIN32 -#define rename(from,to) WIN32_rename((from),(to)) -int WIN32_rename(char *oldname,char *newname); -#endif - -#ifndef MONOLITH - -#define MAIN(a,v) main(a,v) - -#ifndef NON_MAIN -BIO *bio_err=NULL; -#else -extern BIO *bio_err; -#endif - -#else - -#define MAIN(a,v) PROG(a,v) -#include <openssl/conf.h> -extern LHASH *config; -extern char *default_config_file; -extern BIO *bio_err; - -#endif - -#include <signal.h> - -#ifdef SIGPIPE -#define do_pipe_sig() signal(SIGPIPE,SIG_IGN) -#else -#define do_pipe_sig() -#endif - -#if defined(MONOLITH) && !defined(OPENSSL_C) -# define apps_startup() do_pipe_sig() -#else -# if defined(MSDOS) || defined(WIN16) || defined(WIN32) -# ifdef _O_BINARY -# define apps_startup() \ - _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - SSLeay_add_all_algorithms() -# else -# define apps_startup() \ - _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - SSLeay_add_all_algorithms() -# endif -# else -# define apps_startup() do_pipe_sig(); SSLeay_add_all_algorithms(); -# endif -#endif - -typedef struct args_st - { - char **data; - int count; - } ARGS; - -int should_retry(int i); -int args_from_file(char *file, int *argc, char **argv[]); -int str2fmt(char *s); -void program_name(char *in,char *out,int size); -int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); -#ifdef HEADER_X509_H -int dump_cert_text(BIO *out, X509 *x); -#endif -int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); -#define FORMAT_UNDEF 0 -#define FORMAT_ASN1 1 -#define FORMAT_TEXT 2 -#define FORMAT_PEM 3 -#define FORMAT_NETSCAPE 4 - -#define APP_PASS_LEN 1024 - -#endif diff --git a/crypto/openssl/apps/asn1pars.c b/crypto/openssl/apps/asn1pars.c deleted file mode 100644 index f104ebc1f08ae..0000000000000 --- a/crypto/openssl/apps/asn1pars.c +++ /dev/null @@ -1,315 +0,0 @@ -/* apps/asn1pars.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to - * add the -strparse option which parses nested binary structures - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -/* -inform arg - input format - default PEM (DER or PEM) - * -in arg - input file - default stdin - * -i - indent the details by depth - * -offset - where in the file to start - * -length - how many bytes to use - * -oid file - extra oid description file - */ - -#undef PROG -#define PROG asn1parse_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int i,badops=0,offset=0,ret=1,j; - unsigned int length=0; - long num,tmplen; - BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL; - int informat,indent=0, noout = 0; - char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL; - unsigned char *tmpbuf; - BUF_MEM *buf=NULL; - STACK *osk=NULL; - ASN1_TYPE *at=NULL; - - informat=FORMAT_PEM; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - prog=argv[0]; - argc--; - argv++; - if ((osk=sk_new_null()) == NULL) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto end; - } - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - derfile= *(++argv); - } - else if (strcmp(*argv,"-i") == 0) - { - indent=1; - } - else if (strcmp(*argv,"-noout") == 0) noout = 1; - else if (strcmp(*argv,"-oid") == 0) - { - if (--argc < 1) goto bad; - oidfile= *(++argv); - } - else if (strcmp(*argv,"-offset") == 0) - { - if (--argc < 1) goto bad; - offset= atoi(*(++argv)); - } - else if (strcmp(*argv,"-length") == 0) - { - if (--argc < 1) goto bad; - length= atoi(*(++argv)); - if (length == 0) goto bad; - } - else if (strcmp(*argv,"-strparse") == 0) - { - if (--argc < 1) goto bad; - sk_push(osk,*(++argv)); - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -noout arg don't produce any output\n"); - BIO_printf(bio_err," -offset arg offset into file\n"); - BIO_printf(bio_err," -length arg length of section in file\n"); - BIO_printf(bio_err," -i indent entries\n"); - BIO_printf(bio_err," -oid file file of extra oid definitions\n"); - BIO_printf(bio_err," -strparse offset\n"); - BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n"); - BIO_printf(bio_err," ASN1 blob wrappings\n"); - BIO_printf(bio_err," -out filename output DER encoding to file\n"); - goto end; - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); - - if (oidfile != NULL) - { - if (BIO_read_filename(in,oidfile) <= 0) - { - BIO_printf(bio_err,"problems opening %s\n",oidfile); - ERR_print_errors(bio_err); - goto end; - } - OBJ_create_objects(in); - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - - if (derfile) { - if(!(derout = BIO_new_file(derfile, "wb"))) { - BIO_printf(bio_err,"problems opening %s\n",derfile); - ERR_print_errors(bio_err); - goto end; - } - } - - if ((buf=BUF_MEM_new()) == NULL) goto end; - if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */ - - if (informat == FORMAT_PEM) - { - BIO *tmp; - - if ((b64=BIO_new(BIO_f_base64())) == NULL) - goto end; - BIO_push(b64,in); - tmp=in; - in=b64; - b64=tmp; - } - - num=0; - for (;;) - { - if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end; - i=BIO_read(in,&(buf->data[num]),BUFSIZ); - if (i <= 0) break; - num+=i; - } - str=buf->data; - - /* If any structs to parse go through in sequence */ - - if (sk_num(osk)) - { - tmpbuf=(unsigned char *)str; - tmplen=num; - for (i=0; i<sk_num(osk); i++) - { - ASN1_TYPE *atmp; - j=atoi(sk_value(osk,i)); - if (j == 0) - { - BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i)); - continue; - } - tmpbuf+=j; - tmplen-=j; - atmp = at; - at = d2i_ASN1_TYPE(NULL,&tmpbuf,tmplen); - ASN1_TYPE_free(atmp); - if(!at) - { - BIO_printf(bio_err,"Error parsing structure\n"); - ERR_print_errors(bio_err); - goto end; - } - /* hmm... this is a little evil but it works */ - tmpbuf=at->value.asn1_string->data; - tmplen=at->value.asn1_string->length; - } - str=(char *)tmpbuf; - num=tmplen; - } - - if (length == 0) length=(unsigned int)num; - if(derout) { - if(BIO_write(derout, str + offset, length) != (int)length) { - BIO_printf(bio_err, "Error writing output\n"); - ERR_print_errors(bio_err); - goto end; - } - } - if (!noout && - !ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent)) - { - ERR_print_errors(bio_err); - goto end; - } - ret=0; -end: - BIO_free(derout); - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (b64 != NULL) BIO_free(b64); - if (ret != 0) - ERR_print_errors(bio_err); - if (buf != NULL) BUF_MEM_free(buf); - if (at != NULL) ASN1_TYPE_free(at); - if (osk != NULL) sk_free(osk); - OBJ_cleanup(); - EXIT(ret); - } - diff --git a/crypto/openssl/apps/ca-cert.srl b/crypto/openssl/apps/ca-cert.srl deleted file mode 100644 index eeee65ec419f2..0000000000000 --- a/crypto/openssl/apps/ca-cert.srl +++ /dev/null @@ -1 +0,0 @@ -05 diff --git a/crypto/openssl/apps/ca-key.pem b/crypto/openssl/apps/ca-key.pem deleted file mode 100644 index 3a520b238f5b1..0000000000000 --- a/crypto/openssl/apps/ca-key.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425 -gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd -2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB -AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6 -hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2 -J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs -HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL -21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s -nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz -MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa -pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb -KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2 -XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ ------END RSA PRIVATE KEY----- diff --git a/crypto/openssl/apps/ca-req.pem b/crypto/openssl/apps/ca-req.pem deleted file mode 100644 index 77bf7ec308b52..0000000000000 --- a/crypto/openssl/apps/ca-req.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx -GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx -MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy -bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d -FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe -cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7 -cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR -5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW -kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA= ------END CERTIFICATE REQUEST----- diff --git a/crypto/openssl/apps/ca.c b/crypto/openssl/apps/ca.c deleted file mode 100644 index 73df13fe8e2a6..0000000000000 --- a/crypto/openssl/apps/ca.c +++ /dev/null @@ -1,2235 +0,0 @@ -/* apps/ca.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* The PPKI stuff has been donated by Jeff Barber <jeffb@issl.atl.hp.com> */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#include "apps.h" -#include <openssl/conf.h> -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/txt_db.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/x509v3.h> -#include <openssl/objects.h> -#include <openssl/pem.h> - -#ifndef W_OK -# ifdef VMS -# if defined(__DECC) -# include <unistd.h> -# else -# include <unixlib.h> -# endif -# else -# include <sys/file.h> -# endif -#endif - -#ifndef W_OK -# define F_OK 0 -# define X_OK 1 -# define W_OK 2 -# define R_OK 4 -#endif - -#undef PROG -#define PROG ca_main - -#define BASE_SECTION "ca" -#define CONFIG_FILE "openssl.cnf" - -#define ENV_DEFAULT_CA "default_ca" - -#define ENV_DIR "dir" -#define ENV_CERTS "certs" -#define ENV_CRL_DIR "crl_dir" -#define ENV_CA_DB "CA_DB" -#define ENV_NEW_CERTS_DIR "new_certs_dir" -#define ENV_CERTIFICATE "certificate" -#define ENV_SERIAL "serial" -#define ENV_CRL "crl" -#define ENV_PRIVATE_KEY "private_key" -#define ENV_RANDFILE "RANDFILE" -#define ENV_DEFAULT_DAYS "default_days" -#define ENV_DEFAULT_STARTDATE "default_startdate" -#define ENV_DEFAULT_ENDDATE "default_enddate" -#define ENV_DEFAULT_CRL_DAYS "default_crl_days" -#define ENV_DEFAULT_CRL_HOURS "default_crl_hours" -#define ENV_DEFAULT_MD "default_md" -#define ENV_PRESERVE "preserve" -#define ENV_POLICY "policy" -#define ENV_EXTENSIONS "x509_extensions" -#define ENV_CRLEXT "crl_extensions" -#define ENV_MSIE_HACK "msie_hack" - -#define ENV_DATABASE "database" - -#define DB_type 0 -#define DB_exp_date 1 -#define DB_rev_date 2 -#define DB_serial 3 /* index - unique */ -#define DB_file 4 -#define DB_name 5 /* index - unique for active */ -#define DB_NUMBER 6 - -#define DB_TYPE_REV 'R' -#define DB_TYPE_EXP 'E' -#define DB_TYPE_VAL 'V' - -static char *ca_usage[]={ -"usage: ca args\n", -"\n", -" -verbose - Talk alot while doing things\n", -" -config file - A config file\n", -" -name arg - The particular CA definition to use\n", -" -gencrl - Generate a new CRL\n", -" -crldays days - Days is when the next CRL is due\n", -" -crlhours hours - Hours is when the next CRL is due\n", -" -startdate YYMMDDHHMMSSZ - certificate validity notBefore\n", -" -enddate YYMMDDHHMMSSZ - certificate validity notAfter (overrides -days)\n", -" -days arg - number of days to certify the certificate for\n", -" -md arg - md to use, one of md2, md5, sha or sha1\n", -" -policy arg - The CA 'policy' to support\n", -" -keyfile arg - PEM private key file\n", -" -key arg - key to decode the private key if it is encrypted\n", -" -cert file - The CA certificate\n", -" -in file - The input PEM encoded certificate request(s)\n", -" -out file - Where to put the output file(s)\n", -" -outdir dir - Where to put output certificates\n", -" -infiles .... - The last argument, requests to process\n", -" -spkac file - File contains DN and signed public key and challenge\n", -" -ss_cert file - File contains a self signed cert to sign\n", -" -preserveDN - Don't re-order the DN\n", -" -batch - Don't ask questions\n", -" -msie_hack - msie modifications to handle all those universal strings\n", -" -revoke file - Revoke a certificate (given in file)\n", -" -extensions .. - Extension section (override value in config file)\n", -" -crlexts .. - CRL extension section (override value in config file)\n", -NULL -}; - -#ifdef EFENCE -extern int EF_PROTECT_FREE; -extern int EF_PROTECT_BELOW; -extern int EF_ALIGNMENT; -#endif - -static int add_oid_section(LHASH *conf); -static void lookup_fail(char *name,char *tag); -static unsigned long index_serial_hash(char **a); -static int index_serial_cmp(char **a, char **b); -static unsigned long index_name_hash(char **a); -static int index_name_qual(char **a); -static int index_name_cmp(char **a,char **b); -static BIGNUM *load_serial(char *serialfile); -static int save_serial(char *serialfile, BIGNUM *serial); -static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, - const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,TXT_DB *db, - BIGNUM *serial, char *startdate,char *enddate, int days, - int batch, char *ext_sect, LHASH *conf,int verbose); -static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, - const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy, - TXT_DB *db, BIGNUM *serial,char *startdate, - char *enddate, int days, int batch, char *ext_sect, - LHASH *conf,int verbose); -static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, - const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy, - TXT_DB *db, BIGNUM *serial,char *startdate, - char *enddate, int days, char *ext_sect,LHASH *conf, - int verbose); -static int fix_data(int nid, int *type); -static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext); -static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, - STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial, - char *startdate, char *enddate, int days, int batch, int verbose, - X509_REQ *req, char *ext_sect, LHASH *conf); -static int do_revoke(X509 *x509, TXT_DB *db); -static int check_time_format(char *str); -static LHASH *conf=NULL; -static char *section=NULL; - -static int preserve=0; -static int msie_hack=0; - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - char *key=NULL; - int total=0; - int total_done=0; - int badops=0; - int ret=1; - int req=0; - int verbose=0; - int gencrl=0; - int dorevoke=0; - long crldays=0; - long crlhours=0; - long errorline= -1; - char *configfile=NULL; - char *md=NULL; - char *policy=NULL; - char *keyfile=NULL; - char *certfile=NULL; - char *infile=NULL; - char *spkac_file=NULL; - char *ss_cert_file=NULL; - EVP_PKEY *pkey=NULL; - int output_der = 0; - char *outfile=NULL; - char *outdir=NULL; - char *serialfile=NULL; - char *extensions=NULL; - char *crl_ext=NULL; - BIGNUM *serial=NULL; - char *startdate=NULL; - char *enddate=NULL; - int days=0; - int batch=0; - int notext=0; - X509 *x509=NULL; - X509 *x=NULL; - BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL; - char *dbfile=NULL; - TXT_DB *db=NULL; - X509_CRL *crl=NULL; - X509_CRL_INFO *ci=NULL; - X509_REVOKED *r=NULL; - char **pp,*p,*f; - int i,j; - long l; - const EVP_MD *dgst=NULL; - STACK_OF(CONF_VALUE) *attribs=NULL; - STACK *cert_sk=NULL; - BIO *hex=NULL; -#undef BSIZE -#define BSIZE 256 - MS_STATIC char buf[3][BSIZE]; - char *randfile=NULL; - -#ifdef EFENCE -EF_PROTECT_FREE=1; -EF_PROTECT_BELOW=1; -EF_ALIGNMENT=0; -#endif - - apps_startup(); - - conf = NULL; - key = NULL; - section = NULL; - - preserve=0; - msie_hack=0; - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-verbose") == 0) - verbose=1; - else if (strcmp(*argv,"-config") == 0) - { - if (--argc < 1) goto bad; - configfile= *(++argv); - } - else if (strcmp(*argv,"-name") == 0) - { - if (--argc < 1) goto bad; - section= *(++argv); - } - else if (strcmp(*argv,"-startdate") == 0) - { - if (--argc < 1) goto bad; - startdate= *(++argv); - } - else if (strcmp(*argv,"-enddate") == 0) - { - if (--argc < 1) goto bad; - enddate= *(++argv); - } - else if (strcmp(*argv,"-days") == 0) - { - if (--argc < 1) goto bad; - days=atoi(*(++argv)); - } - else if (strcmp(*argv,"-md") == 0) - { - if (--argc < 1) goto bad; - md= *(++argv); - } - else if (strcmp(*argv,"-policy") == 0) - { - if (--argc < 1) goto bad; - policy= *(++argv); - } - else if (strcmp(*argv,"-keyfile") == 0) - { - if (--argc < 1) goto bad; - keyfile= *(++argv); - } - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - key= *(++argv); - } - else if (strcmp(*argv,"-cert") == 0) - { - if (--argc < 1) goto bad; - certfile= *(++argv); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - req=1; - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-outdir") == 0) - { - if (--argc < 1) goto bad; - outdir= *(++argv); - } - else if (strcmp(*argv,"-notext") == 0) - notext=1; - else if (strcmp(*argv,"-batch") == 0) - batch=1; - else if (strcmp(*argv,"-preserveDN") == 0) - preserve=1; - else if (strcmp(*argv,"-gencrl") == 0) - gencrl=1; - else if (strcmp(*argv,"-msie_hack") == 0) - msie_hack=1; - else if (strcmp(*argv,"-crldays") == 0) - { - if (--argc < 1) goto bad; - crldays= atol(*(++argv)); - } - else if (strcmp(*argv,"-crlhours") == 0) - { - if (--argc < 1) goto bad; - crlhours= atol(*(++argv)); - } - else if (strcmp(*argv,"-infiles") == 0) - { - argc--; - argv++; - req=1; - break; - } - else if (strcmp(*argv, "-ss_cert") == 0) - { - if (--argc < 1) goto bad; - ss_cert_file = *(++argv); - req=1; - } - else if (strcmp(*argv, "-spkac") == 0) - { - if (--argc < 1) goto bad; - spkac_file = *(++argv); - req=1; - } - else if (strcmp(*argv,"-revoke") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - dorevoke=1; - } - else if (strcmp(*argv,"-extensions") == 0) - { - if (--argc < 1) goto bad; - extensions= *(++argv); - } - else if (strcmp(*argv,"-crlexts") == 0) - { - if (--argc < 1) goto bad; - crl_ext= *(++argv); - } - else - { -bad: - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { - for (pp=ca_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,*pp); - goto err; - } - - ERR_load_crypto_strings(); - - /*****************************************************************/ - if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); - if (configfile == NULL) configfile = getenv("SSLEAY_CONF"); - if (configfile == NULL) - { - /* We will just use 'buf[0]' as a temporary buffer. */ -#ifdef VMS - strncpy(buf[0],X509_get_default_cert_area(), - sizeof(buf[0])-1-sizeof(CONFIG_FILE)); -#else - strncpy(buf[0],X509_get_default_cert_area(), - sizeof(buf[0])-2-sizeof(CONFIG_FILE)); - strcat(buf[0],"/"); -#endif - strcat(buf[0],CONFIG_FILE); - configfile=buf[0]; - } - - BIO_printf(bio_err,"Using configuration from %s\n",configfile); - if ((conf=CONF_load(NULL,configfile,&errorline)) == NULL) - { - if (errorline <= 0) - BIO_printf(bio_err,"error loading the config file '%s'\n", - configfile); - else - BIO_printf(bio_err,"error on line %ld of config file '%s'\n" - ,errorline,configfile); - goto err; - } - - /* Lets get the config section we are using */ - if (section == NULL) - { - section=CONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA); - if (section == NULL) - { - lookup_fail(BASE_SECTION,ENV_DEFAULT_CA); - goto err; - } - } - - if (conf != NULL) - { - p=CONF_get_string(conf,NULL,"oid_file"); - if (p != NULL) - { - BIO *oid_bio; - - oid_bio=BIO_new_file(p,"r"); - if (oid_bio == NULL) - { - /* - BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); - ERR_print_errors(bio_err); - */ - ERR_clear_error(); - } - else - { - OBJ_create_objects(oid_bio); - BIO_free(oid_bio); - } - } - if(!add_oid_section(conf)) - { - ERR_print_errors(bio_err); - goto err; - } - } - - randfile = CONF_get_string(conf, BASE_SECTION, "RANDFILE"); - app_RAND_load_file(randfile, bio_err, 0); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - Sout=BIO_new(BIO_s_file()); - Cout=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL) || (Sout == NULL) || (Cout == NULL)) - { - ERR_print_errors(bio_err); - goto err; - } - - /*****************************************************************/ - /* we definitely need an public key, so lets get it */ - - if ((keyfile == NULL) && ((keyfile=CONF_get_string(conf, - section,ENV_PRIVATE_KEY)) == NULL)) - { - lookup_fail(section,ENV_PRIVATE_KEY); - goto err; - } - if (BIO_read_filename(in,keyfile) <= 0) - { - perror(keyfile); - BIO_printf(bio_err,"trying to load CA private key\n"); - goto err; - } - pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); - if(key) memset(key,0,strlen(key)); - if (pkey == NULL) - { - BIO_printf(bio_err,"unable to load CA private key\n"); - goto err; - } - - /*****************************************************************/ - /* we need a certificate */ - if ((certfile == NULL) && ((certfile=CONF_get_string(conf, - section,ENV_CERTIFICATE)) == NULL)) - { - lookup_fail(section,ENV_CERTIFICATE); - goto err; - } - if (BIO_read_filename(in,certfile) <= 0) - { - perror(certfile); - BIO_printf(bio_err,"trying to load CA certificate\n"); - goto err; - } - x509=PEM_read_bio_X509(in,NULL,NULL,NULL); - if (x509 == NULL) - { - BIO_printf(bio_err,"unable to load CA certificate\n"); - goto err; - } - - if (!X509_check_private_key(x509,pkey)) - { - BIO_printf(bio_err,"CA certificate and CA private key do not match\n"); - goto err; - } - - f=CONF_get_string(conf,BASE_SECTION,ENV_PRESERVE); - if ((f != NULL) && ((*f == 'y') || (*f == 'Y'))) - preserve=1; - f=CONF_get_string(conf,BASE_SECTION,ENV_MSIE_HACK); - if ((f != NULL) && ((*f == 'y') || (*f == 'Y'))) - msie_hack=1; - - /*****************************************************************/ - /* lookup where to write new certificates */ - if ((outdir == NULL) && (req)) - { - struct stat sb; - - if ((outdir=CONF_get_string(conf,section,ENV_NEW_CERTS_DIR)) - == NULL) - { - BIO_printf(bio_err,"there needs to be defined a directory for new certificate to be placed in\n"); - goto err; - } -#ifndef VMS /* outdir is a directory spec, but access() for VMS demands a - filename. In any case, stat(), below, will catch the problem - if outdir is not a directory spec, and the fopen() or open() - will catch an error if there is no write access. - - Presumably, this problem could also be solved by using the DEC - C routines to convert the directory syntax to Unixly, and give - that to access(). However, time's too short to do that just - now. - */ - if (access(outdir,R_OK|W_OK|X_OK) != 0) - { - BIO_printf(bio_err,"I am unable to access the %s directory\n",outdir); - perror(outdir); - goto err; - } - - if (stat(outdir,&sb) != 0) - { - BIO_printf(bio_err,"unable to stat(%s)\n",outdir); - perror(outdir); - goto err; - } -#ifdef S_IFDIR - if (!(sb.st_mode & S_IFDIR)) - { - BIO_printf(bio_err,"%s need to be a directory\n",outdir); - perror(outdir); - goto err; - } -#endif -#endif - } - - /*****************************************************************/ - /* we need to load the database file */ - if ((dbfile=CONF_get_string(conf,section,ENV_DATABASE)) == NULL) - { - lookup_fail(section,ENV_DATABASE); - goto err; - } - if (BIO_read_filename(in,dbfile) <= 0) - { - perror(dbfile); - BIO_printf(bio_err,"unable to open '%s'\n",dbfile); - goto err; - } - db=TXT_DB_read(in,DB_NUMBER); - if (db == NULL) goto err; - - /* Lets check some fields */ - for (i=0; i<sk_num(db->data); i++) - { - pp=(char **)sk_value(db->data,i); - if ((pp[DB_type][0] != DB_TYPE_REV) && - (pp[DB_rev_date][0] != '\0')) - { - BIO_printf(bio_err,"entry %d: not revoked yet, but has a revocation date\n",i+1); - goto err; - } - if ((pp[DB_type][0] == DB_TYPE_REV) && - !check_time_format(pp[DB_rev_date])) - { - BIO_printf(bio_err,"entry %d: invalid revocation date\n", - i+1); - goto err; - } - if (!check_time_format(pp[DB_exp_date])) - { - BIO_printf(bio_err,"entry %d: invalid expiry date\n",i+1); - goto err; - } - p=pp[DB_serial]; - j=strlen(p); - if ((j&1) || (j < 2)) - { - BIO_printf(bio_err,"entry %d: bad serial number length (%d)\n",i+1,j); - goto err; - } - while (*p) - { - if (!( ((*p >= '0') && (*p <= '9')) || - ((*p >= 'A') && (*p <= 'F')) || - ((*p >= 'a') && (*p <= 'f'))) ) - { - BIO_printf(bio_err,"entry %d: bad serial number characters, char pos %ld, char is '%c'\n",i+1,(long)(p-pp[DB_serial]),*p); - goto err; - } - p++; - } - } - if (verbose) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */ - TXT_DB_write(out,db); - BIO_printf(bio_err,"%d entries loaded from the database\n", - db->data->num); - BIO_printf(bio_err,"generating index\n"); - } - - if (!TXT_DB_create_index(db,DB_serial,NULL,index_serial_hash, - index_serial_cmp)) - { - BIO_printf(bio_err,"error creating serial number index:(%ld,%ld,%ld)\n",db->error,db->arg1,db->arg2); - goto err; - } - - if (!TXT_DB_create_index(db,DB_name,index_name_qual,index_name_hash, - index_name_cmp)) - { - BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n", - db->error,db->arg1,db->arg2); - goto err; - } - - /*****************************************************************/ - if (req || gencrl) - { - if (outfile != NULL) - { - - if (BIO_write_filename(Sout,outfile) <= 0) - { - perror(outfile); - goto err; - } - } - else - BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT); - } - - if (req) - { - if ((md == NULL) && ((md=CONF_get_string(conf, - section,ENV_DEFAULT_MD)) == NULL)) - { - lookup_fail(section,ENV_DEFAULT_MD); - goto err; - } - if ((dgst=EVP_get_digestbyname(md)) == NULL) - { - BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); - goto err; - } - if (verbose) - BIO_printf(bio_err,"message digest is %s\n", - OBJ_nid2ln(dgst->type)); - if ((policy == NULL) && ((policy=CONF_get_string(conf, - section,ENV_POLICY)) == NULL)) - { - lookup_fail(section,ENV_POLICY); - goto err; - } - if (verbose) - BIO_printf(bio_err,"policy is %s\n",policy); - - if ((serialfile=CONF_get_string(conf,section,ENV_SERIAL)) - == NULL) - { - lookup_fail(section,ENV_SERIAL); - goto err; - } - if(!extensions) - extensions=CONF_get_string(conf,section,ENV_EXTENSIONS); - if(extensions) { - /* Check syntax of file */ - X509V3_CTX ctx; - X509V3_set_ctx_test(&ctx); - X509V3_set_conf_lhash(&ctx, conf); - if(!X509V3_EXT_add_conf(conf, &ctx, extensions, NULL)) { - BIO_printf(bio_err, - "Error Loading extension section %s\n", - extensions); - ret = 1; - goto err; - } - } - - if (startdate == NULL) - { - startdate=CONF_get_string(conf,section, - ENV_DEFAULT_STARTDATE); - } - if (startdate && !ASN1_UTCTIME_set_string(NULL,startdate)) - { - BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSSZ\n"); - goto err; - } - if (startdate == NULL) startdate="today"; - - if (enddate == NULL) - { - enddate=CONF_get_string(conf,section, - ENV_DEFAULT_ENDDATE); - } - if (enddate && !ASN1_UTCTIME_set_string(NULL,enddate)) - { - BIO_printf(bio_err,"end date is invalid, it should be YYMMDDHHMMSSZ\n"); - goto err; - } - - if (days == 0) - { - days=(int)CONF_get_number(conf,section, - ENV_DEFAULT_DAYS); - } - if (!enddate && (days == 0)) - { - BIO_printf(bio_err,"cannot lookup how many days to certify for\n"); - goto err; - } - - if ((serial=load_serial(serialfile)) == NULL) - { - BIO_printf(bio_err,"error while loading serial number\n"); - goto err; - } - if (verbose) - { - if ((f=BN_bn2hex(serial)) == NULL) goto err; - BIO_printf(bio_err,"next serial number is %s\n",f); - Free(f); - } - - if ((attribs=CONF_get_section(conf,policy)) == NULL) - { - BIO_printf(bio_err,"unable to find 'section' for %s\n",policy); - goto err; - } - - if ((cert_sk=sk_new_null()) == NULL) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - if (spkac_file != NULL) - { - total++; - j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db, - serial,startdate,enddate, days,extensions,conf, - verbose); - if (j < 0) goto err; - if (j > 0) - { - total_done++; - BIO_printf(bio_err,"\n"); - if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - if (outfile) - { - output_der = 1; - batch = 1; - } - } - } - if (ss_cert_file != NULL) - { - total++; - j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs, - db,serial,startdate,enddate,days,batch, - extensions,conf,verbose); - if (j < 0) goto err; - if (j > 0) - { - total_done++; - BIO_printf(bio_err,"\n"); - if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - } - } - if (infile != NULL) - { - total++; - j=certify(&x,infile,pkey,x509,dgst,attribs,db, - serial,startdate,enddate,days,batch, - extensions,conf,verbose); - if (j < 0) goto err; - if (j > 0) - { - total_done++; - BIO_printf(bio_err,"\n"); - if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - } - } - for (i=0; i<argc; i++) - { - total++; - j=certify(&x,argv[i],pkey,x509,dgst,attribs,db, - serial,startdate,enddate,days,batch, - extensions,conf,verbose); - if (j < 0) goto err; - if (j > 0) - { - total_done++; - BIO_printf(bio_err,"\n"); - if (!BN_add_word(serial,1)) goto err; - if (!sk_push(cert_sk,(char *)x)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - } - } - /* we have a stack of newly certified certificates - * and a data base and serial number that need - * updating */ - - if (sk_num(cert_sk) > 0) - { - if (!batch) - { - BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total); - (void)BIO_flush(bio_err); - buf[0][0]='\0'; - fgets(buf[0],10,stdin); - if ((buf[0][0] != 'y') && (buf[0][0] != 'Y')) - { - BIO_printf(bio_err,"CERTIFICATION CANCELED\n"); - ret=0; - goto err; - } - } - - BIO_printf(bio_err,"Write out database with %d new entries\n",sk_num(cert_sk)); - - strncpy(buf[0],serialfile,BSIZE-4); - -#ifdef VMS - strcat(buf[0],"-new"); -#else - strcat(buf[0],".new"); -#endif - - if (!save_serial(buf[0],serial)) goto err; - - strncpy(buf[1],dbfile,BSIZE-4); - -#ifdef VMS - strcat(buf[1],"-new"); -#else - strcat(buf[1],".new"); -#endif - - if (BIO_write_filename(out,buf[1]) <= 0) - { - perror(dbfile); - BIO_printf(bio_err,"unable to open '%s'\n",dbfile); - goto err; - } - l=TXT_DB_write(out,db); - if (l <= 0) goto err; - } - - if (verbose) - BIO_printf(bio_err,"writing new certificates\n"); - for (i=0; i<sk_num(cert_sk); i++) - { - int k; - unsigned char *n; - - x=(X509 *)sk_value(cert_sk,i); - - j=x->cert_info->serialNumber->length; - p=(char *)x->cert_info->serialNumber->data; - - strncpy(buf[2],outdir,BSIZE-(j*2)-6); - -#ifndef VMS - strcat(buf[2],"/"); -#endif - - n=(unsigned char *)&(buf[2][strlen(buf[2])]); - if (j > 0) - { - for (k=0; k<j; k++) - { - sprintf((char *)n,"%02X",(unsigned char)*(p++)); - n+=2; - } - } - else - { - *(n++)='0'; - *(n++)='0'; - } - *(n++)='.'; *(n++)='p'; *(n++)='e'; *(n++)='m'; - *n='\0'; - if (verbose) - BIO_printf(bio_err,"writing %s\n",buf[2]); - - if (BIO_write_filename(Cout,buf[2]) <= 0) - { - perror(buf[2]); - goto err; - } - write_new_certificate(Cout,x, 0, notext); - write_new_certificate(Sout,x, output_der, notext); - } - - if (sk_num(cert_sk)) - { - /* Rename the database and the serial file */ - strncpy(buf[2],serialfile,BSIZE-4); - -#ifdef VMS - strcat(buf[2],"-old"); -#else - strcat(buf[2],".old"); -#endif - - BIO_free(in); - BIO_free(out); - in=NULL; - out=NULL; - if (rename(serialfile,buf[2]) < 0) - { - BIO_printf(bio_err,"unable to rename %s to %s\n", - serialfile,buf[2]); - perror("reason"); - goto err; - } - if (rename(buf[0],serialfile) < 0) - { - BIO_printf(bio_err,"unable to rename %s to %s\n", - buf[0],serialfile); - perror("reason"); - rename(buf[2],serialfile); - goto err; - } - - strncpy(buf[2],dbfile,BSIZE-4); - -#ifdef VMS - strcat(buf[2],"-old"); -#else - strcat(buf[2],".old"); -#endif - - if (rename(dbfile,buf[2]) < 0) - { - BIO_printf(bio_err,"unable to rename %s to %s\n", - dbfile,buf[2]); - perror("reason"); - goto err; - } - if (rename(buf[1],dbfile) < 0) - { - BIO_printf(bio_err,"unable to rename %s to %s\n", - buf[1],dbfile); - perror("reason"); - rename(buf[2],dbfile); - goto err; - } - BIO_printf(bio_err,"Data Base Updated\n"); - } - } - - /*****************************************************************/ - if (gencrl) - { - if(!crl_ext) crl_ext=CONF_get_string(conf,section,ENV_CRLEXT); - if(crl_ext) { - /* Check syntax of file */ - X509V3_CTX ctx; - X509V3_set_ctx_test(&ctx); - X509V3_set_conf_lhash(&ctx, conf); - if(!X509V3_EXT_add_conf(conf, &ctx, crl_ext, NULL)) { - BIO_printf(bio_err, - "Error Loading CRL extension section %s\n", - crl_ext); - ret = 1; - goto err; - } - } - if ((hex=BIO_new(BIO_s_mem())) == NULL) goto err; - - if (!crldays && !crlhours) - { - crldays=CONF_get_number(conf,section, - ENV_DEFAULT_CRL_DAYS); - crlhours=CONF_get_number(conf,section, - ENV_DEFAULT_CRL_HOURS); - } - if ((crldays == 0) && (crlhours == 0)) - { - BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n"); - goto err; - } - - if (verbose) BIO_printf(bio_err,"making CRL\n"); - if ((crl=X509_CRL_new()) == NULL) goto err; - ci=crl->crl; - X509_NAME_free(ci->issuer); - ci->issuer=X509_NAME_dup(x509->cert_info->subject); - if (ci->issuer == NULL) goto err; - - X509_gmtime_adj(ci->lastUpdate,0); - if (ci->nextUpdate == NULL) - ci->nextUpdate=ASN1_UTCTIME_new(); - X509_gmtime_adj(ci->nextUpdate,(crldays*24+crlhours)*60*60); - - for (i=0; i<sk_num(db->data); i++) - { - pp=(char **)sk_value(db->data,i); - if (pp[DB_type][0] == DB_TYPE_REV) - { - if ((r=X509_REVOKED_new()) == NULL) goto err; - ASN1_STRING_set((ASN1_STRING *) - r->revocationDate, - (unsigned char *)pp[DB_rev_date], - strlen(pp[DB_rev_date])); - /* strcpy(r->revocationDate,pp[DB_rev_date]);*/ - - (void)BIO_reset(hex); - if (!BIO_puts(hex,pp[DB_serial])) - goto err; - if (!a2i_ASN1_INTEGER(hex,r->serialNumber, - buf[0],BSIZE)) goto err; - - sk_X509_REVOKED_push(ci->revoked,r); - } - } - /* sort the data so it will be written in serial - * number order */ - sk_X509_REVOKED_sort(ci->revoked); - for (i=0; i<sk_X509_REVOKED_num(ci->revoked); i++) - { - r=sk_X509_REVOKED_value(ci->revoked,i); - r->sequence=i; - } - - /* we now have a CRL */ - if (verbose) BIO_printf(bio_err,"signing CRL\n"); - if (md != NULL) - { - if ((dgst=EVP_get_digestbyname(md)) == NULL) - { - BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); - goto err; - } - } - else - { -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - dgst=EVP_dss1(); - else -#endif - dgst=EVP_md5(); - } - - /* Add any extensions asked for */ - - if(crl_ext) { - X509V3_CTX crlctx; - if (ci->version == NULL) - if ((ci->version=ASN1_INTEGER_new()) == NULL) goto err; - ASN1_INTEGER_set(ci->version,1); /* version 2 CRL */ - X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0); - X509V3_set_conf_lhash(&crlctx, conf); - - if(!X509V3_EXT_CRL_add_conf(conf, &crlctx, - crl_ext, crl)) goto err; - } - - if (!X509_CRL_sign(crl,pkey,dgst)) goto err; - - PEM_write_bio_X509_CRL(Sout,crl); - } - /*****************************************************************/ - if (dorevoke) - { - if (infile == NULL) - { - BIO_printf(bio_err,"no input files\n"); - goto err; - } - else - { - X509 *revcert; - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - BIO_printf(bio_err,"error trying to load '%s' certificate\n",infile); - goto err; - } - revcert=PEM_read_bio_X509(in,NULL,NULL,NULL); - if (revcert == NULL) - { - BIO_printf(bio_err,"unable to load '%s' certificate\n",infile); - goto err; - } - j=do_revoke(revcert,db); - if (j <= 0) goto err; - X509_free(revcert); - - strncpy(buf[0],dbfile,BSIZE-4); - strcat(buf[0],".new"); - if (BIO_write_filename(out,buf[0]) <= 0) - { - perror(dbfile); - BIO_printf(bio_err,"unable to open '%s'\n",dbfile); - goto err; - } - j=TXT_DB_write(out,db); - if (j <= 0) goto err; - strncpy(buf[1],dbfile,BSIZE-4); - strcat(buf[1],".old"); - if (rename(dbfile,buf[1]) < 0) - { - BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]); - perror("reason"); - goto err; - } - if (rename(buf[0],dbfile) < 0) - { - BIO_printf(bio_err,"unable to rename %s to %s\n", buf[0],dbfile); - perror("reason"); - rename(buf[1],dbfile); - goto err; - } - BIO_printf(bio_err,"Data Base Updated\n"); - } - } - /*****************************************************************/ - ret=0; -err: - BIO_free(hex); - BIO_free(Cout); - BIO_free(Sout); - BIO_free(out); - BIO_free(in); - - sk_pop_free(cert_sk,X509_free); - - if (ret) ERR_print_errors(bio_err); - app_RAND_write_file(randfile, bio_err); - BN_free(serial); - TXT_DB_free(db); - EVP_PKEY_free(pkey); - X509_free(x509); - X509_CRL_free(crl); - CONF_free(conf); - OBJ_cleanup(); - EXIT(ret); - } - -static void lookup_fail(char *name, char *tag) - { - BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag); - } - -static unsigned long index_serial_hash(char **a) - { - char *n; - - n=a[DB_serial]; - while (*n == '0') n++; - return(lh_strhash(n)); - } - -static int index_serial_cmp(char **a, char **b) - { - char *aa,*bb; - - for (aa=a[DB_serial]; *aa == '0'; aa++); - for (bb=b[DB_serial]; *bb == '0'; bb++); - return(strcmp(aa,bb)); - } - -static unsigned long index_name_hash(char **a) - { return(lh_strhash(a[DB_name])); } - -static int index_name_qual(char **a) - { return(a[0][0] == 'V'); } - -static int index_name_cmp(char **a, char **b) - { return(strcmp(a[DB_name], - b[DB_name])); } - -static BIGNUM *load_serial(char *serialfile) - { - BIO *in=NULL; - BIGNUM *ret=NULL; - MS_STATIC char buf[1024]; - ASN1_INTEGER *ai=NULL; - - if ((in=BIO_new(BIO_s_file())) == NULL) - { - ERR_print_errors(bio_err); - goto err; - } - - if (BIO_read_filename(in,serialfile) <= 0) - { - perror(serialfile); - goto err; - } - ai=ASN1_INTEGER_new(); - if (ai == NULL) goto err; - if (!a2i_ASN1_INTEGER(in,ai,buf,1024)) - { - BIO_printf(bio_err,"unable to load number from %s\n", - serialfile); - goto err; - } - ret=ASN1_INTEGER_to_BN(ai,NULL); - if (ret == NULL) - { - BIO_printf(bio_err,"error converting number from bin to BIGNUM"); - goto err; - } -err: - if (in != NULL) BIO_free(in); - if (ai != NULL) ASN1_INTEGER_free(ai); - return(ret); - } - -static int save_serial(char *serialfile, BIGNUM *serial) - { - BIO *out; - int ret=0; - ASN1_INTEGER *ai=NULL; - - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto err; - } - if (BIO_write_filename(out,serialfile) <= 0) - { - perror(serialfile); - goto err; - } - - if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL) - { - BIO_printf(bio_err,"error converting serial to ASN.1 format\n"); - goto err; - } - i2a_ASN1_INTEGER(out,ai); - BIO_puts(out,"\n"); - ret=1; -err: - if (out != NULL) BIO_free(out); - if (ai != NULL) ASN1_INTEGER_free(ai); - return(ret); - } - -static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, - const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db, - BIGNUM *serial, char *startdate, char *enddate, int days, - int batch, char *ext_sect, LHASH *lconf, int verbose) - { - X509_REQ *req=NULL; - BIO *in=NULL; - EVP_PKEY *pktmp=NULL; - int ok= -1,i; - - in=BIO_new(BIO_s_file()); - - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto err; - } - if ((req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL)) == NULL) - { - BIO_printf(bio_err,"Error reading certificate request in %s\n", - infile); - goto err; - } - if (verbose) - X509_REQ_print(bio_err,req); - - BIO_printf(bio_err,"Check that the request matches the signature\n"); - - if ((pktmp=X509_REQ_get_pubkey(req)) == NULL) - { - BIO_printf(bio_err,"error unpacking public key\n"); - goto err; - } - i=X509_REQ_verify(req,pktmp); - EVP_PKEY_free(pktmp); - if (i < 0) - { - ok=0; - BIO_printf(bio_err,"Signature verification problems....\n"); - goto err; - } - if (i == 0) - { - ok=0; - BIO_printf(bio_err,"Signature did not match the certificate request\n"); - goto err; - } - else - BIO_printf(bio_err,"Signature ok\n"); - - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate, enddate, - days,batch,verbose,req,ext_sect,lconf); - -err: - if (req != NULL) X509_REQ_free(req); - if (in != NULL) BIO_free(in); - return(ok); - } - -static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, - const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db, - BIGNUM *serial, char *startdate, char *enddate, int days, - int batch, char *ext_sect, LHASH *lconf, int verbose) - { - X509 *req=NULL; - X509_REQ *rreq=NULL; - BIO *in=NULL; - EVP_PKEY *pktmp=NULL; - int ok= -1,i; - - in=BIO_new(BIO_s_file()); - - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto err; - } - if ((req=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) - { - BIO_printf(bio_err,"Error reading self signed certificate in %s\n",infile); - goto err; - } - if (verbose) - X509_print(bio_err,req); - - BIO_printf(bio_err,"Check that the request matches the signature\n"); - - if ((pktmp=X509_get_pubkey(req)) == NULL) - { - BIO_printf(bio_err,"error unpacking public key\n"); - goto err; - } - i=X509_verify(req,pktmp); - EVP_PKEY_free(pktmp); - if (i < 0) - { - ok=0; - BIO_printf(bio_err,"Signature verification problems....\n"); - goto err; - } - if (i == 0) - { - ok=0; - BIO_printf(bio_err,"Signature did not match the certificate\n"); - goto err; - } - else - BIO_printf(bio_err,"Signature ok\n"); - - if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL) - goto err; - - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,enddate,days, - batch,verbose,rreq,ext_sect,lconf); - -err: - if (rreq != NULL) X509_REQ_free(rreq); - if (req != NULL) X509_free(req); - if (in != NULL) BIO_free(in); - return(ok); - } - -static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, - STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial, - char *startdate, char *enddate, int days, int batch, int verbose, - X509_REQ *req, char *ext_sect, LHASH *lconf) - { - X509_NAME *name=NULL,*CAname=NULL,*subject=NULL; - ASN1_UTCTIME *tm,*tmptm; - ASN1_STRING *str,*str2; - ASN1_OBJECT *obj; - X509 *ret=NULL; - X509_CINF *ci; - X509_NAME_ENTRY *ne; - X509_NAME_ENTRY *tne,*push; - EVP_PKEY *pktmp; - int ok= -1,i,j,last,nid; - char *p; - CONF_VALUE *cv; - char *row[DB_NUMBER],**rrow,**irow=NULL; - char buf[25],*pbuf; - - tmptm=ASN1_UTCTIME_new(); - if (tmptm == NULL) - { - BIO_printf(bio_err,"malloc error\n"); - return(0); - } - - for (i=0; i<DB_NUMBER; i++) - row[i]=NULL; - - BIO_printf(bio_err,"The Subjects Distinguished Name is as follows\n"); - name=X509_REQ_get_subject_name(req); - for (i=0; i<X509_NAME_entry_count(name); i++) - { - ne=(X509_NAME_ENTRY *)X509_NAME_get_entry(name,i); - obj=X509_NAME_ENTRY_get_object(ne); - j=i2a_ASN1_OBJECT(bio_err,obj); - str=X509_NAME_ENTRY_get_data(ne); - pbuf=buf; - for (j=22-j; j>0; j--) - *(pbuf++)=' '; - *(pbuf++)=':'; - *(pbuf++)='\0'; - BIO_puts(bio_err,buf); - - if (msie_hack) - { - /* assume all type should be strings */ - nid=OBJ_obj2nid(ne->object); - - if (str->type == V_ASN1_UNIVERSALSTRING) - ASN1_UNIVERSALSTRING_to_string(str); - - if ((str->type == V_ASN1_IA5STRING) && - (nid != NID_pkcs9_emailAddress)) - str->type=V_ASN1_T61STRING; - - if ((nid == NID_pkcs9_emailAddress) && - (str->type == V_ASN1_PRINTABLESTRING)) - str->type=V_ASN1_IA5STRING; - } - - if (str->type == V_ASN1_PRINTABLESTRING) - BIO_printf(bio_err,"PRINTABLE:'"); - else if (str->type == V_ASN1_T61STRING) - BIO_printf(bio_err,"T61STRING:'"); - else if (str->type == V_ASN1_IA5STRING) - BIO_printf(bio_err,"IA5STRING:'"); - else if (str->type == V_ASN1_UNIVERSALSTRING) - BIO_printf(bio_err,"UNIVERSALSTRING:'"); - else - BIO_printf(bio_err,"ASN.1 %2d:'",str->type); - - /* check some things */ - if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) && - (str->type != V_ASN1_IA5STRING)) - { - BIO_printf(bio_err,"\nemailAddress type needs to be of type IA5STRING\n"); - goto err; - } - j=ASN1_PRINTABLE_type(str->data,str->length); - if ( ((j == V_ASN1_T61STRING) && - (str->type != V_ASN1_T61STRING)) || - ((j == V_ASN1_IA5STRING) && - (str->type == V_ASN1_PRINTABLESTRING))) - { - BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n"); - goto err; - } - - p=(char *)str->data; - for (j=str->length; j>0; j--) - { - if ((*p >= ' ') && (*p <= '~')) - BIO_printf(bio_err,"%c",*p); - else if (*p & 0x80) - BIO_printf(bio_err,"\\0x%02X",*p); - else if ((unsigned char)*p == 0xf7) - BIO_printf(bio_err,"^?"); - else BIO_printf(bio_err,"^%c",*p+'@'); - p++; - } - BIO_printf(bio_err,"'\n"); - } - - /* Ok, now we check the 'policy' stuff. */ - if ((subject=X509_NAME_new()) == NULL) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - - /* take a copy of the issuer name before we mess with it. */ - CAname=X509_NAME_dup(x509->cert_info->subject); - if (CAname == NULL) goto err; - str=str2=NULL; - - for (i=0; i<sk_CONF_VALUE_num(policy); i++) - { - cv=sk_CONF_VALUE_value(policy,i); /* get the object id */ - if ((j=OBJ_txt2nid(cv->name)) == NID_undef) - { - BIO_printf(bio_err,"%s:unknown object type in 'policy' configuration\n",cv->name); - goto err; - } - obj=OBJ_nid2obj(j); - - last= -1; - for (;;) - { - /* lookup the object in the supplied name list */ - j=X509_NAME_get_index_by_OBJ(name,obj,last); - if (j < 0) - { - if (last != -1) break; - tne=NULL; - } - else - { - tne=X509_NAME_get_entry(name,j); - } - last=j; - - /* depending on the 'policy', decide what to do. */ - push=NULL; - if (strcmp(cv->value,"optional") == 0) - { - if (tne != NULL) - push=tne; - } - else if (strcmp(cv->value,"supplied") == 0) - { - if (tne == NULL) - { - BIO_printf(bio_err,"The %s field needed to be supplied and was missing\n",cv->name); - goto err; - } - else - push=tne; - } - else if (strcmp(cv->value,"match") == 0) - { - int last2; - - if (tne == NULL) - { - BIO_printf(bio_err,"The mandatory %s field was missing\n",cv->name); - goto err; - } - - last2= -1; - -again2: - j=X509_NAME_get_index_by_OBJ(CAname,obj,last2); - if ((j < 0) && (last2 == -1)) - { - BIO_printf(bio_err,"The %s field does not exist in the CA certificate,\nthe 'policy' is misconfigured\n",cv->name); - goto err; - } - if (j >= 0) - { - push=X509_NAME_get_entry(CAname,j); - str=X509_NAME_ENTRY_get_data(tne); - str2=X509_NAME_ENTRY_get_data(push); - last2=j; - if (ASN1_STRING_cmp(str,str2) != 0) - goto again2; - } - if (j < 0) - { - BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str2 == NULL)?"NULL":(char *)str2->data),((str == NULL)?"NULL":(char *)str->data)); - goto err; - } - } - else - { - BIO_printf(bio_err,"%s:invalid type in 'policy' configuration\n",cv->value); - goto err; - } - - if (push != NULL) - { - if (!X509_NAME_add_entry(subject,push, -1, 0)) - { - if (push != NULL) - X509_NAME_ENTRY_free(push); - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - } - if (j < 0) break; - } - } - - if (preserve) - { - X509_NAME_free(subject); - subject=X509_NAME_dup(X509_REQ_get_subject_name(req)); - if (subject == NULL) goto err; - } - - if (verbose) - BIO_printf(bio_err,"The subject name appears to be ok, checking data base for clashes\n"); - - row[DB_name]=X509_NAME_oneline(subject,NULL,0); - row[DB_serial]=BN_bn2hex(serial); - if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - - rrow=TXT_DB_get_by_index(db,DB_name,row); - if (rrow != NULL) - { - BIO_printf(bio_err,"ERROR:There is already a certificate for %s\n", - row[DB_name]); - } - else - { - rrow=TXT_DB_get_by_index(db,DB_serial,row); - if (rrow != NULL) - { - BIO_printf(bio_err,"ERROR:Serial number %s has already been issued,\n", - row[DB_serial]); - BIO_printf(bio_err," check the database/serial_file for corruption\n"); - } - } - - if (rrow != NULL) - { - BIO_printf(bio_err, - "The matching entry has the following details\n"); - if (rrow[DB_type][0] == 'E') - p="Expired"; - else if (rrow[DB_type][0] == 'R') - p="Revoked"; - else if (rrow[DB_type][0] == 'V') - p="Valid"; - else - p="\ninvalid type, Data base error\n"; - BIO_printf(bio_err,"Type :%s\n",p);; - if (rrow[DB_type][0] == 'R') - { - p=rrow[DB_exp_date]; if (p == NULL) p="undef"; - BIO_printf(bio_err,"Was revoked on:%s\n",p); - } - p=rrow[DB_exp_date]; if (p == NULL) p="undef"; - BIO_printf(bio_err,"Expires on :%s\n",p); - p=rrow[DB_serial]; if (p == NULL) p="undef"; - BIO_printf(bio_err,"Serial Number :%s\n",p); - p=rrow[DB_file]; if (p == NULL) p="undef"; - BIO_printf(bio_err,"File name :%s\n",p); - p=rrow[DB_name]; if (p == NULL) p="undef"; - BIO_printf(bio_err,"Subject Name :%s\n",p); - ok= -1; /* This is now a 'bad' error. */ - goto err; - } - - /* We are now totally happy, lets make and sign the certificate */ - if (verbose) - BIO_printf(bio_err,"Everything appears to be ok, creating and signing the certificate\n"); - - if ((ret=X509_new()) == NULL) goto err; - ci=ret->cert_info; - -#ifdef X509_V3 - /* Make it an X509 v3 certificate. */ - if (!X509_set_version(x509,2)) goto err; -#endif - - if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL) - goto err; - if (!X509_set_issuer_name(ret,X509_get_subject_name(x509))) - goto err; - - BIO_printf(bio_err,"Certificate is to be certified until "); - if (strcmp(startdate,"today") == 0) - X509_gmtime_adj(X509_get_notBefore(ret),0); - else ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate); - - if (enddate == NULL) - X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days); - else ASN1_UTCTIME_set_string(X509_get_notAfter(ret),enddate); - - ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret)); - if(days) BIO_printf(bio_err," (%d days)",days); - BIO_printf(bio_err, "\n"); - - if (!X509_set_subject_name(ret,subject)) goto err; - - pktmp=X509_REQ_get_pubkey(req); - i = X509_set_pubkey(ret,pktmp); - EVP_PKEY_free(pktmp); - if (!i) goto err; - - /* Lets add the extensions, if there are any */ - if (ext_sect) - { - X509V3_CTX ctx; - if (ci->version == NULL) - if ((ci->version=ASN1_INTEGER_new()) == NULL) - goto err; - ASN1_INTEGER_set(ci->version,2); /* version 3 certificate */ - - /* Free the current entries if any, there should not - * be any I believe */ - if (ci->extensions != NULL) - sk_X509_EXTENSION_pop_free(ci->extensions, - X509_EXTENSION_free); - - ci->extensions = NULL; - - X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0); - X509V3_set_conf_lhash(&ctx, lconf); - - if(!X509V3_EXT_add_conf(lconf, &ctx, ext_sect, ret)) goto err; - - } - - - if (!batch) - { - BIO_printf(bio_err,"Sign the certificate? [y/n]:"); - (void)BIO_flush(bio_err); - buf[0]='\0'; - fgets(buf,sizeof(buf)-1,stdin); - if (!((buf[0] == 'y') || (buf[0] == 'Y'))) - { - BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n"); - ok=0; - goto err; - } - } - - -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1(); - pktmp=X509_get_pubkey(ret); - if (EVP_PKEY_missing_parameters(pktmp) && - !EVP_PKEY_missing_parameters(pkey)) - EVP_PKEY_copy_parameters(pktmp,pkey); - EVP_PKEY_free(pktmp); -#endif - - if (!X509_sign(ret,pkey,dgst)) - goto err; - - /* We now just add it to the database */ - row[DB_type]=(char *)Malloc(2); - - tm=X509_get_notAfter(ret); - row[DB_exp_date]=(char *)Malloc(tm->length+1); - memcpy(row[DB_exp_date],tm->data,tm->length); - row[DB_exp_date][tm->length]='\0'; - - row[DB_rev_date]=NULL; - - /* row[DB_serial] done already */ - row[DB_file]=(char *)Malloc(8); - /* row[DB_name] done already */ - - if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || - (row[DB_file] == NULL)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - strcpy(row[DB_file],"unknown"); - row[DB_type][0]='V'; - row[DB_type][1]='\0'; - - if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - - for (i=0; i<DB_NUMBER; i++) - { - irow[i]=row[i]; - row[i]=NULL; - } - irow[DB_NUMBER]=NULL; - - if (!TXT_DB_insert(db,irow)) - { - BIO_printf(bio_err,"failed to update database\n"); - BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error); - goto err; - } - ok=1; -err: - for (i=0; i<DB_NUMBER; i++) - if (row[i] != NULL) Free(row[i]); - - if (CAname != NULL) - X509_NAME_free(CAname); - if (subject != NULL) - X509_NAME_free(subject); - if (tmptm != NULL) - ASN1_UTCTIME_free(tmptm); - if (ok <= 0) - { - if (ret != NULL) X509_free(ret); - ret=NULL; - } - else - *xret=ret; - return(ok); - } - -static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext) - { - - if (output_der) - { - (void)i2d_X509_bio(bp,x); - return; - } -#if 0 - /* ??? Not needed since X509_print prints all this stuff anyway */ - f=X509_NAME_oneline(X509_get_issuer_name(x),buf,256); - BIO_printf(bp,"issuer :%s\n",f); - - f=X509_NAME_oneline(X509_get_subject_name(x),buf,256); - BIO_printf(bp,"subject:%s\n",f); - - BIO_puts(bp,"serial :"); - i2a_ASN1_INTEGER(bp,x->cert_info->serialNumber); - BIO_puts(bp,"\n\n"); -#endif - if(!notext)X509_print(bp,x); - PEM_write_bio_X509(bp,x); - } - -static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, - const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db, - BIGNUM *serial, char *startdate, char *enddate, int days, - char *ext_sect, LHASH *lconf, int verbose) - { - STACK_OF(CONF_VALUE) *sk=NULL; - LHASH *parms=NULL; - X509_REQ *req=NULL; - CONF_VALUE *cv=NULL; - NETSCAPE_SPKI *spki = NULL; - X509_REQ_INFO *ri; - char *type,*buf; - EVP_PKEY *pktmp=NULL; - X509_NAME *n=NULL; - X509_NAME_ENTRY *ne=NULL; - int ok= -1,i,j; - long errline; - int nid; - - /* - * Load input file into a hash table. (This is just an easy - * way to read and parse the file, then put it into a convenient - * STACK format). - */ - parms=CONF_load(NULL,infile,&errline); - if (parms == NULL) - { - BIO_printf(bio_err,"error on line %ld of %s\n",errline,infile); - ERR_print_errors(bio_err); - goto err; - } - - sk=CONF_get_section(parms, "default"); - if (sk_CONF_VALUE_num(sk) == 0) - { - BIO_printf(bio_err, "no name/value pairs found in %s\n", infile); - CONF_free(parms); - goto err; - } - - /* - * Now create a dummy X509 request structure. We don't actually - * have an X509 request, but we have many of the components - * (a public key, various DN components). The idea is that we - * put these components into the right X509 request structure - * and we can use the same code as if you had a real X509 request. - */ - req=X509_REQ_new(); - if (req == NULL) - { - ERR_print_errors(bio_err); - goto err; - } - - /* - * Build up the subject name set. - */ - ri=req->req_info; - n = ri->subject; - - for (i = 0; ; i++) - { - if (sk_CONF_VALUE_num(sk) <= i) break; - - cv=sk_CONF_VALUE_value(sk,i); - type=cv->name; - /* Skip past any leading X. X: X, etc to allow for - * multiple instances - */ - for(buf = cv->name; *buf ; buf++) - if ((*buf == ':') || (*buf == ',') || (*buf == '.')) { - buf++; - if(*buf) type = buf; - break; - } - - buf=cv->value; - if ((nid=OBJ_txt2nid(type)) == NID_undef) - { - if (strcmp(type, "SPKAC") == 0) - { - spki = NETSCAPE_SPKI_b64_decode(cv->value, -1); - if (spki == NULL) - { - BIO_printf(bio_err,"unable to load Netscape SPKAC structure\n"); - ERR_print_errors(bio_err); - goto err; - } - } - continue; - } - - j=ASN1_PRINTABLE_type((unsigned char *)buf,-1); - if (fix_data(nid, &j) == 0) - { - BIO_printf(bio_err, - "invalid characters in string %s\n",buf); - goto err; - } - - if ((ne=X509_NAME_ENTRY_create_by_NID(&ne,nid,j, - (unsigned char *)buf, - strlen(buf))) == NULL) - goto err; - - if (!X509_NAME_add_entry(n,ne,-1, 0)) goto err; - } - if (spki == NULL) - { - BIO_printf(bio_err,"Netscape SPKAC structure not found in %s\n", - infile); - goto err; - } - - /* - * Now extract the key from the SPKI structure. - */ - - BIO_printf(bio_err,"Check that the SPKAC request matches the signature\n"); - - if ((pktmp=NETSCAPE_SPKI_get_pubkey(spki)) == NULL) - { - BIO_printf(bio_err,"error unpacking SPKAC public key\n"); - goto err; - } - - j = NETSCAPE_SPKI_verify(spki, pktmp); - if (j <= 0) - { - BIO_printf(bio_err,"signature verification failed on SPKAC public key\n"); - goto err; - } - BIO_printf(bio_err,"Signature ok\n"); - - X509_REQ_set_pubkey(req,pktmp); - EVP_PKEY_free(pktmp); - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,enddate, - days,1,verbose,req,ext_sect,lconf); -err: - if (req != NULL) X509_REQ_free(req); - if (parms != NULL) CONF_free(parms); - if (spki != NULL) NETSCAPE_SPKI_free(spki); - if (ne != NULL) X509_NAME_ENTRY_free(ne); - - return(ok); - } - -static int fix_data(int nid, int *type) - { - if (nid == NID_pkcs9_emailAddress) - *type=V_ASN1_IA5STRING; - if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING)) - *type=V_ASN1_T61STRING; - if ((nid == NID_pkcs9_challengePassword) && (*type == V_ASN1_IA5STRING)) - *type=V_ASN1_T61STRING; - if ((nid == NID_pkcs9_unstructuredName) && (*type == V_ASN1_T61STRING)) - return(0); - if (nid == NID_pkcs9_unstructuredName) - *type=V_ASN1_IA5STRING; - return(1); - } - -static int check_time_format(char *str) - { - ASN1_UTCTIME tm; - - tm.data=(unsigned char *)str; - tm.length=strlen(str); - tm.type=V_ASN1_UTCTIME; - return(ASN1_UTCTIME_check(&tm)); - } - -static int add_oid_section(LHASH *hconf) -{ - char *p; - STACK_OF(CONF_VALUE) *sktmp; - CONF_VALUE *cnf; - int i; - if(!(p=CONF_get_string(hconf,NULL,"oid_section"))) return 1; - if(!(sktmp = CONF_get_section(hconf, p))) { - BIO_printf(bio_err, "problem loading oid section %s\n", p); - return 0; - } - for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { - cnf = sk_CONF_VALUE_value(sktmp, i); - if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { - BIO_printf(bio_err, "problem creating object %s=%s\n", - cnf->name, cnf->value); - return 0; - } - } - return 1; -} - -static int do_revoke(X509 *x509, TXT_DB *db) -{ - ASN1_UTCTIME *tm=NULL, *revtm=NULL; - char *row[DB_NUMBER],**rrow,**irow; - BIGNUM *bn = NULL; - int ok=-1,i; - - for (i=0; i<DB_NUMBER; i++) - row[i]=NULL; - row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0); - bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL); - row[DB_serial]=BN_bn2hex(bn); - BN_free(bn); - if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - /* We have to lookup by serial number because name lookup - * skips revoked certs - */ - rrow=TXT_DB_get_by_index(db,DB_serial,row); - if (rrow == NULL) - { - BIO_printf(bio_err,"Adding Entry to DB for %s\n", row[DB_name]); - - /* We now just add it to the database */ - row[DB_type]=(char *)Malloc(2); - - tm=X509_get_notAfter(x509); - row[DB_exp_date]=(char *)Malloc(tm->length+1); - memcpy(row[DB_exp_date],tm->data,tm->length); - row[DB_exp_date][tm->length]='\0'; - - row[DB_rev_date]=NULL; - - /* row[DB_serial] done already */ - row[DB_file]=(char *)Malloc(8); - - /* row[DB_name] done already */ - - if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || - (row[DB_file] == NULL)) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - strcpy(row[DB_file],"unknown"); - row[DB_type][0]='V'; - row[DB_type][1]='\0'; - - if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto err; - } - - for (i=0; i<DB_NUMBER; i++) - { - irow[i]=row[i]; - row[i]=NULL; - } - irow[DB_NUMBER]=NULL; - - if (!TXT_DB_insert(db,irow)) - { - BIO_printf(bio_err,"failed to update database\n"); - BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error); - goto err; - } - - /* Revoke Certificate */ - ok = do_revoke(x509,db); - - goto err; - - } - else if (index_name_cmp(row,rrow)) - { - BIO_printf(bio_err,"ERROR:name does not match %s\n", - row[DB_name]); - goto err; - } - else if (rrow[DB_type][0]=='R') - { - BIO_printf(bio_err,"ERROR:Already revoked, serial number %s\n", - row[DB_serial]); - goto err; - } - else - { - BIO_printf(bio_err,"Revoking Certificate %s.\n", rrow[DB_serial]); - revtm = ASN1_UTCTIME_new(); - revtm=X509_gmtime_adj(revtm,0); - rrow[DB_type][0]='R'; - rrow[DB_type][1]='\0'; - rrow[DB_rev_date]=(char *)Malloc(revtm->length+1); - memcpy(rrow[DB_rev_date],revtm->data,revtm->length); - rrow[DB_rev_date][revtm->length]='\0'; - ASN1_UTCTIME_free(revtm); - } - ok=1; -err: - for (i=0; i<DB_NUMBER; i++) - { - if (row[i] != NULL) - Free(row[i]); - } - return(ok); -} - diff --git a/crypto/openssl/apps/cert.pem b/crypto/openssl/apps/cert.pem deleted file mode 100644 index de4a77ac6db63..0000000000000 --- a/crypto/openssl/apps/cert.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD -VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa -Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0 -YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT -DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7 -tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q -sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO -19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3 ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/ciphers.c b/crypto/openssl/apps/ciphers.c deleted file mode 100644 index f8e9e7be2e6d5..0000000000000 --- a/crypto/openssl/apps/ciphers.c +++ /dev/null @@ -1,196 +0,0 @@ -/* apps/ciphers.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#ifdef NO_STDIO -#define APPS_WIN16 -#endif -#include "apps.h" -#include <openssl/err.h> -#include <openssl/ssl.h> - -#undef PROG -#define PROG ciphers_main - -static char *ciphers_usage[]={ -"usage: ciphers args\n", -" -v - verbose mode, a textual listing of the ciphers in SSLeay\n", -" -ssl2 - SSL2 mode\n", -" -ssl3 - SSL3 mode\n", -NULL -}; - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int ret=1,i; - int verbose=0; - char **pp; - const char *p; - int badops=0; - SSL_CTX *ctx=NULL; - SSL *ssl=NULL; - char *ciphers=NULL; - SSL_METHOD *meth=NULL; - STACK_OF(SSL_CIPHER) *sk; - char buf[512]; - BIO *STDout=NULL; - -#if !defined(NO_SSL2) && !defined(NO_SSL3) - meth=SSLv23_server_method(); -#elif !defined(NO_SSL3) - meth=SSLv3_server_method(); -#elif !defined(NO_SSL2) - meth=SSLv2_server_method(); -#endif - - apps_startup(); - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - STDout=BIO_new_fp(stdout,BIO_NOCLOSE); - - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-v") == 0) - verbose=1; -#ifndef NO_SSL2 - else if (strcmp(*argv,"-ssl2") == 0) - meth=SSLv2_client_method(); -#endif -#ifndef NO_SSL3 - else if (strcmp(*argv,"-ssl3") == 0) - meth=SSLv3_client_method(); -#endif - else if ((strncmp(*argv,"-h",2) == 0) || - (strcmp(*argv,"-?") == 0)) - { - badops=1; - break; - } - else - { - ciphers= *argv; - } - argc--; - argv++; - } - - if (badops) - { - for (pp=ciphers_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,*pp); - goto end; - } - - OpenSSL_add_ssl_algorithms(); - - ctx=SSL_CTX_new(meth); - if (ctx == NULL) goto err; - if (ciphers != NULL) { - if(!SSL_CTX_set_cipher_list(ctx,ciphers)) { - BIO_printf(bio_err, "Error in cipher list\n"); - goto err; - } - } - ssl=SSL_new(ctx); - if (ssl == NULL) goto err; - - - if (!verbose) - { - for (i=0; ; i++) - { - p=SSL_get_cipher_list(ssl,i); - if (p == NULL) break; - if (i != 0) BIO_printf(STDout,":"); - BIO_printf(STDout,"%s",p); - } - BIO_printf(STDout,"\n"); - } - else - { - sk=SSL_get_ciphers(ssl); - - for (i=0; i<sk_SSL_CIPHER_num(sk); i++) - { - BIO_puts(STDout,SSL_CIPHER_description( - sk_SSL_CIPHER_value(sk,i), - buf,512)); - } - } - - ret=0; - if (0) - { -err: - SSL_load_error_strings(); - ERR_print_errors(bio_err); - } -end: - if (ctx != NULL) SSL_CTX_free(ctx); - if (ssl != NULL) SSL_free(ssl); - if (STDout != NULL) BIO_free(STDout); - EXIT(ret); - } - diff --git a/crypto/openssl/apps/client.pem b/crypto/openssl/apps/client.pem deleted file mode 100644 index 307910e56e585..0000000000000 --- a/crypto/openssl/apps/client.pem +++ /dev/null @@ -1,24 +0,0 @@ -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit) ------BEGIN CERTIFICATE----- -MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD -VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5 -MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG -A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl -cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw -Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt -XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5 -NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3 -UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE -9TKwhS4GlwbtCfxSKQ== ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm -q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko -/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1 -HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0 -ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/ -nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw -ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg== ------END RSA PRIVATE KEY----- diff --git a/crypto/openssl/apps/crl.c b/crypto/openssl/apps/crl.c deleted file mode 100644 index 338f46d97c5f0..0000000000000 --- a/crypto/openssl/apps/crl.c +++ /dev/null @@ -1,366 +0,0 @@ -/* apps/crl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/x509.h> -#include <openssl/x509v3.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG crl_main - -#undef POSTFIX -#define POSTFIX ".rvk" - -static char *crl_usage[]={ -"usage: crl args\n", -"\n", -" -inform arg - input format - default PEM (DER or PEM)\n", -" -outform arg - output format - default PEM\n", -" -text - print out a text format version\n", -" -in arg - input file - default stdin\n", -" -out arg - output file - default stdout\n", -" -hash - print hash value\n", -" -issuer - print issuer DN\n", -" -lastupdate - lastUpdate field\n", -" -nextupdate - nextUpdate field\n", -" -noout - no CRL output\n", -" -CAfile name - verify CRL using certificates in file \"name\"\n", -" -CApath dir - verify CRL using certificates in \"dir\"\n", -NULL -}; - -static X509_CRL *load_crl(char *file, int format); -static BIO *bio_out=NULL; - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - X509_CRL *x=NULL; - char *CAfile = NULL, *CApath = NULL; - int ret=1,i,num,badops=0; - BIO *out=NULL; - int informat,outformat; - char *infile=NULL,*outfile=NULL; - int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; - char **pp,buf[256]; - X509_STORE *store = NULL; - X509_STORE_CTX ctx; - X509_LOOKUP *lookup = NULL; - X509_OBJECT xobj; - EVP_PKEY *pkey; - int do_ver = 0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (bio_out == NULL) - if ((bio_out=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_out,stdout,BIO_NOCLOSE); - - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - argc--; - argv++; - num=0; - while (argc >= 1) - { -#ifdef undef - if (strcmp(*argv,"-p") == 0) - { - if (--argc < 1) goto bad; - if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/ - } -#endif - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-CApath") == 0) - { - if (--argc < 1) goto bad; - CApath = *(++argv); - do_ver = 1; - } - else if (strcmp(*argv,"-CAfile") == 0) - { - if (--argc < 1) goto bad; - CAfile = *(++argv); - do_ver = 1; - } - else if (strcmp(*argv,"-verify") == 0) - do_ver = 1; - else if (strcmp(*argv,"-text") == 0) - text = 1; - else if (strcmp(*argv,"-hash") == 0) - hash= ++num; - else if (strcmp(*argv,"-issuer") == 0) - issuer= ++num; - else if (strcmp(*argv,"-lastupdate") == 0) - lastupdate= ++num; - else if (strcmp(*argv,"-nextupdate") == 0) - nextupdate= ++num; - else if (strcmp(*argv,"-noout") == 0) - noout= ++num; - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - for (pp=crl_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,*pp); - goto end; - } - - ERR_load_crypto_strings(); - x=load_crl(infile,informat); - if (x == NULL) { goto end; } - - if(do_ver) { - store = X509_STORE_new(); - lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file()); - if (lookup == NULL) goto end; - if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) - X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); - - lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir()); - if (lookup == NULL) goto end; - if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) - X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); - ERR_clear_error(); - - X509_STORE_CTX_init(&ctx, store, NULL, NULL); - - i = X509_STORE_get_by_subject(&ctx, X509_LU_X509, - X509_CRL_get_issuer(x), &xobj); - if(i <= 0) { - BIO_printf(bio_err, - "Error getting CRL issuer certificate\n"); - goto end; - } - pkey = X509_get_pubkey(xobj.data.x509); - X509_OBJECT_free_contents(&xobj); - if(!pkey) { - BIO_printf(bio_err, - "Error getting CRL issuer public key\n"); - goto end; - } - i = X509_CRL_verify(x, pkey); - EVP_PKEY_free(pkey); - if(i < 0) goto end; - if(i == 0) BIO_printf(bio_err, "verify failure\n"); - else BIO_printf(bio_err, "verify OK\n"); - } - - if (num) - { - for (i=1; i<=num; i++) - { - if (issuer == i) - { - X509_NAME_oneline(X509_CRL_get_issuer(x), - buf,256); - BIO_printf(bio_out,"issuer= %s\n",buf); - } - - if (hash == i) - { - BIO_printf(bio_out,"%08lx\n", - X509_NAME_hash(X509_CRL_get_issuer(x))); - } - if (lastupdate == i) - { - BIO_printf(bio_out,"lastUpdate="); - ASN1_TIME_print(bio_out, - X509_CRL_get_lastUpdate(x)); - BIO_printf(bio_out,"\n"); - } - if (nextupdate == i) - { - BIO_printf(bio_out,"nextUpdate="); - if (X509_CRL_get_nextUpdate(x)) - ASN1_TIME_print(bio_out, - X509_CRL_get_nextUpdate(x)); - else - BIO_printf(bio_out,"NONE"); - BIO_printf(bio_out,"\n"); - } - } - } - - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (text) X509_CRL_print(out, x); - - if (noout) goto end; - - if (outformat == FORMAT_ASN1) - i=(int)i2d_X509_CRL_bio(out,x); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_X509_CRL(out,x); - else - { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; } - ret=0; -end: - BIO_free(out); - BIO_free(bio_out); - bio_out=NULL; - X509_CRL_free(x); - if(store) { - X509_STORE_CTX_cleanup(&ctx); - X509_STORE_free(store); - } - EXIT(ret); - } - -static X509_CRL *load_crl(char *infile, int format) - { - X509_CRL *x=NULL; - BIO *in=NULL; - - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - if (format == FORMAT_ASN1) - x=d2i_X509_CRL_bio(in,NULL); - else if (format == FORMAT_PEM) - x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input crl\n"); - goto end; - } - if (x == NULL) - { - BIO_printf(bio_err,"unable to load CRL\n"); - ERR_print_errors(bio_err); - goto end; - } - -end: - BIO_free(in); - return(x); - } - diff --git a/crypto/openssl/apps/crl2p7.c b/crypto/openssl/apps/crl2p7.c deleted file mode 100644 index 4056591676989..0000000000000 --- a/crypto/openssl/apps/crl2p7.c +++ /dev/null @@ -1,335 +0,0 @@ -/* apps/crl2p7.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu> - * and donated 'to the cause' along with lots and lots of other fixes to - * the library. */ - -#include <stdio.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#include "apps.h" -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/pkcs7.h> -#include <openssl/pem.h> -#include <openssl/objects.h> - -static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile); -#undef PROG -#define PROG crl2pkcs7_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int i,badops=0; - BIO *in=NULL,*out=NULL; - int informat,outformat; - char *infile,*outfile,*prog,*certfile; - PKCS7 *p7 = NULL; - PKCS7_SIGNED *p7s = NULL; - X509_CRL *crl=NULL; - STACK *certflst=NULL; - STACK_OF(X509_CRL) *crl_stack=NULL; - STACK_OF(X509) *cert_stack=NULL; - int ret=1,nocrl=0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-nocrl") == 0) - { - nocrl=1; - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-certfile") == 0) - { - if (--argc < 1) goto bad; - if(!certflst) certflst = sk_new(NULL); - sk_push(certflst,*(++argv)); - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n"); - BIO_printf(bio_err," (can be used more than once)\n"); - BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n"); - EXIT(1); - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - if (!nocrl) - { - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - - if (informat == FORMAT_ASN1) - crl=d2i_X509_CRL_bio(in,NULL); - else if (informat == FORMAT_PEM) - crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input crl\n"); - goto end; - } - if (crl == NULL) - { - BIO_printf(bio_err,"unable to load CRL\n"); - ERR_print_errors(bio_err); - goto end; - } - } - - if ((p7=PKCS7_new()) == NULL) goto end; - if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end; - p7->type=OBJ_nid2obj(NID_pkcs7_signed); - p7->d.sign=p7s; - p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data); - - if (!ASN1_INTEGER_set(p7s->version,1)) goto end; - if ((crl_stack=sk_X509_CRL_new(NULL)) == NULL) goto end; - p7s->crl=crl_stack; - if (crl != NULL) - { - sk_X509_CRL_push(crl_stack,crl); - crl=NULL; /* now part of p7 for Freeing */ - } - - if ((cert_stack=sk_X509_new(NULL)) == NULL) goto end; - p7s->cert=cert_stack; - - if(certflst) for(i = 0; i < sk_num(certflst); i++) { - certfile = sk_value(certflst, i); - if (add_certs_from_file(cert_stack,certfile) < 0) - { - BIO_printf(bio_err, "error loading certificates\n"); - ERR_print_errors(bio_err); - goto end; - } - } - - sk_free(certflst); - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (outformat == FORMAT_ASN1) - i=i2d_PKCS7_bio(out,p7); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_PKCS7(out,p7); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write pkcs7 object\n"); - ERR_print_errors(bio_err); - goto end; - } - ret=0; -end: - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (p7 != NULL) PKCS7_free(p7); - if (crl != NULL) X509_CRL_free(crl); - - EXIT(ret); - } - -/* - *---------------------------------------------------------------------- - * int add_certs_from_file - * - * Read a list of certificates to be checked from a file. - * - * Results: - * number of certs added if successful, -1 if not. - *---------------------------------------------------------------------- - */ -static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile) - { - struct stat st; - BIO *in=NULL; - int count=0; - int ret= -1; - STACK_OF(X509_INFO) *sk=NULL; - X509_INFO *xi; - - if ((stat(certfile,&st) != 0)) - { - BIO_printf(bio_err,"unable to load the file, %s\n",certfile); - goto end; - } - - in=BIO_new(BIO_s_file()); - if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0)) - { - BIO_printf(bio_err,"error opening the file, %s\n",certfile); - goto end; - } - - /* This loads from a file, a stack of x509/crl/pkey sets */ - sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL); - if (sk == NULL) { - BIO_printf(bio_err,"error reading the file, %s\n",certfile); - goto end; - } - - /* scan over it and pull out the CRL's */ - while (sk_X509_INFO_num(sk)) - { - xi=sk_X509_INFO_shift(sk); - if (xi->x509 != NULL) - { - sk_X509_push(stack,xi->x509); - xi->x509=NULL; - count++; - } - X509_INFO_free(xi); - } - - ret=count; -end: - /* never need to Free x */ - if (in != NULL) BIO_free(in); - if (sk != NULL) sk_X509_INFO_free(sk); - return(ret); - } - diff --git a/crypto/openssl/apps/demoCA/cacert.pem b/crypto/openssl/apps/demoCA/cacert.pem deleted file mode 100644 index affbce3bc9483..0000000000000 --- a/crypto/openssl/apps/demoCA/cacert.pem +++ /dev/null @@ -1,14 +0,0 @@ -subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server -issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA ------BEGIN X509 CERTIFICATE----- - -MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV -BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz -MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM -RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV -BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3 -LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb -/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0 -DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn -IMs6ZOZB ------END X509 CERTIFICATE----- diff --git a/crypto/openssl/apps/demoCA/index.txt b/crypto/openssl/apps/demoCA/index.txt deleted file mode 100644 index 2cdd252d67ca7..0000000000000 --- a/crypto/openssl/apps/demoCA/index.txt +++ /dev/null @@ -1,39 +0,0 @@ -R 980705233205Z 951009233205Z 01 certs/00000001 /CN=Eric Young -E 951009233205Z 02 certs/00000002 /CN=Duncan Young -R 980705233205Z 951201010000Z 03 certs/00000003 /CN=Tim Hudson -V 980705233205Z 04 certs/00000004 /CN=Eric Young4 -V 980705233205Z 05 certs/00000004 /CN=Eric Young5 -V 980705233205Z 06 certs/00000004 /CN=Eric Young6 -V 980705233205Z 07 certs/00000004 /CN=Eric Young7 -V 980705233205Z 08 certs/00000004 /CN=Eric Young8 -V 980705233205Z 09 certs/00000004 /CN=Eric Young9 -V 980705233205Z 0A certs/00000004 /CN=Eric YoungA -V 980705233205Z 0B certs/00000004 /CN=Eric YoungB -V 980705233205Z 0C certs/00000004 /CN=Eric YoungC -V 980705233205Z 0D certs/00000004 /CN=Eric YoungD -V 980705233205Z 0E certs/00000004 /CN=Eric YoungE -V 980705233205Z 0F certs/00000004 /CN=Eric YoungF -V 980705233205Z 10 certs/00000004 /CN=Eric Young10 -V 980705233205Z 11 certs/00000004 /CN=Eric Young11 -V 980705233205Z 12 certs/00000004 /CN=Eric Young12 -V 980705233205Z 13 certs/00000004 /CN=Eric Young13 -V 980705233205Z 14 certs/00000004 /CN=Eric Young14 -V 980705233205Z 15 certs/00000004 /CN=Eric Young15 -V 980705233205Z 16 certs/00000004 /CN=Eric Young16 -V 980705233205Z 17 certs/00000004 /CN=Eric Young17 -V 961206150305Z 010C unknown /C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au -V 961206153245Z 010D unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au -V 970322074816Z 010E unknown /CN=Eric Young/Email=eay@mincom.oz.au -V 970322075152Z 010F unknown /CN=Eric Young -V 970322075906Z 0110 unknown /CN=Eric Youngg -V 970324092238Z 0111 unknown /C=AU/SP=Queensland/CN=Eric Young -V 970324221931Z 0112 unknown /CN=Fred -V 970324224934Z 0113 unknown /C=AU/CN=eay -V 971001005237Z 0114 unknown /C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test -V 971001010331Z 0115 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3 -V 971001013945Z 0117 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test -V 971014225415Z 0118 unknown /C=AU/SP=Queensland/CN=test -V 971015004448Z 0119 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2 -V 971016035001Z 011A unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64 -V 971016080129Z 011B unknown /C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr -V 971016224000Z 011D unknown /L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk diff --git a/crypto/openssl/apps/demoCA/private/cakey.pem b/crypto/openssl/apps/demoCA/private/cakey.pem deleted file mode 100644 index 48fb18c7d8070..0000000000000 --- a/crypto/openssl/apps/demoCA/private/cakey.pem +++ /dev/null @@ -1,24 +0,0 @@ -issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA -subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server ------BEGIN X509 CERTIFICATE----- - -MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV -BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz -MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM -RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV -BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3 -LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb -/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0 -DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn -IMs6ZOZB ------END X509 CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- - -MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe -Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ -hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG -sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw -tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq -agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA -g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI= ------END RSA PRIVATE KEY----- diff --git a/crypto/openssl/apps/demoCA/serial b/crypto/openssl/apps/demoCA/serial deleted file mode 100644 index 69fa0ffe28e7e..0000000000000 --- a/crypto/openssl/apps/demoCA/serial +++ /dev/null @@ -1 +0,0 @@ -011E diff --git a/crypto/openssl/apps/der_chop b/crypto/openssl/apps/der_chop deleted file mode 100644 index 9070b032fc38b..0000000000000 --- a/crypto/openssl/apps/der_chop +++ /dev/null @@ -1,305 +0,0 @@ -#!/usr/local/bin/perl -# -# der_chop ... this is one total hack that Eric is really not proud of -# so don't look at it and don't ask for support -# -# The "documentation" for this (i.e. all the comments) are my fault --tjh -# -# This program takes the "raw" output of derparse/asn1parse and -# converts it into tokens and then runs regular expression matches -# to try to figure out what to grab to get the things that are needed -# and it is possible that this will do the wrong thing as it is a *hack* -# -# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET) -# [I know ... promises promises :-)] -# -# To convert a Netscape Certificate: -# der_chop < ServerCert.der > cert.pem -# To convert a Netscape Key (and encrypt it again to protect it) -# rsa -inform NET -in ServerKey.der -des > key.pem -# -# 23-Apr-96 eay Added the extra ASN.1 string types, I still think this -# is an evil hack. If nothing else the parsing should -# be relative, not absolute. -# 19-Apr-96 tjh hacked (with eay) into 0.5.x format -# -# Tim Hudson -# tjh@cryptsoft.com -# - - -require 'getopts.pl'; - -$debug=0; - -# this was the 0.4.x way of doing things ... -$cmd="derparse"; -$x509_cmd="x509"; -$crl_cmd="crl"; -$rc4_cmd="rc4"; -$md2_cmd="md2"; -$md4_cmd="md4"; -$rsa_cmd="rsa -des -inform der "; - -# this was the 0.5.x way of doing things ... -$cmd="openssl asn1parse"; -$x509_cmd="openssl x509"; -$crl_cmd="openssl crl"; -$rc4_cmd="openssl rc4"; -$md2_cmd="openssl md2"; -$md4_cmd="openssl md4"; -$rsa_cmd="openssl rsa -des -inform der "; - -&Getopts('vd:') || die "usage:$0 [-v] [-d num] file"; -$depth=($opt_d =~ /^\d+$/)?$opt_d:0; - -&init_der(); - -if ($#ARGV != -1) - { - foreach $file (@ARGV) - { - print STDERR "doing $file\n"; - &dofile($file); - } - } -else - { - $file="/tmp/a$$.DER"; - open(OUT,">$file") || die "unable to open $file:$!\n"; - for (;;) - { - $i=sysread(STDIN,$b,1024*10); - last if ($i <= 0); - $i=syswrite(OUT,$b,$i); - } - &dofile($file); - unlink($file); - } - -sub dofile - { - local($file)=@_; - local(@p); - - $b=&load_file($file); - @p=&load_file_parse($file); - - foreach $_ (@p) - { - ($off,$d,$hl,$len)=&parse_line($_); - $d-=$depth; - next if ($d != 0); - next if ($len == 0); - - $o=substr($b,$off,$len+$hl); - ($str,@data)=&der_str($o); - print "$str\n" if ($opt_v); - if ($str =~ /^$crl/) - { - open(OUT,"|$crl_cmd -inform d -hash -issuer") || - die "unable to run $crl_cmd:$!\n"; - print OUT $o; - close(OUT); - } - elsif ($str =~ /^$x509/) - { - open(OUT,"|$x509_cmd -inform d -hash -subject -issuer") - || die "unable to run $x509_cmd:$!\n"; - print OUT $o; - close(OUT); - } - elsif ($str =~ /^$rsa/) - { - ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/); - next unless ($type eq "rsaEncryption"); - ($off,$d,$hl,$len)=&parse_line($data[5]); - $os=substr($o,$off+$hl,$len); - open(OUT,"|$rsa_cmd") - || die "unable to run $rsa_cmd:$!\n"; - print OUT $os; - close(OUT); - } - elsif ($str =~ /^0G-1D-1G/) - { - ($off,$d,$hl,$len)=&parse_line($data[1]); - $os=substr($o,$off+$hl,$len); - print STDERR "<$os>\n" if $opt_v; - &do_certificate($o,@data) - if (($os eq "certificate") && - ($str =! /^0G-1D-1G-2G-3F-3E-2D/)); - &do_private_key($o,@data) - if (($os eq "private-key") && - ($str =! /^0G-1D-1G-2G-3F-3E-2D/)); - } - } - } - -sub der_str - { - local($str)=@_; - local(*OUT,*IN,@a,$t,$d,$ret); - local($file)="/tmp/b$$.DER"; - local(@ret); - - open(OUT,">$file"); - print OUT $str; - close(OUT); - open(IN,"$cmd -inform 'd' -in $file |") || - die "unable to run $cmd:$!\n"; - $ret=""; - while (<IN>) - { - chop; - push(@ret,$_); - - print STDERR "$_\n" if ($debug); - - @a=split(/\s*:\s*/); - ($d)=($a[1] =~ /d=\s*(\d+)/); - $a[2] =~ s/\s+$//; - $t=$DER_s2i{$a[2]}; - $ret.="$d$t-"; - } - close(IN); - unlink($file); - chop $ret; - $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g; - $ret =~ s/(-3G-4B-4L)+/-RCERT/g; - return($ret,@ret); - } - -sub init_der - { - $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C"; - $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C"; - $rsa= "0G-1B-1G-2F-2E-1D"; - - %DER_i2s=( - # SSLeay 0.4.x has this list - "A","EOC", - "B","INTEGER", - "C","BIT STRING", - "D","OCTET STRING", - "E","NULL", - "F","OBJECT", - "G","SEQUENCE", - "H","SET", - "I","PRINTABLESTRING", - "J","T61STRING", - "K","IA5STRING", - "L","UTCTIME", - "M","NUMERICSTRING", - "N","VIDEOTEXSTRING", - "O","GENERALIZEDTIME", - "P","GRAPHICSTRING", - "Q","ISO64STRING", - "R","GENERALSTRING", - "S","UNIVERSALSTRING", - - # SSLeay 0.5.x changed some things ... and I'm - # leaving in the old stuff but adding in these - # to handle the new as well --tjh - # - Well I've just taken them out and added the extra new - # ones :-) - eay - ); - - foreach (keys %DER_i2s) - { $DER_s2i{$DER_i2s{$_}}=$_; } - } - -sub parse_line - { - local($_)=@_; - - return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/); - } - -# 0:d=0 hl=4 l=377 cons: univ: SEQUENCE -# 4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING -# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE -# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE -# 23:d=3 hl=2 l= 8 prim: univ: OBJECT_IDENTIFIER :rc4 -# 33:d=3 hl=2 l= 0 prim: univ: NULL -# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING -sub do_private_key - { - local($data,@struct)=@_; - local($file)="/tmp/b$$.DER"; - local($off,$d,$hl,$len,$_,$b,@p,$s); - - ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/); - if ($type eq "rc4") - { - ($off,$d,$hl,$len)=&parse_line($struct[6]); - open(OUT,"|$rc4_cmd >$file") || - die "unable to run $rc4_cmd:$!\n"; - print OUT substr($data,$off+$hl,$len); - close(OUT); - - $b=&load_file($file); - unlink($file); - - ($s,@p)=&der_str($b); - die "unknown rsa key type\n$s\n" - if ($s ne '0G-1B-1G-2F-2E-1D'); - local($off,$d,$hl,$len)=&parse_line($p[5]); - $b=substr($b,$off+$hl,$len); - ($s,@p)=&der_str($b); - open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n"; - print OUT $b; - close(OUT); - } - else - { - print "'$type' is unknown\n"; - exit(1); - } - } - -sub do_certificate - { - local($data,@struct)=@_; - local($file)="/tmp/b$$.DER"; - local($off,$d,$hl,$len,$_,$b,@p,$s); - - ($off,$d,$hl,$len)=&parse_line($struct[2]); - $b=substr($data,$off,$len+$hl); - - open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n"; - print OUT $b; - close(OUT); - } - -sub load_file - { - local($file)=@_; - local(*IN,$r,$b,$i); - - $r=""; - open(IN,"<$file") || die "unable to open $file:$!\n"; - for (;;) - { - $i=sysread(IN,$b,10240); - last if ($i <= 0); - $r.=$b; - } - close(IN); - return($r); - } - -sub load_file_parse - { - local($file)=@_; - local(*IN,$r,@ret,$_,$i,$n,$b); - - open(IN,"$cmd -inform d -in $file|") - || die "unable to run der_parse\n"; - while (<IN>) - { - chop; - push(@ret,$_); - } - return($r,@ret); - } - diff --git a/crypto/openssl/apps/der_chop.in b/crypto/openssl/apps/der_chop.in deleted file mode 100644 index 9070b032fc38b..0000000000000 --- a/crypto/openssl/apps/der_chop.in +++ /dev/null @@ -1,305 +0,0 @@ -#!/usr/local/bin/perl -# -# der_chop ... this is one total hack that Eric is really not proud of -# so don't look at it and don't ask for support -# -# The "documentation" for this (i.e. all the comments) are my fault --tjh -# -# This program takes the "raw" output of derparse/asn1parse and -# converts it into tokens and then runs regular expression matches -# to try to figure out what to grab to get the things that are needed -# and it is possible that this will do the wrong thing as it is a *hack* -# -# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET) -# [I know ... promises promises :-)] -# -# To convert a Netscape Certificate: -# der_chop < ServerCert.der > cert.pem -# To convert a Netscape Key (and encrypt it again to protect it) -# rsa -inform NET -in ServerKey.der -des > key.pem -# -# 23-Apr-96 eay Added the extra ASN.1 string types, I still think this -# is an evil hack. If nothing else the parsing should -# be relative, not absolute. -# 19-Apr-96 tjh hacked (with eay) into 0.5.x format -# -# Tim Hudson -# tjh@cryptsoft.com -# - - -require 'getopts.pl'; - -$debug=0; - -# this was the 0.4.x way of doing things ... -$cmd="derparse"; -$x509_cmd="x509"; -$crl_cmd="crl"; -$rc4_cmd="rc4"; -$md2_cmd="md2"; -$md4_cmd="md4"; -$rsa_cmd="rsa -des -inform der "; - -# this was the 0.5.x way of doing things ... -$cmd="openssl asn1parse"; -$x509_cmd="openssl x509"; -$crl_cmd="openssl crl"; -$rc4_cmd="openssl rc4"; -$md2_cmd="openssl md2"; -$md4_cmd="openssl md4"; -$rsa_cmd="openssl rsa -des -inform der "; - -&Getopts('vd:') || die "usage:$0 [-v] [-d num] file"; -$depth=($opt_d =~ /^\d+$/)?$opt_d:0; - -&init_der(); - -if ($#ARGV != -1) - { - foreach $file (@ARGV) - { - print STDERR "doing $file\n"; - &dofile($file); - } - } -else - { - $file="/tmp/a$$.DER"; - open(OUT,">$file") || die "unable to open $file:$!\n"; - for (;;) - { - $i=sysread(STDIN,$b,1024*10); - last if ($i <= 0); - $i=syswrite(OUT,$b,$i); - } - &dofile($file); - unlink($file); - } - -sub dofile - { - local($file)=@_; - local(@p); - - $b=&load_file($file); - @p=&load_file_parse($file); - - foreach $_ (@p) - { - ($off,$d,$hl,$len)=&parse_line($_); - $d-=$depth; - next if ($d != 0); - next if ($len == 0); - - $o=substr($b,$off,$len+$hl); - ($str,@data)=&der_str($o); - print "$str\n" if ($opt_v); - if ($str =~ /^$crl/) - { - open(OUT,"|$crl_cmd -inform d -hash -issuer") || - die "unable to run $crl_cmd:$!\n"; - print OUT $o; - close(OUT); - } - elsif ($str =~ /^$x509/) - { - open(OUT,"|$x509_cmd -inform d -hash -subject -issuer") - || die "unable to run $x509_cmd:$!\n"; - print OUT $o; - close(OUT); - } - elsif ($str =~ /^$rsa/) - { - ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/); - next unless ($type eq "rsaEncryption"); - ($off,$d,$hl,$len)=&parse_line($data[5]); - $os=substr($o,$off+$hl,$len); - open(OUT,"|$rsa_cmd") - || die "unable to run $rsa_cmd:$!\n"; - print OUT $os; - close(OUT); - } - elsif ($str =~ /^0G-1D-1G/) - { - ($off,$d,$hl,$len)=&parse_line($data[1]); - $os=substr($o,$off+$hl,$len); - print STDERR "<$os>\n" if $opt_v; - &do_certificate($o,@data) - if (($os eq "certificate") && - ($str =! /^0G-1D-1G-2G-3F-3E-2D/)); - &do_private_key($o,@data) - if (($os eq "private-key") && - ($str =! /^0G-1D-1G-2G-3F-3E-2D/)); - } - } - } - -sub der_str - { - local($str)=@_; - local(*OUT,*IN,@a,$t,$d,$ret); - local($file)="/tmp/b$$.DER"; - local(@ret); - - open(OUT,">$file"); - print OUT $str; - close(OUT); - open(IN,"$cmd -inform 'd' -in $file |") || - die "unable to run $cmd:$!\n"; - $ret=""; - while (<IN>) - { - chop; - push(@ret,$_); - - print STDERR "$_\n" if ($debug); - - @a=split(/\s*:\s*/); - ($d)=($a[1] =~ /d=\s*(\d+)/); - $a[2] =~ s/\s+$//; - $t=$DER_s2i{$a[2]}; - $ret.="$d$t-"; - } - close(IN); - unlink($file); - chop $ret; - $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g; - $ret =~ s/(-3G-4B-4L)+/-RCERT/g; - return($ret,@ret); - } - -sub init_der - { - $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C"; - $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C"; - $rsa= "0G-1B-1G-2F-2E-1D"; - - %DER_i2s=( - # SSLeay 0.4.x has this list - "A","EOC", - "B","INTEGER", - "C","BIT STRING", - "D","OCTET STRING", - "E","NULL", - "F","OBJECT", - "G","SEQUENCE", - "H","SET", - "I","PRINTABLESTRING", - "J","T61STRING", - "K","IA5STRING", - "L","UTCTIME", - "M","NUMERICSTRING", - "N","VIDEOTEXSTRING", - "O","GENERALIZEDTIME", - "P","GRAPHICSTRING", - "Q","ISO64STRING", - "R","GENERALSTRING", - "S","UNIVERSALSTRING", - - # SSLeay 0.5.x changed some things ... and I'm - # leaving in the old stuff but adding in these - # to handle the new as well --tjh - # - Well I've just taken them out and added the extra new - # ones :-) - eay - ); - - foreach (keys %DER_i2s) - { $DER_s2i{$DER_i2s{$_}}=$_; } - } - -sub parse_line - { - local($_)=@_; - - return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/); - } - -# 0:d=0 hl=4 l=377 cons: univ: SEQUENCE -# 4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING -# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE -# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE -# 23:d=3 hl=2 l= 8 prim: univ: OBJECT_IDENTIFIER :rc4 -# 33:d=3 hl=2 l= 0 prim: univ: NULL -# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING -sub do_private_key - { - local($data,@struct)=@_; - local($file)="/tmp/b$$.DER"; - local($off,$d,$hl,$len,$_,$b,@p,$s); - - ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/); - if ($type eq "rc4") - { - ($off,$d,$hl,$len)=&parse_line($struct[6]); - open(OUT,"|$rc4_cmd >$file") || - die "unable to run $rc4_cmd:$!\n"; - print OUT substr($data,$off+$hl,$len); - close(OUT); - - $b=&load_file($file); - unlink($file); - - ($s,@p)=&der_str($b); - die "unknown rsa key type\n$s\n" - if ($s ne '0G-1B-1G-2F-2E-1D'); - local($off,$d,$hl,$len)=&parse_line($p[5]); - $b=substr($b,$off+$hl,$len); - ($s,@p)=&der_str($b); - open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n"; - print OUT $b; - close(OUT); - } - else - { - print "'$type' is unknown\n"; - exit(1); - } - } - -sub do_certificate - { - local($data,@struct)=@_; - local($file)="/tmp/b$$.DER"; - local($off,$d,$hl,$len,$_,$b,@p,$s); - - ($off,$d,$hl,$len)=&parse_line($struct[2]); - $b=substr($data,$off,$len+$hl); - - open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n"; - print OUT $b; - close(OUT); - } - -sub load_file - { - local($file)=@_; - local(*IN,$r,$b,$i); - - $r=""; - open(IN,"<$file") || die "unable to open $file:$!\n"; - for (;;) - { - $i=sysread(IN,$b,10240); - last if ($i <= 0); - $r.=$b; - } - close(IN); - return($r); - } - -sub load_file_parse - { - local($file)=@_; - local(*IN,$r,@ret,$_,$i,$n,$b); - - open(IN,"$cmd -inform d -in $file|") - || die "unable to run der_parse\n"; - while (<IN>) - { - chop; - push(@ret,$_); - } - return($r,@ret); - } - diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c deleted file mode 100644 index 1b56d6ef44167..0000000000000 --- a/crypto/openssl/apps/dgst.c +++ /dev/null @@ -1,222 +0,0 @@ -/* apps/dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#undef BUFSIZE -#define BUFSIZE 1024*8 - -#undef PROG -#define PROG dgst_main - -void do_fp(unsigned char *buf,BIO *f,int sep); - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - unsigned char *buf=NULL; - int i,err=0; - const EVP_MD *md=NULL,*m; - BIO *in=NULL,*inp; - BIO *bmd=NULL; - const char *name; -#define PROG_NAME_SIZE 16 - char pname[PROG_NAME_SIZE]; - int separator=0; - int debug=0; - - apps_startup(); - - if ((buf=(unsigned char *)Malloc(BUFSIZE)) == NULL) - { - BIO_printf(bio_err,"out of memory\n"); - goto end; - } - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - /* first check the program name */ - program_name(argv[0],pname,PROG_NAME_SIZE); - - md=EVP_get_digestbyname(pname); - - argc--; - argv++; - while (argc > 0) - { - if ((*argv)[0] != '-') break; - if (strcmp(*argv,"-c") == 0) - separator=1; - else if (strcmp(*argv,"-d") == 0) - debug=1; - else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL) - md=m; - else - break; - argc--; - argv++; - } - - if (md == NULL) - md=EVP_md5(); - - if ((argc > 0) && (argv[0][0] == '-')) /* bad option */ - { - BIO_printf(bio_err,"unknown option '%s'\n",*argv); - BIO_printf(bio_err,"options are\n"); - BIO_printf(bio_err,"-c to output the digest with separating colons\n"); - BIO_printf(bio_err,"-d to output debug info\n"); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n", - LN_md5,LN_md5); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", - LN_md2,LN_md2); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", - LN_sha1,LN_sha1); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", - LN_sha,LN_sha); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", - LN_mdc2,LN_mdc2); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", - LN_ripemd160,LN_ripemd160); - err=1; - goto end; - } - - in=BIO_new(BIO_s_file()); - bmd=BIO_new(BIO_f_md()); - if (debug) - { - BIO_set_callback(in,BIO_debug_callback); - /* needed for windows 3.1 */ - BIO_set_callback_arg(in,bio_err); - } - - if ((in == NULL) || (bmd == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - /* we use md as a filter, reading from 'in' */ - BIO_set_md(bmd,md); - inp=BIO_push(bmd,in); - - if (argc == 0) - { - BIO_set_fp(in,stdin,BIO_NOCLOSE); - do_fp(buf,inp,separator); - } - else - { - name=OBJ_nid2sn(md->type); - for (i=0; i<argc; i++) - { - if (BIO_read_filename(in,argv[i]) <= 0) - { - perror(argv[i]); - err++; - continue; - } - printf("%s(%s)= ",name,argv[i]); - do_fp(buf,inp,separator); - (void)BIO_reset(bmd); - } - } -end: - if (buf != NULL) - { - memset(buf,0,BUFSIZE); - Free(buf); - } - if (in != NULL) BIO_free(in); - if (bmd != NULL) BIO_free(bmd); - EXIT(err); - } - -void do_fp(unsigned char *buf, BIO *bp, int sep) - { - int len; - int i; - - for (;;) - { - i=BIO_read(bp,(char *)buf,BUFSIZE); - if (i <= 0) break; - } - len=BIO_gets(bp,(char *)buf,BUFSIZE); - - for (i=0; i<len; i++) - { - if (sep && (i != 0)) - putc(':',stdout); - printf("%02x",buf[i]); - } - printf("\n"); - } - diff --git a/crypto/openssl/apps/dh.c b/crypto/openssl/apps/dh.c deleted file mode 100644 index 674963f81a901..0000000000000 --- a/crypto/openssl/apps/dh.c +++ /dev/null @@ -1,316 +0,0 @@ -/* apps/dh.c */ -/* obsoleted by dhparam.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DH -#include <stdio.h> -#include <stdlib.h> -#include <time.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/dh.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG dh_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -check - check the parameters are ok - * -noout - * -text - * -C - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - DH *dh=NULL; - int i,badops=0,text=0; - BIO *in=NULL,*out=NULL; - int informat,outformat,check=0,noout=0,C=0,ret=1; - char *infile,*outfile,*prog; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-check") == 0) - check=1; - else if (strcmp(*argv,"-text") == 0) - text=1; - else if (strcmp(*argv,"-C") == 0) - C=1; - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER PEM\n"); - BIO_printf(bio_err," -outform arg output format - one of DER PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -check check the DH parameters\n"); - BIO_printf(bio_err," -text print a text form of the DH parameters\n"); - BIO_printf(bio_err," -C Output C code\n"); - BIO_printf(bio_err," -noout no output\n"); - goto end; - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (informat == FORMAT_ASN1) - dh=d2i_DHparams_bio(in,NULL); - else if (informat == FORMAT_PEM) - dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL); - else - { - BIO_printf(bio_err,"bad input format specified\n"); - goto end; - } - if (dh == NULL) - { - BIO_printf(bio_err,"unable to load DH parameters\n"); - ERR_print_errors(bio_err); - goto end; - } - - - - if (text) - { - DHparams_print(out,dh); -#ifdef undef - printf("p="); - BN_print(stdout,dh->p); - printf("\ng="); - BN_print(stdout,dh->g); - printf("\n"); - if (dh->length != 0) - printf("recommended private length=%ld\n",dh->length); -#endif - } - - if (check) - { - if (!DH_check(dh,&i)) - { - ERR_print_errors(bio_err); - goto end; - } - if (i & DH_CHECK_P_NOT_PRIME) - printf("p value is not prime\n"); - if (i & DH_CHECK_P_NOT_SAFE_PRIME) - printf("p value is not a safe prime\n"); - if (i & DH_UNABLE_TO_CHECK_GENERATOR) - printf("unable to check the generator value\n"); - if (i & DH_NOT_SUITABLE_GENERATOR) - printf("the g value is not a generator\n"); - if (i == 0) - printf("DH parameters appear to be ok.\n"); - } - if (C) - { - unsigned char *data; - int len,l,bits; - - len=BN_num_bytes(dh->p); - bits=BN_num_bits(dh->p); - data=(unsigned char *)Malloc(len); - if (data == NULL) - { - perror("Malloc"); - goto end; - } - l=BN_bn2bin(dh->p,data); - printf("static unsigned char dh%d_p[]={",bits); - for (i=0; i<l; i++) - { - if ((i%12) == 0) printf("\n\t"); - printf("0x%02X,",data[i]); - } - printf("\n\t};\n"); - - l=BN_bn2bin(dh->g,data); - printf("static unsigned char dh%d_g[]={",bits); - for (i=0; i<l; i++) - { - if ((i%12) == 0) printf("\n\t"); - printf("0x%02X,",data[i]); - } - printf("\n\t};\n\n"); - - printf("DH *get_dh%d()\n\t{\n",bits); - printf("\tDH *dh;\n\n"); - printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n"); - printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n", - bits,bits); - printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n", - bits,bits); - printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n"); - printf("\t\treturn(NULL);\n"); - printf("\treturn(dh);\n\t}\n"); - Free(data); - } - - - if (!noout) - { - if (outformat == FORMAT_ASN1) - i=i2d_DHparams_bio(out,dh); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_DHparams(out,dh); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write DH parameters\n"); - ERR_print_errors(bio_err); - goto end; - } - } - ret=0; -end: - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (dh != NULL) DH_free(dh); - EXIT(ret); - } -#endif diff --git a/crypto/openssl/apps/dh1024.pem b/crypto/openssl/apps/dh1024.pem deleted file mode 100644 index 81d43f6a3eae3..0000000000000 --- a/crypto/openssl/apps/dh1024.pem +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN DH PARAMETERS----- -MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq -/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx -/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC ------END DH PARAMETERS----- diff --git a/crypto/openssl/apps/dhparam.c b/crypto/openssl/apps/dhparam.c deleted file mode 100644 index 709547ff5e6f5..0000000000000 --- a/crypto/openssl/apps/dhparam.c +++ /dev/null @@ -1,520 +0,0 @@ -/* apps/dhparam.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef NO_DH -#include <stdio.h> -#include <stdlib.h> -#include <time.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/dh.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#ifndef NO_DSA -#include <openssl/dsa.h> -#endif - -#undef PROG -#define PROG dhparam_main - -#define DEFBITS 512 - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -dsaparam - read or generate DSA parameters, convert to DH - * -check - check the parameters are ok - * -noout - * -text - * -C - */ - -static void MS_CALLBACK dh_cb(int p, int n, void *arg); - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - DH *dh=NULL; - int i,badops=0,text=0; -#ifndef NO_DSA - int dsaparam=0; -#endif - BIO *in=NULL,*out=NULL; - int informat,outformat,check=0,noout=0,C=0,ret=1; - char *infile,*outfile,*prog; - char *inrand=NULL; - int num = 0, g = 0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-check") == 0) - check=1; - else if (strcmp(*argv,"-text") == 0) - text=1; -#ifndef NO_DSA - else if (strcmp(*argv,"-dsaparam") == 0) - dsaparam=1; -#endif - else if (strcmp(*argv,"-C") == 0) - C=1; - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (strcmp(*argv,"-2") == 0) - g=2; - else if (strcmp(*argv,"-5") == 0) - g=5; - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } - else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0))) - goto bad; - argv++; - argc--; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] [numbits]\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER PEM\n"); - BIO_printf(bio_err," -outform arg output format - one of DER PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); -#ifndef NO_DSA - BIO_printf(bio_err," -dsaparam read or generate DSA parameters, convert to DH\n"); -#endif - BIO_printf(bio_err," -check check the DH parameters\n"); - BIO_printf(bio_err," -text print a text form of the DH parameters\n"); - BIO_printf(bio_err," -C Output C code\n"); - BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); - BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); - BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -noout no output\n"); - goto end; - } - - ERR_load_crypto_strings(); - - if (g && !num) - num = DEFBITS; - -#ifndef NO_DSA - if (dsaparam) - { - if (g) - { - BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n"); - goto end; - } - } - else -#endif - { - /* DH parameters */ - if (num && !g) - g = 2; - } - - if(num) { - - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) - { - BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); - } - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - -#ifndef NO_DSA - if (dsaparam) - { - DSA *dsa; - - BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); - dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err); - if (dsa == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - dh = DSA_dup_DH(dsa); - DSA_free(dsa); - if (dh == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - } - else -#endif - { - BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g); - BIO_printf(bio_err,"This is going to take a long time\n"); - dh=DH_generate_parameters(num,g,dh_cb,bio_err); - - if (dh == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - } - - app_RAND_write_file(NULL, bio_err); - } else { - - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - - if (informat != FORMAT_ASN1 && informat != FORMAT_PEM) - { - BIO_printf(bio_err,"bad input format specified\n"); - goto end; - } - -#ifndef NO_DSA - if (dsaparam) - { - DSA *dsa; - - if (informat == FORMAT_ASN1) - dsa=d2i_DSAparams_bio(in,NULL); - else /* informat == FORMAT_PEM */ - dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL); - - if (dsa == NULL) - { - BIO_printf(bio_err,"unable to load DSA parameters\n"); - ERR_print_errors(bio_err); - goto end; - } - - dh = DSA_dup_DH(dsa); - DSA_free(dsa); - if (dh == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - } - else -#endif - { - if (informat == FORMAT_ASN1) - dh=d2i_DHparams_bio(in,NULL); - else /* informat == FORMAT_PEM */ - dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL); - - if (dh == NULL) - { - BIO_printf(bio_err,"unable to load DH parameters\n"); - ERR_print_errors(bio_err); - goto end; - } - } - - /* dh != NULL */ - } - - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - - if (text) - { - DHparams_print(out,dh); - } - - if (check) - { - if (!DH_check(dh,&i)) - { - ERR_print_errors(bio_err); - goto end; - } - if (i & DH_CHECK_P_NOT_PRIME) - printf("p value is not prime\n"); - if (i & DH_CHECK_P_NOT_SAFE_PRIME) - printf("p value is not a safe prime\n"); - if (i & DH_UNABLE_TO_CHECK_GENERATOR) - printf("unable to check the generator value\n"); - if (i & DH_NOT_SUITABLE_GENERATOR) - printf("the g value is not a generator\n"); - if (i == 0) - printf("DH parameters appear to be ok.\n"); - } - if (C) - { - unsigned char *data; - int len,l,bits; - - len=BN_num_bytes(dh->p); - bits=BN_num_bits(dh->p); - data=(unsigned char *)Malloc(len); - if (data == NULL) - { - perror("Malloc"); - goto end; - } - printf("#ifndef HEADER_DH_H\n" - "#include <openssl/dh.h>\n" - "#endif\n"); - printf("DH *get_dh%d()\n\t{\n",bits); - - l=BN_bn2bin(dh->p,data); - printf("\tstatic unsigned char dh%d_p[]={",bits); - for (i=0; i<l; i++) - { - if ((i%12) == 0) printf("\n\t\t"); - printf("0x%02X,",data[i]); - } - printf("\n\t\t};\n"); - - l=BN_bn2bin(dh->g,data); - printf("\tstatic unsigned char dh%d_g[]={",bits); - for (i=0; i<l; i++) - { - if ((i%12) == 0) printf("\n\t\t"); - printf("0x%02X,",data[i]); - } - printf("\n\t\t};\n"); - - printf("\tDH *dh;\n\n"); - printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n"); - printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n", - bits,bits); - printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n", - bits,bits); - printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n"); - printf("\t\t{ DH_free(dh); return(NULL); }\n"); - if (dh->length) - printf("\tdh->length = %d;\n", dh->length); - printf("\treturn(dh);\n\t}\n"); - Free(data); - } - - - if (!noout) - { - if (outformat == FORMAT_ASN1) - i=i2d_DHparams_bio(out,dh); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_DHparams(out,dh); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write DH parameters\n"); - ERR_print_errors(bio_err); - goto end; - } - } - ret=0; -end: - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (dh != NULL) DH_free(dh); - EXIT(ret); - } - -/* dh_cb is identical to dsa_cb in apps/dsaparam.c */ -static void MS_CALLBACK dh_cb(int p, int n, void *arg) - { - char c='*'; - - if (p == 0) c='.'; - if (p == 1) c='+'; - if (p == 2) c='*'; - if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); -#ifdef LINT - p=n; -#endif - } - -#endif diff --git a/crypto/openssl/apps/dsa-ca.pem b/crypto/openssl/apps/dsa-ca.pem deleted file mode 100644 index cccc14208fc1b..0000000000000 --- a/crypto/openssl/apps/dsa-ca.pem +++ /dev/null @@ -1,40 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ -PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel -u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH -Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso -hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu -SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y -Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4 -94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T -tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77 -J6zsFbSEHaQGUmfSeoM= ------END DSA PRIVATE KEY----- ------BEGIN CERTIFICATE REQUEST----- -MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx -ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew -ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW -sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m -rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk -cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo -bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR -CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB -F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH -vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq -AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u -3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v -AhQfeF5BoMMDbX/kidUVpQ6gadPlZA== ------END CERTIFICATE REQUEST----- ------BEGIN CERTIFICATE----- -MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww -CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw -CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu -ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE -AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi -ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh -MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD -MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa -C1Q= ------END CERTIFICATE----- - diff --git a/crypto/openssl/apps/dsa-pca.pem b/crypto/openssl/apps/dsa-pca.pem deleted file mode 100644 index d23774edd618a..0000000000000 --- a/crypto/openssl/apps/dsa-pca.pem +++ /dev/null @@ -1,46 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ -PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel -u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH -Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso -hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu -SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y -Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk -umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A -29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz -6TicfImU7UFRn9h00j0lJQ== ------END DSA PRIVATE KEY----- ------BEGIN CERTIFICATE REQUEST----- -MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx -ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB -MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G -lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O -Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR -5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl -aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6 -kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als -QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe -6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ -yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0 -z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB -nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w== ------END CERTIFICATE REQUEST----- ------BEGIN CERTIFICATE----- -MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww -CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw -CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu -ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww -ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ -R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5 -JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps -BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze -mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO -VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C -uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk -umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A -29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D -AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n -5rKUjNBhSg== ------END CERTIFICATE----- - diff --git a/crypto/openssl/apps/dsa.c b/crypto/openssl/apps/dsa.c deleted file mode 100644 index 4977671b8adc1..0000000000000 --- a/crypto/openssl/apps/dsa.c +++ /dev/null @@ -1,290 +0,0 @@ -/* apps/dsa.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <time.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/dsa.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG dsa_main - -/* -inform arg - input format - default PEM (one of DER, NET or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -des - encrypt output if PEM format with DES in cbc mode - * -des3 - encrypt output if PEM format - * -idea - encrypt output if PEM format - * -text - print a text version - * -modulus - print the DSA public key - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int ret=1; - DSA *dsa=NULL; - int i,badops=0; - const EVP_CIPHER *enc=NULL; - BIO *in=NULL,*out=NULL; - int informat,outformat,text=0,noout=0; - int pubin = 0, pubout = 0; - char *infile,*outfile,*prog; - char *passargin = NULL, *passargout = NULL; - char *passin = NULL, *passout = NULL; - int modulus=0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (strcmp(*argv,"-text") == 0) - text=1; - else if (strcmp(*argv,"-modulus") == 0) - modulus=1; - else if (strcmp(*argv,"-pubin") == 0) - pubin=1; - else if (strcmp(*argv,"-pubout") == 0) - pubout=1; - else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL) - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -passin arg input file pass phrase source\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -passout arg output file pass phrase source\n"); - BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); - BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); -#ifndef NO_IDEA - BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); -#endif - BIO_printf(bio_err," -text print the key in text\n"); - BIO_printf(bio_err," -noout don't print key out\n"); - BIO_printf(bio_err," -modulus print the DSA public value\n"); - goto end; - } - - ERR_load_crypto_strings(); - - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { - BIO_printf(bio_err, "Error getting passwords\n"); - goto end; - } - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - - BIO_printf(bio_err,"read DSA key\n"); - if (informat == FORMAT_ASN1) { - if(pubin) dsa=d2i_DSA_PUBKEY_bio(in,NULL); - else dsa=d2i_DSAPrivateKey_bio(in,NULL); - } else if (informat == FORMAT_PEM) { - if(pubin) dsa=PEM_read_bio_DSA_PUBKEY(in,NULL, NULL, NULL); - else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,passin); - } else - { - BIO_printf(bio_err,"bad input format specified for key\n"); - goto end; - } - if (dsa == NULL) - { - BIO_printf(bio_err,"unable to load Key\n"); - ERR_print_errors(bio_err); - goto end; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (text) - if (!DSA_print(out,dsa,0)) - { - perror(outfile); - ERR_print_errors(bio_err); - goto end; - } - - if (modulus) - { - fprintf(stdout,"Public Key="); - BN_print(out,dsa->pub_key); - fprintf(stdout,"\n"); - } - - if (noout) goto end; - BIO_printf(bio_err,"writing DSA key\n"); - if (outformat == FORMAT_ASN1) { - if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa); - else i=i2d_DSAPrivateKey_bio(out,dsa); - } else if (outformat == FORMAT_PEM) { - if(pubin || pubout) - i=PEM_write_bio_DSA_PUBKEY(out,dsa); - else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc, - NULL,0,NULL, passout); - } else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write private key\n"); - ERR_print_errors(bio_err); - } - else - ret=0; -end: - if(in != NULL) BIO_free(in); - if(out != NULL) BIO_free(out); - if(dsa != NULL) DSA_free(dsa); - if(passin) Free(passin); - if(passout) Free(passout); - EXIT(ret); - } -#endif diff --git a/crypto/openssl/apps/dsa1024.pem b/crypto/openssl/apps/dsa1024.pem deleted file mode 100644 index 082dec3897826..0000000000000 --- a/crypto/openssl/apps/dsa1024.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN DSA PARAMETERS----- -MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx -mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us -OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36 -bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8 -3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH -zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O -Arg= ------END DSA PARAMETERS----- diff --git a/crypto/openssl/apps/dsa512.pem b/crypto/openssl/apps/dsa512.pem deleted file mode 100644 index 5f86d1a6e7e80..0000000000000 --- a/crypto/openssl/apps/dsa512.pem +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN DSA PARAMETERS----- -MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97 -TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA -gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO -L8wka5B33qJoplISogOdIA== ------END DSA PARAMETERS----- diff --git a/crypto/openssl/apps/dsap.pem b/crypto/openssl/apps/dsap.pem deleted file mode 100644 index d4dfdb3054f3a..0000000000000 --- a/crypto/openssl/apps/dsap.pem +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN DSA PARAMETERS----- -MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya -GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2 -t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD -ADiRffvSdhrNw5dkqdql ------END DSA PARAMETERS----- diff --git a/crypto/openssl/apps/dsaparam.c b/crypto/openssl/apps/dsaparam.c deleted file mode 100644 index 4d4e1ad2b5008..0000000000000 --- a/crypto/openssl/apps/dsaparam.c +++ /dev/null @@ -1,369 +0,0 @@ -/* apps/dsaparam.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <assert.h> -#include <stdio.h> -#include <stdlib.h> -#include <time.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG dsaparam_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -noout - * -text - * -C - * -noout - * -genkey - */ - -static void MS_CALLBACK dsa_cb(int p, int n, void *arg); - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - DSA *dsa=NULL; - int i,badops=0,text=0; - BIO *in=NULL,*out=NULL; - int informat,outformat,noout=0,C=0,ret=1; - char *infile,*outfile,*prog,*inrand=NULL; - int numbits= -1,num,genkey=0; - int need_rand=0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-text") == 0) - text=1; - else if (strcmp(*argv,"-C") == 0) - C=1; - else if (strcmp(*argv,"-genkey") == 0) - { - genkey=1; - need_rand=1; - } - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - need_rand=1; - } - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (sscanf(*argv,"%d",&num) == 1) - { - /* generate a key */ - numbits=num; - need_rand=1; - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -text print the key in text\n"); - BIO_printf(bio_err," -C Output C code\n"); - BIO_printf(bio_err," -noout no output\n"); - BIO_printf(bio_err," -rand files to use for random number input\n"); - BIO_printf(bio_err," number number of bits to use for generating private key\n"); - goto end; - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (need_rand) - { - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - } - - if (numbits > 0) - { - assert(need_rand); - BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); - BIO_printf(bio_err,"This could take some time\n"); - dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL, dsa_cb,bio_err); - } - else if (informat == FORMAT_ASN1) - dsa=d2i_DSAparams_bio(in,NULL); - else if (informat == FORMAT_PEM) - dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL); - else - { - BIO_printf(bio_err,"bad input format specified\n"); - goto end; - } - if (dsa == NULL) - { - BIO_printf(bio_err,"unable to load DSA parameters\n"); - ERR_print_errors(bio_err); - goto end; - } - - if (text) - { - DSAparams_print(out,dsa); - } - - if (C) - { - unsigned char *data; - int l,len,bits_p,bits_q,bits_g; - - len=BN_num_bytes(dsa->p); - bits_p=BN_num_bits(dsa->p); - bits_q=BN_num_bits(dsa->q); - bits_g=BN_num_bits(dsa->g); - data=(unsigned char *)Malloc(len+20); - if (data == NULL) - { - perror("Malloc"); - goto end; - } - l=BN_bn2bin(dsa->p,data); - printf("static unsigned char dsa%d_p[]={",bits_p); - for (i=0; i<l; i++) - { - if ((i%12) == 0) printf("\n\t"); - printf("0x%02X,",data[i]); - } - printf("\n\t};\n"); - - l=BN_bn2bin(dsa->q,data); - printf("static unsigned char dsa%d_q[]={",bits_p); - for (i=0; i<l; i++) - { - if ((i%12) == 0) printf("\n\t"); - printf("0x%02X,",data[i]); - } - printf("\n\t};\n"); - - l=BN_bn2bin(dsa->g,data); - printf("static unsigned char dsa%d_g[]={",bits_p); - for (i=0; i<l; i++) - { - if ((i%12) == 0) printf("\n\t"); - printf("0x%02X,",data[i]); - } - printf("\n\t};\n\n"); - - printf("DSA *get_dsa%d()\n\t{\n",bits_p); - printf("\tDSA *dsa;\n\n"); - printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n"); - printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n", - bits_p,bits_p); - printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n", - bits_p,bits_p); - printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n", - bits_p,bits_p); - printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n"); - printf("\t\treturn(NULL);\n"); - printf("\treturn(dsa);\n\t}\n"); - } - - - if (!noout) - { - if (outformat == FORMAT_ASN1) - i=i2d_DSAparams_bio(out,dsa); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_DSAparams(out,dsa); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write DSA parameters\n"); - ERR_print_errors(bio_err); - goto end; - } - } - if (genkey) - { - DSA *dsakey; - - assert(need_rand); - if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end; - if (!DSA_generate_key(dsakey)) goto end; - if (outformat == FORMAT_ASN1) - i=i2d_DSAPrivateKey_bio(out,dsakey); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - DSA_free(dsakey); - } - if (need_rand) - app_RAND_write_file(NULL, bio_err); - ret=0; -end: - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (dsa != NULL) DSA_free(dsa); - EXIT(ret); - } - -static void MS_CALLBACK dsa_cb(int p, int n, void *arg) - { - char c='*'; - - if (p == 0) c='.'; - if (p == 1) c='+'; - if (p == 2) c='*'; - if (p == 3) c='\n'; - BIO_write(arg,&c,1); - (void)BIO_flush(arg); -#ifdef LINT - p=n; -#endif - } -#endif diff --git a/crypto/openssl/apps/eay.c b/crypto/openssl/apps/eay.c deleted file mode 100644 index a84aa382bde48..0000000000000 --- a/crypto/openssl/apps/eay.c +++ /dev/null @@ -1,131 +0,0 @@ -/* apps/eay.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#define MONOLITH -#define USE_SOCKETS - -#include "openssl/e_os.h" - -#include <openssl/bio.h> -#include <openssl/stack.h> -#include <openssl/lhash.h> - -#include <openssl/err.h> - -#include <openssl/bn.h> - -#include <openssl/evp.h> - -#include <openssl/rand.h> -#include <openssl/conf.h> -#include <openssl/txt_db.h> - -#include <openssl/err.h> - -#include <openssl/x509.h> -#include <openssl/pkcs7.h> -#include <openssl/pem.h> -#include <openssl/asn1.h> -#include <openssl/objects.h> - -#define MONOLITH - -#include "openssl.c" -#include "apps.c" -#include "asn1pars.c" -#ifndef NO_RSA -#include "ca.c" -#include "genrsa.c" -#include "req.c" -#include "rsa.c" -#endif -#ifndef NO_DH -#include "gendh.c" -#include "dh.c" -#endif -#include "crl.c" -#include "crl2p7.c" -#include "dgst.c" -#include "enc.c" -#include "errstr.c" -#if !defined(NO_SSL2) || !defined(NO_SSL3) -#ifndef NO_SOCK -#include "s_cb.c" -#include "s_client.c" -#include "s_server.c" -#include "s_socket.c" -#include "s_time.c" -#endif -#endif -#include "speed.c" -#include "verify.c" -#include "version.c" -#include "x509.c" -#include "ciphers.c" -#include "sess_id.c" -#include "pkcs7.c" -#ifndef NO_DSA -#include "dsaparam.c" -#include "dsa.c" -#include "gendsa.c" -#endif - diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c deleted file mode 100644 index 6531c58c542e7..0000000000000 --- a/crypto/openssl/apps/enc.c +++ /dev/null @@ -1,628 +0,0 @@ -/* apps/enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/x509.h> -#include <openssl/rand.h> -#ifndef NO_MD5 -#include <openssl/md5.h> -#endif -#include <openssl/pem.h> - -int set_hex(char *in,unsigned char *out,int size); -#undef SIZE -#undef BSIZE -#undef PROG - -#define SIZE (512) -#define BSIZE (8*1024) -#define PROG enc_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - static const char magic[]="Salted__"; - char mbuf[8]; /* should be 1 smaller than magic */ - char *strbuf=NULL; - unsigned char *buff=NULL,*bufsize=NULL; - int bsize=BSIZE,verbose=0; - int ret=1,inl; - unsigned char key[24],iv[MD5_DIGEST_LENGTH]; - unsigned char salt[PKCS5_SALT_LEN]; - char *str=NULL, *passarg = NULL, *pass = NULL; - char *hkey=NULL,*hiv=NULL,*hsalt = NULL; - int enc=1,printkey=0,i,base64=0; - int debug=0,olb64=0,nosalt=0; - const EVP_CIPHER *cipher=NULL,*c; - char *inf=NULL,*outf=NULL; - BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; -#define PROG_NAME_SIZE 16 - char pname[PROG_NAME_SIZE]; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - /* first check the program name */ - program_name(argv[0],pname,PROG_NAME_SIZE); - if (strcmp(pname,"base64") == 0) - base64=1; - - cipher=EVP_get_cipherbyname(pname); - if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0)) - { - BIO_printf(bio_err,"%s is an unknown cipher\n",pname); - goto bad; - } - - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-e") == 0) - enc=1; - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - inf= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outf= *(++argv); - } - else if (strcmp(*argv,"-pass") == 0) - { - if (--argc < 1) goto bad; - passarg= *(++argv); - } - else if (strcmp(*argv,"-d") == 0) - enc=0; - else if (strcmp(*argv,"-p") == 0) - printkey=1; - else if (strcmp(*argv,"-v") == 0) - verbose=1; - else if (strcmp(*argv,"-salt") == 0) - nosalt=0; - else if (strcmp(*argv,"-nosalt") == 0) - nosalt=1; - else if (strcmp(*argv,"-debug") == 0) - debug=1; - else if (strcmp(*argv,"-P") == 0) - printkey=2; - else if (strcmp(*argv,"-A") == 0) - olb64=1; - else if (strcmp(*argv,"-a") == 0) - base64=1; - else if (strcmp(*argv,"-base64") == 0) - base64=1; - else if (strcmp(*argv,"-bufsize") == 0) - { - if (--argc < 1) goto bad; - bufsize=(unsigned char *)*(++argv); - } - else if (strcmp(*argv,"-k") == 0) - { - if (--argc < 1) goto bad; - str= *(++argv); - } - else if (strcmp(*argv,"-kfile") == 0) - { - static char buf[128]; - FILE *infile; - char *file; - - if (--argc < 1) goto bad; - file= *(++argv); - infile=fopen(file,"r"); - if (infile == NULL) - { - BIO_printf(bio_err,"unable to read key from '%s'\n", - file); - goto bad; - } - buf[0]='\0'; - fgets(buf,128,infile); - fclose(infile); - i=strlen(buf); - if ((i > 0) && - ((buf[i-1] == '\n') || (buf[i-1] == '\r'))) - buf[--i]='\0'; - if ((i > 0) && - ((buf[i-1] == '\n') || (buf[i-1] == '\r'))) - buf[--i]='\0'; - if (i < 1) - { - BIO_printf(bio_err,"zero length password\n"); - goto bad; - } - str=buf; - } - else if (strcmp(*argv,"-K") == 0) - { - if (--argc < 1) goto bad; - hkey= *(++argv); - } - else if (strcmp(*argv,"-S") == 0) - { - if (--argc < 1) goto bad; - hsalt= *(++argv); - } - else if (strcmp(*argv,"-iv") == 0) - { - if (--argc < 1) goto bad; - hiv= *(++argv); - } - else if ((argv[0][0] == '-') && - ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) - { - cipher=c; - } - else if (strcmp(*argv,"-none") == 0) - cipher=NULL; - else - { - BIO_printf(bio_err,"unknown option '%s'\n",*argv); -bad: - BIO_printf(bio_err,"options are\n"); - BIO_printf(bio_err,"%-14s input file\n","-in <file>"); - BIO_printf(bio_err,"%-14s output file\n","-out <file>"); - BIO_printf(bio_err,"%-14s pass phrase source\n","-pass <arg>"); - BIO_printf(bio_err,"%-14s encrypt\n","-e"); - BIO_printf(bio_err,"%-14s decrypt\n","-d"); - BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64"); - BIO_printf(bio_err,"%-14s key is the next argument\n","-k"); - BIO_printf(bio_err,"%-14s key is the first line of the file argument\n","-kfile"); - BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv"); - BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]"); - BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>"); - - BIO_printf(bio_err,"Cipher Types\n"); - BIO_printf(bio_err,"des : 56 bit key DES encryption\n"); - BIO_printf(bio_err,"des_ede :112 bit key ede DES encryption\n"); - BIO_printf(bio_err,"des_ede3:168 bit key ede DES encryption\n"); -#ifndef NO_IDEA - BIO_printf(bio_err,"idea :128 bit key IDEA encryption\n"); -#endif -#ifndef NO_RC4 - BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n"); -#endif -#ifndef NO_BF - BIO_printf(bio_err,"bf :128 bit key Blowfish encryption\n"); -#endif -#ifndef NO_RC4 - BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n", - LN_rc4); -#endif - - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ecb,LN_des_cbc, - LN_des_cfb64,LN_des_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n", - "des", LN_des_cbc); - - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ede,LN_des_ede_cbc, - LN_des_ede_cfb64,LN_des_ede_ofb64); - BIO_printf(bio_err," -desx -none\n"); - - - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_des_ede3,LN_des_ede3_cbc, - LN_des_ede3_cfb64,LN_des_ede3_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n", - "des3", LN_des_ede3_cbc); - -#ifndef NO_IDEA - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_idea_ecb, LN_idea_cbc, - LN_idea_cfb64, LN_idea_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","idea",LN_idea_cbc); -#endif -#ifndef NO_RC2 - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_rc2_ecb, LN_rc2_cbc, - LN_rc2_cfb64, LN_rc2_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc); -#endif -#ifndef NO_BF - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_bf_ecb, LN_bf_cbc, - LN_bf_cfb64, LN_bf_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc); -#endif -#ifndef NO_CAST - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_cast5_ecb, LN_cast5_cbc, - LN_cast5_cfb64, LN_cast5_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc); -#endif -#ifndef NO_RC5 - BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", - LN_rc5_ecb, LN_rc5_cbc, - LN_rc5_cfb64, LN_rc5_ofb64); - BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc); -#endif - goto end; - } - argc--; - argv++; - } - - if (bufsize != NULL) - { - unsigned long n; - - for (n=0; *bufsize; bufsize++) - { - i= *bufsize; - if ((i <= '9') && (i >= '0')) - n=n*10+i-'0'; - else if (i == 'k') - { - n*=1024; - bufsize++; - break; - } - } - if (*bufsize != '\0') - { - BIO_printf(bio_err,"invalid 'bufsize' specified.\n"); - goto end; - } - - /* It must be large enough for a base64 encoded line */ - if (n < 80) n=80; - - bsize=(int)n; - if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize); - } - - strbuf=Malloc(SIZE); - buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize)); - if ((buff == NULL) || (strbuf == NULL)) - { - BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize)); - goto end; - } - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - if (debug) - { - BIO_set_callback(in,BIO_debug_callback); - BIO_set_callback(out,BIO_debug_callback); - BIO_set_callback_arg(in,bio_err); - BIO_set_callback_arg(out,bio_err); - } - - if (inf == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,inf) <= 0) - { - perror(inf); - goto end; - } - } - - if(!str && passarg) { - if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) { - BIO_printf(bio_err, "Error getting password\n"); - goto end; - } - str = pass; - } - - if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) - { - for (;;) - { - char buf[200]; - - sprintf(buf,"enter %s %s password:", - OBJ_nid2ln(EVP_CIPHER_nid(cipher)), - (enc)?"encryption":"decryption"); - strbuf[0]='\0'; - i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc); - if (i == 0) - { - if (strbuf[0] == '\0') - { - ret=1; - goto end; - } - str=strbuf; - break; - } - if (i < 0) - { - BIO_printf(bio_err,"bad password read\n"); - goto end; - } - } - } - - - if (outf == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outf) <= 0) - { - perror(outf); - goto end; - } - } - - rbio=in; - wbio=out; - - if (base64) - { - if ((b64=BIO_new(BIO_f_base64())) == NULL) - goto end; - if (debug) - { - BIO_set_callback(b64,BIO_debug_callback); - BIO_set_callback_arg(b64,bio_err); - } - if (olb64) - BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); - if (enc) - wbio=BIO_push(b64,wbio); - else - rbio=BIO_push(b64,rbio); - } - - if (cipher != NULL) - { - if (str != NULL) - { - /* Salt handling: if encrypting generate a salt and - * write to output BIO. If decrypting read salt from - * input BIO. - */ - unsigned char *sptr; - if(nosalt) sptr = NULL; - else { - if(enc) { - if(hsalt) { - if(!set_hex(hsalt,salt,PKCS5_SALT_LEN)) { - BIO_printf(bio_err, - "invalid hex salt value\n"); - goto end; - } - } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) < 0) - goto end; - /* If -P option then don't bother writing */ - if((printkey != 2) - && (BIO_write(wbio,magic, - sizeof magic-1) != sizeof magic-1 - || BIO_write(wbio, - (char *)salt, - PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) { - BIO_printf(bio_err,"error writing output file\n"); - goto end; - } - } else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf - || BIO_read(rbio, - (unsigned char *)salt, - PKCS5_SALT_LEN) != PKCS5_SALT_LEN) { - BIO_printf(bio_err,"error reading input file\n"); - goto end; - } else if(memcmp(mbuf,magic,sizeof magic-1)) { - BIO_printf(bio_err,"bad magic number\n"); - goto end; - } - - sptr = salt; - } - - EVP_BytesToKey(cipher,EVP_md5(),sptr, - (unsigned char *)str, - strlen(str),1,key,iv); - /* zero the complete buffer or the string - * passed from the command line - * bug picked up by - * Larry J. Hughes Jr. <hughes@indiana.edu> */ - if (str == strbuf) - memset(str,0,SIZE); - else - memset(str,0,strlen(str)); - } - if ((hiv != NULL) && !set_hex(hiv,iv,8)) - { - BIO_printf(bio_err,"invalid hex iv value\n"); - goto end; - } - if ((hkey != NULL) && !set_hex(hkey,key,24)) - { - BIO_printf(bio_err,"invalid hex key value\n"); - goto end; - } - - if ((benc=BIO_new(BIO_f_cipher())) == NULL) - goto end; - BIO_set_cipher(benc,cipher,key,iv,enc); - if (debug) - { - BIO_set_callback(benc,BIO_debug_callback); - BIO_set_callback_arg(benc,bio_err); - } - - if (printkey) - { - if (!nosalt) - { - printf("salt="); - for (i=0; i<PKCS5_SALT_LEN; i++) - printf("%02X",salt[i]); - printf("\n"); - } - if (cipher->key_len > 0) - { - printf("key="); - for (i=0; i<cipher->key_len; i++) - printf("%02X",key[i]); - printf("\n"); - } - if (cipher->iv_len > 0) - { - printf("iv ="); - for (i=0; i<cipher->iv_len; i++) - printf("%02X",iv[i]); - printf("\n"); - } - if (printkey == 2) - { - ret=0; - goto end; - } - } - } - - /* Only encrypt/decrypt as we write the file */ - if (benc != NULL) - wbio=BIO_push(benc,wbio); - - for (;;) - { - inl=BIO_read(rbio,(char *)buff,bsize); - if (inl <= 0) break; - if (BIO_write(wbio,(char *)buff,inl) != inl) - { - BIO_printf(bio_err,"error writing output file\n"); - goto end; - } - } - if (!BIO_flush(wbio)) - { - BIO_printf(bio_err,"bad decrypt\n"); - goto end; - } - - ret=0; - if (verbose) - { - BIO_printf(bio_err,"bytes read :%8ld\n",BIO_number_read(in)); - BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out)); - } -end: - ERR_print_errors(bio_err); - if (strbuf != NULL) Free(strbuf); - if (buff != NULL) Free(buff); - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (benc != NULL) BIO_free(benc); - if (b64 != NULL) BIO_free(b64); - if(pass) Free(pass); - EXIT(ret); - } - -int set_hex(char *in, unsigned char *out, int size) - { - int i,n; - unsigned char j; - - n=strlen(in); - if (n > (size*2)) - { - BIO_printf(bio_err,"hex string is too long\n"); - return(0); - } - memset(out,0,size); - for (i=0; i<n; i++) - { - j=(unsigned char)*in; - *(in++)='\0'; - if (j == 0) break; - if ((j >= '0') && (j <= '9')) - j-='0'; - else if ((j >= 'A') && (j <= 'F')) - j=j-'A'+10; - else if ((j >= 'a') && (j <= 'f')) - j=j-'a'+10; - else - { - BIO_printf(bio_err,"non-hex digit\n"); - return(0); - } - if (i&1) - out[i/2]|=j; - else - out[i/2]=(j<<4); - } - return(1); - } diff --git a/crypto/openssl/apps/errstr.c b/crypto/openssl/apps/errstr.c deleted file mode 100644 index 4650379589df2..0000000000000 --- a/crypto/openssl/apps/errstr.c +++ /dev/null @@ -1,116 +0,0 @@ -/* apps/errstr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/lhash.h> -#include <openssl/err.h> -#include <openssl/ssl.h> - -#undef PROG -#define PROG errstr_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int i,ret=0; - char buf[256]; - unsigned long l; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - SSL_load_error_strings(); - - if ((argc > 1) && (strcmp(argv[1],"-stats") == 0)) - { - BIO *out=NULL; - - out=BIO_new(BIO_s_file()); - if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE)) - { - lh_node_stats_bio((LHASH *)ERR_get_string_table(),out); - lh_stats_bio((LHASH *)ERR_get_string_table(),out); - lh_node_usage_stats_bio((LHASH *) - ERR_get_string_table(),out); - } - if (out != NULL) BIO_free(out); - argc--; - argv++; - } - - for (i=1; i<argc; i++) - { - if (sscanf(argv[i],"%lx",&l)) - printf("%s\n",ERR_error_string(l,buf)); - else - { - printf("%s: bad error code\n",argv[i]); - printf("usage: errstr [-stats] <errno> ...\n"); - ret++; - } - } - EXIT(ret); - } diff --git a/crypto/openssl/apps/gendh.c b/crypto/openssl/apps/gendh.c deleted file mode 100644 index caf5e8d736bd6..0000000000000 --- a/crypto/openssl/apps/gendh.c +++ /dev/null @@ -1,196 +0,0 @@ -/* apps/gendh.c */ -/* obsoleted by dhparam.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DH -#include <stdio.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/rand.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/dh.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#define DEFBITS 512 -#undef PROG -#define PROG gendh_main - -static void MS_CALLBACK dh_cb(int p, int n, void *arg); - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - DH *dh=NULL; - int ret=1,num=DEFBITS; - int g=2; - char *outfile=NULL; - char *inrand=NULL; - BIO *out=NULL; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - argv++; - argc--; - for (;;) - { - if (argc <= 0) break; - if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-2") == 0) - g=2; - /* else if (strcmp(*argv,"-3") == 0) - g=3; */ - else if (strcmp(*argv,"-5") == 0) - g=5; - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } - else - break; - argv++; - argc--; - } - if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0))) - { -bad: - BIO_printf(bio_err,"usage: gendh [args] [numbits]\n"); - BIO_printf(bio_err," -out file - output the key to 'file\n"); - BIO_printf(bio_err," -2 use 2 as the generator value\n"); - /* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */ - BIO_printf(bio_err," -5 use 5 as the generator value\n"); - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); - goto end; - } - - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) - { - BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); - } - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - - BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g); - BIO_printf(bio_err,"This is going to take a long time\n"); - dh=DH_generate_parameters(num,g,dh_cb,bio_err); - - if (dh == NULL) goto end; - - app_RAND_write_file(NULL, bio_err); - - if (!PEM_write_bio_DHparams(out,dh)) - goto end; - ret=0; -end: - if (ret != 0) - ERR_print_errors(bio_err); - if (out != NULL) BIO_free(out); - if (dh != NULL) DH_free(dh); - EXIT(ret); - } - -static void MS_CALLBACK dh_cb(int p, int n, void *arg) - { - char c='*'; - - if (p == 0) c='.'; - if (p == 1) c='+'; - if (p == 2) c='*'; - if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); -#ifdef LINT - p=n; -#endif - } -#endif diff --git a/crypto/openssl/apps/gendsa.c b/crypto/openssl/apps/gendsa.c deleted file mode 100644 index b1a1c4fcfae9f..0000000000000 --- a/crypto/openssl/apps/gendsa.c +++ /dev/null @@ -1,217 +0,0 @@ -/* apps/gendsa.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <stdio.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#define DEFBITS 512 -#undef PROG -#define PROG gendsa_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - DSA *dsa=NULL; - int ret=1; - char *outfile=NULL; - char *inrand=NULL,*dsaparams=NULL; - char *passargout = NULL, *passout = NULL; - BIO *out=NULL,*in=NULL; - EVP_CIPHER *enc=NULL; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - argv++; - argc--; - for (;;) - { - if (argc <= 0) break; - if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } - else if (strcmp(*argv,"-") == 0) - goto bad; -#ifndef NO_DES - else if (strcmp(*argv,"-des") == 0) - enc=EVP_des_cbc(); - else if (strcmp(*argv,"-des3") == 0) - enc=EVP_des_ede3_cbc(); -#endif -#ifndef NO_IDEA - else if (strcmp(*argv,"-idea") == 0) - enc=EVP_idea_cbc(); -#endif - else if (**argv != '-' && dsaparams == NULL) - { - dsaparams = *argv; - } - else - goto bad; - argv++; - argc--; - } - - if (dsaparams == NULL) - { -bad: - BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n"); - BIO_printf(bio_err," -out file - output the key to 'file'\n"); -#ifndef NO_DES - BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n"); - BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); -#endif -#ifndef NO_IDEA - BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); -#endif - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," dsaparam-file\n"); - BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n"); - goto end; - } - - if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { - BIO_printf(bio_err, "Error getting password\n"); - goto end; - } - - - in=BIO_new(BIO_s_file()); - if (!(BIO_read_filename(in,dsaparams))) - { - perror(dsaparams); - goto end; - } - - if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL) - { - BIO_printf(bio_err,"unable to load DSA parameter file\n"); - goto end; - } - BIO_free(in); - in = NULL; - - out=BIO_new(BIO_s_file()); - if (out == NULL) goto end; - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) - { - BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); - } - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - - BIO_printf(bio_err,"Generating DSA key, %d bits\n", - BN_num_bits(dsa->p)); - if (!DSA_generate_key(dsa)) goto end; - - app_RAND_write_file(NULL, bio_err); - - if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout)) - goto end; - ret=0; -end: - if (ret != 0) - ERR_print_errors(bio_err); - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (dsa != NULL) DSA_free(dsa); - if(passout) Free(passout); - EXIT(ret); - } -#endif diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c deleted file mode 100644 index 6fe578d69feb6..0000000000000 --- a/crypto/openssl/apps/genrsa.c +++ /dev/null @@ -1,242 +0,0 @@ -/* apps/genrsa.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include <stdio.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/rsa.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#define DEFBITS 512 -#undef PROG -#define PROG genrsa_main - -static void MS_CALLBACK genrsa_cb(int p, int n, void *arg); - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int ret=1; - RSA *rsa=NULL; - int i,num=DEFBITS; - long l; - EVP_CIPHER *enc=NULL; - unsigned long f4=RSA_F4; - char *outfile=NULL; - char *passargout = NULL, *passout = NULL; - char *inrand=NULL; - BIO *out=NULL; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - if ((out=BIO_new(BIO_s_file())) == NULL) - { - BIO_printf(bio_err,"unable to create BIO for output\n"); - goto err; - } - - argv++; - argc--; - for (;;) - { - if (argc <= 0) break; - if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-3") == 0) - f4=3; - else if (strcmp(*argv,"-F4") == 0) - f4=RSA_F4; - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } -#ifndef NO_DES - else if (strcmp(*argv,"-des") == 0) - enc=EVP_des_cbc(); - else if (strcmp(*argv,"-des3") == 0) - enc=EVP_des_ede3_cbc(); -#endif -#ifndef NO_IDEA - else if (strcmp(*argv,"-idea") == 0) - enc=EVP_idea_cbc(); -#endif - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else - break; - argv++; - argc--; - } - if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0))) - { -bad: - BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n"); - BIO_printf(bio_err," -des encrypt the generated key with DES in cbc mode\n"); - BIO_printf(bio_err," -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); -#ifndef NO_IDEA - BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n"); -#endif - BIO_printf(bio_err," -out file output the key to 'file\n"); - BIO_printf(bio_err," -passout arg output file pass phrase source\n"); - BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n"); - BIO_printf(bio_err," -3 use 3 for the E value\n"); - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); - goto err; - } - - ERR_load_crypto_strings(); - - if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { - BIO_printf(bio_err, "Error getting password\n"); - goto err; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto err; - } - } - - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) - { - BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); - } - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - - BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", - num); - rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err); - - app_RAND_write_file(NULL, bio_err); - - if (rsa == NULL) goto err; - - /* We need to do the following for when the base number size is < - * long, esp windows 3.1 :-(. */ - l=0L; - for (i=0; i<rsa->e->top; i++) - { -#ifndef SIXTY_FOUR_BIT - l<<=BN_BITS4; - l<<=BN_BITS4; -#endif - l+=rsa->e->d[i]; - } - BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l); - if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL, passout)) - goto err; - - ret=0; -err: - if (rsa != NULL) RSA_free(rsa); - if (out != NULL) BIO_free(out); - if(passout) Free(passout); - if (ret != 0) - ERR_print_errors(bio_err); - EXIT(ret); - } - -static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) - { - char c='*'; - - if (p == 0) c='.'; - if (p == 1) c='+'; - if (p == 2) c='*'; - if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); -#ifdef LINT - p=n; -#endif - } -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/crypto/openssl/apps/nseq.c b/crypto/openssl/apps/nseq.c deleted file mode 100644 index cc88d50ceba50..0000000000000 --- a/crypto/openssl/apps/nseq.c +++ /dev/null @@ -1,160 +0,0 @@ -/* nseq.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <string.h> -#include <openssl/pem.h> -#include <openssl/err.h> -#include "apps.h" - -#undef PROG -#define PROG nseq_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) -{ - char **args, *infile = NULL, *outfile = NULL; - BIO *in = NULL, *out = NULL; - int toseq = 0; - X509 *x509 = NULL; - NETSCAPE_CERT_SEQUENCE *seq = NULL; - int i, ret = 1; - int badarg = 0; - if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - ERR_load_crypto_strings(); - args = argv + 1; - while (!badarg && *args && *args[0] == '-') { - if (!strcmp (*args, "-toseq")) toseq = 1; - else if (!strcmp (*args, "-in")) { - if (args[1]) { - args++; - infile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-out")) { - if (args[1]) { - args++; - outfile = *args; - } else badarg = 1; - } else badarg = 1; - args++; - } - - if (badarg) { - BIO_printf (bio_err, "Netscape certificate sequence utility\n"); - BIO_printf (bio_err, "Usage nseq [options]\n"); - BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-in file input file\n"); - BIO_printf (bio_err, "-out file output file\n"); - BIO_printf (bio_err, "-toseq output NS Sequence file\n"); - EXIT(1); - } - - if (infile) { - if (!(in = BIO_new_file (infile, "r"))) { - BIO_printf (bio_err, - "Can't open input file %s\n", infile); - goto end; - } - } else in = BIO_new_fp(stdin, BIO_NOCLOSE); - - if (outfile) { - if (!(out = BIO_new_file (outfile, "w"))) { - BIO_printf (bio_err, - "Can't open output file %s\n", outfile); - goto end; - } - } else out = BIO_new_fp(stdout, BIO_NOCLOSE); - - if (toseq) { - seq = NETSCAPE_CERT_SEQUENCE_new(); - seq->certs = sk_X509_new(NULL); - while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) - sk_X509_push(seq->certs,x509); - - if(!sk_X509_num(seq->certs)) - { - BIO_printf (bio_err, "Error reading certs file %s\n", infile); - ERR_print_errors(bio_err); - goto end; - } - PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq); - ret = 0; - goto end; - } - - if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) { - BIO_printf (bio_err, "Error reading sequence file %s\n", infile); - ERR_print_errors(bio_err); - goto end; - } - - for(i = 0; i < sk_X509_num(seq->certs); i++) { - x509 = sk_X509_value(seq->certs, i); - dump_cert_text(out, x509); - PEM_write_bio_X509(out, x509); - } - ret = 0; -end: - BIO_free(in); - BIO_free(out); - NETSCAPE_CERT_SEQUENCE_free(seq); - - EXIT(ret); -} - diff --git a/crypto/openssl/apps/oid.cnf b/crypto/openssl/apps/oid.cnf deleted file mode 100644 index faf425a156bd9..0000000000000 --- a/crypto/openssl/apps/oid.cnf +++ /dev/null @@ -1,6 +0,0 @@ -2.99999.1 SET.ex1 SET x509v3 extension 1 -2.99999.2 SET.ex2 SET x509v3 extension 2 -2.99999.3 SET.ex3 SET x509v3 extension 3 -2.99999.4 SET.ex4 SET x509v3 extension 4 -2.99999.5 SET.ex5 SET x509v3 extension 5 -2.99999.6 SET.ex6 SET x509v3 extension 6 diff --git a/crypto/openssl/apps/openssl.c b/crypto/openssl/apps/openssl.c deleted file mode 100644 index a2a263062dfb5..0000000000000 --- a/crypto/openssl/apps/openssl.c +++ /dev/null @@ -1,354 +0,0 @@ -/* apps/openssl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> -#define OPENSSL_C /* tells apps.h to use complete apps_startup() */ -#include <openssl/bio.h> -#include <openssl/crypto.h> -#include <openssl/lhash.h> -#include <openssl/conf.h> -#include <openssl/x509.h> -#include <openssl/pem.h> -#include <openssl/ssl.h> -#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */ -#include "apps.h" -#include "progs.h" -#include "s_apps.h" -#include <openssl/err.h> - -static unsigned long MS_CALLBACK hash(FUNCTION *a); -static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b); -static LHASH *prog_init(void ); -static int do_cmd(LHASH *prog,int argc,char *argv[]); -LHASH *config=NULL; -char *default_config_file=NULL; - -/* Make sure there is only one when MONOLITH is defined */ -#ifdef MONOLITH -BIO *bio_err=NULL; -#endif - -int main(int Argc, char *Argv[]) - { - ARGS arg; -#define PROG_NAME_SIZE 16 - char pname[PROG_NAME_SIZE]; - FUNCTION f,*fp; - MS_STATIC char *prompt,buf[1024],config_name[256]; - int n,i,ret=0; - int argc; - char **argv,*p; - LHASH *prog=NULL; - long errline; - - arg.data=NULL; - arg.count=0; - - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - ERR_load_crypto_strings(); - - /* Lets load up our environment a little */ - p=getenv("OPENSSL_CONF"); - if (p == NULL) - p=getenv("SSLEAY_CONF"); - if (p == NULL) - { - strcpy(config_name,X509_get_default_cert_area()); -#ifndef VMS - strcat(config_name,"/"); -#endif - strcat(config_name,OPENSSL_CONF); - p=config_name; - } - - default_config_file=p; - - config=CONF_load(config,p,&errline); - if (config == NULL) ERR_clear_error(); - - prog=prog_init(); - - /* first check the program name */ - program_name(Argv[0],pname,PROG_NAME_SIZE); - - f.name=pname; - fp=(FUNCTION *)lh_retrieve(prog,&f); - if (fp != NULL) - { - Argv[0]=pname; - ret=fp->func(Argc,Argv); - goto end; - } - - /* ok, now check that there are not arguments, if there are, - * run with them, shifting the ssleay off the front */ - if (Argc != 1) - { - Argc--; - Argv++; - ret=do_cmd(prog,Argc,Argv); - if (ret < 0) ret=0; - goto end; - } - - /* ok, lets enter the old 'OpenSSL>' mode */ - - for (;;) - { - ret=0; - p=buf; - n=1024; - i=0; - for (;;) - { - p[0]='\0'; - if (i++) - prompt=">"; - else prompt="OpenSSL> "; - fputs(prompt,stdout); - fflush(stdout); - fgets(p,n,stdin); - if (p[0] == '\0') goto end; - i=strlen(p); - if (i <= 1) break; - if (p[i-2] != '\\') break; - i-=2; - p+=i; - n-=i; - } - if (!chopup_args(&arg,buf,&argc,&argv)) break; - - ret=do_cmd(prog,argc,argv); - if (ret < 0) - { - ret=0; - goto end; - } - if (ret != 0) - BIO_printf(bio_err,"error in %s\n",argv[0]); - (void)BIO_flush(bio_err); - } - BIO_printf(bio_err,"bad exit\n"); - ret=1; -end: - if (config != NULL) - { - CONF_free(config); - config=NULL; - } - if (prog != NULL) lh_free(prog); - if (arg.data != NULL) Free(arg.data); - ERR_remove_state(0); - - EVP_cleanup(); - ERR_free_strings(); - - CRYPTO_mem_leaks(bio_err); - if (bio_err != NULL) - { - BIO_free(bio_err); - bio_err=NULL; - } - EXIT(ret); - } - -#define LIST_STANDARD_COMMANDS "list-standard-commands" -#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands" -#define LIST_CIPHER_COMMANDS "list-cipher-commands" - -static int do_cmd(LHASH *prog, int argc, char *argv[]) - { - FUNCTION f,*fp; - int i,ret=1,tp,nl; - - if ((argc <= 0) || (argv[0] == NULL)) - { ret=0; goto end; } - f.name=argv[0]; - fp=(FUNCTION *)lh_retrieve(prog,&f); - if (fp != NULL) - { - ret=fp->func(argc,argv); - } - else if ((strncmp(argv[0],"no-",3)) == 0) - { - BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE); - f.name=argv[0]+3; - ret = (lh_retrieve(prog,&f) != NULL); - if (!ret) - BIO_printf(bio_stdout, "%s\n", argv[0]); - else - BIO_printf(bio_stdout, "%s\n", argv[0]+3); - BIO_free(bio_stdout); - goto end; - } - else if ((strcmp(argv[0],"quit") == 0) || - (strcmp(argv[0],"q") == 0) || - (strcmp(argv[0],"exit") == 0) || - (strcmp(argv[0],"bye") == 0)) - { - ret= -1; - goto end; - } - else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) || - (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) || - (strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0)) - { - int list_type; - BIO *bio_stdout; - - if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) - list_type = FUNC_TYPE_GENERAL; - else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) - list_type = FUNC_TYPE_MD; - else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */ - list_type = FUNC_TYPE_CIPHER; - bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE); - - for (fp=functions; fp->name != NULL; fp++) - if (fp->type == list_type) - BIO_printf(bio_stdout, "%s\n", fp->name); - BIO_free(bio_stdout); - ret=0; - goto end; - } - else - { - BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n", - argv[0]); - BIO_printf(bio_err, "\nStandard commands"); - i=0; - tp=0; - for (fp=functions; fp->name != NULL; fp++) - { - nl=0; - if (((i++) % 5) == 0) - { - BIO_printf(bio_err,"\n"); - nl=1; - } - if (fp->type != tp) - { - tp=fp->type; - if (!nl) BIO_printf(bio_err,"\n"); - if (tp == FUNC_TYPE_MD) - { - i=1; - BIO_printf(bio_err, - "\nMessage Digest commands (see the `dgst' command for more details)\n"); - } - else if (tp == FUNC_TYPE_CIPHER) - { - i=1; - BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n"); - } - } - BIO_printf(bio_err,"%-15s",fp->name); - } - BIO_printf(bio_err,"\n\n"); - ret=0; - } -end: - return(ret); - } - -static int SortFnByName(const void *_f1,const void *_f2) - { - const FUNCTION *f1=_f1; - const FUNCTION *f2=_f2; - - if(f1->type != f2->type) - return f1->type-f2->type; - return strcmp(f1->name,f2->name); - } - -static LHASH *prog_init(void) - { - LHASH *ret; - FUNCTION *f; - int i; - - /* Purely so it looks nice when the user hits ? */ - for(i=0,f=functions ; f->name != NULL ; ++f,++i) - ; - qsort(functions,i,sizeof *functions,SortFnByName); - - if ((ret=lh_new(hash,cmp)) == NULL) return(NULL); - - for (f=functions; f->name != NULL; f++) - lh_insert(ret,f); - return(ret); - } - -static int MS_CALLBACK cmp(FUNCTION *a, FUNCTION *b) - { - return(strncmp(a->name,b->name,8)); - } - -static unsigned long MS_CALLBACK hash(FUNCTION *a) - { - return(lh_strhash(a->name)); - } diff --git a/crypto/openssl/apps/openssl.cnf b/crypto/openssl/apps/openssl.cnf deleted file mode 100644 index dbe8cbefe0eaf..0000000000000 --- a/crypto/openssl/apps/openssl.cnf +++ /dev/null @@ -1,244 +0,0 @@ -# -# OpenSSL example configuration file. -# This is mostly being used for generation of certificate requests. -# - -# This definition stops the following lines choking if HOME isn't -# defined. -HOME = . -RANDFILE = $ENV::HOME/.rnd - -# Extra OBJECT IDENTIFIER info: -#oid_file = $ENV::HOME/.oid -oid_section = new_oids - -# To use this configuration file with the "-extfile" option of the -# "openssl x509" utility, name here the section containing the -# X.509v3 extensions to use: -# extensions = -# (Alternatively, use a configuration file that has only -# X.509v3 extensions in its main [= default] section.) - -[ new_oids ] - -# We can add new OIDs in here for use by 'ca' and 'req'. -# Add a simple OID like this: -# testoid1=1.2.3.4 -# Or use config file substitution like this: -# testoid2=${testoid1}.5.6 - -#################################################################### -[ ca ] -default_ca = CA_default # The default ca section - -#################################################################### -[ CA_default ] - -dir = ./demoCA # Where everything is kept -certs = $dir/certs # Where the issued certs are kept -crl_dir = $dir/crl # Where the issued crl are kept -database = $dir/index.txt # database index file. -new_certs_dir = $dir/newcerts # default place for new certs. - -certificate = $dir/cacert.pem # The CA certificate -serial = $dir/serial # The current serial number -crl = $dir/crl.pem # The current CRL -private_key = $dir/private/cakey.pem# The private key -RANDFILE = $dir/private/.rand # private random number file - -x509_extensions = usr_cert # The extentions to add to the cert - -# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs -# so this is commented out by default to leave a V1 CRL. -# crl_extensions = crl_ext - -default_days = 365 # how long to certify for -default_crl_days= 30 # how long before next CRL -default_md = md5 # which md to use. -preserve = no # keep passed DN ordering - -# A few difference way of specifying how similar the request should look -# For type CA, the listed attributes must be the same, and the optional -# and supplied fields are just that :-) -policy = policy_match - -# For the CA policy -[ policy_match ] -countryName = match -stateOrProvinceName = match -organizationName = match -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -# For the 'anything' policy -# At this point in time, you must list all acceptable 'object' -# types. -[ policy_anything ] -countryName = optional -stateOrProvinceName = optional -localityName = optional -organizationName = optional -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -#################################################################### -[ req ] -default_bits = 1024 -default_keyfile = privkey.pem -distinguished_name = req_distinguished_name -attributes = req_attributes -x509_extensions = v3_ca # The extentions to add to the self signed cert - -# Passwords for private keys if not present they will be prompted for -# input_password = secret -# output_password = secret - -# This sets a mask for permitted string types. There are several options. -# default: PrintableString, T61String, BMPString. -# pkix : PrintableString, BMPString. -# utf8only: only UTF8Strings. -# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). -# MASK:XXXX a literal mask value. -# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings -# so use this option with caution! -string_mask = nombstr - -# req_extensions = v3_req # The extensions to add to a certificate request - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = AU -countryName_min = 2 -countryName_max = 2 - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Some-State - -localityName = Locality Name (eg, city) - -0.organizationName = Organization Name (eg, company) -0.organizationName_default = Internet Widgits Pty Ltd - -# we can do this but it is not needed normally :-) -#1.organizationName = Second Organization Name (eg, company) -#1.organizationName_default = World Wide Web Pty Ltd - -organizationalUnitName = Organizational Unit Name (eg, section) -#organizationalUnitName_default = - -commonName = Common Name (eg, YOUR name) -commonName_max = 64 - -emailAddress = Email Address -emailAddress_max = 40 - -# SET-ex3 = SET extension number 3 - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 - -unstructuredName = An optional company name - -[ usr_cert ] - -# These extensions are added when 'ca' signs a request. - -# This goes against PKIX guidelines but some CAs do it and some software -# requires this to avoid interpreting an end user certificate as a CA. - -basicConstraints=CA:FALSE - -# Here are some examples of the usage of nsCertType. If it is omitted -# the certificate can be used for anything *except* object signing. - -# This is OK for an SSL server. -# nsCertType = server - -# For an object signing certificate this would be used. -# nsCertType = objsign - -# For normal client use this is typical -# nsCertType = client, email - -# and for everything including object signing: -# nsCertType = client, email, objsign - -# This is typical in keyUsage for a client certificate. -# keyUsage = nonRepudiation, digitalSignature, keyEncipherment - -# This will be displayed in Netscape's comment listbox. -nsComment = "OpenSSL Generated Certificate" - -# PKIX recommendations harmless if included in all certificates. -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer:always - -# This stuff is for subjectAltName and issuerAltname. -# Import the email address. -# subjectAltName=email:copy - -# Copy subject details -# issuerAltName=issuer:copy - -#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem -#nsBaseUrl -#nsRevocationUrl -#nsRenewalUrl -#nsCaPolicyUrl -#nsSslServerName - -[ v3_req ] - -# Extensions to add to a certificate request - -basicConstraints = CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment - -[ v3_ca ] - - -# Extensions for a typical CA - - -# PKIX recommendation. - -subjectKeyIdentifier=hash - -authorityKeyIdentifier=keyid:always,issuer:always - -# This is what PKIX recommends but some broken software chokes on critical -# extensions. -#basicConstraints = critical,CA:true -# So we do this instead. -basicConstraints = CA:true - -# Key usage: this is typical for a CA certificate. However since it will -# prevent it being used as an test self-signed certificate it is best -# left out by default. -# keyUsage = cRLSign, keyCertSign - -# Some might want this also -# nsCertType = sslCA, emailCA - -# Include email address in subject alt name: another PKIX recommendation -# subjectAltName=email:copy -# Copy issuer details -# issuerAltName=issuer:copy - -# DER hex encoding of an extension: beware experts only! -# obj=DER:02:03 -# Where 'obj' is a standard or added object -# You can even override a supported extension: -# basicConstraints= critical, DER:30:03:01:01:FF - -[ crl_ext ] - -# CRL extensions. -# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. - -# issuerAltName=issuer:copy -authorityKeyIdentifier=keyid:always,issuer:always diff --git a/crypto/openssl/apps/passwd.c b/crypto/openssl/apps/passwd.c deleted file mode 100644 index c7e21d2081aee..0000000000000 --- a/crypto/openssl/apps/passwd.c +++ /dev/null @@ -1,475 +0,0 @@ -/* apps/passwd.c */ - -#if defined NO_MD5 || defined CHARSET_EBCDIC -# define NO_APR1 -#endif - -#if !defined(NO_DES) || !defined(NO_APR1) - -#include <assert.h> -#include <string.h> - -#include "apps.h" - -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/rand.h> - -#ifndef NO_DES -# include <openssl/des.h> -#endif -#ifndef NO_APR1 -# include <openssl/md5.h> -#endif - - -#undef PROG -#define PROG passwd_main - - -static unsigned const char cov_2char[64]={ - /* from crypto/des/fcrypt.c */ - 0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35, - 0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44, - 0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C, - 0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54, - 0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62, - 0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A, - 0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72, - 0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A -}; - -static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, - char *passwd, BIO *out, int quiet, int table, int reverse, - size_t pw_maxlen, int usecrypt, int useapr1); - -/* -crypt - standard Unix password algorithm (default, only choice) - * -apr1 - MD5-based password algorithm - * -salt string - salt - * -in file - read passwords from file - * -stdin - read passwords from stdin - * -quiet - no warnings - * -table - format output as table - * -reverse - switch table columns - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int ret = 1; - char *infile = NULL; - int in_stdin = 0; - char *salt = NULL, *passwd = NULL, **passwds = NULL; - char *salt_malloc = NULL, *passwd_malloc = NULL; - int pw_source_defined = 0; - BIO *in = NULL, *out = NULL; - int i, badopt, opt_done; - int passed_salt = 0, quiet = 0, table = 0, reverse = 0; - int usecrypt = 0, useapr1 = 0; - size_t pw_maxlen = 0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - out = BIO_new(BIO_s_file()); - if (out == NULL) - goto err; - BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); - - badopt = 0, opt_done = 0; - i = 0; - while (!badopt && !opt_done && argv[++i] != NULL) - { - if (strcmp(argv[i], "-crypt") == 0) - usecrypt = 1; - else if (strcmp(argv[i], "-apr1") == 0) - useapr1 = 1; - else if (strcmp(argv[i], "-salt") == 0) - { - if ((argv[i+1] != NULL) && (salt == NULL)) - { - passed_salt = 1; - salt = argv[++i]; - } - else - badopt = 1; - } - else if (strcmp(argv[i], "-in") == 0) - { - if ((argv[i+1] != NULL) && !pw_source_defined) - { - pw_source_defined = 1; - infile = argv[++i]; - } - else - badopt = 1; - } - else if (strcmp(argv[i], "-stdin") == 0) - { - if (!pw_source_defined) - { - pw_source_defined = 1; - in_stdin = 1; - } - else - badopt = 1; - } - else if (strcmp(argv[i], "-quiet") == 0) - quiet = 1; - else if (strcmp(argv[i], "-table") == 0) - table = 1; - else if (strcmp(argv[i], "-reverse") == 0) - reverse = 1; - else if (argv[i][0] == '-') - badopt = 1; - else if (!pw_source_defined) - /* non-option arguments, use as passwords */ - { - pw_source_defined = 1; - passwds = &argv[i]; - opt_done = 1; - } - else - badopt = 1; - } - - if (!usecrypt && !useapr1) /* use default */ - usecrypt = 1; - if (usecrypt + useapr1 > 1) /* conflict */ - badopt = 1; - - /* reject unsupported algorithms */ -#ifdef NO_DES - if (usecrypt) badopt = 1; -#endif -#ifdef NO_APR1 - if (useapr1) badopt = 1; -#endif - - if (badopt) - { - BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n"); - BIO_printf(bio_err, "where options are\n"); -#ifndef NO_DES - BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n"); -#endif -#ifndef NO_APR1 - BIO_printf(bio_err, "-apr1 MD5-based password algorithm\n"); -#endif - BIO_printf(bio_err, "-salt string use provided salt\n"); - BIO_printf(bio_err, "-in file read passwords from file\n"); - BIO_printf(bio_err, "-stdin read passwords from stdin\n"); - BIO_printf(bio_err, "-quiet no warnings\n"); - BIO_printf(bio_err, "-table format output as table\n"); - BIO_printf(bio_err, "-reverse switch table columns\n"); - - goto err; - } - - if ((infile != NULL) || in_stdin) - { - in = BIO_new(BIO_s_file()); - if (in == NULL) - goto err; - if (infile != NULL) - { - assert(in_stdin == 0); - if (BIO_read_filename(in, infile) <= 0) - goto err; - } - else - { - assert(in_stdin); - BIO_set_fp(in, stdin, BIO_NOCLOSE); - } - } - - if (usecrypt) - pw_maxlen = 8; - else if (useapr1) - pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */ - - if (passwds == NULL) - { - /* no passwords on the command line */ - passwd = passwd_malloc = Malloc(pw_maxlen + 1); - if (passwd_malloc == NULL) - goto err; - } - - if ((in == NULL) && (passwds == NULL)) - { - /* build a null-terminated list */ - static char *passwds_static[2] = {NULL, NULL}; - - passwds = passwds_static; - if (in == NULL) - if (EVP_read_pw_string(passwd_malloc, pw_maxlen + 1, "Password: ", 0) != 0) - goto err; - passwds[0] = passwd_malloc; - } - - if (in == NULL) - { - assert(passwds != NULL); - assert(*passwds != NULL); - - do /* loop over list of passwords */ - { - passwd = *passwds++; - if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out, - quiet, table, reverse, pw_maxlen, usecrypt, useapr1)) - goto err; - } - while (*passwds != NULL); - } - else - /* in != NULL */ - { - int done; - - assert (passwd != NULL); - do - { - int r = BIO_gets(in, passwd, pw_maxlen + 1); - if (r > 0) - { - char *c = (strchr(passwd, '\n')) ; - if (c != NULL) - *c = 0; /* truncate at newline */ - else - { - /* ignore rest of line */ - char trash[BUFSIZ]; - do - r = BIO_gets(in, trash, sizeof trash); - while ((r > 0) && (!strchr(trash, '\n'))); - } - - if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out, - quiet, table, reverse, pw_maxlen, usecrypt, useapr1)) - goto err; - } - done = (r <= 0); - } - while (!done); - } - -err: - ERR_print_errors(bio_err); - if (salt_malloc) - Free(salt_malloc); - if (passwd_malloc) - Free(passwd_malloc); - if (in) - BIO_free(in); - if (out) - BIO_free(out); - EXIT(ret); - } - - -#ifndef NO_APR1 -/* MD5-based password algorithm compatible to the one found in Apache - * (should probably be available as a library function; - * then the static buffer would not be acceptable) */ -static char *apr1_crypt(const char *passwd, const char *salt) - { - static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */ - unsigned char buf[MD5_DIGEST_LENGTH]; - char *salt_out; - int n, i; - MD5_CTX md; - size_t passwd_len, salt_len; - - passwd_len = strlen(passwd); - strcpy(out_buf, "$apr1$"); - strncat(out_buf, salt, 8); - assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */ - salt_out = out_buf + 6; - salt_len = strlen(salt_out); - assert(salt_len <= 8); - - MD5_Init(&md); - MD5_Update(&md, passwd, passwd_len); - MD5_Update(&md, "$apr1$", 6); - MD5_Update(&md, salt_out, salt_len); - - { - MD5_CTX md2; - - MD5_Init(&md2); - MD5_Update(&md2, passwd, passwd_len); - MD5_Update(&md2, salt_out, salt_len); - MD5_Update(&md2, passwd, passwd_len); - MD5_Final(buf, &md2); - } - for (i = passwd_len; i > sizeof buf; i -= sizeof buf) - MD5_Update(&md, buf, sizeof buf); - MD5_Update(&md, buf, i); - - n = passwd_len; - while (n) - { - MD5_Update(&md, (n & 1) ? "\0" : passwd, 1); - n >>= 1; - } - MD5_Final(buf, &md); - - for (i = 0; i < 1000; i++) - { - MD5_CTX md2; - - MD5_Init(&md2); - MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf, - (i & 1) ? passwd_len : sizeof buf); - if (i % 3) - MD5_Update(&md2, salt_out, salt_len); - if (i % 7) - MD5_Update(&md2, passwd, passwd_len); - MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd, - (i & 1) ? sizeof buf : passwd_len); - MD5_Final(buf, &md2); - } - - { - /* transform buf into output string */ - - unsigned char buf_perm[sizeof buf]; - int dest, source; - char *output; - - /* silly output permutation */ - for (dest = 0, source = 0; dest < 14; dest++, source = (source + 6) % 17) - buf_perm[dest] = buf[source]; - buf_perm[14] = buf[5]; - buf_perm[15] = buf[11]; -#ifndef PEDANTIC /* Unfortunately, this generates a "no effect" warning */ - assert(16 == sizeof buf_perm); -#endif - - output = salt_out + salt_len; - assert(output == out_buf + strlen(out_buf)); - - *output++ = '$'; - - for (i = 0; i < 15; i += 3) - { - *output++ = cov_2char[buf_perm[i+2] & 0x3f]; - *output++ = cov_2char[((buf_perm[i+1] & 0xf) << 2) | - (buf_perm[i+2] >> 6)]; - *output++ = cov_2char[((buf_perm[i] & 3) << 4) | - (buf_perm[i+1] >> 4)]; - *output++ = cov_2char[buf_perm[i] >> 2]; - } - assert(i == 15); - *output++ = cov_2char[buf_perm[i] & 0x3f]; - *output++ = cov_2char[buf_perm[i] >> 6]; - *output = 0; - assert(strlen(out_buf) < sizeof(out_buf)); - } - - return out_buf; - } -#endif - - -static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, - char *passwd, BIO *out, int quiet, int table, int reverse, - size_t pw_maxlen, int usecrypt, int useapr1) - { - char *hash = NULL; - - assert(salt_p != NULL); - assert(salt_malloc_p != NULL); - - /* first make sure we have a salt */ - if (!passed_salt) - { -#ifndef NO_DES - if (usecrypt) - { - if (*salt_malloc_p == NULL) - { - *salt_p = *salt_malloc_p = Malloc(3); - if (*salt_malloc_p == NULL) - goto err; - } - if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0) - goto err; - (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */ - (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */ - (*salt_p)[2] = 0; -#ifdef CHARSET_EBCDIC - ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert - * back to ASCII */ -#endif - } -#endif /* !NO_DES */ - -#ifndef NO_APR1 - if (useapr1) - { - int i; - - if (*salt_malloc_p == NULL) - { - *salt_p = *salt_malloc_p = Malloc(9); - if (*salt_malloc_p == NULL) - goto err; - } - if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0) - goto err; - - for (i = 0; i < 8; i++) - (*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */ - (*salt_p)[8] = 0; - } -#endif /* !NO_APR1 */ - } - - assert(*salt_p != NULL); - - /* truncate password if necessary */ - if ((strlen(passwd) > pw_maxlen)) - { - if (!quiet) - BIO_printf(bio_err, "Warning: truncating password to %u characters\n", pw_maxlen); - passwd[pw_maxlen] = 0; - } - assert(strlen(passwd) <= pw_maxlen); - - /* now compute password hash */ -#ifndef NO_DES - if (usecrypt) - hash = des_crypt(passwd, *salt_p); -#endif -#ifndef NO_APR1 - if (useapr1) - hash = apr1_crypt(passwd, *salt_p); -#endif - assert(hash != NULL); - - if (table && !reverse) - BIO_printf(out, "%s\t%s\n", passwd, hash); - else if (table && reverse) - BIO_printf(out, "%s\t%s\n", hash, passwd); - else - BIO_printf(out, "%s\n", hash); - return 1; - -err: - return 0; - } -#else - -int MAIN(int argc, char **argv) - { - fputs("Program not available.\n", stderr) - EXIT(1); - } -#endif diff --git a/crypto/openssl/apps/pca-cert.srl b/crypto/openssl/apps/pca-cert.srl deleted file mode 100644 index 8a0f05e166aa6..0000000000000 --- a/crypto/openssl/apps/pca-cert.srl +++ /dev/null @@ -1 +0,0 @@ -01 diff --git a/crypto/openssl/apps/pca-key.pem b/crypto/openssl/apps/pca-key.pem deleted file mode 100644 index 20029ab779f28..0000000000000 --- a/crypto/openssl/apps/pca-key.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg -wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ -vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB -AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc -z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz -xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7 -HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD -yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS -xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj -7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG -h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL -QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q -hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc= ------END RSA PRIVATE KEY----- diff --git a/crypto/openssl/apps/pca-req.pem b/crypto/openssl/apps/pca-req.pem deleted file mode 100644 index 33f155337b341..0000000000000 --- a/crypto/openssl/apps/pca-req.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx -GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo -MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj -Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX -MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3 -vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz -IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv -wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L -Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV ------END CERTIFICATE REQUEST----- diff --git a/crypto/openssl/apps/pem_mail.c b/crypto/openssl/apps/pem_mail.c deleted file mode 100644 index f85c7b1c831af..0000000000000 --- a/crypto/openssl/apps/pem_mail.c +++ /dev/null @@ -1,170 +0,0 @@ -/* apps/pem_mail.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include <stdio.h> -#include <openssl/rsa.h> -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/x509.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include "apps.h" - -#undef PROG -#define PROG pem_mail_main - -static char *usage[]={ -"usage: pem_mail args\n", -"\n", -" -in arg - input file - default stdin\n", -" -out arg - output file - default stdout\n", -" -cert arg - the certificate to use\n", -" -key arg - the private key to use\n", -" -MIC - sign the message\n", -" -enc arg - encrypt with one of cbc-des\n", -NULL -}; - - -typedef struct lines_St - { - char *line; - struct lines_st *next; - } LINES; - -int main(int argc, char **argv) - { - FILE *in; - RSA *rsa=NULL; - EVP_MD_CTX ctx; - unsigned int mic=0,i,n; - unsigned char buf[1024*15]; - char *prog,*infile=NULL,*outfile=NULL,*key=NULL; - int badops=0; - - apps_startup(); - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - key= *(++argv); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-mic") == 0) - mic=1; - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - EXIT(1); - } - - if (key == NULL) - { BIO_printf(bio_err,"you need to specify a key\n"); EXIT(1); } - in=fopen(key,"r"); - if (in == NULL) { perror(key); EXIT(1); } - rsa=PEM_read_RSAPrivateKey(in,NULL,NULL); - if (rsa == NULL) - { - BIO_printf(bio_err,"unable to load Private Key\n"); - ERR_print_errors(bio_err); - EXIT(1); - } - fclose(in); - - PEM_SignInit(&ctx,EVP_md5()); - for (;;) - { - i=fread(buf,1,1024*10,stdin); - if (i <= 0) break; - PEM_SignUpdate(&ctx,buf,i); - } - if (!PEM_SignFinal(&ctx,buf,&n,rsa)) goto err; - BIO_printf(bio_err,"%s\n",buf); - EXIT(0); -err: - ERR_print_errors(bio_err); - EXIT(1); - } -#endif diff --git a/crypto/openssl/apps/pkcs12.c b/crypto/openssl/apps/pkcs12.c deleted file mode 100644 index bf76864713730..0000000000000 --- a/crypto/openssl/apps/pkcs12.c +++ /dev/null @@ -1,796 +0,0 @@ -/* pkcs12.c */ -#if !defined(NO_DES) && !defined(NO_SHA1) - -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/pkcs12.h> - -#define PROG pkcs12_main - -EVP_CIPHER *enc; - - -#define NOKEYS 0x1 -#define NOCERTS 0x2 -#define INFO 0x4 -#define CLCERTS 0x8 -#define CACERTS 0x10 - -int get_cert_chain(X509 *cert, STACK_OF(X509) **chain); -int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass); -int dump_certs_pkeys_bags(BIO *out, STACK *bags, char *pass, int passlen, int options, char *pempass); -int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass); -int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name); -void hex_prin(BIO *out, unsigned char *buf, int len); -int alg_print(BIO *x, X509_ALGOR *alg); -int cert_load(BIO *in, STACK_OF(X509) *sk); - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) -{ - char *infile=NULL, *outfile=NULL, *keyname = NULL; - char *certfile=NULL; - BIO *in=NULL, *out = NULL, *inkey = NULL, *certsin = NULL; - char **args; - char *name = NULL; - PKCS12 *p12 = NULL; - char pass[50], macpass[50]; - int export_cert = 0; - int options = 0; - int chain = 0; - int badarg = 0; - int iter = PKCS12_DEFAULT_ITER; - int maciter = PKCS12_DEFAULT_ITER; - int twopass = 0; - int keytype = 0; - int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; - int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - int ret = 1; - int macver = 1; - int noprompt = 0; - STACK *canames = NULL; - char *cpass = NULL, *mpass = NULL; - char *passargin = NULL, *passargout = NULL, *passarg = NULL; - char *passin = NULL, *passout = NULL; - char *inrand = NULL; - - apps_startup(); - - enc = EVP_des_ede3_cbc(); - if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - - args = argv + 1; - - - while (*args) { - if (*args[0] == '-') { - if (!strcmp (*args, "-nokeys")) options |= NOKEYS; - else if (!strcmp (*args, "-keyex")) keytype = KEY_EX; - else if (!strcmp (*args, "-keysig")) keytype = KEY_SIG; - else if (!strcmp (*args, "-nocerts")) options |= NOCERTS; - else if (!strcmp (*args, "-clcerts")) options |= CLCERTS; - else if (!strcmp (*args, "-cacerts")) options |= CACERTS; - else if (!strcmp (*args, "-noout")) options |= (NOKEYS|NOCERTS); - else if (!strcmp (*args, "-info")) options |= INFO; - else if (!strcmp (*args, "-chain")) chain = 1; - else if (!strcmp (*args, "-twopass")) twopass = 1; - else if (!strcmp (*args, "-nomacver")) macver = 0; - else if (!strcmp (*args, "-descert")) - cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - else if (!strcmp (*args, "-export")) export_cert = 1; - else if (!strcmp (*args, "-des")) enc=EVP_des_cbc(); -#ifndef NO_IDEA - else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc(); -#endif - else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc(); - else if (!strcmp (*args, "-noiter")) iter = 1; - else if (!strcmp (*args, "-maciter")) - maciter = PKCS12_DEFAULT_ITER; - else if (!strcmp (*args, "-nomaciter")) - maciter = 1; - else if (!strcmp (*args, "-nodes")) enc=NULL; - else if (!strcmp (*args, "-certpbe")) { - if (args[1]) { - args++; - cert_pbe=OBJ_txt2nid(*args); - if(cert_pbe == NID_undef) { - BIO_printf(bio_err, - "Unknown PBE algorithm %s\n", *args); - badarg = 1; - } - } else badarg = 1; - } else if (!strcmp (*args, "-keypbe")) { - if (args[1]) { - args++; - key_pbe=OBJ_txt2nid(*args); - if(key_pbe == NID_undef) { - BIO_printf(bio_err, - "Unknown PBE algorithm %s\n", *args); - badarg = 1; - } - } else badarg = 1; - } else if (!strcmp (*args, "-rand")) { - if (args[1]) { - args++; - inrand = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-inkey")) { - if (args[1]) { - args++; - keyname = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-certfile")) { - if (args[1]) { - args++; - certfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-name")) { - if (args[1]) { - args++; - name = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-caname")) { - if (args[1]) { - args++; - if (!canames) canames = sk_new(NULL); - sk_push(canames, *args); - } else badarg = 1; - } else if (!strcmp (*args, "-in")) { - if (args[1]) { - args++; - infile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-out")) { - if (args[1]) { - args++; - outfile = *args; - } else badarg = 1; - } else if (!strcmp(*args,"-passin")) { - if (args[1]) { - args++; - passargin = *args; - } else badarg = 1; - } else if (!strcmp(*args,"-passout")) { - if (args[1]) { - args++; - passargout = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-password")) { - if (args[1]) { - args++; - passarg = *args; - noprompt = 1; - } else badarg = 1; - } else badarg = 1; - - } else badarg = 1; - args++; - } - - if (badarg) { - BIO_printf (bio_err, "Usage: pkcs12 [options]\n"); - BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-export output PKCS12 file\n"); - BIO_printf (bio_err, "-chain add certificate chain\n"); - BIO_printf (bio_err, "-inkey file private key if not infile\n"); - BIO_printf (bio_err, "-certfile f add all certs in f\n"); - BIO_printf (bio_err, "-name \"name\" use name as friendly name\n"); - BIO_printf (bio_err, "-caname \"nm\" use nm as CA friendly name (can be used more than once).\n"); - BIO_printf (bio_err, "-in infile input filename\n"); - BIO_printf (bio_err, "-out outfile output filename\n"); - BIO_printf (bio_err, "-noout don't output anything, just verify.\n"); - BIO_printf (bio_err, "-nomacver don't verify MAC.\n"); - BIO_printf (bio_err, "-nocerts don't output certificates.\n"); - BIO_printf (bio_err, "-clcerts only output client certificates.\n"); - BIO_printf (bio_err, "-cacerts only output CA certificates.\n"); - BIO_printf (bio_err, "-nokeys don't output private keys.\n"); - BIO_printf (bio_err, "-info give info about PKCS#12 structure.\n"); - BIO_printf (bio_err, "-des encrypt private keys with DES\n"); - BIO_printf (bio_err, "-des3 encrypt private keys with triple DES (default)\n"); -#ifndef NO_IDEA - BIO_printf (bio_err, "-idea encrypt private keys with idea\n"); -#endif - BIO_printf (bio_err, "-nodes don't encrypt private keys\n"); - BIO_printf (bio_err, "-noiter don't use encryption iteration\n"); - BIO_printf (bio_err, "-maciter use MAC iteration\n"); - BIO_printf (bio_err, "-twopass separate MAC, encryption passwords\n"); - BIO_printf (bio_err, "-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)\n"); - BIO_printf (bio_err, "-certpbe alg specify certificate PBE algorithm (default RC2-40)\n"); - BIO_printf (bio_err, "-keypbe alg specify private key PBE algorithm (default 3DES)\n"); - BIO_printf (bio_err, "-keyex set MS key exchange type\n"); - BIO_printf (bio_err, "-keysig set MS key signature type\n"); - BIO_printf (bio_err, "-password p set import/export password source\n"); - BIO_printf (bio_err, "-passin p input file pass phrase source\n"); - BIO_printf (bio_err, "-passout p output file pass phrase source\n"); - BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); - BIO_printf(bio_err, " the random number generator\n"); - goto end; - } - - if(passarg) { - if(export_cert) passargout = passarg; - else passargin = passarg; - } - - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { - BIO_printf(bio_err, "Error getting passwords\n"); - goto end; - } - - if(!cpass) { - if(export_cert) cpass = passout; - else cpass = passin; - } - - if(cpass) { - mpass = cpass; - noprompt = 1; - } else { - cpass = pass; - mpass = macpass; - } - - if(export_cert || inrand) { - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - } - ERR_load_crypto_strings(); - -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("read files"); -#endif - - if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE); - else in = BIO_new_file(infile, "rb"); - if (!in) { - BIO_printf(bio_err, "Error opening input file %s\n", - infile ? infile : "<stdin>"); - perror (infile); - goto end; - } - - if (certfile) { - if(!(certsin = BIO_new_file(certfile, "r"))) { - BIO_printf(bio_err, "Can't open certificate file %s\n", certfile); - perror (certfile); - goto end; - } - } - - if (keyname) { - if(!(inkey = BIO_new_file(keyname, "r"))) { - BIO_printf(bio_err, "Can't key certificate file %s\n", keyname); - perror (keyname); - goto end; - } - } - -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("write files"); -#endif - - if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE); - else out = BIO_new_file(outfile, "wb"); - if (!out) { - BIO_printf(bio_err, "Error opening output file %s\n", - outfile ? outfile : "<stdout>"); - perror (outfile); - goto end; - } - if (twopass) { -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("read MAC password"); -#endif - if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert)) - { - BIO_printf (bio_err, "Can't read Password\n"); - goto end; - } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif - } - - if (export_cert) { - EVP_PKEY *key; - STACK *bags, *safes; - PKCS12_SAFEBAG *bag; - PKCS8_PRIV_KEY_INFO *p8; - PKCS7 *authsafe; - X509 *ucert = NULL; - STACK_OF(X509) *certs=NULL; - char *catmp; - int i; - unsigned char keyid[EVP_MAX_MD_SIZE]; - unsigned int keyidlen = 0; - -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("process -export_cert"); -#endif - key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, passin); - if (!inkey) (void) BIO_reset(in); - else BIO_free(inkey); - if (!key) { - BIO_printf (bio_err, "Error loading private key\n"); - ERR_print_errors(bio_err); - goto end; - } - - certs = sk_X509_new(NULL); - - /* Load in all certs in input file */ - if(!cert_load(in, certs)) { - BIO_printf(bio_err, "Error loading certificates from input\n"); - ERR_print_errors(bio_err); - goto end; - } - - for(i = 0; i < sk_X509_num(certs); i++) { - ucert = sk_X509_value(certs, i); - if(X509_check_private_key(ucert, key)) { - X509_digest(ucert, EVP_sha1(), keyid, &keyidlen); - break; - } - } - - if(!keyidlen) { - BIO_printf(bio_err, "No certificate matches private key\n"); - goto end; - } - - bags = sk_new (NULL); - - /* Add any more certificates asked for */ - if (certsin) { - if(!cert_load(certsin, certs)) { - BIO_printf(bio_err, "Error loading certificates from certfile\n"); - ERR_print_errors(bio_err); - goto end; - } - BIO_free(certsin); - } - - /* If chaining get chain from user cert */ - if (chain) { - int vret; - STACK_OF(X509) *chain2; - vret = get_cert_chain (ucert, &chain2); - if (vret) { - BIO_printf (bio_err, "Error %s getting chain.\n", - X509_verify_cert_error_string(vret)); - goto end; - } - /* Exclude verified certificate */ - for (i = 1; i < sk_X509_num (chain2) ; i++) - sk_X509_push(certs, sk_X509_value (chain2, i)); - sk_X509_free(chain2); - - } - - /* We now have loads of certificates: include them all */ - for(i = 0; i < sk_X509_num(certs); i++) { - X509 *cert = NULL; - cert = sk_X509_value(certs, i); - bag = M_PKCS12_x5092certbag(cert); - /* If it matches private key set id */ - if(cert == ucert) { - if(name) PKCS12_add_friendlyname(bag, name, -1); - PKCS12_add_localkeyid(bag, keyid, keyidlen); - } else if((catmp = sk_shift(canames))) - PKCS12_add_friendlyname(bag, catmp, -1); - sk_push(bags, (char *)bag); - } - sk_X509_pop_free(certs, X509_free); - if (canames) sk_free(canames); - - if(!noprompt && - EVP_read_pw_string(pass, 50, "Enter Export Password:", 1)) { - BIO_printf (bio_err, "Can't read Password\n"); - goto end; - } - if (!twopass) strcpy(macpass, pass); - /* Turn certbags into encrypted authsafe */ - authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0, - iter, bags); - sk_pop_free(bags, PKCS12_SAFEBAG_free); - - if (!authsafe) { - ERR_print_errors (bio_err); - goto end; - } - - safes = sk_new (NULL); - sk_push (safes, (char *)authsafe); - - /* Make a shrouded key bag */ - p8 = EVP_PKEY2PKCS8 (key); - EVP_PKEY_free(key); - if(keytype) PKCS8_add_keyusage(p8, keytype); - bag = PKCS12_MAKE_SHKEYBAG(key_pbe, cpass, -1, NULL, 0, iter, p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (name) PKCS12_add_friendlyname (bag, name, -1); - PKCS12_add_localkeyid (bag, keyid, keyidlen); - bags = sk_new(NULL); - sk_push (bags, (char *)bag); - /* Turn it into unencrypted safe bag */ - authsafe = PKCS12_pack_p7data (bags); - sk_pop_free(bags, PKCS12_SAFEBAG_free); - sk_push (safes, (char *)authsafe); - - p12 = PKCS12_init (NID_pkcs7_data); - - M_PKCS12_pack_authsafes (p12, safes); - - sk_pop_free(safes, PKCS7_free); - - PKCS12_set_mac (p12, mpass, -1, NULL, 0, maciter, NULL); - - i2d_PKCS12_bio (out, p12); - - PKCS12_free(p12); - - ret = 0; - -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif - goto end; - - } - - if (!(p12 = d2i_PKCS12_bio (in, NULL))) { - ERR_print_errors(bio_err); - goto end; - } - -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("read import password"); -#endif - if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) { - BIO_printf (bio_err, "Can't read Password\n"); - goto end; - } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif - - if (!twopass) strcpy(macpass, pass); - - if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1); - if(macver) { -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("verify MAC"); -#endif - if (!PKCS12_verify_mac (p12, mpass, -1)) { - BIO_printf (bio_err, "Mac verify error: invalid password?\n"); - ERR_print_errors (bio_err); - goto end; - } else BIO_printf (bio_err, "MAC verified OK\n"); -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif - } - -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("output keys and certificates"); -#endif - if (!dump_certs_keys_p12 (out, p12, cpass, -1, options, passout)) { - BIO_printf(bio_err, "Error outputting keys and certificates\n"); - ERR_print_errors (bio_err); - goto end; - } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif - PKCS12_free(p12); - ret = 0; - end: - if(export_cert || inrand) app_RAND_write_file(NULL, bio_err); -#ifdef CRYPTO_MDEBUG - CRYPTO_remove_all_info(); -#endif - BIO_free(in); - BIO_free(out); - if(passin) Free(passin); - if(passout) Free(passout); - EXIT(ret); -} - -int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass, - int passlen, int options, char *pempass) -{ - STACK *asafes, *bags; - int i, bagnid; - PKCS7 *p7; - if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0; - for (i = 0; i < sk_num (asafes); i++) { - p7 = (PKCS7 *) sk_value (asafes, i); - bagnid = OBJ_obj2nid (p7->type); - if (bagnid == NID_pkcs7_data) { - bags = M_PKCS12_unpack_p7data (p7); - if (options & INFO) BIO_printf (bio_err, "PKCS7 Data\n"); - } else if (bagnid == NID_pkcs7_encrypted) { - if (options & INFO) { - BIO_printf (bio_err, "PKCS7 Encrypted data: "); - alg_print (bio_err, - p7->d.encrypted->enc_data->algorithm); - } - bags = M_PKCS12_unpack_p7encdata (p7, pass, passlen); - } else continue; - if (!bags) return 0; - if (!dump_certs_pkeys_bags (out, bags, pass, passlen, - options, pempass)) { - sk_pop_free (bags, PKCS12_SAFEBAG_free); - return 0; - } - sk_pop_free (bags, PKCS12_SAFEBAG_free); - } - sk_pop_free (asafes, PKCS7_free); - return 1; -} - -int dump_certs_pkeys_bags (BIO *out, STACK *bags, char *pass, - int passlen, int options, char *pempass) -{ - int i; - for (i = 0; i < sk_num (bags); i++) { - if (!dump_certs_pkeys_bag (out, - (PKCS12_SAFEBAG *)sk_value (bags, i), pass, passlen, - options, pempass)) return 0; - } - return 1; -} - -int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass, - int passlen, int options, char *pempass) -{ - EVP_PKEY *pkey; - PKCS8_PRIV_KEY_INFO *p8; - X509 *x509; - - switch (M_PKCS12_bag_type(bag)) - { - case NID_keyBag: - if (options & INFO) BIO_printf (bio_err, "Key bag\n"); - if (options & NOKEYS) return 1; - print_attribs (out, bag->attrib, "Bag Attributes"); - p8 = bag->value.keybag; - if (!(pkey = EVP_PKCS82PKEY (p8))) return 0; - print_attribs (out, p8->attributes, "Key Attributes"); - PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass); - EVP_PKEY_free(pkey); - break; - - case NID_pkcs8ShroudedKeyBag: - if (options & INFO) { - BIO_printf (bio_err, "Shrouded Keybag: "); - alg_print (bio_err, bag->value.shkeybag->algor); - } - if (options & NOKEYS) return 1; - print_attribs (out, bag->attrib, "Bag Attributes"); - if (!(p8 = M_PKCS12_decrypt_skey (bag, pass, passlen))) - return 0; - if (!(pkey = EVP_PKCS82PKEY (p8))) return 0; - print_attribs (out, p8->attributes, "Key Attributes"); - PKCS8_PRIV_KEY_INFO_free(p8); - PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass); - EVP_PKEY_free(pkey); - break; - - case NID_certBag: - if (options & INFO) BIO_printf (bio_err, "Certificate bag\n"); - if (options & NOCERTS) return 1; - if (PKCS12_get_attr(bag, NID_localKeyID)) { - if (options & CACERTS) return 1; - } else if (options & CLCERTS) return 1; - print_attribs (out, bag->attrib, "Bag Attributes"); - if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate ) - return 1; - if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0; - dump_cert_text (out, x509); - PEM_write_bio_X509 (out, x509); - X509_free(x509); - break; - - case NID_safeContentsBag: - if (options & INFO) BIO_printf (bio_err, "Safe Contents bag\n"); - print_attribs (out, bag->attrib, "Bag Attributes"); - return dump_certs_pkeys_bags (out, bag->value.safes, pass, - passlen, options, pempass); - - default: - BIO_printf (bio_err, "Warning unsupported bag type: "); - i2a_ASN1_OBJECT (bio_err, bag->type); - BIO_printf (bio_err, "\n"); - return 1; - break; - } - return 1; -} - -/* Given a single certificate return a verified chain or NULL if error */ - -/* Hope this is OK .... */ - -int get_cert_chain (X509 *cert, STACK_OF(X509) **chain) -{ - X509_STORE *store; - X509_STORE_CTX store_ctx; - STACK_OF(X509) *chn; - int i; - - store = X509_STORE_new (); - X509_STORE_set_default_paths (store); - X509_STORE_CTX_init(&store_ctx, store, cert, NULL); - if (X509_verify_cert(&store_ctx) <= 0) { - i = X509_STORE_CTX_get_error (&store_ctx); - goto err; - } - chn = X509_STORE_CTX_get1_chain(&store_ctx); - i = 0; - *chain = chn; -err: - X509_STORE_CTX_cleanup(&store_ctx); - X509_STORE_free(store); - - return i; -} - -int alg_print (BIO *x, X509_ALGOR *alg) -{ - PBEPARAM *pbe; - unsigned char *p; - p = alg->parameter->value.sequence->data; - pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length); - BIO_printf (bio_err, "%s, Iteration %d\n", - OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), ASN1_INTEGER_get(pbe->iter)); - PBEPARAM_free (pbe); - return 0; -} - -/* Load all certificates from a given file */ - -int cert_load(BIO *in, STACK_OF(X509) *sk) -{ - int ret; - X509 *cert; - ret = 0; - while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) { - ret = 1; - sk_X509_push(sk, cert); - } - if(ret) ERR_clear_error(); - return ret; -} - -/* Generalised attribute print: handle PKCS#8 and bag attributes */ - -int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name) -{ - X509_ATTRIBUTE *attr; - ASN1_TYPE *av; - char *value; - int i, attr_nid; - if(!attrlst) { - BIO_printf(out, "%s: <No Attributes>\n", name); - return 1; - } - if(!sk_X509_ATTRIBUTE_num(attrlst)) { - BIO_printf(out, "%s: <Empty Attributes>\n", name); - return 1; - } - BIO_printf(out, "%s\n", name); - for(i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) { - attr = sk_X509_ATTRIBUTE_value(attrlst, i); - attr_nid = OBJ_obj2nid(attr->object); - BIO_printf(out, " "); - if(attr_nid == NID_undef) { - i2a_ASN1_OBJECT (out, attr->object); - BIO_printf(out, ": "); - } else BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid)); - - if(sk_ASN1_TYPE_num(attr->value.set)) { - av = sk_ASN1_TYPE_value(attr->value.set, 0); - switch(av->type) { - case V_ASN1_BMPSTRING: - value = uni2asc(av->value.bmpstring->data, - av->value.bmpstring->length); - BIO_printf(out, "%s\n", value); - Free(value); - break; - - case V_ASN1_OCTET_STRING: - hex_prin(out, av->value.bit_string->data, - av->value.bit_string->length); - BIO_printf(out, "\n"); - break; - - case V_ASN1_BIT_STRING: - hex_prin(out, av->value.octet_string->data, - av->value.octet_string->length); - BIO_printf(out, "\n"); - break; - - default: - BIO_printf(out, "<Unsupported tag %d>\n", av->type); - break; - } - } else BIO_printf(out, "<No Values>\n"); - } - return 1; -} - -void hex_prin(BIO *out, unsigned char *buf, int len) -{ - int i; - for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]); -} - -#endif diff --git a/crypto/openssl/apps/pkcs7.c b/crypto/openssl/apps/pkcs7.c deleted file mode 100644 index f471cc77fda3c..0000000000000 --- a/crypto/openssl/apps/pkcs7.c +++ /dev/null @@ -1,285 +0,0 @@ -/* apps/pkcs7.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <time.h> -#include "apps.h" -#include <openssl/err.h> -#include <openssl/objects.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/pkcs7.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG pkcs7_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -print_certs - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - PKCS7 *p7=NULL; - int i,badops=0; - BIO *in=NULL,*out=NULL; - int informat,outformat; - char *infile,*outfile,*prog; - int print_certs=0,text=0,noout=0; - int ret=0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (strcmp(*argv,"-text") == 0) - text=1; - else if (strcmp(*argv,"-print_certs") == 0) - print_certs=1; - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -print_certs print any certs or crl in the input\n"); - BIO_printf(bio_err," -text print full details of certificates\n"); - BIO_printf(bio_err," -noout don't output encoded data\n"); - EXIT(1); - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - if (in == NULL) - { - perror(infile); - goto end; - } - } - - if (informat == FORMAT_ASN1) - p7=d2i_PKCS7_bio(in,NULL); - else if (informat == FORMAT_PEM) - p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL); - else - { - BIO_printf(bio_err,"bad input format specified for pkcs7 object\n"); - goto end; - } - if (p7 == NULL) - { - BIO_printf(bio_err,"unable to load PKCS7 object\n"); - ERR_print_errors(bio_err); - goto end; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (print_certs) - { - STACK_OF(X509) *certs=NULL; - STACK_OF(X509_CRL) *crls=NULL; - - i=OBJ_obj2nid(p7->type); - switch (i) - { - case NID_pkcs7_signed: - certs=p7->d.sign->cert; - crls=p7->d.sign->crl; - break; - case NID_pkcs7_signedAndEnveloped: - certs=p7->d.signed_and_enveloped->cert; - crls=p7->d.signed_and_enveloped->crl; - break; - default: - break; - } - - if (certs != NULL) - { - X509 *x; - - for (i=0; i<sk_X509_num(certs); i++) - { - x=sk_X509_value(certs,i); - if(text) X509_print(out, x); - else dump_cert_text(out, x); - - if(!noout) PEM_write_bio_X509(out,x); - BIO_puts(out,"\n"); - } - } - if (crls != NULL) - { - X509_CRL *crl; - - for (i=0; i<sk_X509_CRL_num(crls); i++) - { - crl=sk_X509_CRL_value(crls,i); - - X509_CRL_print(out, crl); - - if(!noout)PEM_write_bio_X509_CRL(out,crl); - BIO_puts(out,"\n"); - } - } - - ret=0; - goto end; - } - - if(!noout) { - if (outformat == FORMAT_ASN1) - i=i2d_PKCS7_bio(out,p7); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_PKCS7(out,p7); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - - if (!i) - { - BIO_printf(bio_err,"unable to write pkcs7 object\n"); - ERR_print_errors(bio_err); - goto end; - } - } - ret=0; -end: - if (p7 != NULL) PKCS7_free(p7); - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - EXIT(ret); - } diff --git a/crypto/openssl/apps/pkcs8.c b/crypto/openssl/apps/pkcs8.c deleted file mode 100644 index 3e59b74124a2a..0000000000000 --- a/crypto/openssl/apps/pkcs8.c +++ /dev/null @@ -1,345 +0,0 @@ -/* pkcs8.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#include <stdio.h> -#include <string.h> -#include "apps.h" -#include <openssl/pem.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/pkcs12.h> - -#include "apps.h" -#define PROG pkcs8_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) -{ - char **args, *infile = NULL, *outfile = NULL; - char *passargin = NULL, *passargout = NULL; - BIO *in = NULL, *out = NULL; - int topk8 = 0; - int pbe_nid = -1; - const EVP_CIPHER *cipher = NULL; - int iter = PKCS12_DEFAULT_ITER; - int informat, outformat; - int p8_broken = PKCS8_OK; - int nocrypt = 0; - X509_SIG *p8; - PKCS8_PRIV_KEY_INFO *p8inf; - EVP_PKEY *pkey; - char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL; - int badarg = 0; - if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); - args = argv + 1; - while (!badarg && *args && *args[0] == '-') { - if (!strcmp(*args,"-v2")) { - if (args[1]) { - args++; - cipher=EVP_get_cipherbyname(*args); - if(!cipher) { - BIO_printf(bio_err, - "Unknown cipher %s\n", *args); - badarg = 1; - } - } else badarg = 1; - } else if (!strcmp(*args,"-v1")) { - if (args[1]) { - args++; - pbe_nid=OBJ_txt2nid(*args); - if(pbe_nid == NID_undef) { - BIO_printf(bio_err, - "Unknown PBE algorithm %s\n", *args); - badarg = 1; - } - } else badarg = 1; - } else if (!strcmp(*args,"-inform")) { - if (args[1]) { - args++; - informat=str2fmt(*args); - } else badarg = 1; - } else if (!strcmp(*args,"-outform")) { - if (args[1]) { - args++; - outformat=str2fmt(*args); - } else badarg = 1; - } else if (!strcmp (*args, "-topk8")) topk8 = 1; - else if (!strcmp (*args, "-noiter")) iter = 1; - else if (!strcmp (*args, "-nocrypt")) nocrypt = 1; - else if (!strcmp (*args, "-nooct")) p8_broken = PKCS8_NO_OCTET; - else if (!strcmp (*args, "-nsdb")) p8_broken = PKCS8_NS_DB; - else if (!strcmp (*args, "-embed")) p8_broken = PKCS8_EMBEDDED_PARAM; - else if (!strcmp(*args,"-passin")) - { - if (!args[1]) goto bad; - passargin= *(++args); - } - else if (!strcmp(*args,"-passout")) - { - if (!args[1]) goto bad; - passargout= *(++args); - } - else if (!strcmp (*args, "-in")) { - if (args[1]) { - args++; - infile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-out")) { - if (args[1]) { - args++; - outfile = *args; - } else badarg = 1; - } else badarg = 1; - args++; - } - - if (badarg) { - bad: - BIO_printf(bio_err, "Usage pkcs8 [options]\n"); - BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, "-in file input file\n"); - BIO_printf(bio_err, "-inform X input format (DER or PEM)\n"); - BIO_printf(bio_err, "-passin arg input file pass phrase source\n"); - BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); - BIO_printf(bio_err, "-out file output file\n"); - BIO_printf(bio_err, "-passout arg output file pass phrase source\n"); - BIO_printf(bio_err, "-topk8 output PKCS8 file\n"); - BIO_printf(bio_err, "-nooct use (nonstandard) no octet format\n"); - BIO_printf(bio_err, "-embed use (nonstandard) embedded DSA parameters format\n"); - BIO_printf(bio_err, "-nsdb use (nonstandard) DSA Netscape DB format\n"); - BIO_printf(bio_err, "-noiter use 1 as iteration count\n"); - BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n"); - BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n"); - BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n"); - return (1); - } - - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { - BIO_printf(bio_err, "Error getting passwords\n"); - return (1); - } - - if ((pbe_nid == -1) && !cipher) pbe_nid = NID_pbeWithMD5AndDES_CBC; - - if (infile) { - if (!(in = BIO_new_file(infile, "rb"))) { - BIO_printf(bio_err, - "Can't open input file %s\n", infile); - return (1); - } - } else in = BIO_new_fp (stdin, BIO_NOCLOSE); - - if (outfile) { - if (!(out = BIO_new_file (outfile, "wb"))) { - BIO_printf(bio_err, - "Can't open output file %s\n", outfile); - return (1); - } - } else out = BIO_new_fp (stdout, BIO_NOCLOSE); - - if (topk8) { - if(informat == FORMAT_PEM) - pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, passin); - else if(informat == FORMAT_ASN1) - pkey = d2i_PrivateKey_bio(in, NULL); - else { - BIO_printf(bio_err, "Bad format specified for key\n"); - return (1); - } - if (!pkey) { - BIO_printf(bio_err, "Error reading key\n", outfile); - ERR_print_errors(bio_err); - return (1); - } - BIO_free(in); - if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) { - BIO_printf(bio_err, "Error converting key\n", outfile); - ERR_print_errors(bio_err); - return (1); - } - if(nocrypt) { - if(outformat == FORMAT_PEM) - PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf); - else if(outformat == FORMAT_ASN1) - i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf); - else { - BIO_printf(bio_err, "Bad format specified for key\n"); - return (1); - } - } else { - if(passout) p8pass = passout; - else { - p8pass = pass; - EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1); - } - app_RAND_load_file(NULL, bio_err, 0); - if (!(p8 = PKCS8_encrypt(pbe_nid, cipher, - p8pass, strlen(p8pass), - NULL, 0, iter, p8inf))) { - BIO_printf(bio_err, "Error encrypting key\n", - outfile); - ERR_print_errors(bio_err); - return (1); - } - app_RAND_write_file(NULL, bio_err); - if(outformat == FORMAT_PEM) - PEM_write_bio_PKCS8(out, p8); - else if(outformat == FORMAT_ASN1) - i2d_PKCS8_bio(out, p8); - else { - BIO_printf(bio_err, "Bad format specified for key\n"); - return (1); - } - X509_SIG_free(p8); - } - PKCS8_PRIV_KEY_INFO_free (p8inf); - EVP_PKEY_free(pkey); - BIO_free(out); - if(passin) Free(passin); - if(passout) Free(passout); - return (0); - } - - if(nocrypt) { - if(informat == FORMAT_PEM) - p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL); - else if(informat == FORMAT_ASN1) - p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL); - else { - BIO_printf(bio_err, "Bad format specified for key\n"); - return (1); - } - } else { - if(informat == FORMAT_PEM) - p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL); - else if(informat == FORMAT_ASN1) - p8 = d2i_PKCS8_bio(in, NULL); - else { - BIO_printf(bio_err, "Bad format specified for key\n"); - return (1); - } - - if (!p8) { - BIO_printf (bio_err, "Error reading key\n", outfile); - ERR_print_errors(bio_err); - return (1); - } - if(passin) p8pass = passin; - else { - p8pass = pass; - EVP_read_pw_string(pass, 50, "Enter Password:", 0); - } - p8inf = M_PKCS8_decrypt(p8, p8pass, strlen(p8pass)); - X509_SIG_free(p8); - } - - if (!p8inf) { - BIO_printf(bio_err, "Error decrypting key\n", outfile); - ERR_print_errors(bio_err); - return (1); - } - - if (!(pkey = EVP_PKCS82PKEY(p8inf))) { - BIO_printf(bio_err, "Error converting key\n", outfile); - ERR_print_errors(bio_err); - return (1); - } - - if (p8inf->broken) { - BIO_printf(bio_err, "Warning: broken key encoding: "); - switch (p8inf->broken) { - case PKCS8_NO_OCTET: - BIO_printf(bio_err, "No Octet String in PrivateKey\n"); - break; - - case PKCS8_EMBEDDED_PARAM: - BIO_printf(bio_err, "DSA parameters included in PrivateKey\n"); - break; - - case PKCS8_NS_DB: - BIO_printf(bio_err, "DSA public key include in PrivateKey\n"); - break; - - default: - BIO_printf(bio_err, "Unknown broken type\n"); - break; - } - } - - PKCS8_PRIV_KEY_INFO_free(p8inf); - if(outformat == FORMAT_PEM) - PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout); - else if(outformat == FORMAT_ASN1) - i2d_PrivateKey_bio(out, pkey); - else { - BIO_printf(bio_err, "Bad format specified for key\n"); - return (1); - } - - EVP_PKEY_free(pkey); - BIO_free(out); - BIO_free(in); - if(passin) Free(passin); - if(passout) Free(passout); - - return (0); -} diff --git a/crypto/openssl/apps/privkey.pem b/crypto/openssl/apps/privkey.pem deleted file mode 100644 index 0af46474a7ee7..0000000000000 --- a/crypto/openssl/apps/privkey.pem +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF - -6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9 -Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo -F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3 -XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE -jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy -vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh -JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf -PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM -POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS -gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz -8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v -Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC -dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw== ------END RSA PRIVATE KEY----- diff --git a/crypto/openssl/apps/progs.h b/crypto/openssl/apps/progs.h deleted file mode 100644 index 7d2238493a4e2..0000000000000 --- a/crypto/openssl/apps/progs.h +++ /dev/null @@ -1,251 +0,0 @@ -/* apps/progs.h */ -/* automatically generated by progs.pl for openssl.c */ - -extern int verify_main(int argc,char *argv[]); -extern int asn1parse_main(int argc,char *argv[]); -extern int req_main(int argc,char *argv[]); -extern int dgst_main(int argc,char *argv[]); -extern int dh_main(int argc,char *argv[]); -extern int dhparam_main(int argc,char *argv[]); -extern int enc_main(int argc,char *argv[]); -extern int passwd_main(int argc,char *argv[]); -extern int gendh_main(int argc,char *argv[]); -extern int errstr_main(int argc,char *argv[]); -extern int ca_main(int argc,char *argv[]); -extern int crl_main(int argc,char *argv[]); -extern int rsa_main(int argc,char *argv[]); -extern int dsa_main(int argc,char *argv[]); -extern int dsaparam_main(int argc,char *argv[]); -extern int x509_main(int argc,char *argv[]); -extern int genrsa_main(int argc,char *argv[]); -extern int gendsa_main(int argc,char *argv[]); -extern int s_server_main(int argc,char *argv[]); -extern int s_client_main(int argc,char *argv[]); -extern int speed_main(int argc,char *argv[]); -extern int s_time_main(int argc,char *argv[]); -extern int version_main(int argc,char *argv[]); -extern int pkcs7_main(int argc,char *argv[]); -extern int crl2pkcs7_main(int argc,char *argv[]); -extern int sess_id_main(int argc,char *argv[]); -extern int ciphers_main(int argc,char *argv[]); -extern int nseq_main(int argc,char *argv[]); -extern int pkcs12_main(int argc,char *argv[]); -extern int pkcs8_main(int argc,char *argv[]); -extern int spkac_main(int argc,char *argv[]); -extern int smime_main(int argc,char *argv[]); -extern int rand_main(int argc,char *argv[]); - -#define FUNC_TYPE_GENERAL 1 -#define FUNC_TYPE_MD 2 -#define FUNC_TYPE_CIPHER 3 - -typedef struct { - int type; - char *name; - int (*func)(); - } FUNCTION; - -FUNCTION functions[] = { - {FUNC_TYPE_GENERAL,"verify",verify_main}, - {FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main}, - {FUNC_TYPE_GENERAL,"req",req_main}, - {FUNC_TYPE_GENERAL,"dgst",dgst_main}, -#ifndef NO_DH - {FUNC_TYPE_GENERAL,"dh",dh_main}, -#endif -#ifndef NO_DH - {FUNC_TYPE_GENERAL,"dhparam",dhparam_main}, -#endif - {FUNC_TYPE_GENERAL,"enc",enc_main}, - {FUNC_TYPE_GENERAL,"passwd",passwd_main}, -#ifndef NO_DH - {FUNC_TYPE_GENERAL,"gendh",gendh_main}, -#endif - {FUNC_TYPE_GENERAL,"errstr",errstr_main}, - {FUNC_TYPE_GENERAL,"ca",ca_main}, - {FUNC_TYPE_GENERAL,"crl",crl_main}, -#ifndef NO_RSA - {FUNC_TYPE_GENERAL,"rsa",rsa_main}, -#endif -#ifndef NO_DSA - {FUNC_TYPE_GENERAL,"dsa",dsa_main}, -#endif -#ifndef NO_DSA - {FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main}, -#endif - {FUNC_TYPE_GENERAL,"x509",x509_main}, -#ifndef NO_RSA - {FUNC_TYPE_GENERAL,"genrsa",genrsa_main}, -#endif -#ifndef NO_DSA - {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, -#endif -#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(NO_SSL3)) - {FUNC_TYPE_GENERAL,"s_server",s_server_main}, -#endif -#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(NO_SSL3)) - {FUNC_TYPE_GENERAL,"s_client",s_client_main}, -#endif - {FUNC_TYPE_GENERAL,"speed",speed_main}, -#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(NO_SSL3)) - {FUNC_TYPE_GENERAL,"s_time",s_time_main}, -#endif - {FUNC_TYPE_GENERAL,"version",version_main}, - {FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main}, - {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main}, - {FUNC_TYPE_GENERAL,"sess_id",sess_id_main}, -#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(NO_SSL3)) - {FUNC_TYPE_GENERAL,"ciphers",ciphers_main}, -#endif - {FUNC_TYPE_GENERAL,"nseq",nseq_main}, -#if !defined(NO_DES) && !defined(NO_SHA1) - {FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main}, -#endif - {FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main}, - {FUNC_TYPE_GENERAL,"spkac",spkac_main}, - {FUNC_TYPE_GENERAL,"smime",smime_main}, - {FUNC_TYPE_GENERAL,"rand",rand_main}, - {FUNC_TYPE_MD,"md2",dgst_main}, - {FUNC_TYPE_MD,"md5",dgst_main}, - {FUNC_TYPE_MD,"sha",dgst_main}, - {FUNC_TYPE_MD,"sha1",dgst_main}, - {FUNC_TYPE_MD,"mdc2",dgst_main}, - {FUNC_TYPE_MD,"rmd160",dgst_main}, - {FUNC_TYPE_CIPHER,"base64",enc_main}, -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des3",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"desx",enc_main}, -#endif -#ifndef NO_IDEA - {FUNC_TYPE_CIPHER,"idea",enc_main}, -#endif -#ifndef NO_RC4 - {FUNC_TYPE_CIPHER,"rc4",enc_main}, -#endif -#ifndef NO_RC4 - {FUNC_TYPE_CIPHER,"rc4-40",enc_main}, -#endif -#ifndef NO_RC2 - {FUNC_TYPE_CIPHER,"rc2",enc_main}, -#endif -#ifndef NO_BF - {FUNC_TYPE_CIPHER,"bf",enc_main}, -#endif -#ifndef NO_CAST - {FUNC_TYPE_CIPHER,"cast",enc_main}, -#endif -#ifndef NO_RC5 - {FUNC_TYPE_CIPHER,"rc5",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ecb",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede3",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-cbc",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-cfb",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ofb",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main}, -#endif -#ifndef NO_DES - {FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main}, -#endif -#ifndef NO_IDEA - {FUNC_TYPE_CIPHER,"idea-cbc",enc_main}, -#endif -#ifndef NO_IDEA - {FUNC_TYPE_CIPHER,"idea-ecb",enc_main}, -#endif -#ifndef NO_IDEA - {FUNC_TYPE_CIPHER,"idea-cfb",enc_main}, -#endif -#ifndef NO_IDEA - {FUNC_TYPE_CIPHER,"idea-ofb",enc_main}, -#endif -#ifndef NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-cbc",enc_main}, -#endif -#ifndef NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-ecb",enc_main}, -#endif -#ifndef NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-cfb",enc_main}, -#endif -#ifndef NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-ofb",enc_main}, -#endif -#ifndef NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main}, -#endif -#ifndef NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main}, -#endif -#ifndef NO_BF - {FUNC_TYPE_CIPHER,"bf-cbc",enc_main}, -#endif -#ifndef NO_BF - {FUNC_TYPE_CIPHER,"bf-ecb",enc_main}, -#endif -#ifndef NO_BF - {FUNC_TYPE_CIPHER,"bf-cfb",enc_main}, -#endif -#ifndef NO_BF - {FUNC_TYPE_CIPHER,"bf-ofb",enc_main}, -#endif -#ifndef NO_CAST - {FUNC_TYPE_CIPHER,"cast5-cbc",enc_main}, -#endif -#ifndef NO_CAST - {FUNC_TYPE_CIPHER,"cast5-ecb",enc_main}, -#endif -#ifndef NO_CAST - {FUNC_TYPE_CIPHER,"cast5-cfb",enc_main}, -#endif -#ifndef NO_CAST - {FUNC_TYPE_CIPHER,"cast5-ofb",enc_main}, -#endif -#ifndef NO_CAST - {FUNC_TYPE_CIPHER,"cast-cbc",enc_main}, -#endif -#ifndef NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-cbc",enc_main}, -#endif -#ifndef NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-ecb",enc_main}, -#endif -#ifndef NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-cfb",enc_main}, -#endif -#ifndef NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-ofb",enc_main}, -#endif - {0,NULL,NULL} - }; diff --git a/crypto/openssl/apps/progs.pl b/crypto/openssl/apps/progs.pl deleted file mode 100644 index 9842d2ace725b..0000000000000 --- a/crypto/openssl/apps/progs.pl +++ /dev/null @@ -1,77 +0,0 @@ -#!/usr/local/bin/perl - -print "/* apps/progs.h */\n"; -print "/* automatically generated by progs.pl for openssl.c */\n\n"; - -grep(s/^asn1pars$/asn1parse/,@ARGV); - -foreach (@ARGV) - { printf "extern int %s_main(int argc,char *argv[]);\n",$_; } - -print <<'EOF'; - -#define FUNC_TYPE_GENERAL 1 -#define FUNC_TYPE_MD 2 -#define FUNC_TYPE_CIPHER 3 - -typedef struct { - int type; - char *name; - int (*func)(); - } FUNCTION; - -FUNCTION functions[] = { -EOF - -foreach (@ARGV) - { - push(@files,$_); - $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n"; - if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/)) - { print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(NO_SSL3))\n${str}#endif\n"; } - elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ) - { print "#ifndef NO_RSA\n${str}#endif\n"; } - elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/)) - { print "#ifndef NO_DSA\n${str}#endif\n"; } - elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/)) - { print "#ifndef NO_DH\n${str}#endif\n"; } - elsif ( ($_ =~ /^pkcs12$/)) - { print "#if !defined(NO_DES) && !defined(NO_SHA1)\n${str}#endif\n"; } - else - { print $str; } - } - -foreach ("md2","md5","sha","sha1","mdc2","rmd160") - { - push(@files,$_); - printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_; - } - -foreach ( - "base64", - "des", "des3", "desx", "idea", "rc4", "rc4-40", - "rc2", "bf", "cast", "rc5", - "des-ecb", "des-ede", "des-ede3", - "des-cbc", "des-ede-cbc","des-ede3-cbc", - "des-cfb", "des-ede-cfb","des-ede3-cfb", - "des-ofb", "des-ede-ofb","des-ede3-ofb", - "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb", - "rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc", - "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb", - "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb", - "cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb") - { - push(@files,$_); - - $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_); - if ($_ =~ /des/) { $t="#ifndef NO_DES\n${t}#endif\n"; } - elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; } - elsif ($_ =~ /rc4/) { $t="#ifndef NO_RC4\n${t}#endif\n"; } - elsif ($_ =~ /rc2/) { $t="#ifndef NO_RC2\n${t}#endif\n"; } - elsif ($_ =~ /bf/) { $t="#ifndef NO_BF\n${t}#endif\n"; } - elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; } - elsif ($_ =~ /rc5/) { $t="#ifndef NO_RC5\n${t}#endif\n"; } - print $t; - } - -print "\t{0,NULL,NULL}\n\t};\n"; diff --git a/crypto/openssl/apps/rand.c b/crypto/openssl/apps/rand.c deleted file mode 100644 index cfbba30755869..0000000000000 --- a/crypto/openssl/apps/rand.c +++ /dev/null @@ -1,140 +0,0 @@ -/* apps/rand.c */ - -#include "apps.h" - -#include <ctype.h> -#include <stdio.h> -#include <string.h> - -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/rand.h> - -#undef PROG -#define PROG rand_main - -/* -out file - write to file - * -rand file:file - PRNG seed files - * -base64 - encode output - * num - write 'num' bytes - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int i, r, ret = 1; - int badopt; - char *outfile = NULL; - char *inrand = NULL; - int base64 = 0; - BIO *out = NULL; - int num = -1; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err = BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT); - - badopt = 0; - i = 0; - while (!badopt && argv[++i] != NULL) - { - if (strcmp(argv[i], "-out") == 0) - { - if ((argv[i+1] != NULL) && (outfile == NULL)) - outfile = argv[++i]; - else - badopt = 1; - } - else if (strcmp(argv[i], "-rand") == 0) - { - if ((argv[i+1] != NULL) && (inrand == NULL)) - inrand = argv[++i]; - else - badopt = 1; - } - else if (strcmp(argv[i], "-base64") == 0) - { - if (!base64) - base64 = 1; - else - badopt = 1; - } - else if (isdigit(argv[i][0])) - { - if (num < 0) - { - r = sscanf(argv[i], "%d", &num); - if (r == 0 || num < 0) - badopt = 1; - } - else - badopt = 1; - } - else - badopt = 1; - } - - if (num < 0) - badopt = 1; - - if (badopt) - { - BIO_printf(bio_err, "Usage: rand [options] num\n"); - BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, "-out file - write to file\n"); - BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, "-base64 - encode output\n"); - goto err; - } - - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - - out = BIO_new(BIO_s_file()); - if (out == NULL) - goto err; - if (outfile != NULL) - r = BIO_write_filename(out, outfile); - else - r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); - if (r <= 0) - goto err; - - if (base64) - { - BIO *b64 = BIO_new(BIO_f_base64()); - if (b64 == NULL) - goto err; - out = BIO_push(b64, out); - } - - while (num > 0) - { - unsigned char buf[4096]; - int chunk; - - chunk = num; - if (chunk > sizeof buf) - chunk = sizeof buf; - r = RAND_bytes(buf, chunk); - if (r <= 0) - goto err; - BIO_write(out, buf, chunk); - num -= chunk; - } - BIO_flush(out); - - app_RAND_write_file(NULL, bio_err); - ret = 0; - -err: - ERR_print_errors(bio_err); - if (out) - BIO_free_all(out); - EXIT(ret); - } diff --git a/crypto/openssl/apps/req.c b/crypto/openssl/apps/req.c deleted file mode 100644 index eb338eeb1b2b2..0000000000000 --- a/crypto/openssl/apps/req.c +++ /dev/null @@ -1,1280 +0,0 @@ -/* apps/req.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <time.h> -#include <string.h> -#ifdef NO_STDIO -#define APPS_WIN16 -#endif -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/evp.h> -#include <openssl/conf.h> -#include <openssl/err.h> -#include <openssl/asn1.h> -#include <openssl/x509.h> -#include <openssl/x509v3.h> -#include <openssl/objects.h> -#include <openssl/pem.h> - -#define SECTION "req" - -#define BITS "default_bits" -#define KEYFILE "default_keyfile" -#define PROMPT "prompt" -#define DISTINGUISHED_NAME "distinguished_name" -#define ATTRIBUTES "attributes" -#define V3_EXTENSIONS "x509_extensions" -#define REQ_EXTENSIONS "req_extensions" -#define STRING_MASK "string_mask" - -#define DEFAULT_KEY_LENGTH 512 -#define MIN_KEY_LENGTH 384 - -#undef PROG -#define PROG req_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -verify - check request signature - * -noout - don't print stuff out. - * -text - print out human readable text. - * -nodes - no des encryption - * -config file - Load configuration file. - * -key file - make a request using key in file (or use it for verification). - * -keyform - key file format. - * -newkey - make a key and a request. - * -modulus - print RSA modulus. - * -x509 - output a self signed X509 structure instead. - * -asn1-kludge - output new certificate request in a format that some CA's - * require. This format is wrong - */ - -static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,int attribs); -static int prompt_info(X509_REQ *req, - STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect, - STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs); -static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk, - STACK_OF(CONF_VALUE) *attr, int attribs); -static int add_attribute_object(X509_REQ *req, char *text, - char *def, char *value, int nid, int min, - int max); -static int add_DN_object(X509_NAME *n, char *text, char *def, char *value, - int nid,int min,int max); -#ifndef NO_RSA -static void MS_CALLBACK req_cb(int p,int n,void *arg); -#endif -static int req_check_len(int len,int min,int max); -static int check_end(char *str, char *end); -static int add_oid_section(LHASH *conf); -#ifndef MONOLITH -static char *default_config_file=NULL; -static LHASH *config=NULL; -#endif -static LHASH *req_conf=NULL; - -#define TYPE_RSA 1 -#define TYPE_DSA 2 -#define TYPE_DH 3 - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { -#ifndef NO_DSA - DSA *dsa_params=NULL; -#endif - int ex=1,x509=0,days=30; - X509 *x509ss=NULL; - X509_REQ *req=NULL; - EVP_PKEY *pkey=NULL; - int i,badops=0,newreq=0,newkey= -1,pkey_type=0; - BIO *in=NULL,*out=NULL; - int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; - int nodes=0,kludge=0,newhdr=0; - char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; - char *extensions = NULL; - char *req_exts = NULL; - EVP_CIPHER *cipher=NULL; - int modulus=0; - char *passargin = NULL, *passargout = NULL; - char *passin = NULL, *passout = NULL; - char *p; - const EVP_MD *md_alg=NULL,*digest=EVP_md5(); -#ifndef MONOLITH - MS_STATIC char config_name[256]; -#endif - - req_conf = NULL; -#ifndef NO_DES - cipher=EVP_des_ede3_cbc(); -#endif - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - keyfile= *(++argv); - } - else if (strcmp(*argv,"-new") == 0) - { - pkey_type=TYPE_RSA; - newreq=1; - } - else if (strcmp(*argv,"-config") == 0) - { - if (--argc < 1) goto bad; - template= *(++argv); - } - else if (strcmp(*argv,"-keyform") == 0) - { - if (--argc < 1) goto bad; - keyform=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-keyout") == 0) - { - if (--argc < 1) goto bad; - keyout= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else if (strcmp(*argv,"-newkey") == 0) - { - int is_numeric; - - if (--argc < 1) goto bad; - p= *(++argv); - is_numeric = p[0] >= '0' && p[0] <= '9'; - if (strncmp("rsa:",p,4) == 0 || is_numeric) - { - pkey_type=TYPE_RSA; - if(!is_numeric) - p+=4; - newkey= atoi(p); - } - else -#ifndef NO_DSA - if (strncmp("dsa:",p,4) == 0) - { - X509 *xtmp=NULL; - EVP_PKEY *dtmp; - - pkey_type=TYPE_DSA; - p+=4; - if ((in=BIO_new_file(p,"r")) == NULL) - { - perror(p); - goto end; - } - if ((dsa_params=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL) - { - ERR_clear_error(); - (void)BIO_reset(in); - if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) - { - BIO_printf(bio_err,"unable to load DSA parameters from file\n"); - goto end; - } - - dtmp=X509_get_pubkey(xtmp); - if (dtmp->type == EVP_PKEY_DSA) - dsa_params=DSAparams_dup(dtmp->pkey.dsa); - EVP_PKEY_free(dtmp); - X509_free(xtmp); - if (dsa_params == NULL) - { - BIO_printf(bio_err,"Certificate does not contain DSA parameters\n"); - goto end; - } - } - BIO_free(in); - newkey=BN_num_bits(dsa_params->p); - in=NULL; - } - else -#endif -#ifndef NO_DH - if (strncmp("dh:",p,4) == 0) - { - pkey_type=TYPE_DH; - p+=3; - } - else -#endif - pkey_type=TYPE_RSA; - - newreq=1; - } - else if (strcmp(*argv,"-newhdr") == 0) - newhdr=1; - else if (strcmp(*argv,"-modulus") == 0) - modulus=1; - else if (strcmp(*argv,"-verify") == 0) - verify=1; - else if (strcmp(*argv,"-nodes") == 0) - nodes=1; - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (strcmp(*argv,"-text") == 0) - text=1; - else if (strcmp(*argv,"-x509") == 0) - x509=1; - else if (strcmp(*argv,"-asn1-kludge") == 0) - kludge=1; - else if (strcmp(*argv,"-no-asn1-kludge") == 0) - kludge=0; - else if (strcmp(*argv,"-days") == 0) - { - if (--argc < 1) goto bad; - days= atoi(*(++argv)); - if (days == 0) days=30; - } - else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL) - { - /* ok */ - digest=md_alg; - } - else if (strcmp(*argv,"-extensions") == 0) - { - if (--argc < 1) goto bad; - extensions = *(++argv); - } - else if (strcmp(*argv,"-reqexts") == 0) - { - if (--argc < 1) goto bad; - req_exts = *(++argv); - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -text text form of request\n"); - BIO_printf(bio_err," -noout do not output REQ\n"); - BIO_printf(bio_err," -verify verify signature on REQ\n"); - BIO_printf(bio_err," -modulus RSA modulus\n"); - BIO_printf(bio_err," -nodes don't encrypt the output key\n"); - BIO_printf(bio_err," -key file use the private key contained in file\n"); - BIO_printf(bio_err," -keyform arg key file format\n"); - BIO_printf(bio_err," -keyout arg file to send the key to\n"); - BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); - BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); - - BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2)\n"); - BIO_printf(bio_err," -config file request template file.\n"); - BIO_printf(bio_err," -new new request.\n"); - BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n"); - BIO_printf(bio_err," -days number of days a x509 generated by -x509 is valid for.\n"); - BIO_printf(bio_err," -newhdr output \"NEW\" in the header lines\n"); - BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n"); - BIO_printf(bio_err," have been reported as requiring\n"); - BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); - BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); - goto end; - } - - ERR_load_crypto_strings(); - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { - BIO_printf(bio_err, "Error getting passwords\n"); - goto end; - } - -#ifndef MONOLITH /* else this has happened in openssl.c (global `config') */ - /* Lets load up our environment a little */ - p=getenv("OPENSSL_CONF"); - if (p == NULL) - p=getenv("SSLEAY_CONF"); - if (p == NULL) - { - strcpy(config_name,X509_get_default_cert_area()); -#ifndef VMS - strcat(config_name,"/"); -#endif - strcat(config_name,OPENSSL_CONF); - p=config_name; - } - default_config_file=p; - config=CONF_load(config,p,NULL); -#endif - - if (template != NULL) - { - long errline; - - BIO_printf(bio_err,"Using configuration from %s\n",template); - req_conf=CONF_load(NULL,template,&errline); - if (req_conf == NULL) - { - BIO_printf(bio_err,"error on line %ld of %s\n",errline,template); - goto end; - } - } - else - { - req_conf=config; - BIO_printf(bio_err,"Using configuration from %s\n", - default_config_file); - if (req_conf == NULL) - { - BIO_printf(bio_err,"Unable to load config info\n"); - } - } - - if (req_conf != NULL) - { - p=CONF_get_string(req_conf,NULL,"oid_file"); - if (p != NULL) - { - BIO *oid_bio; - - oid_bio=BIO_new_file(p,"r"); - if (oid_bio == NULL) - { - /* - BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); - ERR_print_errors(bio_err); - */ - } - else - { - OBJ_create_objects(oid_bio); - BIO_free(oid_bio); - } - } - } - if(!add_oid_section(req_conf)) goto end; - - if ((md_alg == NULL) && - ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL)) - { - if ((md_alg=EVP_get_digestbyname(p)) != NULL) - digest=md_alg; - } - - if(!extensions) - extensions = CONF_get_string(req_conf, SECTION, V3_EXTENSIONS); - if(extensions) { - /* Check syntax of file */ - X509V3_CTX ctx; - X509V3_set_ctx_test(&ctx); - X509V3_set_conf_lhash(&ctx, req_conf); - if(!X509V3_EXT_add_conf(req_conf, &ctx, extensions, NULL)) { - BIO_printf(bio_err, - "Error Loading extension section %s\n", extensions); - goto end; - } - } - - if(!passin) - passin = CONF_get_string(req_conf, SECTION, "input_password"); - - if(!passout) - passout = CONF_get_string(req_conf, SECTION, "output_password"); - - p = CONF_get_string(req_conf, SECTION, STRING_MASK); - - if(p && !ASN1_STRING_set_default_mask_asc(p)) { - BIO_printf(bio_err, "Invalid global string mask setting %s\n", p); - goto end; - } - - if(!req_exts) - req_exts = CONF_get_string(req_conf, SECTION, REQ_EXTENSIONS); - if(req_exts) { - /* Check syntax of file */ - X509V3_CTX ctx; - X509V3_set_ctx_test(&ctx); - X509V3_set_conf_lhash(&ctx, req_conf); - if(!X509V3_EXT_add_conf(req_conf, &ctx, req_exts, NULL)) { - BIO_printf(bio_err, - "Error Loading request extension section %s\n", - req_exts); - goto end; - } - } - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - goto end; - - if (keyfile != NULL) - { - if (BIO_read_filename(in,keyfile) <= 0) - { - perror(keyfile); - goto end; - } - - if (keyform == FORMAT_ASN1) - pkey=d2i_PrivateKey_bio(in,NULL); - else if (keyform == FORMAT_PEM) - { - pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,passin); - } - else - { - BIO_printf(bio_err,"bad input format specified for X509 request\n"); - goto end; - } - - if (pkey == NULL) - { - BIO_printf(bio_err,"unable to load Private key\n"); - goto end; - } - } - - if (newreq && (pkey == NULL)) - { - char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE"); - app_RAND_load_file(randfile, bio_err, 0); - - if (newkey <= 0) - { - newkey=(int)CONF_get_number(req_conf,SECTION,BITS); - if (newkey <= 0) - newkey=DEFAULT_KEY_LENGTH; - } - - if (newkey < MIN_KEY_LENGTH) - { - BIO_printf(bio_err,"private key length is too short,\n"); - BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey); - goto end; - } - BIO_printf(bio_err,"Generating a %d bit %s private key\n", - newkey,(pkey_type == TYPE_RSA)?"RSA":"DSA"); - - if ((pkey=EVP_PKEY_new()) == NULL) goto end; - -#ifndef NO_RSA - if (pkey_type == TYPE_RSA) - { - if (!EVP_PKEY_assign_RSA(pkey, - RSA_generate_key(newkey,0x10001, - req_cb,bio_err))) - goto end; - } - else -#endif -#ifndef NO_DSA - if (pkey_type == TYPE_DSA) - { - if (!DSA_generate_key(dsa_params)) goto end; - if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end; - dsa_params=NULL; - } -#endif - - app_RAND_write_file(randfile, bio_err); - - if (pkey == NULL) goto end; - - if (keyout == NULL) - keyout=CONF_get_string(req_conf,SECTION,KEYFILE); - - if (keyout == NULL) - { - BIO_printf(bio_err,"writing new private key to stdout\n"); - BIO_set_fp(out,stdout,BIO_NOCLOSE); - } - else - { - BIO_printf(bio_err,"writing new private key to '%s'\n",keyout); - if (BIO_write_filename(out,keyout) <= 0) - { - perror(keyout); - goto end; - } - } - - p=CONF_get_string(req_conf,SECTION,"encrypt_rsa_key"); - if (p == NULL) - p=CONF_get_string(req_conf,SECTION,"encrypt_key"); - if ((p != NULL) && (strcmp(p,"no") == 0)) - cipher=NULL; - if (nodes) cipher=NULL; - - i=0; -loop: - if (!PEM_write_bio_PrivateKey(out,pkey,cipher, - NULL,0,NULL,passout)) - { - if ((ERR_GET_REASON(ERR_peek_error()) == - PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3)) - { - ERR_clear_error(); - i++; - goto loop; - } - goto end; - } - BIO_printf(bio_err,"-----\n"); - } - - if (!newreq) - { - /* Since we are using a pre-existing certificate - * request, the kludge 'format' info should not be - * changed. */ - kludge= -1; - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - - if (informat == FORMAT_ASN1) - req=d2i_X509_REQ_bio(in,NULL); - else if (informat == FORMAT_PEM) - req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); - else - { - BIO_printf(bio_err,"bad input format specified for X509 request\n"); - goto end; - } - if (req == NULL) - { - BIO_printf(bio_err,"unable to load X509 request\n"); - goto end; - } - } - - if (newreq || x509) - { -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - digest=EVP_dss1(); -#endif - - if (pkey == NULL) - { - BIO_printf(bio_err,"you need to specify a private key\n"); - goto end; - } - if (req == NULL) - { - req=X509_REQ_new(); - if (req == NULL) - { - goto end; - } - - i=make_REQ(req,pkey,!x509); - if (kludge >= 0) - req->req_info->req_kludge=kludge; - if (!i) - { - BIO_printf(bio_err,"problems making Certificate Request\n"); - goto end; - } - } - if (x509) - { - EVP_PKEY *tmppkey; - X509V3_CTX ext_ctx; - if ((x509ss=X509_new()) == NULL) goto end; - - /* Set version to V3 */ - if(!X509_set_version(x509ss, 2)) goto end; - ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L); - - X509_set_issuer_name(x509ss, - X509_REQ_get_subject_name(req)); - X509_gmtime_adj(X509_get_notBefore(x509ss),0); - X509_gmtime_adj(X509_get_notAfter(x509ss), - (long)60*60*24*days); - X509_set_subject_name(x509ss, - X509_REQ_get_subject_name(req)); - tmppkey = X509_REQ_get_pubkey(req); - X509_set_pubkey(x509ss,tmppkey); - EVP_PKEY_free(tmppkey); - - /* Set up V3 context struct */ - - X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0); - X509V3_set_conf_lhash(&ext_ctx, req_conf); - - /* Add extensions */ - if(extensions && !X509V3_EXT_add_conf(req_conf, - &ext_ctx, extensions, x509ss)) - { - BIO_printf(bio_err, - "Error Loading extension section %s\n", - extensions); - goto end; - } - - if (!(i=X509_sign(x509ss,pkey,digest))) - goto end; - } - else - { - X509V3_CTX ext_ctx; - - /* Set up V3 context struct */ - - X509V3_set_ctx(&ext_ctx, NULL, NULL, req, NULL, 0); - X509V3_set_conf_lhash(&ext_ctx, req_conf); - - /* Add extensions */ - if(req_exts && !X509V3_EXT_REQ_add_conf(req_conf, - &ext_ctx, req_exts, req)) - { - BIO_printf(bio_err, - "Error Loading extension section %s\n", - req_exts); - goto end; - } - if (!(i=X509_REQ_sign(req,pkey,digest))) - goto end; - } - } - - if (verify && !x509) - { - int tmp=0; - - if (pkey == NULL) - { - pkey=X509_REQ_get_pubkey(req); - tmp=1; - if (pkey == NULL) goto end; - } - - i=X509_REQ_verify(req,pkey); - if (tmp) { - EVP_PKEY_free(pkey); - pkey=NULL; - } - - if (i < 0) - { - goto end; - } - else if (i == 0) - { - BIO_printf(bio_err,"verify failure\n"); - } - else /* if (i > 0) */ - BIO_printf(bio_err,"verify OK\n"); - } - - if (noout && !text && !modulus) - { - ex=0; - goto end; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if ((keyout != NULL) && (strcmp(outfile,keyout) == 0)) - i=(int)BIO_append_filename(out,outfile); - else - i=(int)BIO_write_filename(out,outfile); - if (!i) - { - perror(outfile); - goto end; - } - } - - if (text) - { - if (x509) - X509_print(out,x509ss); - else - X509_REQ_print(out,req); - } - - if (modulus) - { - EVP_PKEY *pubkey; - - if (x509) - pubkey=X509_get_pubkey(x509ss); - else - pubkey=X509_REQ_get_pubkey(req); - if (pubkey == NULL) - { - fprintf(stdout,"Modulus=unavailable\n"); - goto end; - } - fprintf(stdout,"Modulus="); -#ifndef NO_RSA - if (pubkey->type == EVP_PKEY_RSA) - BN_print(out,pubkey->pkey.rsa->n); - else -#endif - fprintf(stdout,"Wrong Algorithm type"); - fprintf(stdout,"\n"); - } - - if (!noout && !x509) - { - if (outformat == FORMAT_ASN1) - i=i2d_X509_REQ_bio(out,req); - else if (outformat == FORMAT_PEM) { - if(newhdr) i=PEM_write_bio_X509_REQ_NEW(out,req); - else i=PEM_write_bio_X509_REQ(out,req); - } else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write X509 request\n"); - goto end; - } - } - if (!noout && x509 && (x509ss != NULL)) - { - if (outformat == FORMAT_ASN1) - i=i2d_X509_bio(out,x509ss); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_X509(out,x509ss); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write X509 certificate\n"); - goto end; - } - } - ex=0; -end: - if (ex) - { - ERR_print_errors(bio_err); - } - if ((req_conf != NULL) && (req_conf != config)) CONF_free(req_conf); - BIO_free(in); - BIO_free(out); - EVP_PKEY_free(pkey); - X509_REQ_free(req); - X509_free(x509ss); - if(passargin && passin) Free(passin); - if(passargout && passout) Free(passout); - OBJ_cleanup(); -#ifndef NO_DSA - if (dsa_params != NULL) DSA_free(dsa_params); -#endif - EXIT(ex); - } - -static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, int attribs) - { - int ret=0,i; - char no_prompt = 0; - STACK_OF(CONF_VALUE) *dn_sk, *attr_sk = NULL; - char *tmp, *dn_sect,*attr_sect; - - tmp=CONF_get_string(req_conf,SECTION,PROMPT); - if((tmp != NULL) && !strcmp(tmp, "no")) no_prompt = 1; - - dn_sect=CONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME); - if (dn_sect == NULL) - { - BIO_printf(bio_err,"unable to find '%s' in config\n", - DISTINGUISHED_NAME); - goto err; - } - dn_sk=CONF_get_section(req_conf,dn_sect); - if (dn_sk == NULL) - { - BIO_printf(bio_err,"unable to get '%s' section\n",dn_sect); - goto err; - } - - attr_sect=CONF_get_string(req_conf,SECTION,ATTRIBUTES); - if (attr_sect == NULL) - attr_sk=NULL; - else - { - attr_sk=CONF_get_section(req_conf,attr_sect); - if (attr_sk == NULL) - { - BIO_printf(bio_err,"unable to get '%s' section\n",attr_sect); - goto err; - } - } - - /* setup version number */ - if (!X509_REQ_set_version(req,0L)) goto err; /* version 1 */ - - if(no_prompt) i = auto_info(req, dn_sk, attr_sk, attribs); - else i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs); - if(!i) goto err; - - X509_REQ_set_pubkey(req,pkey); - - ret=1; -err: - return(ret); - } - - -static int prompt_info(X509_REQ *req, - STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect, - STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs) - { - int i; - char *p,*q; - char buf[100]; - int nid,min,max; - char *type,*def,*value; - CONF_VALUE *v; - X509_NAME *subj; - subj = X509_REQ_get_subject_name(req); - BIO_printf(bio_err,"You are about to be asked to enter information that will be incorporated\n"); - BIO_printf(bio_err,"into your certificate request.\n"); - BIO_printf(bio_err,"What you are about to enter is what is called a Distinguished Name or a DN.\n"); - BIO_printf(bio_err,"There are quite a few fields but you can leave some blank\n"); - BIO_printf(bio_err,"For some fields there will be a default value,\n"); - BIO_printf(bio_err,"If you enter '.', the field will be left blank.\n"); - BIO_printf(bio_err,"-----\n"); - - - if (sk_CONF_VALUE_num(dn_sk)) - { - i= -1; -start: for (;;) - { - i++; - if (sk_CONF_VALUE_num(dn_sk) <= i) break; - - v=sk_CONF_VALUE_value(dn_sk,i); - p=q=NULL; - type=v->name; - if(!check_end(type,"_min") || !check_end(type,"_max") || - !check_end(type,"_default") || - !check_end(type,"_value")) continue; - /* Skip past any leading X. X: X, etc to allow for - * multiple instances - */ - for(p = v->name; *p ; p++) - if ((*p == ':') || (*p == ',') || - (*p == '.')) { - p++; - if(*p) type = p; - break; - } - /* If OBJ not recognised ignore it */ - if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; - sprintf(buf,"%s_default",v->name); - if ((def=CONF_get_string(req_conf,dn_sect,buf)) == NULL) - def=""; - - sprintf(buf,"%s_value",v->name); - if ((value=CONF_get_string(req_conf,dn_sect,buf)) == NULL) - value=NULL; - - sprintf(buf,"%s_min",v->name); - min=(int)CONF_get_number(req_conf,dn_sect,buf); - - sprintf(buf,"%s_max",v->name); - max=(int)CONF_get_number(req_conf,dn_sect,buf); - - if (!add_DN_object(subj,v->value,def,value,nid, - min,max)) - return 0; - } - if (X509_NAME_entry_count(subj) == 0) - { - BIO_printf(bio_err,"error, no objects specified in config file\n"); - return 0; - } - - if (attribs) - { - if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0)) - { - BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n"); - BIO_printf(bio_err,"to be sent with your certificate request\n"); - } - - i= -1; -start2: for (;;) - { - i++; - if ((attr_sk == NULL) || - (sk_CONF_VALUE_num(attr_sk) <= i)) - break; - - v=sk_CONF_VALUE_value(attr_sk,i); - type=v->name; - if ((nid=OBJ_txt2nid(type)) == NID_undef) - goto start2; - - sprintf(buf,"%s_default",type); - if ((def=CONF_get_string(req_conf,attr_sect,buf)) - == NULL) - def=""; - - sprintf(buf,"%s_value",type); - if ((value=CONF_get_string(req_conf,attr_sect,buf)) - == NULL) - value=NULL; - - sprintf(buf,"%s_min",type); - min=(int)CONF_get_number(req_conf,attr_sect,buf); - - sprintf(buf,"%s_max",type); - max=(int)CONF_get_number(req_conf,attr_sect,buf); - - if (!add_attribute_object(req, - v->value,def,value,nid,min,max)) - return 0; - } - } - } - else - { - BIO_printf(bio_err,"No template, please set one up.\n"); - return 0; - } - - return 1; - - } - -static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, - STACK_OF(CONF_VALUE) *attr_sk, int attribs) - { - int i; - char *p,*q; - char *type; - CONF_VALUE *v; - X509_NAME *subj; - - subj = X509_REQ_get_subject_name(req); - - for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) - { - v=sk_CONF_VALUE_value(dn_sk,i); - p=q=NULL; - type=v->name; - /* Skip past any leading X. X: X, etc to allow for - * multiple instances - */ - for(p = v->name; *p ; p++) - if ((*p == ':') || (*p == ',') || (*p == '.')) { - p++; - if(*p) type = p; - break; - } - if (!X509_NAME_add_entry_by_txt(subj,type, MBSTRING_ASC, - (unsigned char *) v->value,-1,-1,0)) return 0; - - } - - if (!X509_NAME_entry_count(subj)) - { - BIO_printf(bio_err,"error, no objects specified in config file\n"); - return 0; - } - if (attribs) - { - for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++) - { - v=sk_CONF_VALUE_value(attr_sk,i); - if(!X509_REQ_add1_attr_by_txt(req, v->name, MBSTRING_ASC, - (unsigned char *)v->value, -1)) return 0; - } - } - return 1; - } - - -static int add_DN_object(X509_NAME *n, char *text, char *def, char *value, - int nid, int min, int max) - { - int i,ret=0; - MS_STATIC char buf[1024]; -start: - BIO_printf(bio_err,"%s [%s]:",text,def); - (void)BIO_flush(bio_err); - if (value != NULL) - { - strcpy(buf,value); - strcat(buf,"\n"); - BIO_printf(bio_err,"%s\n",value); - } - else - { - buf[0]='\0'; - fgets(buf,1024,stdin); - } - - if (buf[0] == '\0') return(0); - else if (buf[0] == '\n') - { - if ((def == NULL) || (def[0] == '\0')) - return(1); - strcpy(buf,def); - strcat(buf,"\n"); - } - else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); - - i=strlen(buf); - if (buf[i-1] != '\n') - { - BIO_printf(bio_err,"weird input :-(\n"); - return(0); - } - buf[--i]='\0'; - -#ifdef CHARSET_EBCDIC - ebcdic2ascii(buf, buf, i); -#endif - if(!req_check_len(i, min, max)) goto start; - if (!X509_NAME_add_entry_by_NID(n,nid, MBSTRING_ASC, - (unsigned char *) buf, -1,-1,0)) goto err; - ret=1; -err: - return(ret); - } - -static int add_attribute_object(X509_REQ *req, char *text, - char *def, char *value, int nid, int min, - int max) - { - int i; - static char buf[1024]; - -start: - BIO_printf(bio_err,"%s [%s]:",text,def); - (void)BIO_flush(bio_err); - if (value != NULL) - { - strcpy(buf,value); - strcat(buf,"\n"); - BIO_printf(bio_err,"%s\n",value); - } - else - { - buf[0]='\0'; - fgets(buf,1024,stdin); - } - - if (buf[0] == '\0') return(0); - else if (buf[0] == '\n') - { - if ((def == NULL) || (def[0] == '\0')) - return(1); - strcpy(buf,def); - strcat(buf,"\n"); - } - else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); - - i=strlen(buf); - if (buf[i-1] != '\n') - { - BIO_printf(bio_err,"weird input :-(\n"); - return(0); - } - buf[--i]='\0'; - if(!req_check_len(i, min, max)) goto start; - - if(!X509_REQ_add1_attr_by_NID(req, nid, MBSTRING_ASC, - (unsigned char *)buf, -1)) { - BIO_printf(bio_err, "Error adding attribute\n"); - ERR_print_errors(bio_err); - goto err; - } - - return(1); -err: - return(0); - } - -#ifndef NO_RSA -static void MS_CALLBACK req_cb(int p, int n, void *arg) - { - char c='*'; - - if (p == 0) c='.'; - if (p == 1) c='+'; - if (p == 2) c='*'; - if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); -#ifdef LINT - p=n; -#endif - } -#endif - -static int req_check_len(int len, int min, int max) - { - if (len < min) - { - BIO_printf(bio_err,"string is too short, it needs to be at least %d bytes long\n",min); - return(0); - } - if ((max != 0) && (len > max)) - { - BIO_printf(bio_err,"string is too long, it needs to be less than %d bytes long\n",max); - return(0); - } - return(1); - } - -/* Check if the end of a string matches 'end' */ -static int check_end(char *str, char *end) -{ - int elen, slen; - char *tmp; - elen = strlen(end); - slen = strlen(str); - if(elen > slen) return 1; - tmp = str + slen - elen; - return strcmp(tmp, end); -} - -static int add_oid_section(LHASH *conf) -{ - char *p; - STACK_OF(CONF_VALUE) *sktmp; - CONF_VALUE *cnf; - int i; - if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1; - if(!(sktmp = CONF_get_section(conf, p))) { - BIO_printf(bio_err, "problem loading oid section %s\n", p); - return 0; - } - for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { - cnf = sk_CONF_VALUE_value(sktmp, i); - if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { - BIO_printf(bio_err, "problem creating object %s=%s\n", - cnf->name, cnf->value); - return 0; - } - } - return 1; -} diff --git a/crypto/openssl/apps/req.pem b/crypto/openssl/apps/req.pem deleted file mode 100644 index 5537df601df92..0000000000000 --- a/crypto/openssl/apps/req.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx -ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp -YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ -S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV -AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg -tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo -84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38 -CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ -Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf ------END CERTIFICATE REQUEST----- diff --git a/crypto/openssl/apps/rsa.c b/crypto/openssl/apps/rsa.c deleted file mode 100644 index 9d4c2e6564050..0000000000000 --- a/crypto/openssl/apps/rsa.c +++ /dev/null @@ -1,389 +0,0 @@ -/* apps/rsa.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <time.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/rsa.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG rsa_main - -/* -inform arg - input format - default PEM (one of DER, NET or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -des - encrypt output if PEM format with DES in cbc mode - * -des3 - encrypt output if PEM format - * -idea - encrypt output if PEM format - * -text - print a text version - * -modulus - print the RSA key modulus - * -check - verify key consistency - * -pubin - Expect a public key in input file. - * -pubout - Output a public key. - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int ret=1; - RSA *rsa=NULL; - int i,badops=0; - const EVP_CIPHER *enc=NULL; - BIO *in=NULL,*out=NULL; - int informat,outformat,text=0,check=0,noout=0; - int pubin = 0, pubout = 0; - char *infile,*outfile,*prog; - char *passargin = NULL, *passargout = NULL; - char *passin = NULL, *passout = NULL; - int modulus=0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else if (strcmp(*argv,"-pubin") == 0) - pubin=1; - else if (strcmp(*argv,"-pubout") == 0) - pubout=1; - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (strcmp(*argv,"-text") == 0) - text=1; - else if (strcmp(*argv,"-modulus") == 0) - modulus=1; - else if (strcmp(*argv,"-check") == 0) - check=1; - else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL) - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n"); - BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -passin arg input file pass phrase source\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -passout arg output file pass phrase source\n"); - BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); - BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); -#ifndef NO_IDEA - BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); -#endif - BIO_printf(bio_err," -text print the key in text\n"); - BIO_printf(bio_err," -noout don't print key out\n"); - BIO_printf(bio_err," -modulus print the RSA key modulus\n"); - BIO_printf(bio_err," -check verify key consistency\n"); - BIO_printf(bio_err," -pubin expect a public key in input file\n"); - BIO_printf(bio_err," -pubout output a public key\n"); - goto end; - } - - ERR_load_crypto_strings(); - - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { - BIO_printf(bio_err, "Error getting passwords\n"); - goto end; - } - - if(check && pubin) { - BIO_printf(bio_err, "Only private keys can be checked\n"); - goto end; - } - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - - BIO_printf(bio_err,"read RSA key\n"); - if (informat == FORMAT_ASN1) { - if (pubin) rsa=d2i_RSA_PUBKEY_bio(in,NULL); - else rsa=d2i_RSAPrivateKey_bio(in,NULL); - } -#ifndef NO_RC4 - else if (informat == FORMAT_NETSCAPE) - { - BUF_MEM *buf=NULL; - unsigned char *p; - int size=0; - - buf=BUF_MEM_new(); - for (;;) - { - if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10))) - goto end; - i=BIO_read(in,&(buf->data[size]),1024*10); - size+=i; - if (i == 0) break; - if (i < 0) - { - perror("reading private key"); - BUF_MEM_free(buf); - goto end; - } - } - p=(unsigned char *)buf->data; - rsa=d2i_Netscape_RSA(NULL,&p,(long)size,NULL); - BUF_MEM_free(buf); - } -#endif - else if (informat == FORMAT_PEM) { - if(pubin) rsa=PEM_read_bio_RSA_PUBKEY(in,NULL,NULL,NULL); - else rsa=PEM_read_bio_RSAPrivateKey(in,NULL, NULL,passin); - } - else - { - BIO_printf(bio_err,"bad input format specified for key\n"); - goto end; - } - if (rsa == NULL) - { - BIO_printf(bio_err,"unable to load key\n"); - ERR_print_errors(bio_err); - goto end; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - - if (text) - if (!RSA_print(out,rsa,0)) - { - perror(outfile); - ERR_print_errors(bio_err); - goto end; - } - - if (modulus) - { - BIO_printf(out,"Modulus="); - BN_print(out,rsa->n); - BIO_printf(out,"\n"); - } - - if (check) - { - int r = RSA_check_key(rsa); - - if (r == 1) - BIO_printf(out,"RSA key ok\n"); - else if (r == 0) - { - long e; - - while ((e = ERR_peek_error()) != 0 && - ERR_GET_LIB(e) == ERR_LIB_RSA && - ERR_GET_FUNC(e) == RSA_F_RSA_CHECK_KEY && - ERR_GET_REASON(e) != ERR_R_MALLOC_FAILURE) - { - BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e)); - ERR_get_error(); /* remove e from error stack */ - } - } - - if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */ - { - ERR_print_errors(bio_err); - goto end; - } - } - - if (noout) - { - ret = 0; - goto end; - } - BIO_printf(bio_err,"writing RSA key\n"); - if (outformat == FORMAT_ASN1) { - if(pubout || pubin) i=i2d_RSA_PUBKEY_bio(out,rsa); - else i=i2d_RSAPrivateKey_bio(out,rsa); - } -#ifndef NO_RC4 - else if (outformat == FORMAT_NETSCAPE) - { - unsigned char *p,*pp; - int size; - - i=1; - size=i2d_Netscape_RSA(rsa,NULL,NULL); - if ((p=(unsigned char *)Malloc(size)) == NULL) - { - BIO_printf(bio_err,"Malloc failure\n"); - goto end; - } - pp=p; - i2d_Netscape_RSA(rsa,&p,NULL); - BIO_write(out,(char *)pp,size); - Free(pp); - } -#endif - else if (outformat == FORMAT_PEM) { - if(pubout || pubin) - i=PEM_write_bio_RSA_PUBKEY(out,rsa); - else i=PEM_write_bio_RSAPrivateKey(out,rsa, - enc,NULL,0,NULL,passout); - } else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) - { - BIO_printf(bio_err,"unable to write key\n"); - ERR_print_errors(bio_err); - } - else - ret=0; -end: - if(in != NULL) BIO_free(in); - if(out != NULL) BIO_free(out); - if(rsa != NULL) RSA_free(rsa); - if(passin) Free(passin); - if(passout) Free(passout); - EXIT(ret); - } -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/crypto/openssl/apps/rsa/01.pem b/crypto/openssl/apps/rsa/01.pem deleted file mode 100644 index 36ec57598efeb..0000000000000 --- a/crypto/openssl/apps/rsa/01.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG -A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD -VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4 -MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV -BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0 -cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv -bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb -qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU -MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D -gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/ -LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k -Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq -Pjrmw2eSgbdmmdumWAcNPVbV ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/rsa/1.txt b/crypto/openssl/apps/rsa/1.txt deleted file mode 100644 index 95a862e150ef3..0000000000000 --- a/crypto/openssl/apps/rsa/1.txt +++ /dev/null @@ -1,50 +0,0 @@ -issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority -subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com -Certificate: - Data: - Version: 1 (0x0) - Serial Number: - 68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a - Signature Algorithm: md5WithRSAEncryption - Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority - Validity - Not Before: May 18 00:00:00 1998 GMT - Not After : May 18 23:59:59 1999 GMT - Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e: - d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3: - 83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40: - 11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a: - ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb: - f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61: - 75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df: - 51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5: - b0:91:2d:85:ad:2a:1c:e7:f7 - Exponent: 65537 (0x10001) - Signature Algorithm: md5WithRSAEncryption - 8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe: - d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9: - e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37: - 6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5: - 7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05: - 1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e: - 3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5 ------BEGIN CERTIFICATE----- -MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG -A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD -VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4 -MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV -BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0 -cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv -bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb -qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU -MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D -gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/ -LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k -Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq -Pjrmw2eSgbdmmdumWAcNPVbV ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/rsa/SecureServer.pem b/crypto/openssl/apps/rsa/SecureServer.pem deleted file mode 100644 index 7c8ffb2cd85cc..0000000000000 --- a/crypto/openssl/apps/rsa/SecureServer.pem +++ /dev/null @@ -1,47 +0,0 @@ -Certificate: - Data: - Version: 1 (0x0) - Serial Number: - 02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0 - Signature Algorithm: md2WithRSAEncryption - Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority - Validity - Not Before: Nov 9 00:00:00 1994 GMT - Not After : Jan 7 23:59:59 2010 GMT - Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1000 bit) - Modulus (1000 bit): - 00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25: - 01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03: - e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86: - 37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9: - 4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07: - 65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48: - b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49: - 54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5: - dd:2d:d6:c8:1e:7b - Exponent: 65537 (0x10001) - Signature Algorithm: md2WithRSAEncryption - 65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3: - c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5: - b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49: - c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b: - 4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39: - 16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04: - f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50 ------BEGIN CERTIFICATE----- -MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG -A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD -VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0 -MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV -BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy -dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ -ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII -0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI -uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI -hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3 -YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc -1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA== ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/rsa/s.txt b/crypto/openssl/apps/rsa/s.txt deleted file mode 100644 index 7de7e0764fa91..0000000000000 --- a/crypto/openssl/apps/rsa/s.txt +++ /dev/null @@ -1,49 +0,0 @@ -issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority -subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority -Certificate: - Data: - Version: 1 (0x0) - Serial Number: - 02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0 - Signature Algorithm: md2WithRSAEncryption - Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority - Validity - Not Before: Nov 9 00:00:00 1994 GMT - Not After : Jan 7 23:59:59 2010 GMT - Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1000 bit) - Modulus (1000 bit): - 00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25: - 01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03: - e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86: - 37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9: - 4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07: - 65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48: - b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49: - 54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5: - dd:2d:d6:c8:1e:7b - Exponent: 65537 (0x10001) - Signature Algorithm: md2WithRSAEncryption - 65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3: - c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5: - b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49: - c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b: - 4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39: - 16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04: - f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50 ------BEGIN CERTIFICATE----- -MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG -A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD -VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0 -MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV -BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy -dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ -ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII -0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI -uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI -hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3 -YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc -1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA== ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/rsa8192.pem b/crypto/openssl/apps/rsa8192.pem deleted file mode 100644 index 946a6e5433cef..0000000000000 --- a/crypto/openssl/apps/rsa8192.pem +++ /dev/null @@ -1,101 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- - -MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ -ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF -MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY -55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm -yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3 -tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA -LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE -aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d -PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59 -mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi -71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z -d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2 -wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0 -bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE -Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa -Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd -pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS -os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah -mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx -cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K -LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ -tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS -PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9 -psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0 -9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6 -xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c -ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW -RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf -1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI -P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH -77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4 -4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I -/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg -GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq -HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB -ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy -AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT -52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p -5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr -7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5 -KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h -cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1 -dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/ -DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw -Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr -f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ -J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+ -TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY -fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c -Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5 -mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC -YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd -mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ -Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw -c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w -Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR -WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh -KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi -JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo -yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ -kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9 -DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN -22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU -ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz -D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP -PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8 -dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ -FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg -6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz -eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG -bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz -XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf -7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w -82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly -beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr -pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9 -70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM -YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin -ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy -lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe -4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P -lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG -LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3 -x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w -O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD -6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80 -Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz -DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn -Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R -oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q -nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H -X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV -QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg -TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c -46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE -rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv -I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8= ------END RSA PRIVATE KEY----- - diff --git a/crypto/openssl/apps/s1024key.pem b/crypto/openssl/apps/s1024key.pem deleted file mode 100644 index 19e04035724fb..0000000000000 --- a/crypto/openssl/apps/s1024key.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV -S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP -pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB -AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0 -dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY -bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E -Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq -zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM -6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf -QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD -dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M -0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv -nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA== ------END RSA PRIVATE KEY----- diff --git a/crypto/openssl/apps/s1024req.pem b/crypto/openssl/apps/s1024req.pem deleted file mode 100644 index bb75e7eeb7e94..0000000000000 --- a/crypto/openssl/apps/s1024req.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx -GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz -dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR -9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo -KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2 -RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE -BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq -nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil -frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M= ------END CERTIFICATE REQUEST----- diff --git a/crypto/openssl/apps/s512-key.pem b/crypto/openssl/apps/s512-key.pem deleted file mode 100644 index 0e3ff2d373a3f..0000000000000 --- a/crypto/openssl/apps/s512-key.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD -TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu -OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj -gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz -rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b -PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA -vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU= ------END RSA PRIVATE KEY----- diff --git a/crypto/openssl/apps/s512-req.pem b/crypto/openssl/apps/s512-req.pem deleted file mode 100644 index ea314be5550e1..0000000000000 --- a/crypto/openssl/apps/s512-req.pem +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa -MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0 -IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S -MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E -y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm -5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8= ------END CERTIFICATE REQUEST----- diff --git a/crypto/openssl/apps/s_apps.h b/crypto/openssl/apps/s_apps.h deleted file mode 100644 index 57af7c0f8cf04..0000000000000 --- a/crypto/openssl/apps/s_apps.h +++ /dev/null @@ -1,111 +0,0 @@ -/* apps/s_apps.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <sys/types.h> -#if (defined(VMS) || defined(__VMS)) && !defined(FD_SET) -/* VAX C does not defined fd_set and friends, but it's actually quite simple */ -/* These definitions are borrowed from SOCKETSHR. /Richard Levitte */ -#define MAX_NOFILE 32 -#define NBBY 8 /* number of bits in a byte */ - -#ifndef FD_SETSIZE -#define FD_SETSIZE MAX_NOFILE -#endif /* FD_SETSIZE */ - -/* How many things we'll allow select to use. 0 if unlimited */ -#define MAXSELFD MAX_NOFILE -typedef int fd_mask; /* int here! VMS prototypes int, not long */ -#define NFDBITS (sizeof(fd_mask) * NBBY) /* bits per mask (power of 2!)*/ -#define NFDSHIFT 5 /* Shift based on above */ - -typedef fd_mask fd_set; -#define FD_SET(n, p) (*(p) |= (1 << ((n) % NFDBITS))) -#define FD_CLR(n, p) (*(p) &= ~(1 << ((n) % NFDBITS))) -#define FD_ISSET(n, p) (*(p) & (1 << ((n) % NFDBITS))) -#define FD_ZERO(p) memset((char *)(p), 0, sizeof(*(p))) -#endif - -#define PORT 4433 -#define PORT_STR "4433" -#define PROTOCOL "tcp" - -int do_server(int port, int *ret, int (*cb) (), char *context); -#ifdef HEADER_X509_H -int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); -#else -int MS_CALLBACK verify_callback(int ok, char *ctx); -#endif -#ifdef HEADER_SSL_H -int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); -#else -int set_cert_stuff(char *ctx, char *cert_file, char *key_file); -#endif -int init_client(int *sock, char *server, int port); -int should_retry(int i); -int extract_port(char *str, short *port_ptr); -int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); - -long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, - int argi, long argl, long ret); - -#ifdef HEADER_SSL_H -void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret); -#else -void MS_CALLBACK apps_ssl_info_callback(char *s, int where, int ret); -#endif - diff --git a/crypto/openssl/apps/s_cb.c b/crypto/openssl/apps/s_cb.c deleted file mode 100644 index fd622597d62b1..0000000000000 --- a/crypto/openssl/apps/s_cb.c +++ /dev/null @@ -1,238 +0,0 @@ -/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#define USE_SOCKETS -#define NON_MAIN -#include "apps.h" -#undef NON_MAIN -#undef USE_SOCKETS -#include <openssl/err.h> -#include <openssl/x509.h> -#include <openssl/ssl.h> -#include "s_apps.h" - -int verify_depth=0; -int verify_error=X509_V_OK; - -int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) - { - char buf[256]; - X509 *err_cert; - int err,depth; - - err_cert=X509_STORE_CTX_get_current_cert(ctx); - err= X509_STORE_CTX_get_error(ctx); - depth= X509_STORE_CTX_get_error_depth(ctx); - - X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256); - BIO_printf(bio_err,"depth=%d %s\n",depth,buf); - if (!ok) - { - BIO_printf(bio_err,"verify error:num=%d:%s\n",err, - X509_verify_cert_error_string(err)); - if (verify_depth >= depth) - { - ok=1; - verify_error=X509_V_OK; - } - else - { - ok=0; - verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG; - } - } - switch (ctx->error) - { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256); - BIO_printf(bio_err,"issuer= %s\n",buf); - break; - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err,"notBefore="); - ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err,"notAfter="); - ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - } - BIO_printf(bio_err,"verify return:%d\n",ok); - return(ok); - } - -int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) - { - if (cert_file != NULL) - { - /* - SSL *ssl; - X509 *x509; - */ - - if (SSL_CTX_use_certificate_file(ctx,cert_file, - SSL_FILETYPE_PEM) <= 0) - { - BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file); - ERR_print_errors(bio_err); - return(0); - } - if (key_file == NULL) key_file=cert_file; - if (SSL_CTX_use_PrivateKey_file(ctx,key_file, - SSL_FILETYPE_PEM) <= 0) - { - BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file); - ERR_print_errors(bio_err); - return(0); - } - - /* - In theory this is no longer needed - ssl=SSL_new(ctx); - x509=SSL_get_certificate(ssl); - - if (x509 != NULL) { - EVP_PKEY *pktmp; - pktmp = X509_get_pubkey(x509); - EVP_PKEY_copy_parameters(pktmp, - SSL_get_privatekey(ssl)); - EVP_PKEY_free(pktmp); - } - SSL_free(ssl); - */ - - /* If we are using DSA, we can copy the parameters from - * the private key */ - - - /* Now we know that a key and cert have been set against - * the SSL context */ - if (!SSL_CTX_check_private_key(ctx)) - { - BIO_printf(bio_err,"Private key does not match the certificate public key\n"); - return(0); - } - } - return(1); - } - -long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi, - long argl, long ret) - { - BIO *out; - - out=(BIO *)BIO_get_callback_arg(bio); - if (out == NULL) return(ret); - - if (cmd == (BIO_CB_READ|BIO_CB_RETURN)) - { - BIO_printf(out,"read from %08X [%08lX] (%d bytes => %ld (0x%X))\n", - bio,argp,argi,ret,ret); - BIO_dump(out,argp,(int)ret); - return(ret); - } - else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN)) - { - BIO_printf(out,"write to %08X [%08lX] (%d bytes => %ld (0x%X))\n", - bio,argp,argi,ret,ret); - BIO_dump(out,argp,(int)ret); - } - return(ret); - } - -void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret) - { - char *str; - int w; - - w=where& ~SSL_ST_MASK; - - if (w & SSL_ST_CONNECT) str="SSL_connect"; - else if (w & SSL_ST_ACCEPT) str="SSL_accept"; - else str="undefined"; - - if (where & SSL_CB_LOOP) - { - BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s)); - } - else if (where & SSL_CB_ALERT) - { - str=(where & SSL_CB_READ)?"read":"write"; - BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n", - str, - SSL_alert_type_string_long(ret), - SSL_alert_desc_string_long(ret)); - } - else if (where & SSL_CB_EXIT) - { - if (ret == 0) - BIO_printf(bio_err,"%s:failed in %s\n", - str,SSL_state_string_long(s)); - else if (ret < 0) - { - BIO_printf(bio_err,"%s:error in %s\n", - str,SSL_state_string_long(s)); - } - } - } - diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c deleted file mode 100644 index e629f8e7f13f6..0000000000000 --- a/crypto/openssl/apps/s_client.c +++ /dev/null @@ -1,885 +0,0 @@ -/* apps/s_client.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <assert.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#ifdef NO_STDIO -#define APPS_WIN16 -#endif - -/* With IPv6, it looks like Digital has mixed up the proper order of - recursive header file inclusion, resulting in the compiler complaining - that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which - is needed to have fileno() declared correctly... So let's define u_int */ -#if defined(VMS) && defined(__DECC) && !defined(__U_INT) -#define __U_INT -typedef unsigned int u_int; -#endif - -#define USE_SOCKETS -#include "apps.h" -#include <openssl/x509.h> -#include <openssl/ssl.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include "s_apps.h" - -#ifdef WINDOWS -#include <conio.h> -#endif - - -#if (defined(VMS) && __VMS_VER < 70000000) -/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ -#undef FIONBIO -#endif - -#undef PROG -#define PROG s_client_main - -/*#define SSL_HOST_NAME "www.netscape.com" */ -/*#define SSL_HOST_NAME "193.118.187.102" */ -#define SSL_HOST_NAME "localhost" - -/*#define TEST_CERT "client.pem" */ /* no default cert. */ - -#undef BUFSIZZ -#define BUFSIZZ 1024*8 - -extern int verify_depth; -extern int verify_error; - -#ifdef FIONBIO -static int c_nbio=0; -#endif -static int c_Pause=0; -static int c_debug=0; -static int c_showcerts=0; - -static void sc_usage(void); -static void print_stuff(BIO *berr,SSL *con,int full); -static BIO *bio_c_out=NULL; -static int c_quiet=0; -static int c_ign_eof=0; - -static void sc_usage(void) - { - BIO_printf(bio_err,"usage: s_client args\n"); - BIO_printf(bio_err,"\n"); - BIO_printf(bio_err," -host host - use -connect instead\n"); - BIO_printf(bio_err," -port port - use -connect instead\n"); - BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); - - BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); - BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); - BIO_printf(bio_err," -key arg - Private key file to use, PEM format assumed, in cert file if\n"); - BIO_printf(bio_err," not specified but cert file is.\n"); - BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); - BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); - BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); - BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); - BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); - BIO_printf(bio_err," -debug - extra output\n"); - BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n"); - BIO_printf(bio_err," -state - print the 'ssl' states\n"); -#ifdef FIONBIO - BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); -#endif - BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); - BIO_printf(bio_err," -quiet - no s_client output\n"); - BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); - BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); - BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); - BIO_printf(bio_err," -tls1 - just use TLSv1\n"); - BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); - BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); - BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); - BIO_printf(bio_err," command to see what is available\n"); - - } - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int off=0; - SSL *con=NULL,*con2=NULL; - int s,k,width,state=0; - char *cbuf=NULL,*sbuf=NULL; - int cbuf_len,cbuf_off; - int sbuf_len,sbuf_off; - fd_set readfds,writefds; - short port=PORT; - int full_log=1; - char *host=SSL_HOST_NAME; - char *cert_file=NULL,*key_file=NULL; - char *CApath=NULL,*CAfile=NULL,*cipher=NULL; - int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; - int crlf=0; - int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; - SSL_CTX *ctx=NULL; - int ret=1,in_init=1,i,nbio_test=0; - int prexit = 0; - SSL_METHOD *meth=NULL; - BIO *sbio; -#ifdef WINDOWS - struct timeval tv; -#endif - -#if !defined(NO_SSL2) && !defined(NO_SSL3) - meth=SSLv23_client_method(); -#elif !defined(NO_SSL3) - meth=SSLv3_client_method(); -#elif !defined(NO_SSL2) - meth=SSLv2_client_method(); -#endif - - apps_startup(); - c_Pause=0; - c_quiet=0; - c_ign_eof=0; - c_debug=0; - c_showcerts=0; - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - if ( ((cbuf=Malloc(BUFSIZZ)) == NULL) || - ((sbuf=Malloc(BUFSIZZ)) == NULL)) - { - BIO_printf(bio_err,"out of memory\n"); - goto end; - } - - verify_depth=0; - verify_error=X509_V_OK; -#ifdef FIONBIO - c_nbio=0; -#endif - - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-host") == 0) - { - if (--argc < 1) goto bad; - host= *(++argv); - } - else if (strcmp(*argv,"-port") == 0) - { - if (--argc < 1) goto bad; - port=atoi(*(++argv)); - if (port == 0) goto bad; - } - else if (strcmp(*argv,"-connect") == 0) - { - if (--argc < 1) goto bad; - if (!extract_host_port(*(++argv),&host,NULL,&port)) - goto bad; - } - else if (strcmp(*argv,"-verify") == 0) - { - verify=SSL_VERIFY_PEER; - if (--argc < 1) goto bad; - verify_depth=atoi(*(++argv)); - BIO_printf(bio_err,"verify depth is %d\n",verify_depth); - } - else if (strcmp(*argv,"-cert") == 0) - { - if (--argc < 1) goto bad; - cert_file= *(++argv); - } - else if (strcmp(*argv,"-prexit") == 0) - prexit=1; - else if (strcmp(*argv,"-crlf") == 0) - crlf=1; - else if (strcmp(*argv,"-quiet") == 0) - { - c_quiet=1; - c_ign_eof=1; - } - else if (strcmp(*argv,"-ign_eof") == 0) - c_ign_eof=1; - else if (strcmp(*argv,"-pause") == 0) - c_Pause=1; - else if (strcmp(*argv,"-debug") == 0) - c_debug=1; - else if (strcmp(*argv,"-showcerts") == 0) - c_showcerts=1; - else if (strcmp(*argv,"-nbio_test") == 0) - nbio_test=1; - else if (strcmp(*argv,"-state") == 0) - state=1; -#ifndef NO_SSL2 - else if (strcmp(*argv,"-ssl2") == 0) - meth=SSLv2_client_method(); -#endif -#ifndef NO_SSL3 - else if (strcmp(*argv,"-ssl3") == 0) - meth=SSLv3_client_method(); -#endif -#ifndef NO_TLS1 - else if (strcmp(*argv,"-tls1") == 0) - meth=TLSv1_client_method(); -#endif - else if (strcmp(*argv,"-bugs") == 0) - bugs=1; - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - key_file= *(++argv); - } - else if (strcmp(*argv,"-reconnect") == 0) - { - reconnect=5; - } - else if (strcmp(*argv,"-CApath") == 0) - { - if (--argc < 1) goto bad; - CApath= *(++argv); - } - else if (strcmp(*argv,"-CAfile") == 0) - { - if (--argc < 1) goto bad; - CAfile= *(++argv); - } - else if (strcmp(*argv,"-no_tls1") == 0) - off|=SSL_OP_NO_TLSv1; - else if (strcmp(*argv,"-no_ssl3") == 0) - off|=SSL_OP_NO_SSLv3; - else if (strcmp(*argv,"-no_ssl2") == 0) - off|=SSL_OP_NO_SSLv2; - else if (strcmp(*argv,"-cipher") == 0) - { - if (--argc < 1) goto bad; - cipher= *(++argv); - } -#ifdef FIONBIO - else if (strcmp(*argv,"-nbio") == 0) - { c_nbio=1; } -#endif - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badop=1; - break; - } - argc--; - argv++; - } - if (badop) - { -bad: - sc_usage(); - goto end; - } - - app_RAND_load_file(NULL, bio_err, 0); - - if (bio_c_out == NULL) - { - if (c_quiet) - { - bio_c_out=BIO_new(BIO_s_null()); - } - else - { - if (bio_c_out == NULL) - bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE); - } - } - - OpenSSL_add_ssl_algorithms(); - SSL_load_error_strings(); - ctx=SSL_CTX_new(meth); - if (ctx == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (bugs) - SSL_CTX_set_options(ctx,SSL_OP_ALL|off); - else - SSL_CTX_set_options(ctx,off); - - if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); - if (cipher != NULL) - if(!SSL_CTX_set_cipher_list(ctx,cipher)) { - BIO_printf(bio_err,"error setting cipher list\n"); - ERR_print_errors(bio_err); - goto end; - } -#if 0 - else - SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER")); -#endif - - SSL_CTX_set_verify(ctx,verify,verify_callback); - if (!set_cert_stuff(ctx,cert_file,key_file)) - goto end; - - if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || - (!SSL_CTX_set_default_verify_paths(ctx))) - { - /* BIO_printf(bio_err,"error setting default verify locations\n"); */ - ERR_print_errors(bio_err); - /* goto end; */ - } - - - con=SSL_new(ctx); -/* SSL_set_cipher_list(con,"RC4-MD5"); */ - -re_start: - - if (init_client(&s,host,port) == 0) - { - BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); - SHUTDOWN(s); - goto end; - } - BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s); - -#ifdef FIONBIO - if (c_nbio) - { - unsigned long l=1; - BIO_printf(bio_c_out,"turning on non blocking io\n"); - if (BIO_socket_ioctl(s,FIONBIO,&l) < 0) - { - ERR_print_errors(bio_err); - goto end; - } - } -#endif - if (c_Pause & 0x01) con->debug=1; - sbio=BIO_new_socket(s,BIO_NOCLOSE); - - if (nbio_test) - { - BIO *test; - - test=BIO_new(BIO_f_nbio_test()); - sbio=BIO_push(test,sbio); - } - - if (c_debug) - { - con->debug=1; - BIO_set_callback(sbio,bio_dump_cb); - BIO_set_callback_arg(sbio,bio_c_out); - } - - SSL_set_bio(con,sbio,sbio); - SSL_set_connect_state(con); - - /* ok, lets connect */ - width=SSL_get_fd(con)+1; - - read_tty=1; - write_tty=0; - tty_on=0; - read_ssl=1; - write_ssl=1; - - cbuf_len=0; - cbuf_off=0; - sbuf_len=0; - sbuf_off=0; - - for (;;) - { - FD_ZERO(&readfds); - FD_ZERO(&writefds); - - if (SSL_in_init(con) && !SSL_total_renegotiations(con)) - { - in_init=1; - tty_on=0; - } - else - { - tty_on=1; - if (in_init) - { - in_init=0; - print_stuff(bio_c_out,con,full_log); - if (full_log > 0) full_log--; - - if (reconnect) - { - reconnect--; - BIO_printf(bio_c_out,"drop connection and then reconnect\n"); - SSL_shutdown(con); - SSL_set_connect_state(con); - SHUTDOWN(SSL_get_fd(con)); - goto re_start; - } - } - } - - ssl_pending = read_ssl && SSL_pending(con); - - if (!ssl_pending) - { -#ifndef WINDOWS - if (tty_on) - { - if (read_tty) FD_SET(fileno(stdin),&readfds); - if (write_tty) FD_SET(fileno(stdout),&writefds); - } - if (read_ssl) - FD_SET(SSL_get_fd(con),&readfds); - if (write_ssl) - FD_SET(SSL_get_fd(con),&writefds); -#else - if(!tty_on || !write_tty) { - if (read_ssl) - FD_SET(SSL_get_fd(con),&readfds); - if (write_ssl) - FD_SET(SSL_get_fd(con),&writefds); - } -#endif -/* printf("mode tty(%d %d%d) ssl(%d%d)\n", - tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ - - /* Note: under VMS with SOCKETSHR the second parameter - * is currently of type (int *) whereas under other - * systems it is (void *) if you don't have a cast it - * will choke the compiler: if you do have a cast then - * you can either go for (int *) or (void *). - */ -#ifdef WINDOWS - /* Under Windows we make the assumption that we can - * always write to the tty: therefore if we need to - * write to the tty we just fall through. Otherwise - * we timeout the select every second and see if there - * are any keypresses. Note: this is a hack, in a proper - * Windows application we wouldn't do this. - */ - i=0; - if(!write_tty) { - if(read_tty) { - tv.tv_sec = 1; - tv.tv_usec = 0; - i=select(width,(void *)&readfds,(void *)&writefds, - NULL,&tv); - if(!i && (!_kbhit() || !read_tty) ) continue; - } else i=select(width,(void *)&readfds,(void *)&writefds, - NULL,NULL); - } -#else - i=select(width,(void *)&readfds,(void *)&writefds, - NULL,NULL); -#endif - if ( i < 0) - { - BIO_printf(bio_err,"bad select %d\n", - get_last_socket_error()); - goto shut; - /* goto end; */ - } - } - - if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds)) - { - k=SSL_write(con,&(cbuf[cbuf_off]), - (unsigned int)cbuf_len); - switch (SSL_get_error(con,k)) - { - case SSL_ERROR_NONE: - cbuf_off+=k; - cbuf_len-=k; - if (k <= 0) goto end; - /* we have done a write(con,NULL,0); */ - if (cbuf_len <= 0) - { - read_tty=1; - write_ssl=0; - } - else /* if (cbuf_len > 0) */ - { - read_tty=0; - write_ssl=1; - } - break; - case SSL_ERROR_WANT_WRITE: - BIO_printf(bio_c_out,"write W BLOCK\n"); - write_ssl=1; - read_tty=0; - break; - case SSL_ERROR_WANT_READ: - BIO_printf(bio_c_out,"write R BLOCK\n"); - write_tty=0; - read_ssl=1; - write_ssl=0; - break; - case SSL_ERROR_WANT_X509_LOOKUP: - BIO_printf(bio_c_out,"write X BLOCK\n"); - break; - case SSL_ERROR_ZERO_RETURN: - if (cbuf_len != 0) - { - BIO_printf(bio_c_out,"shutdown\n"); - goto shut; - } - else - { - read_tty=1; - write_ssl=0; - break; - } - - case SSL_ERROR_SYSCALL: - if ((k != 0) || (cbuf_len != 0)) - { - BIO_printf(bio_err,"write:errno=%d\n", - get_last_socket_error()); - goto shut; - } - else - { - read_tty=1; - write_ssl=0; - } - break; - case SSL_ERROR_SSL: - ERR_print_errors(bio_err); - goto shut; - } - } -#ifdef WINDOWS - /* Assume Windows can always write */ - else if (!ssl_pending && write_tty) -#else - else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds)) -#endif - { -#ifdef CHARSET_EBCDIC - ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len); -#endif - i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len); - - if (i <= 0) - { - BIO_printf(bio_c_out,"DONE\n"); - goto shut; - /* goto end; */ - } - - sbuf_len-=i;; - sbuf_off+=i; - if (sbuf_len <= 0) - { - read_ssl=1; - write_tty=0; - } - } - else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds)) - { -#ifdef RENEG -{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } } -#endif -#if 1 - k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ ); -#else -/* Demo for pending and peek :-) */ - k=SSL_read(con,sbuf,16); -{ char zbuf[10240]; -printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240)); -} -#endif - - switch (SSL_get_error(con,k)) - { - case SSL_ERROR_NONE: - if (k <= 0) - goto end; - sbuf_off=0; - sbuf_len=k; - - read_ssl=0; - write_tty=1; - break; - case SSL_ERROR_WANT_WRITE: - BIO_printf(bio_c_out,"read W BLOCK\n"); - write_ssl=1; - read_tty=0; - break; - case SSL_ERROR_WANT_READ: - BIO_printf(bio_c_out,"read R BLOCK\n"); - write_tty=0; - read_ssl=1; - if ((read_tty == 0) && (write_ssl == 0)) - write_ssl=1; - break; - case SSL_ERROR_WANT_X509_LOOKUP: - BIO_printf(bio_c_out,"read X BLOCK\n"); - break; - case SSL_ERROR_SYSCALL: - BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error()); - goto shut; - case SSL_ERROR_ZERO_RETURN: - BIO_printf(bio_c_out,"closed\n"); - goto shut; - case SSL_ERROR_SSL: - ERR_print_errors(bio_err); - goto shut; - /* break; */ - } - } - -#ifdef WINDOWS - else if (_kbhit()) -#else - else if (FD_ISSET(fileno(stdin),&readfds)) -#endif - { - if (crlf) - { - int j, lf_num; - - i=read(fileno(stdin),cbuf,BUFSIZZ/2); - lf_num = 0; - /* both loops are skipped when i <= 0 */ - for (j = 0; j < i; j++) - if (cbuf[j] == '\n') - lf_num++; - for (j = i-1; j >= 0; j--) - { - cbuf[j+lf_num] = cbuf[j]; - if (cbuf[j] == '\n') - { - lf_num--; - i++; - cbuf[j+lf_num] = '\r'; - } - } - assert(lf_num == 0); - } - else - i=read(fileno(stdin),cbuf,BUFSIZZ); - - if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) - { - BIO_printf(bio_err,"DONE\n"); - goto shut; - } - - if ((!c_ign_eof) && (cbuf[0] == 'R')) - { - BIO_printf(bio_err,"RENEGOTIATING\n"); - SSL_renegotiate(con); - cbuf_len=0; - } - else - { - cbuf_len=i; - cbuf_off=0; -#ifdef CHARSET_EBCDIC - ebcdic2ascii(cbuf, cbuf, i); -#endif - } - - write_ssl=1; - read_tty=0; - } - } -shut: - SSL_shutdown(con); - SHUTDOWN(SSL_get_fd(con)); - ret=0; -end: - if(prexit) print_stuff(bio_c_out,con,1); - if (con != NULL) SSL_free(con); - if (con2 != NULL) SSL_free(con2); - if (ctx != NULL) SSL_CTX_free(ctx); - if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); } - if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); } - if (bio_c_out != NULL) - { - BIO_free(bio_c_out); - bio_c_out=NULL; - } - EXIT(ret); - } - - -static void print_stuff(BIO *bio, SSL *s, int full) - { - X509 *peer=NULL; - char *p; - static char *space=" "; - char buf[BUFSIZ]; - STACK_OF(X509) *sk; - STACK_OF(X509_NAME) *sk2; - SSL_CIPHER *c; - X509_NAME *xn; - int j,i; - - if (full) - { - int got_a_chain = 0; - - sk=SSL_get_peer_cert_chain(s); - if (sk != NULL) - { - got_a_chain = 1; /* we don't have it for SSL2 (yet) */ - - BIO_printf(bio,"---\nCertificate chain\n"); - for (i=0; i<sk_X509_num(sk); i++) - { - X509_NAME_oneline(X509_get_subject_name( - sk_X509_value(sk,i)),buf,BUFSIZ); - BIO_printf(bio,"%2d s:%s\n",i,buf); - X509_NAME_oneline(X509_get_issuer_name( - sk_X509_value(sk,i)),buf,BUFSIZ); - BIO_printf(bio," i:%s\n",buf); - if (c_showcerts) - PEM_write_bio_X509(bio,sk_X509_value(sk,i)); - } - } - - BIO_printf(bio,"---\n"); - peer=SSL_get_peer_certificate(s); - if (peer != NULL) - { - BIO_printf(bio,"Server certificate\n"); - if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */ - PEM_write_bio_X509(bio,peer); - X509_NAME_oneline(X509_get_subject_name(peer), - buf,BUFSIZ); - BIO_printf(bio,"subject=%s\n",buf); - X509_NAME_oneline(X509_get_issuer_name(peer), - buf,BUFSIZ); - BIO_printf(bio,"issuer=%s\n",buf); - } - else - BIO_printf(bio,"no peer certificate available\n"); - - sk2=SSL_get_client_CA_list(s); - if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) - { - BIO_printf(bio,"---\nAcceptable client certificate CA names\n"); - for (i=0; i<sk_X509_NAME_num(sk2); i++) - { - xn=sk_X509_NAME_value(sk2,i); - X509_NAME_oneline(xn,buf,sizeof(buf)); - BIO_write(bio,buf,strlen(buf)); - BIO_write(bio,"\n",1); - } - } - else - { - BIO_printf(bio,"---\nNo client certificate CA names sent\n"); - } - p=SSL_get_shared_ciphers(s,buf,BUFSIZ); - if (p != NULL) - { - /* This works only for SSL 2. In later protocol - * versions, the client does not know what other - * ciphers (in addition to the one to be used - * in the current connection) the server supports. */ - - BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n"); - j=i=0; - while (*p) - { - if (*p == ':') - { - BIO_write(bio,space,15-j%25); - i++; - j=0; - BIO_write(bio,((i%3)?" ":"\n"),1); - } - else - { - BIO_write(bio,p,1); - j++; - } - p++; - } - BIO_write(bio,"\n",1); - } - - BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n", - BIO_number_read(SSL_get_rbio(s)), - BIO_number_written(SSL_get_wbio(s))); - } - BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, ")); - c=SSL_get_current_cipher(s); - BIO_printf(bio,"%s, Cipher is %s\n", - SSL_CIPHER_get_version(c), - SSL_CIPHER_get_name(c)); - if (peer != NULL) { - EVP_PKEY *pktmp; - pktmp = X509_get_pubkey(peer); - BIO_printf(bio,"Server public key is %d bit\n", - EVP_PKEY_bits(pktmp)); - EVP_PKEY_free(pktmp); - } - SSL_SESSION_print(bio,SSL_get_session(s)); - BIO_printf(bio,"---\n"); - if (peer != NULL) - X509_free(peer); - } - diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c deleted file mode 100644 index af19b89227a01..0000000000000 --- a/crypto/openssl/apps/s_server.c +++ /dev/null @@ -1,1504 +0,0 @@ -/* apps/s_server.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <assert.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#ifdef NO_STDIO -#define APPS_WIN16 -#endif - -/* With IPv6, it looks like Digital has mixed up the proper order of - recursive header file inclusion, resulting in the compiler complaining - that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which - is needed to have fileno() declared correctly... So let's define u_int */ -#if defined(VMS) && defined(__DECC) && !defined(__U_INT) -#define __U_INT -typedef unsigned int u_int; -#endif - -#include <openssl/lhash.h> -#include <openssl/bn.h> -#define USE_SOCKETS -#include "apps.h" -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/x509.h> -#include <openssl/ssl.h> -#include "s_apps.h" - -#ifdef WINDOWS -#include <conio.h> -#endif - -#if (defined(VMS) && __VMS_VER < 70000000) -/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ -#undef FIONBIO -#endif - -#ifndef NO_RSA -static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); -#endif -static int sv_body(char *hostname, int s, unsigned char *context); -static int www_body(char *hostname, int s, unsigned char *context); -static void close_accept_socket(void ); -static void sv_usage(void); -static int init_ssl_connection(SSL *s); -static void print_stats(BIO *bp,SSL_CTX *ctx); -#ifndef NO_DH -static DH *load_dh_param(char *dhfile); -static DH *get_dh512(void); -#endif -#ifdef MONOLITH -static void s_server_init(void); -#endif - -#ifndef S_ISDIR -# if defined(_S_IFMT) && defined(_S_IFDIR) -# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR) -# else -# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR) -# endif -#endif - -#ifndef NO_DH -static unsigned char dh512_p[]={ - 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, - 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, - 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, - 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, - 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, - 0x47,0x74,0xE8,0x33, - }; -static unsigned char dh512_g[]={ - 0x02, - }; - -static DH *get_dh512(void) - { - DH *dh=NULL; - - if ((dh=DH_new()) == NULL) return(NULL); - dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); - dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); - if ((dh->p == NULL) || (dh->g == NULL)) - return(NULL); - return(dh); - } -#endif - -/* static int load_CA(SSL_CTX *ctx, char *file);*/ - -#undef BUFSIZZ -#define BUFSIZZ 16*1024 -static int bufsize=BUFSIZZ; -static int accept_socket= -1; - -#define TEST_CERT "server.pem" -#undef PROG -#define PROG s_server_main - -extern int verify_depth; - -static char *cipher=NULL; -static int s_server_verify=SSL_VERIFY_NONE; -static int s_server_session_id_context = 1; /* anything will do */ -static char *s_cert_file=TEST_CERT,*s_key_file=NULL; -static char *s_dcert_file=NULL,*s_dkey_file=NULL; -#ifdef FIONBIO -static int s_nbio=0; -#endif -static int s_nbio_test=0; -int s_crlf=0; -static SSL_CTX *ctx=NULL; -static int www=0; - -static BIO *bio_s_out=NULL; -static int s_debug=0; -static int s_quiet=0; - -static int hack=0; - -#ifdef MONOLITH -static void s_server_init(void) - { - accept_socket=-1; - cipher=NULL; - s_server_verify=SSL_VERIFY_NONE; - s_dcert_file=NULL; - s_dkey_file=NULL; - s_cert_file=TEST_CERT; - s_key_file=NULL; -#ifdef FIONBIO - s_nbio=0; -#endif - s_nbio_test=0; - ctx=NULL; - www=0; - - bio_s_out=NULL; - s_debug=0; - s_quiet=0; - hack=0; - } -#endif - -static void sv_usage(void) - { - BIO_printf(bio_err,"usage: s_server [args ...]\n"); - BIO_printf(bio_err,"\n"); - BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT); - BIO_printf(bio_err," -context arg - set session ID context\n"); - BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); - BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); - BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); - BIO_printf(bio_err," (default is %s)\n",TEST_CERT); - BIO_printf(bio_err," -key arg - Private Key file to use, PEM format assumed, in cert file if\n"); - BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); - BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); - BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); - BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); - BIO_printf(bio_err," or a default set of parameters is used\n"); -#ifdef FIONBIO - BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); -#endif - BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n"); - BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); - BIO_printf(bio_err," -debug - Print more output\n"); - BIO_printf(bio_err," -state - Print the SSL states\n"); - BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); - BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); - BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); - BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); - BIO_printf(bio_err," -quiet - No server output\n"); - BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); - BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); - BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); - BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); - BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); - BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); - BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); -#ifndef NO_DH - BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); -#endif - BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); - BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); - BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); - } - -static int local_argc=0; -static char **local_argv; - -#ifdef CHARSET_EBCDIC -static int ebcdic_new(BIO *bi); -static int ebcdic_free(BIO *a); -static int ebcdic_read(BIO *b, char *out, int outl); -static int ebcdic_write(BIO *b, char *in, int inl); -static long ebcdic_ctrl(BIO *b, int cmd, long num, char *ptr); -static int ebcdic_gets(BIO *bp, char *buf, int size); -static int ebcdic_puts(BIO *bp, char *str); - -#define BIO_TYPE_EBCDIC_FILTER (18|0x0200) -static BIO_METHOD methods_ebcdic= - { - BIO_TYPE_EBCDIC_FILTER, - "EBCDIC/ASCII filter", - ebcdic_write, - ebcdic_read, - ebcdic_puts, - ebcdic_gets, - ebcdic_ctrl, - ebcdic_new, - ebcdic_free, - }; - -typedef struct -{ - size_t alloced; - char buff[1]; -} EBCDIC_OUTBUFF; - -BIO_METHOD *BIO_f_ebcdic_filter() -{ - return(&methods_ebcdic); -} - -static int ebcdic_new(BIO *bi) -{ - EBCDIC_OUTBUFF *wbuf; - - wbuf = (EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + 1024); - wbuf->alloced = 1024; - wbuf->buff[0] = '\0'; - - bi->ptr=(char *)wbuf; - bi->init=1; - bi->flags=0; - return(1); -} - -static int ebcdic_free(BIO *a) -{ - if (a == NULL) return(0); - if (a->ptr != NULL) - Free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); -} - -static int ebcdic_read(BIO *b, char *out, int outl) -{ - int ret=0; - - if (out == NULL || outl == 0) return(0); - if (b->next_bio == NULL) return(0); - - ret=BIO_read(b->next_bio,out,outl); - if (ret > 0) - ascii2ebcdic(out,out,ret); - return(ret); -} - -static int ebcdic_write(BIO *b, char *in, int inl) -{ - EBCDIC_OUTBUFF *wbuf; - int ret=0; - int num; - unsigned char n; - - if ((in == NULL) || (inl <= 0)) return(0); - if (b->next_bio == NULL) return(0); - - wbuf=(EBCDIC_OUTBUFF *)b->ptr; - - if (inl > (num = wbuf->alloced)) - { - num = num + num; /* double the size */ - if (num < inl) - num = inl; - Free(wbuf); - wbuf=(EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + num); - - wbuf->alloced = num; - wbuf->buff[0] = '\0'; - - b->ptr=(char *)wbuf; - } - - ebcdic2ascii(wbuf->buff, in, inl); - - ret=BIO_write(b->next_bio, wbuf->buff, inl); - - return(ret); -} - -static long ebcdic_ctrl(BIO *b, int cmd, long num, char *ptr) -{ - long ret; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - case BIO_CTRL_DUP: - ret=0L; - break; - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); -} - -static int ebcdic_gets(BIO *bp, char *buf, int size) -{ - int i, ret; - if (bp->next_bio == NULL) return(0); -/* return(BIO_gets(bp->next_bio,buf,size));*/ - for (i=0; i<size-1; ++i) - { - ret = ebcdic_read(bp,&buf[i],1); - if (ret <= 0) - break; - else if (buf[i] == '\n') - { - ++i; - break; - } - } - if (i < size) - buf[i] = '\0'; - return (ret < 0 && i == 0) ? ret : i; -} - -static int ebcdic_puts(BIO *bp, char *str) -{ - if (bp->next_bio == NULL) return(0); - return ebcdic_write(bp, str, strlen(str)); -} -#endif - -int MAIN(int, char **); - -int MAIN(int argc, char *argv[]) - { - short port=PORT; - char *CApath=NULL,*CAfile=NULL; - char *context = NULL; - char *dhfile = NULL; - int badop=0,bugs=0; - int ret=1; - int off=0; - int no_tmp_rsa=0,no_dhe=0,nocert=0; - int state=0; - SSL_METHOD *meth=NULL; -#ifndef NO_DH - DH *dh=NULL; -#endif - -#if !defined(NO_SSL2) && !defined(NO_SSL3) - meth=SSLv23_server_method(); -#elif !defined(NO_SSL3) - meth=SSLv3_server_method(); -#elif !defined(NO_SSL2) - meth=SSLv2_server_method(); -#endif - - local_argc=argc; - local_argv=argv; - - apps_startup(); -#ifdef MONOLITH - s_server_init(); -#endif - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - verify_depth=0; -#ifdef FIONBIO - s_nbio=0; -#endif - s_nbio_test=0; - - argc--; - argv++; - - while (argc >= 1) - { - if ((strcmp(*argv,"-port") == 0) || - (strcmp(*argv,"-accept") == 0)) - { - if (--argc < 1) goto bad; - if (!extract_port(*(++argv),&port)) - goto bad; - } - else if (strcmp(*argv,"-verify") == 0) - { - s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE; - if (--argc < 1) goto bad; - verify_depth=atoi(*(++argv)); - BIO_printf(bio_err,"verify depth is %d\n",verify_depth); - } - else if (strcmp(*argv,"-Verify") == 0) - { - s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| - SSL_VERIFY_CLIENT_ONCE; - if (--argc < 1) goto bad; - verify_depth=atoi(*(++argv)); - BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth); - } - else if (strcmp(*argv,"-context") == 0) - { - if (--argc < 1) goto bad; - context= *(++argv); - } - else if (strcmp(*argv,"-cert") == 0) - { - if (--argc < 1) goto bad; - s_cert_file= *(++argv); - } - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - s_key_file= *(++argv); - } - else if (strcmp(*argv,"-dhparam") == 0) - { - if (--argc < 1) goto bad; - dhfile = *(++argv); - } - else if (strcmp(*argv,"-dcert") == 0) - { - if (--argc < 1) goto bad; - s_dcert_file= *(++argv); - } - else if (strcmp(*argv,"-dkey") == 0) - { - if (--argc < 1) goto bad; - s_dkey_file= *(++argv); - } - else if (strcmp(*argv,"-nocert") == 0) - { - nocert=1; - } - else if (strcmp(*argv,"-CApath") == 0) - { - if (--argc < 1) goto bad; - CApath= *(++argv); - } - else if (strcmp(*argv,"-cipher") == 0) - { - if (--argc < 1) goto bad; - cipher= *(++argv); - } - else if (strcmp(*argv,"-CAfile") == 0) - { - if (--argc < 1) goto bad; - CAfile= *(++argv); - } -#ifdef FIONBIO - else if (strcmp(*argv,"-nbio") == 0) - { s_nbio=1; } -#endif - else if (strcmp(*argv,"-nbio_test") == 0) - { -#ifdef FIONBIO - s_nbio=1; -#endif - s_nbio_test=1; - } - else if (strcmp(*argv,"-debug") == 0) - { s_debug=1; } - else if (strcmp(*argv,"-hack") == 0) - { hack=1; } - else if (strcmp(*argv,"-state") == 0) - { state=1; } - else if (strcmp(*argv,"-crlf") == 0) - { s_crlf=1; } - else if (strcmp(*argv,"-quiet") == 0) - { s_quiet=1; } - else if (strcmp(*argv,"-bugs") == 0) - { bugs=1; } - else if (strcmp(*argv,"-no_tmp_rsa") == 0) - { no_tmp_rsa=1; } - else if (strcmp(*argv,"-no_dhe") == 0) - { no_dhe=1; } - else if (strcmp(*argv,"-www") == 0) - { www=1; } - else if (strcmp(*argv,"-WWW") == 0) - { www=2; } - else if (strcmp(*argv,"-no_ssl2") == 0) - { off|=SSL_OP_NO_SSLv2; } - else if (strcmp(*argv,"-no_ssl3") == 0) - { off|=SSL_OP_NO_SSLv3; } - else if (strcmp(*argv,"-no_tls1") == 0) - { off|=SSL_OP_NO_TLSv1; } -#ifndef NO_SSL2 - else if (strcmp(*argv,"-ssl2") == 0) - { meth=SSLv2_server_method(); } -#endif -#ifndef NO_SSL3 - else if (strcmp(*argv,"-ssl3") == 0) - { meth=SSLv3_server_method(); } -#endif -#ifndef NO_TLS1 - else if (strcmp(*argv,"-tls1") == 0) - { meth=TLSv1_server_method(); } -#endif - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badop=1; - break; - } - argc--; - argv++; - } - if (badop) - { -bad: - sv_usage(); - goto end; - } - - app_RAND_load_file(NULL, bio_err, 0); - - if (bio_s_out == NULL) - { - if (s_quiet && !s_debug) - { - bio_s_out=BIO_new(BIO_s_null()); - } - else - { - if (bio_s_out == NULL) - bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE); - } - } - -#if !defined(NO_RSA) || !defined(NO_DSA) - if (nocert) -#endif - { - s_cert_file=NULL; - s_key_file=NULL; - s_dcert_file=NULL; - s_dkey_file=NULL; - } - - SSL_load_error_strings(); - OpenSSL_add_ssl_algorithms(); - - ctx=SSL_CTX_new(meth); - if (ctx == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - SSL_CTX_set_quiet_shutdown(ctx,1); - if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); - if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); - SSL_CTX_set_options(ctx,off); - if (hack) SSL_CTX_set_options(ctx,SSL_OP_NON_EXPORT_FIRST); - - if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); - - SSL_CTX_sess_set_cache_size(ctx,128); - -#if 0 - if (cipher == NULL) cipher=getenv("SSL_CIPHER"); -#endif - -#if 0 - if (s_cert_file == NULL) - { - BIO_printf(bio_err,"You must specify a certificate file for the server to use\n"); - goto end; - } -#endif - - if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || - (!SSL_CTX_set_default_verify_paths(ctx))) - { - /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ - ERR_print_errors(bio_err); - /* goto end; */ - } - -#ifndef NO_DH - if (!no_dhe) - { - dh=load_dh_param(dhfile ? dhfile : s_cert_file); - if (dh != NULL) - { - BIO_printf(bio_s_out,"Setting temp DH parameters\n"); - } - else - { - BIO_printf(bio_s_out,"Using default temp DH parameters\n"); - dh=get_dh512(); - } - (void)BIO_flush(bio_s_out); - - SSL_CTX_set_tmp_dh(ctx,dh); - DH_free(dh); - } -#endif - - if (!set_cert_stuff(ctx,s_cert_file,s_key_file)) - goto end; - if (s_dcert_file != NULL) - { - if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file)) - goto end; - } - -#ifndef NO_RSA -#if 1 - SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); -#else - if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) - { - RSA *rsa; - - BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key..."); - BIO_flush(bio_s_out); - - rsa=RSA_generate_key(512,RSA_F4,NULL); - - if (!SSL_CTX_set_tmp_rsa(ctx,rsa)) - { - ERR_print_errors(bio_err); - goto end; - } - RSA_free(rsa); - BIO_printf(bio_s_out,"\n"); - } -#endif -#endif - - if (cipher != NULL) - if(!SSL_CTX_set_cipher_list(ctx,cipher)) { - BIO_printf(bio_err,"error setting cipher list\n"); - ERR_print_errors(bio_err); - goto end; - } - SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); - SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context, - sizeof s_server_session_id_context); - - if (CAfile != NULL) - SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); - - BIO_printf(bio_s_out,"ACCEPT\n"); - if (www) - do_server(port,&accept_socket,www_body, context); - else - do_server(port,&accept_socket,sv_body, context); - print_stats(bio_s_out,ctx); - ret=0; -end: - if (ctx != NULL) SSL_CTX_free(ctx); - if (bio_s_out != NULL) - { - BIO_free(bio_s_out); - bio_s_out=NULL; - } - EXIT(ret); - } - -static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) - { - BIO_printf(bio,"%4ld items in the session cache\n", - SSL_CTX_sess_number(ssl_ctx)); - BIO_printf(bio,"%4d client connects (SSL_connect())\n", - SSL_CTX_sess_connect(ssl_ctx)); - BIO_printf(bio,"%4d client renegotiates (SSL_connect())\n", - SSL_CTX_sess_connect_renegotiate(ssl_ctx)); - BIO_printf(bio,"%4d client connects that finished\n", - SSL_CTX_sess_connect_good(ssl_ctx)); - BIO_printf(bio,"%4d server accepts (SSL_accept())\n", - SSL_CTX_sess_accept(ssl_ctx)); - BIO_printf(bio,"%4d server renegotiates (SSL_accept())\n", - SSL_CTX_sess_accept_renegotiate(ssl_ctx)); - BIO_printf(bio,"%4d server accepts that finished\n", - SSL_CTX_sess_accept_good(ssl_ctx)); - BIO_printf(bio,"%4d session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); - BIO_printf(bio,"%4d session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); - BIO_printf(bio,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); - BIO_printf(bio,"%4d callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); - BIO_printf(bio,"%4d cache full overflows (%d allowed)\n", - SSL_CTX_sess_cache_full(ssl_ctx), - SSL_CTX_sess_get_cache_size(ssl_ctx)); - } - -static int sv_body(char *hostname, int s, unsigned char *context) - { - char *buf=NULL; - fd_set readfds; - int ret=1,width; - int k,i; - unsigned long l; - SSL *con=NULL; - BIO *sbio; -#ifdef WINDOWS - struct timeval tv; -#endif - - if ((buf=Malloc(bufsize)) == NULL) - { - BIO_printf(bio_err,"out of memory\n"); - goto err; - } -#ifdef FIONBIO - if (s_nbio) - { - unsigned long sl=1; - - if (!s_quiet) - BIO_printf(bio_err,"turning on non blocking io\n"); - if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) - ERR_print_errors(bio_err); - } -#endif - - if (con == NULL) { - con=SSL_new(ctx); - if(context) - SSL_set_session_id_context(con, context, - strlen((char *)context)); - } - SSL_clear(con); - - sbio=BIO_new_socket(s,BIO_NOCLOSE); - if (s_nbio_test) - { - BIO *test; - - test=BIO_new(BIO_f_nbio_test()); - sbio=BIO_push(test,sbio); - } - SSL_set_bio(con,sbio,sbio); - SSL_set_accept_state(con); - /* SSL_set_fd(con,s); */ - - if (s_debug) - { - con->debug=1; - BIO_set_callback(SSL_get_rbio(con),bio_dump_cb); - BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out); - } - - width=s+1; - for (;;) - { - int read_from_terminal; - int read_from_sslcon; - - read_from_terminal = 0; - read_from_sslcon = SSL_pending(con); - - if (!read_from_sslcon) - { - FD_ZERO(&readfds); -#ifndef WINDOWS - FD_SET(fileno(stdin),&readfds); -#endif - FD_SET(s,&readfds); - /* Note: under VMS with SOCKETSHR the second parameter is - * currently of type (int *) whereas under other systems - * it is (void *) if you don't have a cast it will choke - * the compiler: if you do have a cast then you can either - * go for (int *) or (void *). - */ -#ifdef WINDOWS - /* Under Windows we can't select on stdin: only - * on sockets. As a workaround we timeout the select every - * second and check for any keypress. In a proper Windows - * application we wouldn't do this because it is inefficient. - */ - tv.tv_sec = 1; - tv.tv_usec = 0; - i=select(width,(void *)&readfds,NULL,NULL,&tv); - if((i < 0) || (!i && !_kbhit() ) )continue; - if(_kbhit()) - read_from_terminal = 1; -#else - i=select(width,(void *)&readfds,NULL,NULL,NULL); - if (i <= 0) continue; - if (FD_ISSET(fileno(stdin),&readfds)) - read_from_terminal = 1; -#endif - if (FD_ISSET(s,&readfds)) - read_from_sslcon = 1; - } - if (read_from_terminal) - { - if (s_crlf) - { - int j, lf_num; - - i=read(fileno(stdin), buf, bufsize/2); - lf_num = 0; - /* both loops are skipped when i <= 0 */ - for (j = 0; j < i; j++) - if (buf[j] == '\n') - lf_num++; - for (j = i-1; j >= 0; j--) - { - buf[j+lf_num] = buf[j]; - if (buf[j] == '\n') - { - lf_num--; - i++; - buf[j+lf_num] = '\r'; - } - } - assert(lf_num == 0); - } - else - i=read(fileno(stdin),buf,bufsize); - if (!s_quiet) - { - if ((i <= 0) || (buf[0] == 'Q')) - { - BIO_printf(bio_s_out,"DONE\n"); - SHUTDOWN(s); - close_accept_socket(); - ret= -11; - goto err; - } - if ((i <= 0) || (buf[0] == 'q')) - { - BIO_printf(bio_s_out,"DONE\n"); - SHUTDOWN(s); - /* close_accept_socket(); - ret= -11;*/ - goto err; - } - if ((buf[0] == 'r') && - ((buf[1] == '\n') || (buf[1] == '\r'))) - { - SSL_renegotiate(con); - i=SSL_do_handshake(con); - printf("SSL_do_handshake -> %d\n",i); - i=0; /*13; */ - continue; - /* strcpy(buf,"server side RE-NEGOTIATE\n"); */ - } - if ((buf[0] == 'R') && - ((buf[1] == '\n') || (buf[1] == '\r'))) - { - SSL_set_verify(con, - SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); - SSL_renegotiate(con); - i=SSL_do_handshake(con); - printf("SSL_do_handshake -> %d\n",i); - i=0; /* 13; */ - continue; - /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */ - } - if (buf[0] == 'P') - { - static char *str="Lets print some clear text\n"; - BIO_write(SSL_get_wbio(con),str,strlen(str)); - } - if (buf[0] == 'S') - { - print_stats(bio_s_out,SSL_get_SSL_CTX(con)); - } - } -#ifdef CHARSET_EBCDIC - ebcdic2ascii(buf,buf,i); -#endif - l=k=0; - for (;;) - { - /* should do a select for the write */ -#ifdef RENEG -{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } } -#endif - k=SSL_write(con,&(buf[l]),(unsigned int)i); - switch (SSL_get_error(con,k)) - { - case SSL_ERROR_NONE: - break; - case SSL_ERROR_WANT_WRITE: - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_X509_LOOKUP: - BIO_printf(bio_s_out,"Write BLOCK\n"); - break; - case SSL_ERROR_SYSCALL: - case SSL_ERROR_SSL: - BIO_printf(bio_s_out,"ERROR\n"); - ERR_print_errors(bio_err); - ret=1; - goto err; - /* break; */ - case SSL_ERROR_ZERO_RETURN: - BIO_printf(bio_s_out,"DONE\n"); - ret=1; - goto err; - } - l+=k; - i-=k; - if (i <= 0) break; - } - } - if (read_from_sslcon) - { - if (!SSL_is_init_finished(con)) - { - i=init_ssl_connection(con); - - if (i < 0) - { - ret=0; - goto err; - } - else if (i == 0) - { - ret=1; - goto err; - } - } - else - { -again: - i=SSL_read(con,(char *)buf,bufsize); - switch (SSL_get_error(con,i)) - { - case SSL_ERROR_NONE: -#ifdef CHARSET_EBCDIC - ascii2ebcdic(buf,buf,i); -#endif - write(fileno(stdout),buf, - (unsigned int)i); - if (SSL_pending(con)) goto again; - break; - case SSL_ERROR_WANT_WRITE: - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_X509_LOOKUP: - BIO_printf(bio_s_out,"Read BLOCK\n"); - break; - case SSL_ERROR_SYSCALL: - case SSL_ERROR_SSL: - BIO_printf(bio_s_out,"ERROR\n"); - ERR_print_errors(bio_err); - ret=1; - goto err; - case SSL_ERROR_ZERO_RETURN: - BIO_printf(bio_s_out,"DONE\n"); - ret=1; - goto err; - } - } - } - } -err: - BIO_printf(bio_s_out,"shutting down SSL\n"); -#if 1 - SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); -#else - SSL_shutdown(con); -#endif - if (con != NULL) SSL_free(con); - BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); - if (buf != NULL) - { - memset(buf,0,bufsize); - Free(buf); - } - if (ret >= 0) - BIO_printf(bio_s_out,"ACCEPT\n"); - return(ret); - } - -static void close_accept_socket(void) - { - BIO_printf(bio_err,"shutdown accept socket\n"); - if (accept_socket >= 0) - { - SHUTDOWN2(accept_socket); - } - } - -static int init_ssl_connection(SSL *con) - { - int i; - const char *str; - X509 *peer; - long verify_error; - MS_STATIC char buf[BUFSIZ]; - - if ((i=SSL_accept(con)) <= 0) - { - if (BIO_sock_should_retry(i)) - { - BIO_printf(bio_s_out,"DELAY\n"); - return(1); - } - - BIO_printf(bio_err,"ERROR\n"); - verify_error=SSL_get_verify_result(con); - if (verify_error != X509_V_OK) - { - BIO_printf(bio_err,"verify error:%s\n", - X509_verify_cert_error_string(verify_error)); - } - else - ERR_print_errors(bio_err); - return(0); - } - - PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con)); - - peer=SSL_get_peer_certificate(con); - if (peer != NULL) - { - BIO_printf(bio_s_out,"Client certificate\n"); - PEM_write_bio_X509(bio_s_out,peer); - X509_NAME_oneline(X509_get_subject_name(peer),buf,BUFSIZ); - BIO_printf(bio_s_out,"subject=%s\n",buf); - X509_NAME_oneline(X509_get_issuer_name(peer),buf,BUFSIZ); - BIO_printf(bio_s_out,"issuer=%s\n",buf); - X509_free(peer); - } - - if (SSL_get_shared_ciphers(con,buf,BUFSIZ) != NULL) - BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); - str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); - BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); - if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n"); - if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & - TLS1_FLAGS_TLS_PADDING_BUG) - BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n"); - - return(1); - } - -#ifndef NO_DH -static DH *load_dh_param(char *dhfile) - { - DH *ret=NULL; - BIO *bio; - - if ((bio=BIO_new_file(dhfile,"r")) == NULL) - goto err; - ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL); -err: - if (bio != NULL) BIO_free(bio); - return(ret); - } -#endif - -#if 0 -static int load_CA(SSL_CTX *ctx, char *file) - { - FILE *in; - X509 *x=NULL; - - if ((in=fopen(file,"r")) == NULL) - return(0); - - for (;;) - { - if (PEM_read_X509(in,&x,NULL) == NULL) - break; - SSL_CTX_add_client_CA(ctx,x); - } - if (x != NULL) X509_free(x); - fclose(in); - return(1); - } -#endif - -static int www_body(char *hostname, int s, unsigned char *context) - { - char *buf=NULL; - int ret=1; - int i,j,k,blank,dot; - struct stat st_buf; - SSL *con; - SSL_CIPHER *c; - BIO *io,*ssl_bio,*sbio; - long total_bytes; - - buf=Malloc(bufsize); - if (buf == NULL) return(0); - io=BIO_new(BIO_f_buffer()); - ssl_bio=BIO_new(BIO_f_ssl()); - if ((io == NULL) || (ssl_bio == NULL)) goto err; - -#ifdef FIONBIO - if (s_nbio) - { - unsigned long sl=1; - - if (!s_quiet) - BIO_printf(bio_err,"turning on non blocking io\n"); - if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) - ERR_print_errors(bio_err); - } -#endif - - /* lets make the output buffer a reasonable size */ - if (!BIO_set_write_buffer_size(io,bufsize)) goto err; - - if ((con=SSL_new(ctx)) == NULL) goto err; - if(context) SSL_set_session_id_context(con, context, - strlen((char *)context)); - - sbio=BIO_new_socket(s,BIO_NOCLOSE); - if (s_nbio_test) - { - BIO *test; - - test=BIO_new(BIO_f_nbio_test()); - sbio=BIO_push(test,sbio); - } - SSL_set_bio(con,sbio,sbio); - SSL_set_accept_state(con); - - /* SSL_set_fd(con,s); */ - BIO_set_ssl(ssl_bio,con,BIO_CLOSE); - BIO_push(io,ssl_bio); -#ifdef CHARSET_EBCDIC - io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io); -#endif - - if (s_debug) - { - con->debug=1; - BIO_set_callback(SSL_get_rbio(con),bio_dump_cb); - BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out); - } - - blank=0; - for (;;) - { - if (hack) - { - i=SSL_accept(con); - - switch (SSL_get_error(con,i)) - { - case SSL_ERROR_NONE: - break; - case SSL_ERROR_WANT_WRITE: - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_X509_LOOKUP: - continue; - case SSL_ERROR_SYSCALL: - case SSL_ERROR_SSL: - case SSL_ERROR_ZERO_RETURN: - ret=1; - goto err; - /* break; */ - } - - SSL_renegotiate(con); - SSL_write(con,NULL,0); - } - - i=BIO_gets(io,buf,bufsize-1); - if (i < 0) /* error */ - { - if (!BIO_should_retry(io)) - { - if (!s_quiet) - ERR_print_errors(bio_err); - goto err; - } - else - { - BIO_printf(bio_s_out,"read R BLOCK\n"); -#ifndef MSDOS - sleep(1); -#endif - continue; - } - } - else if (i == 0) /* end of input */ - { - ret=1; - goto end; - } - - /* else we have data */ - if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) || - ((www == 2) && (strncmp("GET /stats ",buf,10) == 0))) - { - char *p; - X509 *peer; - STACK_OF(SSL_CIPHER) *sk; - static char *space=" "; - - BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); - BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n"); - BIO_puts(io,"<pre>\n"); -/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ - BIO_puts(io,"\n"); - for (i=0; i<local_argc; i++) - { - BIO_puts(io,local_argv[i]); - BIO_write(io," ",1); - } - BIO_puts(io,"\n"); - - /* The following is evil and should not really - * be done */ - BIO_printf(io,"Ciphers supported in s_server binary\n"); - sk=SSL_get_ciphers(con); - j=sk_SSL_CIPHER_num(sk); - for (i=0; i<j; i++) - { - c=sk_SSL_CIPHER_value(sk,i); - BIO_printf(io,"%-11s:%-25s", - SSL_CIPHER_get_version(c), - SSL_CIPHER_get_name(c)); - if ((((i+1)%2) == 0) && (i+1 != j)) - BIO_puts(io,"\n"); - } - BIO_puts(io,"\n"); - p=SSL_get_shared_ciphers(con,buf,bufsize); - if (p != NULL) - { - BIO_printf(io,"---\nCiphers common between both SSL end points:\n"); - j=i=0; - while (*p) - { - if (*p == ':') - { - BIO_write(io,space,26-j); - i++; - j=0; - BIO_write(io,((i%3)?" ":"\n"),1); - } - else - { - BIO_write(io,p,1); - j++; - } - p++; - } - BIO_puts(io,"\n"); - } - BIO_printf(io,((con->hit) - ?"---\nReused, " - :"---\nNew, ")); - c=SSL_get_current_cipher(con); - BIO_printf(io,"%s, Cipher is %s\n", - SSL_CIPHER_get_version(c), - SSL_CIPHER_get_name(c)); - SSL_SESSION_print(io,SSL_get_session(con)); - BIO_printf(io,"---\n"); - print_stats(io,SSL_get_SSL_CTX(con)); - BIO_printf(io,"---\n"); - peer=SSL_get_peer_certificate(con); - if (peer != NULL) - { - BIO_printf(io,"Client certificate\n"); - X509_print(io,peer); - PEM_write_bio_X509(io,peer); - } - else - BIO_puts(io,"no client certificate available\n"); - BIO_puts(io,"</BODY></HTML>\r\n\r\n"); - break; - } - else if ((www == 2) && (strncmp("GET /",buf,5) == 0)) - { - BIO *file; - char *p,*e; - static char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; - - /* skip the '/' */ - p= &(buf[5]); - dot=0; - for (e=p; *e != '\0'; e++) - { - if (e[0] == ' ') break; - if ( (e[0] == '.') && - (strncmp(&(e[-1]),"/../",4) == 0)) - dot=1; - } - - - if (*e == '\0') - { - BIO_puts(io,text); - BIO_printf(io,"'%s' is an invalid file name\r\n",p); - break; - } - *e='\0'; - - if (dot) - { - BIO_puts(io,text); - BIO_printf(io,"'%s' contains '..' reference\r\n",p); - break; - } - - if (*p == '/') - { - BIO_puts(io,text); - BIO_printf(io,"'%s' is an invalid path\r\n",p); - break; - } - - /* append if a directory lookup */ - if (e[-1] == '/') - strcat(p,"index.html"); - - /* if a directory, do the index thang */ - if (stat(p,&st_buf) < 0) - { - BIO_puts(io,text); - BIO_printf(io,"Error accessing '%s'\r\n",p); - ERR_print_errors(io); - break; - } - if (S_ISDIR(st_buf.st_mode)) - { - strcat(p,"/index.html"); - } - - if ((file=BIO_new_file(p,"r")) == NULL) - { - BIO_puts(io,text); - BIO_printf(io,"Error opening '%s'\r\n",p); - ERR_print_errors(io); - break; - } - - if (!s_quiet) - BIO_printf(bio_err,"FILE:%s\n",p); - - i=strlen(p); - if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) || - ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) || - ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0))) - BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); - else - BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); - /* send the file */ - total_bytes=0; - for (;;) - { - i=BIO_read(file,buf,bufsize); - if (i <= 0) break; - -#ifdef RENEG - total_bytes+=i; - fprintf(stderr,"%d\n",i); - if (total_bytes > 3*1024) - { - total_bytes=0; - fprintf(stderr,"RENEGOTIATE\n"); - SSL_renegotiate(con); - } -#endif - - for (j=0; j<i; ) - { -#ifdef RENEG -{ static count=0; if (++count == 13) { SSL_renegotiate(con); } } -#endif - k=BIO_write(io,&(buf[j]),i-j); - if (k <= 0) - { - if (!BIO_should_retry(io)) - goto write_error; - else - { - BIO_printf(bio_s_out,"rwrite W BLOCK\n"); - } - } - else - { - j+=k; - } - } - } -write_error: - BIO_free(file); - break; - } - } - - for (;;) - { - i=(int)BIO_flush(io); - if (i <= 0) - { - if (!BIO_should_retry(io)) - break; - } - else - break; - } -end: -#if 1 - /* make sure we re-use sessions */ - SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); -#else - /* This kills performance */ -/* SSL_shutdown(con); A shutdown gets sent in the - * BIO_free_all(io) procession */ -#endif - -err: - - if (ret >= 0) - BIO_printf(bio_s_out,"ACCEPT\n"); - - if (buf != NULL) Free(buf); - if (io != NULL) BIO_free_all(io); -/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ - return(ret); - } - -#ifndef NO_RSA -static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) - { - static RSA *rsa_tmp=NULL; - - if (rsa_tmp == NULL) - { - if (!s_quiet) - { - BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); - (void)BIO_flush(bio_err); - } - rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL); - if (!s_quiet) - { - BIO_printf(bio_err,"\n"); - (void)BIO_flush(bio_err); - } - } - return(rsa_tmp); - } -#endif diff --git a/crypto/openssl/apps/s_socket.c b/crypto/openssl/apps/s_socket.c deleted file mode 100644 index 081b1a57d1745..0000000000000 --- a/crypto/openssl/apps/s_socket.c +++ /dev/null @@ -1,540 +0,0 @@ -/* apps/s_socket.c - socket-related functions used by s_client and s_server */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <errno.h> -#include <signal.h> - -/* With IPv6, it looks like Digital has mixed up the proper order of - recursive header file inclusion, resulting in the compiler complaining - that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which - is needed to have fileno() declared correctly... So let's define u_int */ -#if defined(VMS) && defined(__DECC) && !defined(__U_INT) -#define __U_INT -typedef unsigned int u_int; -#endif - -#define USE_SOCKETS -#define NON_MAIN -#include "apps.h" -#undef USE_SOCKETS -#undef NON_MAIN -#include "s_apps.h" -#include <openssl/ssl.h> - -static struct hostent *GetHostByName(char *name); -#ifdef WINDOWS -static void sock_cleanup(void); -#endif -static int sock_init(void); -static int init_client_ip(int *sock,unsigned char ip[4], int port); -static int init_server(int *sock, int port); -static int init_server_long(int *sock, int port,char *ip); -static int do_accept(int acc_sock, int *sock, char **host); -static int host_ip(char *str, unsigned char ip[4]); - -#ifdef WIN16 -#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -#else -#define SOCKET_PROTOCOL IPPROTO_TCP -#endif - -#ifdef WINDOWS -static struct WSAData wsa_state; -static int wsa_init_done=0; - -#ifdef WIN16 -static HWND topWnd=0; -static FARPROC lpTopWndProc=NULL; -static FARPROC lpTopHookProc=NULL; -extern HINSTANCE _hInstance; /* nice global CRT provides */ - -static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam, - LPARAM lParam) - { - if (hwnd == topWnd) - { - switch(message) - { - case WM_DESTROY: - case WM_CLOSE: - SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc); - sock_cleanup(); - break; - } - } - return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam); - } - -static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam) - { - topWnd=hwnd; - return(FALSE); - } - -#endif /* WIN32 */ -#endif /* WINDOWS */ - -#ifdef WINDOWS -static void sock_cleanup(void) - { - if (wsa_init_done) - { - wsa_init_done=0; - WSACancelBlockingCall(); - WSACleanup(); - } - } -#endif - -static int sock_init(void) - { -#ifdef WINDOWS - if (!wsa_init_done) - { - int err; - -#ifdef SIGINT - signal(SIGINT,(void (*)(int))sock_cleanup); -#endif - wsa_init_done=1; - memset(&wsa_state,0,sizeof(wsa_state)); - if (WSAStartup(0x0101,&wsa_state)!=0) - { - err=WSAGetLastError(); - BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err); - return(0); - } - -#ifdef WIN16 - EnumTaskWindows(GetCurrentTask(),enumproc,0L); - lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC); - lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance); - - SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc); -#endif /* WIN16 */ - } -#endif /* WINDOWS */ - return(1); - } - -int init_client(int *sock, char *host, int port) - { - unsigned char ip[4]; - short p=0; - - if (!host_ip(host,&(ip[0]))) - { - return(0); - } - if (p != 0) port=p; - return(init_client_ip(sock,ip,port)); - } - -static int init_client_ip(int *sock, unsigned char ip[4], int port) - { - unsigned long addr; - struct sockaddr_in them; - int s,i; - - if (!sock_init()) return(0); - - memset((char *)&them,0,sizeof(them)); - them.sin_family=AF_INET; - them.sin_port=htons((unsigned short)port); - addr=(unsigned long) - ((unsigned long)ip[0]<<24L)| - ((unsigned long)ip[1]<<16L)| - ((unsigned long)ip[2]<< 8L)| - ((unsigned long)ip[3]); - them.sin_addr.s_addr=htonl(addr); - - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); - if (s == INVALID_SOCKET) { perror("socket"); return(0); } - - i=0; - i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); - if (i < 0) { perror("keepalive"); return(0); } - - if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) - { close(s); perror("connect"); return(0); } - *sock=s; - return(1); - } - -int do_server(int port, int *ret, int (*cb)(), char *context) - { - int sock; - char *name; - int accept_socket; - int i; - - if (!init_server(&accept_socket,port)) return(0); - - if (ret != NULL) - { - *ret=accept_socket; - /* return(1);*/ - } - for (;;) - { - if (do_accept(accept_socket,&sock,&name) == 0) - { - SHUTDOWN(accept_socket); - return(0); - } - i=(*cb)(name,sock, context); - if (name != NULL) Free(name); - SHUTDOWN2(sock); - if (i < 0) - { - SHUTDOWN2(accept_socket); - return(i); - } - } - } - -static int init_server_long(int *sock, int port, char *ip) - { - int ret=0; - struct sockaddr_in server; - int s= -1,i; - - if (!sock_init()) return(0); - - memset((char *)&server,0,sizeof(server)); - server.sin_family=AF_INET; - server.sin_port=htons((unsigned short)port); - if (ip == NULL) - server.sin_addr.s_addr=INADDR_ANY; - else -/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ -#ifndef BIT_FIELD_LIMITS - memcpy(&server.sin_addr.s_addr,ip,4); -#else - memcpy(&server.sin_addr,ip,4); -#endif - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); - - if (s == INVALID_SOCKET) goto err; -#if defined SOL_SOCKET && defined SO_REUSEADDR - { - int j = 1; - setsockopt(s, SOL_SOCKET, SO_REUSEADDR, - (void *) &j, sizeof j); - } -#endif - if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) - { -#ifndef WINDOWS - perror("bind"); -#endif - goto err; - } - /* Make it 128 for linux */ - if (listen(s,128) == -1) goto err; - i=0; - *sock=s; - ret=1; -err: - if ((ret == 0) && (s != -1)) - { - SHUTDOWN(s); - } - return(ret); - } - -static int init_server(int *sock, int port) - { - return(init_server_long(sock, port, NULL)); - } - -static int do_accept(int acc_sock, int *sock, char **host) - { - int ret,i; - struct hostent *h1,*h2; - static struct sockaddr_in from; - int len; -/* struct linger ling; */ - - if (!sock_init()) return(0); - -#ifndef WINDOWS -redoit: -#endif - - memset((char *)&from,0,sizeof(from)); - len=sizeof(from); - /* Note: under VMS with SOCKETSHR the fourth parameter is currently - * of type (int *) whereas under other systems it is (void *) if - * you don't have a cast it will choke the compiler: if you do - * have a cast then you can either go for (int *) or (void *). - */ - ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len); - if (ret == INVALID_SOCKET) - { -#ifdef WINDOWS - i=WSAGetLastError(); - BIO_printf(bio_err,"accept error %d\n",i); -#else - if (errno == EINTR) - { - /*check_timeout(); */ - goto redoit; - } - fprintf(stderr,"errno=%d ",errno); - perror("accept"); -#endif - return(0); - } - -/* - ling.l_onoff=1; - ling.l_linger=0; - i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling)); - if (i < 0) { perror("linger"); return(0); } - i=0; - i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); - if (i < 0) { perror("keepalive"); return(0); } -*/ - - if (host == NULL) goto end; -#ifndef BIT_FIELD_LIMITS - /* I should use WSAAsyncGetHostByName() under windows */ - h1=gethostbyaddr((char *)&from.sin_addr.s_addr, - sizeof(from.sin_addr.s_addr),AF_INET); -#else - h1=gethostbyaddr((char *)&from.sin_addr, - sizeof(struct in_addr),AF_INET); -#endif - if (h1 == NULL) - { - BIO_printf(bio_err,"bad gethostbyaddr\n"); - *host=NULL; - /* return(0); */ - } - else - { - if ((*host=(char *)Malloc(strlen(h1->h_name)+1)) == NULL) - { - perror("Malloc"); - return(0); - } - strcpy(*host,h1->h_name); - - h2=GetHostByName(*host); - if (h2 == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - return(0); - } - i=0; - if (h2->h_addrtype != AF_INET) - { - BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); - return(0); - } - } -end: - *sock=ret; - return(1); - } - -int extract_host_port(char *str, char **host_ptr, unsigned char *ip, - short *port_ptr) - { - char *h,*p; - - h=str; - p=strchr(str,':'); - if (p == NULL) - { - BIO_printf(bio_err,"no port defined\n"); - return(0); - } - *(p++)='\0'; - - if ((ip != NULL) && !host_ip(str,ip)) - goto err; - if (host_ptr != NULL) *host_ptr=h; - - if (!extract_port(p,port_ptr)) - goto err; - return(1); -err: - return(0); - } - -static int host_ip(char *str, unsigned char ip[4]) - { - unsigned int in[4]; - int i; - - if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4) - { - for (i=0; i<4; i++) - if (in[i] > 255) - { - BIO_printf(bio_err,"invalid IP address\n"); - goto err; - } - ip[0]=in[0]; - ip[1]=in[1]; - ip[2]=in[2]; - ip[3]=in[3]; - } - else - { /* do a gethostbyname */ - struct hostent *he; - - if (!sock_init()) return(0); - - he=GetHostByName(str); - if (he == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - goto err; - } - /* cast to short because of win16 winsock definition */ - if ((short)he->h_addrtype != AF_INET) - { - BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); - return(0); - } - ip[0]=he->h_addr_list[0][0]; - ip[1]=he->h_addr_list[0][1]; - ip[2]=he->h_addr_list[0][2]; - ip[3]=he->h_addr_list[0][3]; - } - return(1); -err: - return(0); - } - -int extract_port(char *str, short *port_ptr) - { - int i; - struct servent *s; - - i=atoi(str); - if (i != 0) - *port_ptr=(unsigned short)i; - else - { - s=getservbyname(str,"tcp"); - if (s == NULL) - { - BIO_printf(bio_err,"getservbyname failure for %s\n",str); - return(0); - } - *port_ptr=ntohs((unsigned short)s->s_port); - } - return(1); - } - -#define GHBN_NUM 4 -static struct ghbn_cache_st - { - char name[128]; - struct hostent ent; - unsigned long order; - } ghbn_cache[GHBN_NUM]; - -static unsigned long ghbn_hits=0L; -static unsigned long ghbn_miss=0L; - -static struct hostent *GetHostByName(char *name) - { - struct hostent *ret; - int i,lowi=0; - unsigned long low= (unsigned long)-1; - - for (i=0; i<GHBN_NUM; i++) - { - if (low > ghbn_cache[i].order) - { - low=ghbn_cache[i].order; - lowi=i; - } - if (ghbn_cache[i].order > 0) - { - if (strncmp(name,ghbn_cache[i].name,128) == 0) - break; - } - } - if (i == GHBN_NUM) /* no hit*/ - { - ghbn_miss++; - ret=gethostbyname(name); - if (ret == NULL) return(NULL); - /* else add to cache */ - strncpy(ghbn_cache[lowi].name,name,128); - memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent)); - ghbn_cache[lowi].order=ghbn_miss+ghbn_hits; - return(ret); - } - else - { - ghbn_hits++; - ret= &(ghbn_cache[i].ent); - ghbn_cache[i].order=ghbn_miss+ghbn_hits; - return(ret); - } - } diff --git a/crypto/openssl/apps/s_time.c b/crypto/openssl/apps/s_time.c deleted file mode 100644 index 39fd3b8b4d98d..0000000000000 --- a/crypto/openssl/apps/s_time.c +++ /dev/null @@ -1,689 +0,0 @@ -/* apps/s_time.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#define NO_SHUTDOWN - -/*----------------------------------------- - s_time - SSL client connection timer program - Written and donated by Larry Streepy <streepy@healthcare.com> - -----------------------------------------*/ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#ifdef NO_STDIO -#define APPS_WIN16 -#endif -#define USE_SOCKETS -#include <openssl/x509.h> -#include <openssl/ssl.h> -#include <openssl/pem.h> -#include "apps.h" -#include "s_apps.h" -#include <openssl/err.h> -#ifdef WIN32_STUFF -#include "winmain.h" -#include "wintext.h" -#endif - -#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) -#define TIMES -#endif - -#ifndef _IRIX -#include <time.h> -#endif -#ifdef TIMES -#include <sys/types.h> -#include <sys/times.h> -#endif - -/* Depending on the VMS version, the tms structure is perhaps defined. - The __TMS macro will show if it was. If it wasn't defined, we should - undefine TIMES, since that tells the rest of the program how things - should be handled. -- Richard Levitte */ -#if defined(VMS) && defined(__DECC) && !defined(__TMS) -#undef TIMES -#endif - -#ifndef TIMES -#include <sys/timeb.h> -#endif - -#ifdef _AIX -#include <sys/select.h> -#endif - -#if defined(sun) || defined(__ultrix) -#define _POSIX_SOURCE -#include <limits.h> -#include <sys/param.h> -#endif - -/* The following if from times(3) man page. It may need to be changed -*/ -#ifndef HZ -#ifndef CLK_TCK -#define HZ 100.0 -#else /* CLK_TCK */ -#define HZ ((double)CLK_TCK) -#endif -#endif - -#undef PROG -#define PROG s_time_main - -#undef ioctl -#define ioctl ioctlsocket - -#define SSL_CONNECT_NAME "localhost:4433" - -/*#define TEST_CERT "client.pem" */ /* no default cert. */ - -#undef BUFSIZZ -#define BUFSIZZ 1024*10 - -#define min(a,b) (((a) < (b)) ? (a) : (b)) -#define max(a,b) (((a) > (b)) ? (a) : (b)) - -#undef SECONDS -#define SECONDS 30 -extern int verify_depth; -extern int verify_error; - -static void s_time_usage(void); -static int parseArgs( int argc, char **argv ); -static SSL *doConnection( SSL *scon ); -static void s_time_init(void); - -/*********************************************************************** - * Static data declarations - */ - -/* static char *port=PORT_STR;*/ -static char *host=SSL_CONNECT_NAME; -static char *t_cert_file=NULL; -static char *t_key_file=NULL; -static char *CApath=NULL; -static char *CAfile=NULL; -static char *tm_cipher=NULL; -static int tm_verify = SSL_VERIFY_NONE; -static int maxTime = SECONDS; -static SSL_CTX *tm_ctx=NULL; -static SSL_METHOD *s_time_meth=NULL; -static char *s_www_path=NULL; -static long bytes_read=0; -static int st_bugs=0; -static int perform=0; -#ifdef FIONBIO -static int t_nbio=0; -#endif -#ifdef WIN32 -static int exitNow = 0; /* Set when it's time to exit main */ -#endif - -static void s_time_init(void) - { - host=SSL_CONNECT_NAME; - t_cert_file=NULL; - t_key_file=NULL; - CApath=NULL; - CAfile=NULL; - tm_cipher=NULL; - tm_verify = SSL_VERIFY_NONE; - maxTime = SECONDS; - tm_ctx=NULL; - s_time_meth=NULL; - s_www_path=NULL; - bytes_read=0; - st_bugs=0; - perform=0; - -#ifdef FIONBIO - t_nbio=0; -#endif -#ifdef WIN32 - exitNow = 0; /* Set when it's time to exit main */ -#endif - } - -/*********************************************************************** - * usage - display usage message - */ -static void s_time_usage(void) -{ - static char umsg[] = "\ --time arg - max number of seconds to collect data, default %d\n\ --verify arg - turn on peer certificate verification, arg == depth\n\ --cert arg - certificate file to use, PEM format assumed\n\ --key arg - RSA file to use, PEM format assumed, key is in cert file\n\ - file if not specified by this option\n\ --CApath arg - PEM format directory of CA's\n\ --CAfile arg - PEM format file of CA's\n\ --cipher - preferred cipher to use, play with 'openssl ciphers'\n\n"; - - printf( "usage: s_time <args>\n\n" ); - - printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME); -#ifdef FIONBIO - printf("-nbio - Run with non-blocking IO\n"); - printf("-ssl2 - Just use SSLv2\n"); - printf("-ssl3 - Just use SSLv3\n"); - printf("-bugs - Turn on SSL bug compatibility\n"); - printf("-new - Just time new connections\n"); - printf("-reuse - Just time connection reuse\n"); - printf("-www page - Retrieve 'page' from the site\n"); -#endif - printf( umsg,SECONDS ); -} - -/*********************************************************************** - * parseArgs - Parse command line arguments and initialize data - * - * Returns 0 if ok, -1 on bad args - */ -static int parseArgs(int argc, char **argv) -{ - int badop = 0; - - verify_depth=0; - verify_error=X509_V_OK; - - argc--; - argv++; - - while (argc >= 1) { - if (strcmp(*argv,"-connect") == 0) - { - if (--argc < 1) goto bad; - host= *(++argv); - } -#if 0 - else if( strcmp(*argv,"-host") == 0) - { - if (--argc < 1) goto bad; - host= *(++argv); - } - else if( strcmp(*argv,"-port") == 0) - { - if (--argc < 1) goto bad; - port= *(++argv); - } -#endif - else if (strcmp(*argv,"-reuse") == 0) - perform=2; - else if (strcmp(*argv,"-new") == 0) - perform=1; - else if( strcmp(*argv,"-verify") == 0) { - - tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE; - if (--argc < 1) goto bad; - verify_depth=atoi(*(++argv)); - BIO_printf(bio_err,"verify depth is %d\n",verify_depth); - - } else if( strcmp(*argv,"-cert") == 0) { - - if (--argc < 1) goto bad; - t_cert_file= *(++argv); - - } else if( strcmp(*argv,"-key") == 0) { - - if (--argc < 1) goto bad; - t_key_file= *(++argv); - - } else if( strcmp(*argv,"-CApath") == 0) { - - if (--argc < 1) goto bad; - CApath= *(++argv); - - } else if( strcmp(*argv,"-CAfile") == 0) { - - if (--argc < 1) goto bad; - CAfile= *(++argv); - - } else if( strcmp(*argv,"-cipher") == 0) { - - if (--argc < 1) goto bad; - tm_cipher= *(++argv); - } -#ifdef FIONBIO - else if(strcmp(*argv,"-nbio") == 0) { - t_nbio=1; - } -#endif - else if(strcmp(*argv,"-www") == 0) - { - if (--argc < 1) goto bad; - s_www_path= *(++argv); - } - else if(strcmp(*argv,"-bugs") == 0) - st_bugs=1; -#ifndef NO_SSL2 - else if(strcmp(*argv,"-ssl2") == 0) - s_time_meth=SSLv2_client_method(); -#endif -#ifndef NO_SSL3 - else if(strcmp(*argv,"-ssl3") == 0) - s_time_meth=SSLv3_client_method(); -#endif - else if( strcmp(*argv,"-time") == 0) { - - if (--argc < 1) goto bad; - maxTime= atoi(*(++argv)); - } - else { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badop=1; - break; - } - - argc--; - argv++; - } - - if (perform == 0) perform=3; - - if(badop) { -bad: - s_time_usage(); - return -1; - } - - return 0; /* Valid args */ -} - -/*********************************************************************** - * TIME - time functions - */ -#define START 0 -#define STOP 1 - -static double tm_Time_F(int s) - { - static double ret; -#ifdef TIMES - static struct tms tstart,tend; - - if(s == START) { - times(&tstart); - return(0); - } else { - times(&tend); - ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; - return((ret == 0.0)?1e-6:ret); - } -#else /* !times() */ - static struct timeb tstart,tend; - long i; - - if(s == START) { - ftime(&tstart); - return(0); - } else { - ftime(&tend); - i=(long)tend.millitm-(long)tstart.millitm; - ret=((double)(tend.time-tstart.time))+((double)i)/1000.0; - return((ret == 0.0)?1e-6:ret); - } -#endif -} - -/*********************************************************************** - * MAIN - main processing area for client - * real name depends on MONOLITH - */ -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - double totalTime = 0.0; - int nConn = 0; - SSL *scon=NULL; - long finishtime=0; - int ret=1,i; - MS_STATIC char buf[1024*8]; - int ver; - - apps_startup(); - s_time_init(); - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - -#if !defined(NO_SSL2) && !defined(NO_SSL3) - s_time_meth=SSLv23_client_method(); -#elif !defined(NO_SSL3) - s_time_meth=SSLv3_client_method(); -#elif !defined(NO_SSL2) - s_time_meth=SSLv2_client_method(); -#endif - - /* parse the command line arguments */ - if( parseArgs( argc, argv ) < 0 ) - goto end; - - OpenSSL_add_ssl_algorithms(); - if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1); - - SSL_CTX_set_quiet_shutdown(tm_ctx,1); - - if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL); - SSL_CTX_set_cipher_list(tm_ctx,tm_cipher); - if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) - goto end; - - SSL_load_error_strings(); - - if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) || - (!SSL_CTX_set_default_verify_paths(tm_ctx))) - { - /* BIO_printf(bio_err,"error setting default verify locations\n"); */ - ERR_print_errors(bio_err); - /* goto end; */ - } - - if (tm_cipher == NULL) - tm_cipher = getenv("SSL_CIPHER"); - - if (tm_cipher == NULL ) { - fprintf( stderr, "No CIPHER specified\n" ); -/* EXIT(1); */ - } - - if (!(perform & 1)) goto next; - printf( "Collecting connection statistics for %d seconds\n", maxTime ); - - /* Loop and time how long it takes to make connections */ - - bytes_read=0; - finishtime=(long)time(NULL)+maxTime; - tm_Time_F(START); - for (;;) - { - if (finishtime < time(NULL)) break; -#ifdef WIN32_STUFF - - if( flushWinMsgs(0) == -1 ) - goto end; - - if( waitingToDie || exitNow ) /* we're dead */ - goto end; -#endif - - if( (scon = doConnection( NULL )) == NULL ) - goto end; - - if (s_www_path != NULL) - { - sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); - SSL_write(scon,buf,strlen(buf)); - while ((i=SSL_read(scon,buf,sizeof(buf))) > 0) - bytes_read+=i; - } - -#ifdef NO_SHUTDOWN - SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); -#else - SSL_shutdown(scon); -#endif - SHUTDOWN2(SSL_get_fd(scon)); - - nConn += 1; - if (SSL_session_reused(scon)) - ver='r'; - else - { - ver=SSL_version(scon); - if (ver == TLS1_VERSION) - ver='t'; - else if (ver == SSL3_VERSION) - ver='3'; - else if (ver == SSL2_VERSION) - ver='2'; - else - ver='*'; - } - fputc(ver,stdout); - fflush(stdout); - - SSL_free( scon ); - scon=NULL; - } - totalTime += tm_Time_F(STOP); /* Add the time for this iteration */ - - i=(int)(time(NULL)-finishtime+maxTime); - printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read); - printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn); - - /* Now loop and time connections using the same session id over and over */ - -next: - if (!(perform & 2)) goto end; - printf( "\n\nNow timing with session id reuse.\n" ); - - /* Get an SSL object so we can reuse the session id */ - if( (scon = doConnection( NULL )) == NULL ) - { - fprintf( stderr, "Unable to get connection\n" ); - goto end; - } - - if (s_www_path != NULL) - { - sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); - SSL_write(scon,buf,strlen(buf)); - while (SSL_read(scon,buf,sizeof(buf)) > 0) - ; - } -#ifdef NO_SHUTDOWN - SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); -#else - SSL_shutdown(scon); -#endif - SHUTDOWN2(SSL_get_fd(scon)); - - nConn = 0; - totalTime = 0.0; - - finishtime=time(NULL)+maxTime; - - printf( "starting\n" ); - bytes_read=0; - tm_Time_F(START); - - for (;;) - { - if (finishtime < time(NULL)) break; - -#ifdef WIN32_STUFF - if( flushWinMsgs(0) == -1 ) - goto end; - - if( waitingToDie || exitNow ) /* we're dead */ - goto end; -#endif - - if( (doConnection( scon )) == NULL ) - goto end; - - if (s_www_path) - { - sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); - SSL_write(scon,buf,strlen(buf)); - while ((i=SSL_read(scon,buf,sizeof(buf))) > 0) - bytes_read+=i; - } - -#ifdef NO_SHUTDOWN - SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); -#else - SSL_shutdown(scon); -#endif - SHUTDOWN2(SSL_get_fd(scon)); - - nConn += 1; - if (SSL_session_reused(scon)) - ver='r'; - else - { - ver=SSL_version(scon); - if (ver == TLS1_VERSION) - ver='t'; - else if (ver == SSL3_VERSION) - ver='3'; - else if (ver == SSL2_VERSION) - ver='2'; - else - ver='*'; - } - fputc(ver,stdout); - fflush(stdout); - } - totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/ - - - printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read); - printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn); - - ret=0; -end: - if (scon != NULL) SSL_free(scon); - - if (tm_ctx != NULL) - { - SSL_CTX_free(tm_ctx); - tm_ctx=NULL; - } - EXIT(ret); - } - -/*********************************************************************** - * doConnection - make a connection - * Args: - * scon = earlier ssl connection for session id, or NULL - * Returns: - * SSL * = the connection pointer. - */ -static SSL *doConnection(SSL *scon) - { - BIO *conn; - SSL *serverCon; - int width, i; - fd_set readfds; - - if ((conn=BIO_new(BIO_s_connect())) == NULL) - return(NULL); - -/* BIO_set_conn_port(conn,port);*/ - BIO_set_conn_hostname(conn,host); - - if (scon == NULL) - serverCon=SSL_new(tm_ctx); - else - { - serverCon=scon; - SSL_set_connect_state(serverCon); - } - - SSL_set_bio(serverCon,conn,conn); - -#if 0 - if( scon != NULL ) - SSL_set_session(serverCon,SSL_get_session(scon)); -#endif - - /* ok, lets connect */ - for(;;) { - i=SSL_connect(serverCon); - if (BIO_sock_should_retry(i)) - { - BIO_printf(bio_err,"DELAY\n"); - - i=SSL_get_fd(serverCon); - width=i+1; - FD_ZERO(&readfds); - FD_SET(i,&readfds); - /* Note: under VMS with SOCKETSHR the 2nd parameter - * is currently of type (int *) whereas under other - * systems it is (void *) if you don't have a cast it - * will choke the compiler: if you do have a cast then - * you can either go for (int *) or (void *). - */ - select(width,(void *)&readfds,NULL,NULL,NULL); - continue; - } - break; - } - if(i <= 0) - { - BIO_printf(bio_err,"ERROR\n"); - if (verify_error != X509_V_OK) - BIO_printf(bio_err,"verify error:%s\n", - X509_verify_cert_error_string(verify_error)); - else - ERR_print_errors(bio_err); - if (scon == NULL) - SSL_free(serverCon); - return NULL; - } - - return serverCon; - } - - diff --git a/crypto/openssl/apps/server.pem b/crypto/openssl/apps/server.pem deleted file mode 100644 index c57b32507d0a2..0000000000000 --- a/crypto/openssl/apps/server.pem +++ /dev/null @@ -1,369 +0,0 @@ -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit) ------BEGIN CERTIFICATE----- -MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD -VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4 -MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG -A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl -cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP -Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2// -Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9 -JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO -IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ -FUGcPZf9ND22Etc+AQ== ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD -TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu -OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj -gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz -rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b -PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA -vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU= ------END RSA PRIVATE KEY----- -subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA -issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA -notBefore=950413210656Z -notAfter =970412210656Z ------BEGIN X509 CERTIFICATE----- - -MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV -BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS -ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ -BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD -VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA -MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR -3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM -YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI -hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5 -dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/ -zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8= ------END X509 CERTIFICATE----- -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) ------BEGIN CERTIFICATE----- -MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD -VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw -OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY -BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0 -IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ -DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv -1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2 -mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v -hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4 -YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA -q30KIqGM/uoM60INq97qjDmCJapagcNBGQs= ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425 -gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd -2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB -AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6 -hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2 -J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs -HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL -21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s -nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz -MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa -pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb -KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2 -XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ ------END RSA PRIVATE KEY----- ------BEGIN X509 CERTIFICATE----- -MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT -LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ -MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls -b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG -EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk -bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL -ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb -hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/ -ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb -bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3 -fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX -R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR -Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK ------END X509 CERTIFICATE----- ------BEGIN X509 CERTIFICATE----- - -MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK -Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x -GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp -bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE -BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ -BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+ -ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw -ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI -H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z -WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE -MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM -LC7obsrHD8XAHG+ZRG== ------END X509 CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM -MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT -DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx -CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv -amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB -iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt -U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw -zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd -BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8 -/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi -lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA -S7ELuYGtmYgYm9NZOIr7yU0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG -A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0 -aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB -LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB -gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu -ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu -dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD -SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL -bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a -OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW -GJNMJ4L0AJ/ac+SmHZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN -BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w -HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0 -IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL -MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls -aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww -GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL -ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc -zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0 -YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq -hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF -cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W -YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w== ------END CERTIFICATE----- - -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit) ------BEGIN CERTIFICATE----- -MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD -VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw -OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY -BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy -NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg -40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp -22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y -BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S -Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9 -xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO -cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg -wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ -vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB -AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc -z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz -xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7 -HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD -yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS -xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj -7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG -h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL -QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q -hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc= ------END RSA PRIVATE KEY----- -subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority -issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority -notBefore=941104185834Z -notAfter =991103185834Z ------BEGIN X509 CERTIFICATE----- - -MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw -HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy -Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05 -OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT -ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u -IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o -975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/ -touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE -7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j -9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI -0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb -MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU= ------END X509 CERTIFICATE----- -subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority -issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority -notBefore=941109235417Z -notAfter =991231235417Z ------BEGIN X509 CERTIFICATE----- - -MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw -HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl -IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda -Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0 -YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB -roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12 -aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc -HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A -iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7 -suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h -cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk= ------END X509 CERTIFICATE----- -subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc - /OU=Certification Services Division/CN=Thawte Server CA - /Email=server-certs@thawte.com -issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc - /OU=Certification Services Division/CN=Thawte Server CA - /Email=server-certs@thawte.com ------BEGIN CERTIFICATE----- -MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD -VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU -VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy -dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq -hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1 -N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0 -ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv -bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2 -aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW -F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB -iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1 -Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A -KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG -SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX -7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM -qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf ------END CERTIFICATE----- - ------BEGIN CERTIFICATE----- -MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD -VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU -VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy -dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD -QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05 -NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG -A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT -FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg -Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c -G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU -c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH -jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR -w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2 -GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK -3VZdLbCVIhNoEsysrxCpxcI= ------END CERTIFICATE----- -Tims test GCI CA - ------BEGIN CERTIFICATE----- -MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD -VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5 -cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD -cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow -gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC -cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl -dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN -AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw -OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF -AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA -TfdbFZtAAD2Hx9jUtY3tfdrJOb8= ------END CERTIFICATE----- - ------BEGIN CERTIFICATE----- -MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD -VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5 -cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O -IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB -VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1 -NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT -I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta -RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ -KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR -Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG -9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4 -WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0 -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh -c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda -Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W -ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu -ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2 -FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j -W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari -QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG -9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C -TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW -8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA ------END CERTIFICATE----- - - subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber - issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber - ------BEGIN CERTIFICATE----- -MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw -YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw -MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp -YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI -SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp -U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG -SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb -RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp -3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv -z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg -hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg -YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv -LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg -KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ -Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv -ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v -dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw -IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS -ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ -TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w -LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU -BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs -53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq -2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB -p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY= ------END CERTIFICATE----- - - subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority - issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority ------BEGIN CERTIFICATE----- -MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw -FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg -UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa -Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln -biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ -nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma -AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga -IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF -AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ -Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6 -NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ== ------END CERTIFICATE----- - subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority - issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority ------BEGIN CERTIFICATE----- -MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw -FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg -UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa -Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln -biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1 -9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj -IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd -O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF -AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ -g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am -yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q== ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/server.srl b/crypto/openssl/apps/server.srl deleted file mode 100644 index 8a0f05e166aa6..0000000000000 --- a/crypto/openssl/apps/server.srl +++ /dev/null @@ -1 +0,0 @@ -01 diff --git a/crypto/openssl/apps/server2.pem b/crypto/openssl/apps/server2.pem deleted file mode 100644 index 8bb664194edc8..0000000000000 --- a/crypto/openssl/apps/server2.pem +++ /dev/null @@ -1,376 +0,0 @@ -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit) ------BEGIN CERTIFICATE----- -MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD -VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5 -MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG -A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl -cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm -RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa -6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf -JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB -gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6 -dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh -8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA== ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV -S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP -pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB -AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0 -dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY -bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E -Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq -zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM -6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf -QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD -dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M -0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv -nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA== ------END RSA PRIVATE KEY----- -subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA -issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA -notBefore=950413210656Z -notAfter =970412210656Z ------BEGIN X509 CERTIFICATE----- - -MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV -BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS -ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ -BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD -VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA -MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR -3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM -YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI -hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5 -dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/ -zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8= ------END X509 CERTIFICATE----- -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) ------BEGIN CERTIFICATE----- -MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD -VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw -OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY -BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0 -IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ -DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv -1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2 -mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v -hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4 -YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA -q30KIqGM/uoM60INq97qjDmCJapagcNBGQs= ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425 -gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd -2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB -AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6 -hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2 -J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs -HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL -21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s -nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz -MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa -pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb -KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2 -XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ ------END RSA PRIVATE KEY----- ------BEGIN X509 CERTIFICATE----- -MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT -LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ -MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls -b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG -EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk -bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL -ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb -hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/ -ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb -bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3 -fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX -R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR -Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK ------END X509 CERTIFICATE----- ------BEGIN X509 CERTIFICATE----- - -MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK -Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x -GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp -bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE -BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ -BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+ -ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw -ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI -H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z -WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE -MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM -LC7obsrHD8XAHG+ZRG== ------END X509 CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM -MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT -DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx -CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv -amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB -iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt -U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw -zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd -BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8 -/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi -lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA -S7ELuYGtmYgYm9NZOIr7yU0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG -A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0 -aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB -LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB -gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu -ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu -dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD -SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL -bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a -OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW -GJNMJ4L0AJ/ac+SmHZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN -BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w -HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0 -IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL -MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls -aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww -GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL -ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc -zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0 -YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq -hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF -cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W -YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w== ------END CERTIFICATE----- - -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit) ------BEGIN CERTIFICATE----- -MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD -VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw -OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY -BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy -NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg -40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp -22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y -BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S -Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9 -xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO -cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg -wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ -vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB -AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc -z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz -xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7 -HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD -yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS -xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj -7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG -h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL -QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q -hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc= ------END RSA PRIVATE KEY----- -subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority -issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority -notBefore=941104185834Z -notAfter =991103185834Z ------BEGIN X509 CERTIFICATE----- - -MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw -HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy -Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05 -OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT -ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u -IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o -975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/ -touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE -7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j -9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI -0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb -MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU= ------END X509 CERTIFICATE----- -subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority -issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority -notBefore=941109235417Z -notAfter =991231235417Z ------BEGIN X509 CERTIFICATE----- - -MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw -HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl -IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda -Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0 -YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB -roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12 -aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc -HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A -iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7 -suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h -cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk= ------END X509 CERTIFICATE----- -subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc - /OU=Certification Services Division/CN=Thawte Server CA - /Email=server-certs@thawte.com -issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc - /OU=Certification Services Division/CN=Thawte Server CA - /Email=server-certs@thawte.com ------BEGIN CERTIFICATE----- -MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD -VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU -VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy -dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq -hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1 -N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0 -ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv -bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2 -aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW -F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB -iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1 -Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A -KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG -SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX -7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM -qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf ------END CERTIFICATE----- - ------BEGIN CERTIFICATE----- -MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD -VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU -VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy -dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD -QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05 -NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG -A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT -FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg -Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c -G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU -c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH -jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR -w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2 -GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK -3VZdLbCVIhNoEsysrxCpxcI= ------END CERTIFICATE----- -Tims test GCI CA - ------BEGIN CERTIFICATE----- -MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD -VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5 -cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD -cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow -gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC -cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl -dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN -AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw -OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF -AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA -TfdbFZtAAD2Hx9jUtY3tfdrJOb8= ------END CERTIFICATE----- - ------BEGIN CERTIFICATE----- -MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD -VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5 -cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O -IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB -VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1 -NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT -I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta -RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ -KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR -Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG -9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4 -WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0 -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh -c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda -Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W -ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu -ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2 -FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j -W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari -QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG -9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C -TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW -8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA ------END CERTIFICATE----- - - subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber - issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber - ------BEGIN CERTIFICATE----- -MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw -YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw -MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp -YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI -SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp -U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG -SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb -RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp -3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv -z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg -hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg -YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv -LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg -KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ -Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv -ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v -dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw -IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS -ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ -TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w -LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU -BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs -53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq -2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB -p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY= ------END CERTIFICATE----- - - subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority - issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority ------BEGIN CERTIFICATE----- -MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw -FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg -UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa -Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln -biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ -nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma -AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga -IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF -AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ -Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6 -NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ== ------END CERTIFICATE----- - subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority - issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority ------BEGIN CERTIFICATE----- -MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw -FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg -UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa -Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln -biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1 -9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj -IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd -O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF -AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ -g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am -yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q== ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/sess_id.c b/crypto/openssl/apps/sess_id.c deleted file mode 100644 index 71d5aa0b7c6cd..0000000000000 --- a/crypto/openssl/apps/sess_id.c +++ /dev/null @@ -1,311 +0,0 @@ -/* apps/sess_id.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/x509.h> -#include <openssl/pem.h> -#include <openssl/ssl.h> - -#undef PROG -#define PROG sess_id_main - -static char *sess_id_usage[]={ -"usage: sess_id args\n", -"\n", -" -inform arg - input format - default PEM (DER or PEM)\n", -" -outform arg - output format - default PEM\n", -" -in arg - input file - default stdin\n", -" -out arg - output file - default stdout\n", -" -text - print ssl session id details\n", -" -cert - output certificate \n", -" -noout - no CRL output\n", -" -context arg - set the session ID context\n", -NULL -}; - -static SSL_SESSION *load_sess_id(char *file, int format); - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - SSL_SESSION *x=NULL; - int ret=1,i,num,badops=0; - BIO *out=NULL; - int informat,outformat; - char *infile=NULL,*outfile=NULL,*context=NULL; - int cert=0,noout=0,text=0; - char **pp; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - argc--; - argv++; - num=0; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-text") == 0) - text= ++num; - else if (strcmp(*argv,"-cert") == 0) - cert= ++num; - else if (strcmp(*argv,"-noout") == 0) - noout= ++num; - else if (strcmp(*argv,"-context") == 0) - { - if(--argc < 1) goto bad; - context=*++argv; - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - for (pp=sess_id_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,*pp); - goto end; - } - - ERR_load_crypto_strings(); - x=load_sess_id(infile,informat); - if (x == NULL) { goto end; } - - if(context) - { - x->sid_ctx_length=strlen(context); - if(x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH) - { - BIO_printf(bio_err,"Context too long\n"); - goto end; - } - memcpy(x->sid_ctx,context,x->sid_ctx_length); - } - -#ifdef undef - /* just testing for memory leaks :-) */ - { - SSL_SESSION *s; - char buf[1024*10],*p; - int i; - - s=SSL_SESSION_new(); - - p= &buf; - i=i2d_SSL_SESSION(x,&p); - p= &buf; - d2i_SSL_SESSION(&s,&p,(long)i); - p= &buf; - d2i_SSL_SESSION(&s,&p,(long)i); - p= &buf; - d2i_SSL_SESSION(&s,&p,(long)i); - SSL_SESSION_free(s); - } -#endif - - if (!noout || text) - { - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - } - - if (text) - { - SSL_SESSION_print(out,x); - - if (cert) - { - if (x->peer == NULL) - BIO_puts(out,"No certificate present\n"); - else - X509_print(out,x->peer); - } - } - - if (!noout && !cert) - { - if (outformat == FORMAT_ASN1) - i=(int)i2d_SSL_SESSION_bio(out,x); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_SSL_SESSION(out,x); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) { - BIO_printf(bio_err,"unable to write SSL_SESSION\n"); - goto end; - } - } - else if (!noout && (x->peer != NULL)) /* just print the certificate */ - { - if (outformat == FORMAT_ASN1) - i=(int)i2d_X509_bio(out,x->peer); - else if (outformat == FORMAT_PEM) - i=PEM_write_bio_X509(out,x->peer); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) { - BIO_printf(bio_err,"unable to write X509\n"); - goto end; - } - } - ret=0; -end: - if (out != NULL) BIO_free(out); - if (x != NULL) SSL_SESSION_free(x); - EXIT(ret); - } - -static SSL_SESSION *load_sess_id(char *infile, int format) - { - SSL_SESSION *x=NULL; - BIO *in=NULL; - - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - if (format == FORMAT_ASN1) - x=d2i_SSL_SESSION_bio(in,NULL); - else if (format == FORMAT_PEM) - x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input crl\n"); - goto end; - } - if (x == NULL) - { - BIO_printf(bio_err,"unable to load SSL_SESSION\n"); - ERR_print_errors(bio_err); - goto end; - } - -end: - if (in != NULL) BIO_free(in); - return(x); - } - diff --git a/crypto/openssl/apps/set/set-g-ca.pem b/crypto/openssl/apps/set/set-g-ca.pem deleted file mode 100644 index 78499f05706c2..0000000000000 --- a/crypto/openssl/apps/set/set-g-ca.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDeDCCAuGgAwIBAgIgYCYUeg8NJ9kO1q3z6vGCkAmPRfu5+Nur0FyGF79MADMw -DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx -MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw -MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtQ -Q0ExMDIxMTgyODEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJyi5V7l1HohY6hN/2N9x6mvWeMy8rD1 -6lfXjgmiuGmhpaszWYaalesMcS2OGuG8Lq3PkaSzpVzqASKfIOjxLMsdpYyYJRub -vRPDWi3xd8wlp9xUwWHKqn+ki8mPo0yN4eONwZZ4rcZr6K+tWd+5EJZSjuENJoQ/ -SRRmGRzdcS7XAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG -EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7 -aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2 -MTAyMjAxMjIwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG -SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwICBDB5 -BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3 -Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn -ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBn19R2 -AgGvpJDmfXrHTDdCoYyMkaP2MPzw0hFRwh+wqnw0/pqUXa7MrLXMqtD3rUyOWaNR -9fYpJZd0Bh/1OeIc2+U+VNfUovLLuZ8nNemdxyq2KMYnHtnh7UdO7atZ+PFLVu8x -a+J2Mtj8MGy12CJNTJcjLSrJ/1f3AuVrwELjlQ== ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/set/set-m-ca.pem b/crypto/openssl/apps/set/set-m-ca.pem deleted file mode 100644 index 0e74caff67b80..0000000000000 --- a/crypto/openssl/apps/set/set-m-ca.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDeDCCAuGgAwIBAgIgEGvcf5aUnufALdVMa/dmPdflq1CoORGeK5DUwbqhVYcw -DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx -MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw -MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtN -Q0ExMDIxMTgyNzEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALuWwr63YrT1GIZpYKfIeiVFHESG/FZO -7RAJKml/p12ZyZ7D5YPP4BBXVsa1H8e8arR1LKC4rdCArrtKKlBeBiMo9+NB+u35 -FnLnTmfzM4iZ2Syw35DXY8+Xn/LM7RJ1RG+vMNcTqpoUg7QPye7flq2Pt7vVROPn -SZxPyVxmILe3AgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG -EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7 -aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2 -MTAyMjAxMjEwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG -SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIDCDB5 -BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3 -Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn -ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQApaj0W -GgyR47URZEZ7z83yivvnVErqtodub/nR1fMgJ4bDC0ofjA0SzXBP1/3eDq9VkPuS -EKUw9BpM2XrSUKhJ6F1CbBjWpM0M7GC1nTSxMxmV+XL+Ab/Gn2SwozUApWtht29/ -x9VLB8qsi6wN2aOsVdQMl5iVCjGQYfEkyuoIgA== ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/set/set_b_ca.pem b/crypto/openssl/apps/set/set_b_ca.pem deleted file mode 100644 index eba7d5cf54bdf..0000000000000 --- a/crypto/openssl/apps/set/set_b_ca.pem +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID1zCCAr+gAwIBAgIgYClSzXgB3u31VMarY+lXwPKU9DtoBMzaaivuVzV9a9kw -DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx -ODI5MB4XDTk2MTAxNzAwMDAwMFoXDTk2MTExNjIzNTk1OVowRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoTC0JDQTEwMTcxMTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlBy -b2R1Y3QgVHlwZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApPewvR0BwV02 -9E12ic48pMY/aMB6SkMEWPDx2hURr0DKYGJ6qMvzZn2pSfaVH1BqDtK6oK4Ye5Mj -ItywwQIdXXO9Ut8+TLnvtzq9ByCJ0YThjZJBc7ZcpJxSV7QAoBON/lzxZuAVq3+L -3uc39MgRwmBpRllZEpWrkojxs6166X0CAwEAAaOCAVcwggFTMFQGA1UdIwRNMEuh -J6QlMCMxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtSQ0ExMDExMTgyOYIgVqenwCYv -mmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYwDgYDVR0PAQH/BAQDAgEGMC4GA1Ud -EAEB/wQkMCKADzE5OTYxMDE3MTc1NzAwWoEPMTk5NjExMTYyMzU5NTlaMBsGA1Ud -IAEB/wQRMA8wDQYLYIZIAYb4RQEHAQEwEgYDVR0TAQH/BAgwBgEB/wIBATAPBgSG -jW8DAQH/BAQDAgABMHkGBIaNbwcBAf8EbjBsMCQCAQAwCQYFKw4DAhoFAAQUMmY3 -NGIxYWY0ZmNjMDYwZjc2NzYTD3RlcnNlIHN0YXRlbWVudIAXaHR0cDovL3d3dy52 -ZXJpc2lnbi5jb22BGmdldHNldC1jZW50ZXJAdmVyaXNpZ24uY29tMA0GCSqGSIb3 -DQEBBQUAA4IBAQAWoMS8Aj2sO0LDxRoMcnWTKY8nd8Jw2vl2Mgsm+0qCvcndICM5 -43N0y9uHlP8WeCZULbFz95gTL8mfP/QTu4EctMUkQgRHJnx80f0XSF3HE/X6zBbI -9rit/bF6yP1mhkdss/vGanReDpki7q8pLx+VIIcxWst/366HP3dW1Fb7ECW/WmVV -VMN93f/xqk9I4sXchVZcVKQT3W4tzv+qQvugrEi1dSEkbAy1CITEAEGiaFhGUyCe -WPox3guRXaEHoINNeajGrISe6d//alsz5EEroBoLnM2ryqWfLAtRsf4rjNzTgklw -lbiz0fw7bNkXKp5ZVr0wlnOjQnoSM6dTI0AV ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/set/set_c_ca.pem b/crypto/openssl/apps/set/set_c_ca.pem deleted file mode 100644 index 48b2cbdc7cd5a..0000000000000 --- a/crypto/openssl/apps/set/set_c_ca.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDeDCCAuGgAwIBAgIgOnl8J6lAYNDdTWtIojWCGnloNf4ufHjOZ4Fkxwg5xOsw -DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx -MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw -MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtD -Q0ExMDIxMTYxNjEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANA3a9+U8oXU3Dv1wJf8g0A7HjCRZAXc -Y8E4OLOdye5aUssxifCE05qTPVqHMXo6cnCYcfroMdURhjQlswyTGtjQybgUnXjp -pchw+V4D1DkN0ThErrMCh9ZFSykC0lUhQTRLESvbIb4Gal/HMAFAF5sj0GoOFi2H -RRj7gpzBIU3xAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG -EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7 -aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2 -MTAyMjAxMTAwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG -SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIEEDB5 -BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3 -Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn -ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBteLaZ -u/TASC64UWPfhxYAUdys9DQ1pG/J1qPWNTkjOmpXFvW+7l/3nkxyRPgUoFNwx1e7 -XVVPr6zhy8LaaXppwfIZvVryzAUdbtijiUf/MO0hvV3w7e9NlCVProdU5H9EvCXr -+IV8rH8fdEkirIVyw0JGHkuWhkmtS1HEwai9vg== ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/set/set_d_ct.pem b/crypto/openssl/apps/set/set_d_ct.pem deleted file mode 100644 index 9f8c7d8b086a9..0000000000000 --- a/crypto/openssl/apps/set/set_d_ct.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdjCCAt+gAwIBAgIgRU5t24v72xVDpZ4iHpyoOAQaQmfio1yhTZAOkBfT2uUw -DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0NDQTEwMjEx -NjE2MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjQw -MDAwMDBaFw05NjExMjMyMzU5NTlaMG4xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdC -cmFuZElEMSYwJAYDVQQLEx1Jc3N1aW5nIEZpbmFuY2lhbCBJbnN0aXR1dGlvbjEl -MCMGA1UEAxMcR2lYb0t0VjViN1V0MHZKa2hkSG5RYmNzc2JrPTBcMA0GCSqGSIb3 -DQEBAQUAA0sAMEgCQQDIUxgpNB1aoSW585WErtN8WInCRWCqDj3RGT2mJye0F4SM -/iT5ywdWMasmw18vpEpDlMypfZnRkUAdfyHcRABVAgMBAAGjggFwMIIBbDB2BgNV -HSMEbzBtoUmkRzBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLQkNBMTAxNzExMDQx -IDAeBgNVBAMTF0JyYW5kIE5hbWU6UHJvZHVjdCBUeXBlgiA6eXwnqUBg0N1Na0ii -NYIaeWg1/i58eM5ngWTHCDnE6zAOBgNVHQ8BAf8EBAMCB4AwLgYDVR0QAQH/BCQw -IoAPMTk5NjEwMjQwMTA0MDBagQ8xOTk2MTEyMzIzNTk1OVowGAYDVR0gBBEwDzAN -BgtghkgBhvhFAQcBATAMBgNVHRMBAf8EAjAAMA8GBIaNbwMBAf8EBAMCB4AweQYE -ho1vBwEB/wRuMGwwJAIBADAJBgUrDgMCGgUABBQzOTgyMzk4NzIzNzg5MTM0OTc4 -MhMPdGVyc2Ugc3RhdGVtZW50gBdodHRwOi8vd3d3LnZlcmlzaWduLmNvbYEaZ2V0 -c2V0LWNlbnRlckB2ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEAVHCjhxeD -mIFSkm3DpQAq7pGfcAFPWvSM9I9bK8qeFT1M5YQ+5fbPqaWlNcQlGKIe3cHd4+0P -ndL5lb6UBhhA0kTzEYA38+HtBxPe/lokCv0bYfyWY9asUmvfbUrTYta0yjN7ixnV -UqvxxHQHOAwhf6bcc7xNHapOxloWzGUU0RQ= ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/set/set_root.pem b/crypto/openssl/apps/set/set_root.pem deleted file mode 100644 index 8dd104f058d3e..0000000000000 --- a/crypto/openssl/apps/set/set_root.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDZzCCAk+gAwIBAgIgVqenwCYvmmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYw -DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx -ODI5MB4XDTk2MTAxMjAwMDAwMFoXDTk2MTExMTIzNTk1OVowIzELMAkGA1UEBhMC -VVMxFDASBgNVBAoTC1JDQTEwMTExODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAukca0PVUGFIYX7EyrShi+dVi9GTNzG0V2Wtdw6DqFzKfedba/KpE -zqnRDV/wRZlBn3oXPS6kNCFiBPRV9mEFXI7y2W+q8/vPurjRDIXMsqQ+dAhKwf4q -rofJBTiET4NUN0YTtpx6aYuoVubjiOgKdbqnUArxAWWP2Dkco17ipEYyUtd4sTAe -/xKR02AHpbYGYPSHjMDS/nzUJ7uX4d51phs0rt7If48ExJSnDV/KoHMfm42mdmH2 -g23005qdHKY3UXeh10tZmb3QtGTSvF6OqpRZ+e9/ALklu7ZcIjqbb944ci4QWemb -ZNWiDFrWWUoO1k942BI/iZ8Fh8pETYSDBQIDAQABo4GGMIGDMA4GA1UdDwEB/wQE -AwIBBjAuBgNVHRABAf8EJDAigA8xOTk2MTAxMjAxMzQwMFqBDzE5OTYxMTExMjM1 -OTU5WjAbBgNVHSABAf8EETAPMA0GC2CGSAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYB -Af8CAQIwEAYEho1vAwEB/wQFAwMHAIAwDQYJKoZIhvcNAQEFBQADggEBAK4tntea -y+ws7PdULwfqAS5osaoNvw73uBn5lROTpx91uhQbJyf0oZ3XG9GUuHZBpqG9qmr9 -vIL40RsvRpNMYgaNHKTxF716yx6rZmruAYZsrE3SpV63tQJCckKLPSge2E5uDhSQ -O8UjusG+IRT9fKMXUHLv4OmZPOQVOSl1qTCN2XoJFqEPtC3Y9P4YR4xHL0P2jb1l -DLdIbruuh+6omH+0XUZd5fKnQZTTi6gjl0iunj3wGnkcqGZtwr3j87ONiB/8tDwY -vz8ceII4YYdX12PrNzn+fu3R5rChvPW4/ah/SaYQ2VQ0AupaIF4xrNJ/gLYYw0YO -bxCrVJLd8tu9WgA= ------END CERTIFICATE----- diff --git a/crypto/openssl/apps/smime.c b/crypto/openssl/apps/smime.c deleted file mode 100644 index 7dc66d6ecd566..0000000000000 --- a/crypto/openssl/apps/smime.c +++ /dev/null @@ -1,535 +0,0 @@ -/* smime.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* S/MIME utility function */ - -#include <stdio.h> -#include <string.h> -#include "apps.h" -#include <openssl/crypto.h> -#include <openssl/pem.h> -#include <openssl/err.h> - -#undef PROG -#define PROG smime_main -static X509 *load_cert(char *file); -static EVP_PKEY *load_key(char *file, char *pass); -static STACK_OF(X509) *load_certs(char *file); -static X509_STORE *setup_verify(char *CAfile, char *CApath); -static int save_certs(char *signerfile, STACK_OF(X509) *signers); - -#define SMIME_OP 0x10 -#define SMIME_ENCRYPT (1 | SMIME_OP) -#define SMIME_DECRYPT 2 -#define SMIME_SIGN (3 | SMIME_OP) -#define SMIME_VERIFY 4 -#define SMIME_PK7OUT 5 - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) -{ - int operation = 0; - int ret = 0; - char **args; - char *inmode = "r", *outmode = "w"; - char *infile = NULL, *outfile = NULL; - char *signerfile = NULL, *recipfile = NULL; - char *certfile = NULL, *keyfile = NULL; - EVP_CIPHER *cipher = NULL; - PKCS7 *p7 = NULL; - X509_STORE *store = NULL; - X509 *cert = NULL, *recip = NULL, *signer = NULL; - EVP_PKEY *key = NULL; - STACK_OF(X509) *encerts = NULL, *other = NULL; - BIO *in = NULL, *out = NULL, *indata = NULL; - int badarg = 0; - int flags = PKCS7_DETACHED; - char *to = NULL, *from = NULL, *subject = NULL; - char *CAfile = NULL, *CApath = NULL; - char *passargin = NULL, *passin = NULL; - char *inrand = NULL; - int need_rand = 0; - args = argv + 1; - - ret = 1; - - while (!badarg && *args && *args[0] == '-') { - if (!strcmp (*args, "-encrypt")) operation = SMIME_ENCRYPT; - else if (!strcmp (*args, "-decrypt")) operation = SMIME_DECRYPT; - else if (!strcmp (*args, "-sign")) operation = SMIME_SIGN; - else if (!strcmp (*args, "-verify")) operation = SMIME_VERIFY; - else if (!strcmp (*args, "-pk7out")) operation = SMIME_PK7OUT; -#ifndef NO_DES - else if (!strcmp (*args, "-des3")) - cipher = EVP_des_ede3_cbc(); - else if (!strcmp (*args, "-des")) - cipher = EVP_des_cbc(); -#endif -#ifndef NO_RC2 - else if (!strcmp (*args, "-rc2-40")) - cipher = EVP_rc2_40_cbc(); - else if (!strcmp (*args, "-rc2-128")) - cipher = EVP_rc2_cbc(); - else if (!strcmp (*args, "-rc2-64")) - cipher = EVP_rc2_64_cbc(); -#endif - else if (!strcmp (*args, "-text")) - flags |= PKCS7_TEXT; - else if (!strcmp (*args, "-nointern")) - flags |= PKCS7_NOINTERN; - else if (!strcmp (*args, "-noverify")) - flags |= PKCS7_NOVERIFY; - else if (!strcmp (*args, "-nochain")) - flags |= PKCS7_NOCHAIN; - else if (!strcmp (*args, "-nocerts")) - flags |= PKCS7_NOCERTS; - else if (!strcmp (*args, "-noattr")) - flags |= PKCS7_NOATTR; - else if (!strcmp (*args, "-nodetach")) - flags &= ~PKCS7_DETACHED; - else if (!strcmp (*args, "-binary")) - flags |= PKCS7_BINARY; - else if (!strcmp (*args, "-nosigs")) - flags |= PKCS7_NOSIGS; - else if (!strcmp(*args,"-rand")) { - if (args[1]) { - args++; - inrand = *args; - } else badarg = 1; - need_rand = 1; - } else if (!strcmp(*args,"-passin")) { - if (args[1]) { - args++; - passargin = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-to")) { - if (args[1]) { - args++; - to = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-from")) { - if (args[1]) { - args++; - from = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-subject")) { - if (args[1]) { - args++; - subject = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-signer")) { - if (args[1]) { - args++; - signerfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-recip")) { - if (args[1]) { - args++; - recipfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-inkey")) { - if (args[1]) { - args++; - keyfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-certfile")) { - if (args[1]) { - args++; - certfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-CAfile")) { - if (args[1]) { - args++; - CAfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-CApath")) { - if (args[1]) { - args++; - CApath = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-in")) { - if (args[1]) { - args++; - infile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-out")) { - if (args[1]) { - args++; - outfile = *args; - } else badarg = 1; - } else badarg = 1; - args++; - } - - if(operation == SMIME_SIGN) { - if(!signerfile) { - BIO_printf(bio_err, "No signer certificate specified\n"); - badarg = 1; - } - need_rand = 1; - } else if(operation == SMIME_DECRYPT) { - if(!recipfile) { - BIO_printf(bio_err, "No recipient certificate and key specified\n"); - badarg = 1; - } - } else if(operation == SMIME_ENCRYPT) { - if(!*args) { - BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n"); - badarg = 1; - } - need_rand = 1; - } else if(!operation) badarg = 1; - - if (badarg) { - BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n"); - BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-encrypt encrypt message\n"); - BIO_printf (bio_err, "-decrypt decrypt encrypted message\n"); - BIO_printf (bio_err, "-sign sign message\n"); - BIO_printf (bio_err, "-verify verify signed message\n"); - BIO_printf (bio_err, "-pk7out output PKCS#7 structure\n"); -#ifndef NO_DES - BIO_printf (bio_err, "-des3 encrypt with triple DES\n"); - BIO_printf (bio_err, "-des encrypt with DES\n"); -#endif -#ifndef NO_RC2 - BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n"); - BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n"); - BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n"); -#endif - BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n"); - BIO_printf (bio_err, "-nosigs don't verify message signature\n"); - BIO_printf (bio_err, "-noverify don't verify signers certificate\n"); - BIO_printf (bio_err, "-nocerts don't include signers certificate when signing\n"); - BIO_printf (bio_err, "-nodetach use opaque signing\n"); - BIO_printf (bio_err, "-noattr don't include any signed attributes\n"); - BIO_printf (bio_err, "-binary don't translate message to text\n"); - BIO_printf (bio_err, "-certfile file other certificates file\n"); - BIO_printf (bio_err, "-signer file signer certificate file\n"); - BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n"); - BIO_printf (bio_err, "-in file input file\n"); - BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n"); - BIO_printf (bio_err, "-out file output file\n"); - BIO_printf (bio_err, "-to addr to address\n"); - BIO_printf (bio_err, "-from ad from address\n"); - BIO_printf (bio_err, "-subject s subject\n"); - BIO_printf (bio_err, "-text include or delete text MIME headers\n"); - BIO_printf (bio_err, "-CApath dir trusted certificates directory\n"); - BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); - BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); - BIO_printf(bio_err, " the random number generator\n"); - BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); - goto end; - } - - if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { - BIO_printf(bio_err, "Error getting password\n"); - goto end; - } - - if (need_rand) { - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); - if (inrand != NULL) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - app_RAND_load_files(inrand)); - } - - ret = 2; - - if(operation != SMIME_SIGN) flags &= ~PKCS7_DETACHED; - - if(flags & PKCS7_BINARY) { - if(operation & SMIME_OP) inmode = "rb"; - else outmode = "rb"; - } - - if(operation == SMIME_ENCRYPT) { - if (!cipher) { -#ifndef NO_RC2 - cipher = EVP_rc2_40_cbc(); -#else - BIO_printf(bio_err, "No cipher selected\n"); - goto end; -#endif - } - encerts = sk_X509_new_null(); - while (*args) { - if(!(cert = load_cert(*args))) { - BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args); - goto end; - } - sk_X509_push(encerts, cert); - cert = NULL; - args++; - } - } - - if(signerfile && (operation == SMIME_SIGN)) { - if(!(signer = load_cert(signerfile))) { - BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile); - goto end; - } - } - - if(certfile) { - if(!(other = load_certs(certfile))) { - BIO_printf(bio_err, "Can't read certificate file %s\n", certfile); - ERR_print_errors(bio_err); - goto end; - } - } - - if(recipfile && (operation == SMIME_DECRYPT)) { - if(!(recip = load_cert(recipfile))) { - BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile); - ERR_print_errors(bio_err); - goto end; - } - } - - if(operation == SMIME_DECRYPT) { - if(!keyfile) keyfile = recipfile; - } else if(operation == SMIME_SIGN) { - if(!keyfile) keyfile = signerfile; - } else keyfile = NULL; - - if(keyfile) { - if(!(key = load_key(keyfile, passin))) { - BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile); - ERR_print_errors(bio_err); - goto end; - } - } - - if (infile) { - if (!(in = BIO_new_file(infile, inmode))) { - BIO_printf (bio_err, - "Can't open input file %s\n", infile); - goto end; - } - } else in = BIO_new_fp(stdin, BIO_NOCLOSE); - - if (outfile) { - if (!(out = BIO_new_file(outfile, outmode))) { - BIO_printf (bio_err, - "Can't open output file %s\n", outfile); - goto end; - } - } else out = BIO_new_fp(stdout, BIO_NOCLOSE); - - if(operation == SMIME_VERIFY) { - if(!(store = setup_verify(CAfile, CApath))) goto end; - } - - ret = 3; - - if(operation == SMIME_ENCRYPT) { - p7 = PKCS7_encrypt(encerts, in, cipher, flags); - } else if(operation == SMIME_SIGN) { - p7 = PKCS7_sign(signer, key, other, in, flags); - BIO_reset(in); - } else { - if(!(p7 = SMIME_read_PKCS7(in, &indata))) { - BIO_printf(bio_err, "Error reading S/MIME message\n"); - goto end; - } - } - - if(!p7) { - BIO_printf(bio_err, "Error creating PKCS#7 structure\n"); - goto end; - } - - ret = 4; - if(operation == SMIME_DECRYPT) { - if(!PKCS7_decrypt(p7, key, recip, out, flags)) { - BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n"); - goto end; - } - } else if(operation == SMIME_VERIFY) { - STACK_OF(X509) *signers; - if(PKCS7_verify(p7, other, store, indata, out, flags)) { - BIO_printf(bio_err, "Verification Successful\n"); - } else { - BIO_printf(bio_err, "Verification Failure\n"); - goto end; - } - signers = PKCS7_get0_signers(p7, other, flags); - if(!save_certs(signerfile, signers)) { - BIO_printf(bio_err, "Error writing signers to %s\n", - signerfile); - ret = 5; - goto end; - } - sk_X509_free(signers); - } else if(operation == SMIME_PK7OUT) { - PEM_write_bio_PKCS7(out, p7); - } else { - if(to) BIO_printf(out, "To: %s\n", to); - if(from) BIO_printf(out, "From: %s\n", from); - if(subject) BIO_printf(out, "Subject: %s\n", subject); - SMIME_write_PKCS7(out, p7, in, flags); - } - ret = 0; -end: - if (need_rand) - app_RAND_write_file(NULL, bio_err); - if(ret) ERR_print_errors(bio_err); - sk_X509_pop_free(encerts, X509_free); - sk_X509_pop_free(other, X509_free); - X509_STORE_free(store); - X509_free(cert); - X509_free(recip); - X509_free(signer); - EVP_PKEY_free(key); - PKCS7_free(p7); - BIO_free(in); - BIO_free(indata); - BIO_free(out); - if(passin) Free(passin); - return (ret); -} - -static X509 *load_cert(char *file) -{ - BIO *in; - X509 *cert; - if(!(in = BIO_new_file(file, "r"))) return NULL; - cert = PEM_read_bio_X509(in, NULL, NULL,NULL); - BIO_free(in); - return cert; -} - -static EVP_PKEY *load_key(char *file, char *pass) -{ - BIO *in; - EVP_PKEY *key; - if(!(in = BIO_new_file(file, "r"))) return NULL; - key = PEM_read_bio_PrivateKey(in, NULL,NULL,pass); - BIO_free(in); - return key; -} - -static STACK_OF(X509) *load_certs(char *file) -{ - BIO *in; - int i; - STACK_OF(X509) *othercerts; - STACK_OF(X509_INFO) *allcerts; - X509_INFO *xi; - if(!(in = BIO_new_file(file, "r"))) return NULL; - othercerts = sk_X509_new(NULL); - if(!othercerts) return NULL; - allcerts = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); - for(i = 0; i < sk_X509_INFO_num(allcerts); i++) { - xi = sk_X509_INFO_value (allcerts, i); - if (xi->x509) { - sk_X509_push(othercerts, xi->x509); - xi->x509 = NULL; - } - } - sk_X509_INFO_pop_free(allcerts, X509_INFO_free); - BIO_free(in); - return othercerts; -} - -static X509_STORE *setup_verify(char *CAfile, char *CApath) -{ - X509_STORE *store; - X509_LOOKUP *lookup; - if(!(store = X509_STORE_new())) goto end; - lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file()); - if (lookup == NULL) goto end; - if (CAfile) { - if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) { - BIO_printf(bio_err, "Error loading file %s\n", CAfile); - goto end; - } - } else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); - - lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir()); - if (lookup == NULL) goto end; - if (CApath) { - if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) { - BIO_printf(bio_err, "Error loading directory %s\n", CApath); - goto end; - } - } else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); - - ERR_clear_error(); - return store; - end: - X509_STORE_free(store); - return NULL; -} - -static int save_certs(char *signerfile, STACK_OF(X509) *signers) -{ - int i; - BIO *tmp; - if(!signerfile) return 1; - tmp = BIO_new_file(signerfile, "w"); - if(!tmp) return 0; - for(i = 0; i < sk_X509_num(signers); i++) - PEM_write_bio_X509(tmp, sk_X509_value(signers, i)); - BIO_free(tmp); - return 1; -} - diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c deleted file mode 100644 index 094326c0aa487..0000000000000 --- a/crypto/openssl/apps/speed.c +++ /dev/null @@ -1,1215 +0,0 @@ -/* apps/speed.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - * - * $FreeBSD$ - */ - -/* most of this code has been pilfered from my libdes speed.c program */ - -#undef SECONDS -#define SECONDS 3 -#define RSA_SECONDS 10 -#define DSA_SECONDS 10 - -/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ -/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ - -#undef PROG -#define PROG speed_main - -#include <stdio.h> -#include <stdlib.h> -#include <signal.h> -#include <string.h> -#include <math.h> -#include "apps.h" -#ifdef NO_STDIO -#define APPS_WIN16 -#endif -#include <openssl/crypto.h> -#include <openssl/rand.h> -#include <openssl/err.h> - -#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) -#define TIMES -#endif - -#ifndef _IRIX -#include <time.h> -#endif -#ifdef TIMES -#include <sys/types.h> -#include <sys/times.h> -#endif - -/* Depending on the VMS version, the tms structure is perhaps defined. - The __TMS macro will show if it was. If it wasn't defined, we should - undefine TIMES, since that tells the rest of the program how things - should be handled. -- Richard Levitte */ -#if defined(VMS) && defined(__DECC) && !defined(__TMS) -#undef TIMES -#endif - -#ifndef TIMES -#include <sys/timeb.h> -#endif - -#if defined(sun) || defined(__ultrix) -#define _POSIX_SOURCE -#include <limits.h> -#include <sys/param.h> -#endif - -#ifndef NO_DES -#include <openssl/des.h> -#endif -#ifndef NO_MD2 -#include <openssl/md2.h> -#endif -#ifndef NO_MDC2 -#include <openssl/mdc2.h> -#endif -#ifndef NO_MD5 -#include <openssl/md5.h> -#endif -#ifndef NO_HMAC -#include <openssl/hmac.h> -#endif -#include <openssl/evp.h> -#ifndef NO_SHA -#include <openssl/sha.h> -#endif -#ifndef NO_RIPEMD -#include <openssl/ripemd.h> -#endif -#ifndef NO_RC4 -#include <openssl/rc4.h> -#endif -#ifndef NO_RC5 -#include <openssl/rc5.h> -#endif -#ifndef NO_RC2 -#include <openssl/rc2.h> -#endif -#ifndef NO_IDEA -#include <openssl/idea.h> -#endif -#ifndef NO_BF -#include <openssl/blowfish.h> -#endif -#ifndef NO_CAST -#include <openssl/cast.h> -#endif -#ifndef NO_RSA -#include <openssl/rsa.h> -#include "./testrsa.h" -#endif -#include <openssl/x509.h> -#ifndef NO_DSA -#include "./testdsa.h" -#endif - -/* The following if from times(3) man page. It may need to be changed */ -#ifndef HZ -# ifndef CLK_TCK -# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ -# define HZ 100.0 -# else /* _BSD_CLK_TCK_ */ -# define HZ ((double)_BSD_CLK_TCK_) -# endif -# else /* CLK_TCK */ -# define HZ ((double)CLK_TCK) -# endif -#endif - -#undef BUFSIZE -#define BUFSIZE ((long)1024*8+1) -int run=0; - -static double Time_F(int s); -static void print_message(char *s,long num,int length); -static void pkey_print_message(char *str,char *str2,long num,int bits,int sec); -#ifdef SIGALRM -#if defined(__STDC__) || defined(sgi) || defined(_AIX) -#define SIGRETTYPE void -#else -#define SIGRETTYPE int -#endif - -static SIGRETTYPE sig_done(int sig); -static SIGRETTYPE sig_done(int sig) - { - signal(SIGALRM,sig_done); - run=0; -#ifdef LINT - sig=sig; -#endif - } -#endif - -#define START 0 -#define STOP 1 - -static double Time_F(int s) - { - double ret; -#ifdef TIMES - static struct tms tstart,tend; - - if (s == START) - { - times(&tstart); - return(0); - } - else - { - times(&tend); - ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; - return((ret < 1e-3)?1e-3:ret); - } -#else /* !times() */ - static struct timeb tstart,tend; - long i; - - if (s == START) - { - ftime(&tstart); - return(0); - } - else - { - ftime(&tend); - i=(long)tend.millitm-(long)tstart.millitm; - ret=((double)(tend.time-tstart.time))+((double)i)/1000.0; - return((ret < 0.001)?0.001:ret); - } -#endif - } - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - unsigned char *buf=NULL,*buf2=NULL; - int mret=1; -#define ALGOR_NUM 14 -#define SIZE_NUM 5 -#define RSA_NUM 4 -#define DSA_NUM 3 - long count,rsa_count; - int i,j,k; - unsigned rsa_num,rsa_num2; -#ifndef NO_MD2 - unsigned char md2[MD2_DIGEST_LENGTH]; -#endif -#ifndef NO_MDC2 - unsigned char mdc2[MDC2_DIGEST_LENGTH]; -#endif -#ifndef NO_MD5 - unsigned char md5[MD5_DIGEST_LENGTH]; - unsigned char hmac[MD5_DIGEST_LENGTH]; -#endif -#ifndef NO_SHA - unsigned char sha[SHA_DIGEST_LENGTH]; -#endif -#ifndef NO_RIPEMD - unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; -#endif -#ifndef NO_RC4 - RC4_KEY rc4_ks; -#endif -#ifndef NO_RC5 - RC5_32_KEY rc5_ks; -#endif -#ifndef NO_RC2 - RC2_KEY rc2_ks; -#endif -#ifndef NO_IDEA - IDEA_KEY_SCHEDULE idea_ks; -#endif -#ifndef NO_BF - BF_KEY bf_ks; -#endif -#ifndef NO_CAST - CAST_KEY cast_ks; -#endif - static unsigned char key16[16]= - {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, - 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - unsigned char iv[8]; -#ifndef NO_DES - des_cblock *buf_as_des_cblock = NULL; - static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; - static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; - des_key_schedule sch,sch2,sch3; -#endif -#define D_MD2 0 -#define D_MDC2 1 -#define D_MD5 2 -#define D_HMAC 3 -#define D_SHA1 4 -#define D_RMD160 5 -#define D_RC4 6 -#define D_CBC_DES 7 -#define D_EDE3_DES 8 -#define D_CBC_IDEA 9 -#define D_CBC_RC2 10 -#define D_CBC_RC5 11 -#define D_CBC_BF 12 -#define D_CBC_CAST 13 - double d,results[ALGOR_NUM][SIZE_NUM]; - static int lengths[SIZE_NUM]={8,64,256,1024,8*1024}; - long c[ALGOR_NUM][SIZE_NUM]; - static char *names[ALGOR_NUM]={ - "md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4", - "des cbc","des ede3","idea cbc", - "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"}; -#define R_DSA_512 0 -#define R_DSA_1024 1 -#define R_DSA_2048 2 -#define R_RSA_512 0 -#define R_RSA_1024 1 -#define R_RSA_2048 2 -#define R_RSA_4096 3 -#ifndef NO_RSA - RSA *rsa_key[RSA_NUM]; - long rsa_c[RSA_NUM][2]; - double rsa_results[RSA_NUM][2]; - static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096}; - static unsigned char *rsa_data[RSA_NUM]= - {test512,test1024,test2048,test4096}; - static int rsa_data_length[RSA_NUM]={ - sizeof(test512),sizeof(test1024), - sizeof(test2048),sizeof(test4096)}; -#endif -#ifndef NO_DSA - DSA *dsa_key[DSA_NUM]; - long dsa_c[DSA_NUM][2]; - double dsa_results[DSA_NUM][2]; - static unsigned int dsa_bits[DSA_NUM]={512,1024,2048}; -#endif - int rsa_doit[RSA_NUM]; - int dsa_doit[DSA_NUM]; - int doit[ALGOR_NUM]; - int pr_header=0; - - apps_startup(); - memset(results, 0, sizeof(results)); -#ifndef NO_DSA - memset(dsa_key,0,sizeof(dsa_key)); -#endif - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - -#ifndef NO_RSA - memset(rsa_key,0,sizeof(rsa_key)); - for (i=0; i<RSA_NUM; i++) - rsa_key[i]=NULL; -#endif - - if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) - { - BIO_printf(bio_err,"out of memory\n"); - goto end; - } -#ifndef NO_DES - buf_as_des_cblock = (des_cblock *)buf; -#endif - if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) - { - BIO_printf(bio_err,"out of memory\n"); - goto end; - } - - memset(c,0,sizeof(c)); - memset(iv,0,sizeof(iv)); - - for (i=0; i<ALGOR_NUM; i++) - doit[i]=0; - for (i=0; i<RSA_NUM; i++) - rsa_doit[i]=0; - for (i=0; i<DSA_NUM; i++) - dsa_doit[i]=0; - - j=0; - argc--; - argv++; - while (argc) - { -#ifndef NO_MD2 - if (strcmp(*argv,"md2") == 0) doit[D_MD2]=1; - else -#endif -#ifndef NO_MDC2 - if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1; - else -#endif -#ifndef NO_MD5 - if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1; - else -#endif -#ifndef NO_MD5 - if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1; - else -#endif -#ifndef NO_SHA - if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1; - else - if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1; - else -#endif -#ifndef NO_RIPEMD - if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1; - else - if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1; - else - if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1; - else -#endif -#ifndef NO_RC4 - if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1; - else -#endif -#ifndef NO_DES - if (strcmp(*argv,"des-cbc") == 0) doit[D_CBC_DES]=1; - else if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1; - else -#endif -#ifndef NO_RSA -#ifndef RSA_NULL - if (strcmp(*argv,"openssl") == 0) - { - RSA_set_default_method(RSA_PKCS1()); - j--; - } - else -#endif -#endif /* !NO_RSA */ - if (strcmp(*argv,"dsa512") == 0) dsa_doit[R_DSA_512]=2; - else if (strcmp(*argv,"dsa1024") == 0) dsa_doit[R_DSA_1024]=2; - else if (strcmp(*argv,"dsa2048") == 0) dsa_doit[R_DSA_2048]=2; - else if (strcmp(*argv,"rsa512") == 0) rsa_doit[R_RSA_512]=2; - else if (strcmp(*argv,"rsa1024") == 0) rsa_doit[R_RSA_1024]=2; - else if (strcmp(*argv,"rsa2048") == 0) rsa_doit[R_RSA_2048]=2; - else if (strcmp(*argv,"rsa4096") == 0) rsa_doit[R_RSA_4096]=2; - else -#ifndef NO_RC2 - if (strcmp(*argv,"rc2-cbc") == 0) doit[D_CBC_RC2]=1; - else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1; - else -#endif -#ifndef NO_RC5 - if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1; - else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1; - else -#endif -#ifndef NO_IDEA - if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1; - else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1; - else -#endif -#ifndef NO_BF - if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1; - else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1; - else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1; - else -#endif -#ifndef NO_CAST - if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1; - else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1; - else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1; - else -#endif -#ifndef NO_DES - if (strcmp(*argv,"des") == 0) - { - doit[D_CBC_DES]=1; - doit[D_EDE3_DES]=1; - } - else -#endif -#ifndef NO_RSA - if (strcmp(*argv,"rsa") == 0) - { - rsa_doit[R_RSA_512]=1; - rsa_doit[R_RSA_1024]=1; - rsa_doit[R_RSA_2048]=1; - rsa_doit[R_RSA_4096]=1; - } - else -#endif -#ifndef NO_DSA - if (strcmp(*argv,"dsa") == 0) - { - dsa_doit[R_DSA_512]=1; - dsa_doit[R_DSA_1024]=1; - } - else -#endif - { - BIO_printf(bio_err,"bad value, pick one of\n"); - BIO_printf(bio_err,"md2 mdc2 md5 hmac sha1 rmd160\n"); -#ifndef NO_IDEA - BIO_printf(bio_err,"idea-cbc "); -#endif -#ifndef NO_RC2 - BIO_printf(bio_err,"rc2-cbc "); -#endif -#ifndef NO_RC5 - BIO_printf(bio_err,"rc5-cbc "); -#endif -#ifndef NO_BF - BIO_printf(bio_err,"bf-cbc"); -#endif -#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BF) && !defined(NO_RC5) - BIO_printf(bio_err,"\n"); -#endif - BIO_printf(bio_err,"des-cbc des-ede3 "); -#ifndef NO_RC4 - BIO_printf(bio_err,"rc4"); -#endif -#ifndef NO_RSA - BIO_printf(bio_err,"\nrsa512 rsa1024 rsa2048 rsa4096\n"); -#endif -#ifndef NO_DSA - BIO_printf(bio_err,"\ndsa512 dsa1024 dsa2048\n"); -#endif - BIO_printf(bio_err,"idea rc2 des rsa blowfish\n"); - goto end; - } - argc--; - argv++; - j++; - } - - if (j == 0) - { - for (i=0; i<ALGOR_NUM; i++) - doit[i]=1; - for (i=0; i<RSA_NUM; i++) - rsa_doit[i]=1; - for (i=0; i<DSA_NUM; i++) - dsa_doit[i]=1; - } - for (i=0; i<ALGOR_NUM; i++) - if (doit[i]) pr_header++; - -#ifndef TIMES - BIO_printf(bio_err,"To get the most accurate results, try to run this\n"); - BIO_printf(bio_err,"program when this computer is idle.\n"); -#endif - -#ifndef NO_RSA - for (i=0; i<RSA_NUM; i++) - { - unsigned char *p; - - p=rsa_data[i]; - rsa_key[i]=d2i_RSAPrivateKey(NULL,&p,rsa_data_length[i]); - if (rsa_key[i] == NULL) - { - BIO_printf(bio_err,"internal error loading RSA key number %d\n",i); - goto end; - } -#if 0 - else - { - BIO_printf(bio_err,"Loaded RSA key, %d bit modulus and e= 0x",BN_num_bits(rsa_key[i]->n)); - BN_print(bio_err,rsa_key[i]->e); - BIO_printf(bio_err,"\n"); - } -#endif - } -#endif - -#ifndef NO_DSA - dsa_key[0]=get_dsa512(); - dsa_key[1]=get_dsa1024(); - dsa_key[2]=get_dsa2048(); -#endif - -#ifndef NO_DES - des_set_key_unchecked(&key,sch); - des_set_key_unchecked(&key2,sch2); - des_set_key_unchecked(&key3,sch3); -#endif -#ifndef NO_IDEA - idea_set_encrypt_key(key16,&idea_ks); -#endif -#ifndef NO_RC4 - RC4_set_key(&rc4_ks,16,key16); -#endif -#ifndef NO_RC2 - RC2_set_key(&rc2_ks,16,key16,128); -#endif -#ifndef NO_RC5 - RC5_32_set_key(&rc5_ks,16,key16,12); -#endif -#ifndef NO_BF - BF_set_key(&bf_ks,16,key16); -#endif -#ifndef NO_CAST - CAST_set_key(&cast_ks,16,key16); -#endif -#ifndef NO_RSA - memset(rsa_c,0,sizeof(rsa_c)); -#endif -#ifndef SIGALRM -#ifndef NO_DES - BIO_printf(bio_err,"First we calculate the approximate speed ...\n"); - count=10; - do { - long i; - count*=2; - Time_F(START); - for (i=count; i; i--) - des_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, - &(sch[0]),DES_ENCRYPT); - d=Time_F(STOP); - } while (d <3); - c[D_MD2][0]=count/10; - c[D_MDC2][0]=count/10; - c[D_MD5][0]=count; - c[D_HMAC][0]=count; - c[D_SHA1][0]=count; - c[D_RMD160][0]=count; - c[D_RC4][0]=count*5; - c[D_CBC_DES][0]=count; - c[D_EDE3_DES][0]=count/3; - c[D_CBC_IDEA][0]=count; - c[D_CBC_RC2][0]=count; - c[D_CBC_RC5][0]=count; - c[D_CBC_BF][0]=count; - c[D_CBC_CAST][0]=count; - - for (i=1; i<SIZE_NUM; i++) - { - c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i]; - c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i]; - c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i]; - c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i]; - c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i]; - c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i]; - } - for (i=1; i<SIZE_NUM; i++) - { - long l0,l1; - - l0=(long)lengths[i-1]; - l1=(long)lengths[i]; - c[D_RC4][i]=c[D_RC4][i-1]*l0/l1; - c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1; - c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1; - c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1; - c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1; - c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1; - c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1; - c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1; - } -#ifndef NO_RSA - rsa_c[R_RSA_512][0]=count/2000; - rsa_c[R_RSA_512][1]=count/400; - for (i=1; i<RSA_NUM; i++) - { - rsa_c[i][0]=rsa_c[i-1][0]/8; - rsa_c[i][1]=rsa_c[i-1][1]/4; - if ((rsa_doit[i] <= 1) && (rsa_c[i][0] == 0)) - rsa_doit[i]=0; - else - { - if (rsa_c[i][0] == 0) - { - rsa_c[i][0]=1; - rsa_c[i][1]=20; - } - } - } -#endif - - dsa_c[R_DSA_512][0]=count/1000; - dsa_c[R_DSA_512][1]=count/1000/2; - for (i=1; i<DSA_NUM; i++) - { - dsa_c[i][0]=dsa_c[i-1][0]/4; - dsa_c[i][1]=dsa_c[i-1][1]/4; - if ((dsa_doit[i] <= 1) && (dsa_c[i][0] == 0)) - dsa_doit[i]=0; - else - { - if (dsa_c[i] == 0) - { - dsa_c[i][0]=1; - dsa_c[i][1]=1; - } - } - } - -#define COND(d) (count < (d)) -#define COUNT(d) (d) -#else -/* not worth fixing */ -# error "You cannot disable DES on systems without SIGALRM." -#endif /* NO_DES */ -#else -#define COND(c) (run) -#define COUNT(d) (count) - signal(SIGALRM,sig_done); -#endif /* SIGALRM */ - -#ifndef NO_MD2 - if (doit[D_MD2]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_MD2],c[D_MD2][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_MD2][j]); count++) - MD2(buf,(unsigned long)lengths[j],&(md2[0])); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_MD2],d); - results[D_MD2][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_MDC2 - if (doit[D_MDC2]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_MDC2][j]); count++) - MDC2(buf,(unsigned long)lengths[j],&(mdc2[0])); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_MDC2],d); - results[D_MDC2][j]=((double)count)/d*lengths[j]; - } - } -#endif - -#ifndef NO_MD5 - if (doit[D_MD5]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_MD5],c[D_MD5][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_MD5][j]); count++) - MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0])); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_MD5],d); - results[D_MD5][j]=((double)count)/d*lengths[j]; - } - } -#endif - -#if !defined(NO_MD5) && !defined(NO_HMAC) - if (doit[D_HMAC]) - { - HMAC_CTX hctx; - HMAC_Init(&hctx,(unsigned char *)"This is a key...", - 16,EVP_md5()); - - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_HMAC][j]); count++) - { - HMAC_Init(&hctx,NULL,0,NULL); - HMAC_Update(&hctx,buf,lengths[j]); - HMAC_Final(&hctx,&(hmac[0]),NULL); - } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_HMAC],d); - results[D_HMAC][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_SHA - if (doit[D_SHA1]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_SHA1][j]); count++) - SHA1(buf,(unsigned long)lengths[j],&(sha[0])); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_SHA1],d); - results[D_SHA1][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_RIPEMD - if (doit[D_RMD160]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_RMD160][j]); count++) - RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0])); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_RMD160],d); - results[D_RMD160][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_RC4 - if (doit[D_RC4]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_RC4],c[D_RC4][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_RC4][j]); count++) - RC4(&rc4_ks,(unsigned int)lengths[j], - buf,buf); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_RC4],d); - results[D_RC4][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_DES - if (doit[D_CBC_DES]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_CBC_DES],c[D_CBC_DES][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_CBC_DES][j]); count++) - des_ncbc_encrypt(buf,buf,lengths[j],sch, - &iv,DES_ENCRYPT); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_CBC_DES],d); - results[D_CBC_DES][j]=((double)count)/d*lengths[j]; - } - } - - if (doit[D_EDE3_DES]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_EDE3_DES],c[D_EDE3_DES][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_EDE3_DES][j]); count++) - des_ede3_cbc_encrypt(buf,buf,lengths[j], - sch,sch2,sch3, - &iv,DES_ENCRYPT); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_EDE3_DES],d); - results[D_EDE3_DES][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_IDEA - if (doit[D_CBC_IDEA]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_CBC_IDEA],c[D_CBC_IDEA][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++) - idea_cbc_encrypt(buf,buf, - (unsigned long)lengths[j],&idea_ks, - iv,IDEA_ENCRYPT); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_CBC_IDEA],d); - results[D_CBC_IDEA][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_RC2 - if (doit[D_CBC_RC2]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_CBC_RC2],c[D_CBC_RC2][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++) - RC2_cbc_encrypt(buf,buf, - (unsigned long)lengths[j],&rc2_ks, - iv,RC2_ENCRYPT); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_CBC_RC2],d); - results[D_CBC_RC2][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_RC5 - if (doit[D_CBC_RC5]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++) - RC5_32_cbc_encrypt(buf,buf, - (unsigned long)lengths[j],&rc5_ks, - iv,RC5_ENCRYPT); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_CBC_RC5],d); - results[D_CBC_RC5][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_BF - if (doit[D_CBC_BF]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_CBC_BF],c[D_CBC_BF][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_CBC_BF][j]); count++) - BF_cbc_encrypt(buf,buf, - (unsigned long)lengths[j],&bf_ks, - iv,BF_ENCRYPT); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_CBC_BF],d); - results[D_CBC_BF][j]=((double)count)/d*lengths[j]; - } - } -#endif -#ifndef NO_CAST - if (doit[D_CBC_CAST]) - { - for (j=0; j<SIZE_NUM; j++) - { - print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]); - Time_F(START); - for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++) - CAST_cbc_encrypt(buf,buf, - (unsigned long)lengths[j],&cast_ks, - iv,CAST_ENCRYPT); - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_CBC_CAST],d); - results[D_CBC_CAST][j]=((double)count)/d*lengths[j]; - } - } -#endif - - RAND_pseudo_bytes(buf,36); -#ifndef NO_RSA - for (j=0; j<RSA_NUM; j++) - { - int ret; - if (!rsa_doit[j]) continue; - ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, rsa_key[j]); - pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j], - RSA_SECONDS); -/* RSA_blinding_on(rsa_key[j],NULL); */ - Time_F(START); - for (count=0,run=1; COND(rsa_c[j][0]); count++) - { - ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, - rsa_key[j]); - if (ret <= 0) - { - BIO_printf(bio_err,"RSA private encrypt failure\n"); - ERR_print_errors(bio_err); - count=1; - break; - } - } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit private RSA's in %.2fs\n", - count,rsa_bits[j],d); - rsa_results[j][0]=d/(double)count; - rsa_count=count; - -#if 1 - ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]); - pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j], - RSA_SECONDS); - Time_F(START); - for (count=0,run=1; COND(rsa_c[j][1]); count++) - { - ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, - rsa_key[j]); - if (ret <= 0) - { - BIO_printf(bio_err,"RSA verify failure\n"); - ERR_print_errors(bio_err); - count=1; - break; - } - } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n", - count,rsa_bits[j],d); - rsa_results[j][1]=d/(double)count; -#endif - - if (rsa_count <= 1) - { - /* if longer than 10s, don't do any more */ - for (j++; j<RSA_NUM; j++) - rsa_doit[j]=0; - } - } -#endif - - RAND_pseudo_bytes(buf,20); -#ifndef NO_DSA - if (RAND_status() != 1) - { - RAND_seed(rnd_seed, sizeof rnd_seed); - rnd_fake = 1; - } - for (j=0; j<DSA_NUM; j++) - { - unsigned int kk; - - if (!dsa_doit[j]) continue; - DSA_generate_key(dsa_key[j]); -/* DSA_sign_setup(dsa_key[j],NULL); */ - rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, - &kk,dsa_key[j]); - pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j], - DSA_SECONDS); - Time_F(START); - for (count=0,run=1; COND(dsa_c[j][0]); count++) - { - rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, - &kk,dsa_key[j]); - if (rsa_num == 0) - { - BIO_printf(bio_err,"DSA sign failure\n"); - ERR_print_errors(bio_err); - count=1; - break; - } - } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n", - count,dsa_bits[j],d); - dsa_results[j][0]=d/(double)count; - rsa_count=count; - - rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, - kk,dsa_key[j]); - pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j], - DSA_SECONDS); - Time_F(START); - for (count=0,run=1; COND(dsa_c[j][1]); count++) - { - rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, - kk,dsa_key[j]); - if (rsa_num2 == 0) - { - BIO_printf(bio_err,"DSA verify failure\n"); - ERR_print_errors(bio_err); - count=1; - break; - } - } - d=Time_F(STOP); - BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n", - count,dsa_bits[j],d); - dsa_results[j][1]=d/(double)count; - - if (rsa_count <= 1) - { - /* if longer than 10s, don't do any more */ - for (j++; j<DSA_NUM; j++) - dsa_doit[j]=0; - } - } - if (rnd_fake) RAND_cleanup(); -#endif - - fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_VERSION)); - fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_BUILT_ON)); - printf("options:"); - printf("%s ",BN_options()); -#ifndef NO_MD2 - printf("%s ",MD2_options()); -#endif -#ifndef NO_RC4 - printf("%s ",RC4_options()); -#endif -#ifndef NO_DES - printf("%s ",des_options()); -#endif -#ifndef NO_IDEA - printf("%s ",idea_options()); -#endif -#ifndef NO_BF - printf("%s ",BF_options()); -#endif - fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS)); - - if (pr_header) - { - fprintf(stdout,"The 'numbers' are in 1000s of bytes per second processed.\n"); - fprintf(stdout,"type "); - for (j=0; j<SIZE_NUM; j++) - fprintf(stdout,"%7d bytes",lengths[j]); - fprintf(stdout,"\n"); - } - - for (k=0; k<ALGOR_NUM; k++) - { - if (!doit[k]) continue; - fprintf(stdout,"%-13s",names[k]); - for (j=0; j<SIZE_NUM; j++) - { - if (results[k][j] > 10000) - fprintf(stdout," %11.2fk",results[k][j]/1e3); - else - fprintf(stdout," %11.2f ",results[k][j]); - } - fprintf(stdout,"\n"); - } -#ifndef NO_RSA - j=1; - for (k=0; k<RSA_NUM; k++) - { - if (!rsa_doit[k]) continue; - if (j) - { - printf("%18ssign verify sign/s verify/s\n"," "); - j=0; - } - fprintf(stdout,"rsa %4u bits %8.4fs %8.4fs %8.1f %8.1f", - rsa_bits[k],rsa_results[k][0],rsa_results[k][1], - 1.0/rsa_results[k][0],1.0/rsa_results[k][1]); - fprintf(stdout,"\n"); - } -#endif -#ifndef NO_DSA - j=1; - for (k=0; k<DSA_NUM; k++) - { - if (!dsa_doit[k]) continue; - if (j) { - printf("%18ssign verify sign/s verify/s\n"," "); - j=0; - } - fprintf(stdout,"dsa %4u bits %8.4fs %8.4fs %8.1f %8.1f", - dsa_bits[k],dsa_results[k][0],dsa_results[k][1], - 1.0/dsa_results[k][0],1.0/dsa_results[k][1]); - fprintf(stdout,"\n"); - } -#endif - mret=0; -end: - if (buf != NULL) Free(buf); - if (buf2 != NULL) Free(buf2); -#ifndef NO_RSA - for (i=0; i<RSA_NUM; i++) - if (rsa_key[i] != NULL) - RSA_free(rsa_key[i]); -#endif -#ifndef NO_DSA - for (i=0; i<DSA_NUM; i++) - if (dsa_key[i] != NULL) - DSA_free(dsa_key[i]); -#endif - EXIT(mret); - } - -static void print_message(char *s, long num, int length) - { -#ifdef SIGALRM - BIO_printf(bio_err,"Doing %s for %ds on %d size blocks: ",s,SECONDS,length); - (void)BIO_flush(bio_err); - alarm(SECONDS); -#else - BIO_printf(bio_err,"Doing %s %ld times on %d size blocks: ",s,num,length); - (void)BIO_flush(bio_err); -#endif -#ifdef LINT - num=num; -#endif - } - -static void pkey_print_message(char *str, char *str2, long num, int bits, - int tm) - { -#ifdef SIGALRM - BIO_printf(bio_err,"Doing %d bit %s %s's for %ds: ",bits,str,str2,tm); - (void)BIO_flush(bio_err); - alarm(RSA_SECONDS); -#else - BIO_printf(bio_err,"Doing %ld %d bit %s %s's: ",num,bits,str,str2); - (void)BIO_flush(bio_err); -#endif -#ifdef LINT - num=num; -#endif - } - diff --git a/crypto/openssl/apps/spkac.c b/crypto/openssl/apps/spkac.c deleted file mode 100644 index f3ee7e34e3a7e..0000000000000 --- a/crypto/openssl/apps/spkac.c +++ /dev/null @@ -1,276 +0,0 @@ -/* apps/spkac.c */ - -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. Based on an original idea by Massimiliano Pala - * (madwolf@openca.org). - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <time.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/conf.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/lhash.h> -#include <openssl/x509.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG spkac_main - -/* -in arg - input file - default stdin - * -out arg - output file - default stdout - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int i,badops=0, ret = 1; - BIO *in = NULL,*out = NULL, *key = NULL; - int verify=0,noout=0,pubkey=0; - char *infile = NULL,*outfile = NULL,*prog; - char *passargin = NULL, *passin = NULL; - char *spkac = "SPKAC", *spksect = "default", *spkstr = NULL; - char *challenge = NULL, *keyfile = NULL; - LHASH *conf = NULL; - NETSCAPE_SPKI *spki = NULL; - EVP_PKEY *pkey = NULL; - - apps_startup(); - - if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - keyfile= *(++argv); - } - else if (strcmp(*argv,"-challenge") == 0) - { - if (--argc < 1) goto bad; - challenge= *(++argv); - } - else if (strcmp(*argv,"-spkac") == 0) - { - if (--argc < 1) goto bad; - spkac= *(++argv); - } - else if (strcmp(*argv,"-spksect") == 0) - { - if (--argc < 1) goto bad; - spksect= *(++argv); - } - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (strcmp(*argv,"-pubkey") == 0) - pubkey=1; - else if (strcmp(*argv,"-verify") == 0) - verify=1; - else badops = 1; - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options]\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -key arg create SPKAC using private key\n"); - BIO_printf(bio_err," -passin arg input file pass phrase source\n"); - BIO_printf(bio_err," -challenge arg challenge string\n"); - BIO_printf(bio_err," -spkac arg alternative SPKAC name\n"); - BIO_printf(bio_err," -noout don't print SPKAC\n"); - BIO_printf(bio_err," -pubkey output public key\n"); - BIO_printf(bio_err," -verify verify SPKAC signature\n"); - goto end; - } - - ERR_load_crypto_strings(); - if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { - BIO_printf(bio_err, "Error getting password\n"); - goto end; - } - - if(keyfile) { - if(strcmp(keyfile, "-")) key = BIO_new_file(keyfile, "r"); - else key = BIO_new_fp(stdin, BIO_NOCLOSE); - if(!key) { - BIO_printf(bio_err, "Error opening key file\n"); - ERR_print_errors(bio_err); - goto end; - } - pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, passin); - if(!pkey) { - BIO_printf(bio_err, "Error reading private key\n"); - ERR_print_errors(bio_err); - goto end; - } - spki = NETSCAPE_SPKI_new(); - if(challenge) ASN1_STRING_set(spki->spkac->challenge, - challenge, strlen(challenge)); - NETSCAPE_SPKI_set_pubkey(spki, pkey); - NETSCAPE_SPKI_sign(spki, pkey, EVP_md5()); - spkstr = NETSCAPE_SPKI_b64_encode(spki); - - if (outfile) out = BIO_new_file(outfile, "w"); - else out = BIO_new_fp(stdout, BIO_NOCLOSE); - - if(!out) { - BIO_printf(bio_err, "Error opening output file\n"); - ERR_print_errors(bio_err); - goto end; - } - BIO_printf(out, "SPKAC=%s\n", spkstr); - Free(spkstr); - ret = 0; - goto end; - } - - - - if (infile) in = BIO_new_file(infile, "r"); - else in = BIO_new_fp(stdin, BIO_NOCLOSE); - - if(!in) { - BIO_printf(bio_err, "Error opening input file\n"); - ERR_print_errors(bio_err); - goto end; - } - - conf = CONF_load_bio(NULL, in, NULL); - - if(!conf) { - BIO_printf(bio_err, "Error parsing config file\n"); - ERR_print_errors(bio_err); - goto end; - } - - spkstr = CONF_get_string(conf, spksect, spkac); - - if(!spkstr) { - BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac); - ERR_print_errors(bio_err); - goto end; - } - - spki = NETSCAPE_SPKI_b64_decode(spkstr, -1); - - if(!spki) { - BIO_printf(bio_err, "Error loading SPKAC\n"); - ERR_print_errors(bio_err); - goto end; - } - - if (outfile) out = BIO_new_file(outfile, "w"); - else out = BIO_new_fp(stdout, BIO_NOCLOSE); - - if(!out) { - BIO_printf(bio_err, "Error opening output file\n"); - ERR_print_errors(bio_err); - goto end; - } - - if(!noout) NETSCAPE_SPKI_print(out, spki); - pkey = NETSCAPE_SPKI_get_pubkey(spki); - if(verify) { - i = NETSCAPE_SPKI_verify(spki, pkey); - if(i) BIO_printf(bio_err, "Signature OK\n"); - else { - BIO_printf(bio_err, "Signature Failure\n"); - ERR_print_errors(bio_err); - goto end; - } - } - if(pubkey) PEM_write_bio_PUBKEY(out, pkey); - - ret = 0; - -end: - CONF_free(conf); - NETSCAPE_SPKI_free(spki); - BIO_free(in); - BIO_free(out); - BIO_free(key); - EVP_PKEY_free(pkey); - if(passin) Free(passin); - EXIT(ret); - } diff --git a/crypto/openssl/apps/testCA.pem b/crypto/openssl/apps/testCA.pem deleted file mode 100644 index dcb710aa9d129..0000000000000 --- a/crypto/openssl/apps/testCA.pem +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBBzCBsgIBADBNMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEX -MBUGA1UEChMOTWluY29tIFB0eSBMdGQxEDAOBgNVBAMTB1RFU1QgQ0EwXDANBgkq -hkiG9w0BAQEFAANLADBIAkEAzW9brgA8efT2ODB+NrsflJZj3KKqKsm4OrXTRqfL -VETj1ws/zCXl42XJAxdWQMCP0liKfc9Ut4xi1qCVI7N07wIDAQABoAAwDQYJKoZI -hvcNAQEEBQADQQBjZZ42Det9Uw0AFwJy4ufUEy5Cv74pxBp5SZnljgHY+Az0Hs2S -uNkIegr2ITX5azKi9nOkg9ZmsmGG13FIjiC/ ------END CERTIFICATE REQUEST----- diff --git a/crypto/openssl/apps/testdsa.h b/crypto/openssl/apps/testdsa.h deleted file mode 100644 index f0bfbb1ffa2f3..0000000000000 --- a/crypto/openssl/apps/testdsa.h +++ /dev/null @@ -1,151 +0,0 @@ -/* NOCW */ -/* used by apps/speed.c */ -DSA *get_dsa512(void ); -DSA *get_dsa1024(void ); -DSA *get_dsa2048(void ); -static unsigned char dsa512_p[]={ - 0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86, - 0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0, - 0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9, - 0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD, - 0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66, - 0xA2,0x76,0x7D,0x31, - }; -static unsigned char dsa512_q[]={ - 0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A, - 0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F, - }; -static unsigned char dsa512_g[]={ - 0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49, - 0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9, - 0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF, - 0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE, - 0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12, - 0xA2,0x03,0x9D,0x20, - }; - -DSA *get_dsa512() - { - DSA *dsa; - - if ((dsa=DSA_new()) == NULL) return(NULL); - dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL); - dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL); - dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL); - if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) - return(NULL); - return(dsa); - } - -static unsigned char dsa1024_p[]={ - 0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47, - 0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D, - 0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73, - 0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9, - 0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5, - 0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E, - 0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7, - 0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95, - 0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE, - 0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80, - 0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49, - }; -static unsigned char dsa1024_q[]={ - 0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C, - 0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F, - }; -static unsigned char dsa1024_g[]={ - 0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46, - 0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D, - 0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88, - 0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18, - 0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61, - 0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F, - 0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16, - 0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6, - 0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5, - 0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5, - 0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8, - }; - -DSA *get_dsa1024() - { - DSA *dsa; - - if ((dsa=DSA_new()) == NULL) return(NULL); - dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL); - dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL); - dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL); - if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) - return(NULL); - return(dsa); - } - -static unsigned char dsa2048_p[]={ - 0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F, - 0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81, - 0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2, - 0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E, - 0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19, - 0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58, - 0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B, - 0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C, - 0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF, - 0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56, - 0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51, - 0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62, - 0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18, - 0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72, - 0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C, - 0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5, - 0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4, - 0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8, - 0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F, - 0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A, - 0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE, - 0xF8,0x68,0xCF,0x9B, - }; -static unsigned char dsa2048_q[]={ - 0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6, - 0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B, - }; -static unsigned char dsa2048_g[]={ - 0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5, - 0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E, - 0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C, - 0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E, - 0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29, - 0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8, - 0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D, - 0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A, - 0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F, - 0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B, - 0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E, - 0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7, - 0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40, - 0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6, - 0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5, - 0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5, - 0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72, - 0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64, - 0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01, - 0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99, - 0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E, - 0xF8,0xB2,0xE5,0x38, - }; - -DSA *get_dsa2048() - { - DSA *dsa; - - if ((dsa=DSA_new()) == NULL) return(NULL); - dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL); - dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL); - dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL); - if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) - return(NULL); - return(dsa); - } - -static const char rnd_seed[] = "string to make the random number generator think it has entropy"; -static int rnd_fake = 0; diff --git a/crypto/openssl/apps/testrsa.h b/crypto/openssl/apps/testrsa.h deleted file mode 100644 index 3007d792b0db8..0000000000000 --- a/crypto/openssl/apps/testrsa.h +++ /dev/null @@ -1,518 +0,0 @@ -/* apps/testrsa.h */ -/* used by apps/speed.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -static unsigned char test512[]={ - 0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00, - 0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01, - 0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f, - 0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde, - 0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71, - 0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87, - 0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83, - 0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02, - 0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc, - 0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66, - 0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf, - 0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4, - 0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf, - 0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26, - 0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb, - 0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9, - 0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a, - 0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3, - 0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2, - 0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53, - 0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda, - 0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8, - 0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d, - 0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b, - 0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01, - 0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11, - 0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47, - 0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4, - 0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99, - 0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c, - 0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb, - 0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c, - }; - -static unsigned char test1024[]={ - 0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81, - 0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05, - 0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5, - 0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55, - 0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9, - 0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96, - 0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37, - 0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd, - 0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24, - 0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23, - 0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37, - 0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94, - 0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b, - 0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02, - 0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f, - 0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0, - 0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f, - 0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f, - 0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88, - 0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba, - 0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c, - 0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43, - 0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc, - 0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee, - 0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d, - 0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed, - 0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20, - 0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c, - 0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3, - 0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02, - 0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4, - 0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a, - 0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc, - 0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2, - 0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04, - 0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52, - 0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38, - 0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7, - 0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20, - 0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4, - 0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02, - 0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b, - 0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52, - 0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde, - 0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f, - 0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66, - 0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46, - 0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad, - 0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80, - 0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf, - 0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84, - 0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60, - 0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c, - 0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b, - 0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c, - 0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7, - 0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53, - 0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9, - 0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba, - 0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14, - 0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45, - }; - -static unsigned char test2048[]={ - 0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01, - 0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f, - 0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27, - 0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f, - 0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde, - 0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a, - 0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32, - 0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f, - 0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab, - 0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33, - 0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f, - 0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4, - 0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e, - 0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29, - 0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b, - 0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0, - 0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34, - 0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1, - 0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15, - 0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c, - 0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66, - 0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2, - 0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27, - 0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15, - 0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20, - 0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1, - 0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03, - 0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3, - 0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa, - 0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c, - 0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac, - 0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40, - 0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3, - 0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d, - 0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01, - 0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4, - 0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5, - 0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9, - 0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6, - 0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3, - 0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e, - 0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46, - 0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53, - 0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59, - 0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab, - 0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48, - 0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca, - 0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35, - 0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9, - 0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b, - 0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f, - 0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0, - 0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33, - 0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7, - 0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50, - 0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c, - 0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8, - 0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56, - 0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f, - 0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04, - 0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14, - 0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c, - 0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06, - 0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c, - 0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28, - 0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80, - 0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1, - 0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc, - 0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63, - 0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61, - 0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94, - 0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95, - 0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4, - 0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84, - 0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94, - 0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e, - 0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11, - 0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1, - 0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb, - 0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80, - 0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5, - 0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a, - 0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29, - 0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72, - 0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54, - 0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8, - 0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d, - 0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90, - 0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27, - 0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28, - 0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82, - 0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90, - 0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81, - 0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf, - 0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01, - 0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16, - 0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5, - 0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3, - 0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc, - 0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1, - 0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8, - 0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31, - 0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c, - 0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b, - 0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32, - 0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02, - 0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9, - 0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84, - 0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04, - 0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a, - 0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd, - 0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43, - 0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46, - 0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41, - 0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5, - 0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b, - 0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55, - 0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d, - 0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4, - 0x95, - }; - -static unsigned char test4096[]={ - 0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02, - 0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43, - 0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21, - 0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44, - 0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28, - 0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41, - 0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7, - 0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd, - 0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e, - 0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b, - 0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6, - 0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf, - 0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d, - 0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e, - 0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0, - 0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99, - 0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90, - 0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8, - 0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a, - 0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda, - 0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca, - 0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28, - 0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7, - 0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb, - 0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26, - 0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c, - 0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03, - 0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1, - 0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09, - 0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83, - 0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95, - 0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc, - 0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36, - 0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5, - 0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc, - 0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8, - 0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa, - 0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca, - 0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e, - 0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56, - 0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48, - 0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46, - 0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b, - 0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe, - 0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3, - 0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69, - 0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe, - 0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3, - 0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f, - 0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed, - 0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4, - 0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3, - 0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02, - 0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f, - 0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb, - 0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd, - 0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5, - 0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17, - 0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52, - 0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c, - 0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f, - 0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12, - 0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61, - 0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8, - 0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4, - 0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e, - 0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50, - 0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea, - 0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16, - 0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae, - 0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6, - 0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c, - 0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a, - 0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e, - 0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb, - 0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5, - 0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6, - 0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe, - 0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14, - 0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88, - 0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7, - 0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19, - 0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40, - 0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b, - 0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69, - 0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9, - 0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c, - 0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62, - 0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2, - 0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9, - 0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25, - 0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d, - 0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab, - 0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f, - 0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c, - 0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda, - 0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd, - 0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54, - 0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41, - 0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7, - 0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1, - 0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d, - 0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65, - 0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28, - 0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01, - 0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d, - 0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14, - 0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc, - 0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37, - 0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81, - 0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94, - 0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e, - 0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9, - 0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c, - 0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24, - 0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc, - 0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1, - 0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc, - 0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84, - 0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77, - 0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21, - 0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6, - 0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa, - 0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14, - 0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39, - 0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06, - 0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3, - 0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35, - 0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97, - 0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed, - 0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01, - 0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8, - 0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4, - 0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94, - 0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4, - 0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d, - 0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c, - 0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e, - 0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1, - 0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc, - 0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55, - 0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61, - 0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92, - 0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80, - 0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13, - 0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48, - 0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed, - 0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9, - 0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a, - 0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35, - 0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7, - 0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c, - 0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47, - 0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8, - 0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7, - 0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc, - 0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82, - 0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b, - 0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef, - 0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6, - 0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80, - 0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac, - 0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b, - 0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35, - 0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c, - 0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e, - 0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a, - 0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd, - 0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5, - 0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc, - 0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30, - 0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f, - 0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c, - 0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe, - 0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f, - 0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91, - 0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9, - 0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf, - 0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76, - 0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0, - 0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78, - 0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10, - 0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82, - 0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00, - 0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25, - 0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3, - 0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b, - 0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79, - 0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94, - 0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8, - 0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38, - 0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0, - 0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44, - 0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b, - 0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf, - 0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f, - 0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28, - 0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97, - 0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f, - 0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48, - 0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35, - 0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84, - 0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a, - 0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b, - 0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e, - 0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55, - 0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16, - 0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c, - 0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82, - 0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05, - 0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3, - 0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e, - 0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43, - 0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e, - 0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a, - 0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed, - 0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7, - 0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c, - 0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b, - 0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e, - 0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95, - 0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11, - 0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb, - 0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e, - 0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a, - 0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc, - 0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35, - 0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21, - 0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a, - 0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70, - 0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01, - 0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c, - 0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26, - 0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55, - 0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17, - }; diff --git a/crypto/openssl/apps/tkca b/crypto/openssl/apps/tkca deleted file mode 100644 index bdaf21606afe5..0000000000000 --- a/crypto/openssl/apps/tkca +++ /dev/null @@ -1,66 +0,0 @@ -#!/usr/local/bin/perl5 -# -# This is only something I'm playing with, it does not work :-) -# - -use Tk; - -my $main=MainWindow->new(); -my $f=$main->Frame(-relief => "ridge", -borderwidth => 2); -$f->pack(-fill => 'x'); - -my $ff=$f->Frame; -$ff->pack(-fill => 'x'); -my $l=$ff->Label(-text => "TkCA - SSLeay", - -relief => "ridge", -borderwidth => 2); -$l->pack(-fill => 'x', -ipady => 5); - -my $l=$ff->Button(-text => "Certify"); -$l->pack(-fill => 'x', -ipady => 5); - -my $l=$ff->Button(-text => "Review"); -$l->pack(-fill => 'x', -ipady => 5); - -my $l=$ff->Button(-text => "Revoke"); -$l->pack(-fill => 'x', -ipady => 5); - -my $l=$ff->Button(-text => "Generate CRL"); -$l->pack(-fill => 'x', -ipady => 5); - -my($db)=&load_db("demoCA/index.txt"); - -MainLoop; - -sub load_db - { - my(%ret); - my($file)=@_; - my(*IN); - my(%db_serial,%db_name,@f,@db_s); - - $ret{'serial'}=\%db_serial; - $ret{'name'}=\%db_name; - - open(IN,"<$file") || die "unable to open $file:$!\n"; - while (<IN>) - { - chop; - s/([^\\])\t/\1\t\t/g; - my(@f)=split(/\t\t/); - die "wrong number of fields in $file, line $.\n" - if ($#f != 5); - - my(%f); - $f{'type'}=$f[0]; - $f{'exp'}=$f[1]; - $f{'rev'}=$f[2]; - $f{'serial'}=$f[3]; - $f{'file'}=$f[4]; - $f{'name'}=$f[5]; - die "serial number $f{'serial'} appears twice (line $.)\n" - if (defined($db{$f{'serial'}})) - $db_serial{$f{'serial'}}=\%f; - $db_name{$f{'name'}}.=$f{'serial'}." "; - } - return \%ret; - } diff --git a/crypto/openssl/apps/verify.c b/crypto/openssl/apps/verify.c deleted file mode 100644 index 267ee4ecd7853..0000000000000 --- a/crypto/openssl/apps/verify.c +++ /dev/null @@ -1,338 +0,0 @@ -/* apps/verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/x509.h> -#include <openssl/x509v3.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG verify_main - -static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx); -static int check(X509_STORE *ctx,char *file, STACK_OF(X509)*other, int purpose); -static STACK_OF(X509) *load_untrusted(char *file); -static int v_verbose=0; - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int i,ret=1; - int purpose = -1; - char *CApath=NULL,*CAfile=NULL; - char *untfile = NULL; - STACK_OF(X509) *untrusted = NULL; - X509_STORE *cert_ctx=NULL; - X509_LOOKUP *lookup=NULL; - - cert_ctx=X509_STORE_new(); - if (cert_ctx == NULL) goto end; - X509_STORE_set_verify_cb_func(cert_ctx,cb); - - ERR_load_crypto_strings(); - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - argc--; - argv++; - for (;;) - { - if (argc >= 1) - { - if (strcmp(*argv,"-CApath") == 0) - { - if (argc-- < 1) goto end; - CApath= *(++argv); - } - else if (strcmp(*argv,"-CAfile") == 0) - { - if (argc-- < 1) goto end; - CAfile= *(++argv); - } - else if (strcmp(*argv,"-purpose") == 0) - { - X509_PURPOSE *xptmp; - if (argc-- < 1) goto end; - i = X509_PURPOSE_get_by_sname(*(++argv)); - if(i < 0) - { - BIO_printf(bio_err, "unrecognized purpose\n"); - goto end; - } - xptmp = X509_PURPOSE_get0(i); - purpose = X509_PURPOSE_get_id(xptmp); - } - else if (strcmp(*argv,"-untrusted") == 0) - { - if (argc-- < 1) goto end; - untfile= *(++argv); - } - else if (strcmp(*argv,"-help") == 0) - goto end; - else if (strcmp(*argv,"-verbose") == 0) - v_verbose=1; - else if (argv[0][0] == '-') - goto end; - else - break; - argc--; - argv++; - } - else - break; - } - - lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file()); - if (lookup == NULL) abort(); - if (CAfile) { - i=X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM); - if(!i) { - BIO_printf(bio_err, "Error loading file %s\n", CAfile); - ERR_print_errors(bio_err); - goto end; - } - } else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); - - lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_hash_dir()); - if (lookup == NULL) abort(); - if (CApath) { - i=X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM); - if(!i) { - BIO_printf(bio_err, "Error loading directory %s\n", CApath); - ERR_print_errors(bio_err); - goto end; - } - } else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); - - ERR_clear_error(); - - if(untfile) { - if(!(untrusted = load_untrusted(untfile))) { - BIO_printf(bio_err, "Error loading untrusted file %s\n", untfile); - ERR_print_errors(bio_err); - goto end; - } - } - - if (argc < 1) check(cert_ctx, NULL, untrusted, purpose); - else - for (i=0; i<argc; i++) - check(cert_ctx,argv[i], untrusted, purpose); - ret=0; -end: - if (ret == 1) { - BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] cert1 cert2 ...\n"); - BIO_printf(bio_err,"recognized usages:\n"); - for(i = 0; i < X509_PURPOSE_get_count(); i++) { - X509_PURPOSE *ptmp; - ptmp = X509_PURPOSE_get0(i); - BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp), - X509_PURPOSE_get0_name(ptmp)); - } - } - if (cert_ctx != NULL) X509_STORE_free(cert_ctx); - sk_X509_pop_free(untrusted, X509_free); - EXIT(ret); - } - -static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, int purpose) - { - X509 *x=NULL; - BIO *in=NULL; - int i=0,ret=0; - X509_STORE_CTX *csc; - - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (file == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,file) <= 0) - { - perror(file); - goto end; - } - } - - x=PEM_read_bio_X509(in,NULL,NULL,NULL); - if (x == NULL) - { - fprintf(stdout,"%s: unable to load certificate file\n", - (file == NULL)?"stdin":file); - ERR_print_errors(bio_err); - goto end; - } - fprintf(stdout,"%s: ",(file == NULL)?"stdin":file); - - csc = X509_STORE_CTX_new(); - if (csc == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - X509_STORE_CTX_init(csc,ctx,x,uchain); - if(purpose >= 0) X509_STORE_CTX_set_purpose(csc, purpose); - i=X509_verify_cert(csc); - X509_STORE_CTX_free(csc); - - ret=0; -end: - if (i) - { - fprintf(stdout,"OK\n"); - ret=1; - } - else - ERR_print_errors(bio_err); - if (x != NULL) X509_free(x); - if (in != NULL) BIO_free(in); - - return(ret); - } - -static STACK_OF(X509) *load_untrusted(char *certfile) -{ - STACK_OF(X509_INFO) *sk=NULL; - STACK_OF(X509) *stack=NULL, *ret=NULL; - BIO *in=NULL; - X509_INFO *xi; - - if(!(stack = sk_X509_new_null())) { - BIO_printf(bio_err,"memory allocation failure\n"); - goto end; - } - - if(!(in=BIO_new_file(certfile, "r"))) { - BIO_printf(bio_err,"error opening the file, %s\n",certfile); - goto end; - } - - /* This loads from a file, a stack of x509/crl/pkey sets */ - if(!(sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL))) { - BIO_printf(bio_err,"error reading the file, %s\n",certfile); - goto end; - } - - /* scan over it and pull out the certs */ - while (sk_X509_INFO_num(sk)) - { - xi=sk_X509_INFO_shift(sk); - if (xi->x509 != NULL) - { - sk_X509_push(stack,xi->x509); - xi->x509=NULL; - } - X509_INFO_free(xi); - } - if(!sk_X509_num(stack)) { - BIO_printf(bio_err,"no certificates in file, %s\n",certfile); - sk_X509_free(stack); - goto end; - } - ret=stack; -end: - BIO_free(in); - sk_X509_INFO_free(sk); - return(ret); - } - -static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) - { - char buf[256]; - - if (!ok) - { - X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert),buf,256); - printf("%s\n",buf); - printf("error %d at %d depth lookup:%s\n",ctx->error, - ctx->error_depth, - X509_verify_cert_error_string(ctx->error)); - if (ctx->error == X509_V_ERR_CERT_HAS_EXPIRED) ok=1; - /* since we are just checking the certificates, it is - * ok if they are self signed. But we should still warn - * the user. - */ - if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1; - /* Continue after extension errors too */ - if (ctx->error == X509_V_ERR_INVALID_CA) ok=1; - if (ctx->error == X509_V_ERR_PATH_LENGTH_EXCEEDED) ok=1; - if (ctx->error == X509_V_ERR_INVALID_PURPOSE) ok=1; - if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1; - } - if (!v_verbose) - ERR_clear_error(); - return(ok); - } - diff --git a/crypto/openssl/apps/version.c b/crypto/openssl/apps/version.c deleted file mode 100644 index f5c9adc25471c..0000000000000 --- a/crypto/openssl/apps/version.c +++ /dev/null @@ -1,132 +0,0 @@ -/* apps/version.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "apps.h" -#include <openssl/evp.h> -#include <openssl/crypto.h> - -#undef PROG -#define PROG version_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int i,ret=0; - int cflags=0,version=0,date=0,options=0,platform=0; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (argc == 1) version=1; - for (i=1; i<argc; i++) - { - if (strcmp(argv[i],"-v") == 0) - version=1; - else if (strcmp(argv[i],"-b") == 0) - date=1; - else if (strcmp(argv[i],"-f") == 0) - cflags=1; - else if (strcmp(argv[i],"-o") == 0) - options=1; - else if (strcmp(argv[i],"-p") == 0) - platform=1; - else if (strcmp(argv[i],"-a") == 0) - date=version=cflags=options=platform=1; - else - { - BIO_printf(bio_err,"usage:version -[avbofp]\n"); - ret=1; - goto end; - } - } - - if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION)); - if (date) printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON)); - if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM)); - if (options) - { - printf("options: "); - printf("%s ",BN_options()); -#ifndef NO_MD2 - printf("%s ",MD2_options()); -#endif -#ifndef NO_RC4 - printf("%s ",RC4_options()); -#endif -#ifndef NO_DES - printf("%s ",des_options()); -#endif -#ifndef NO_IDEA - printf("%s ",idea_options()); -#endif -#ifndef NO_BF - printf("%s ",BF_options()); -#endif - printf("\n"); - } - if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS)); -end: - EXIT(ret); - } diff --git a/crypto/openssl/apps/winrand.c b/crypto/openssl/apps/winrand.c deleted file mode 100644 index d042258b504bf..0000000000000 --- a/crypto/openssl/apps/winrand.c +++ /dev/null @@ -1,149 +0,0 @@ -/* apps/winrand.c */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Usage: winrand [filename] - * - * Collects entropy from mouse movements and other events and writes - * random data to filename or .rnd - */ - -#include <windows.h> -#include <openssl/opensslv.h> -#include <openssl/rand.h> - -LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM); -const char *filename; - -int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, - PSTR cmdline, int iCmdShow) - { - static char appname[] = "OpenSSL"; - HWND hwnd; - MSG msg; - WNDCLASSEX wndclass; - char buffer[200]; - - if (cmdline[0] == '\0') - filename = RAND_file_name(buffer, sizeof buffer); - else - filename = cmdline; - - RAND_load_file(filename, -1); - - wndclass.cbSize = sizeof(wndclass); - wndclass.style = CS_HREDRAW | CS_VREDRAW; - wndclass.lpfnWndProc = WndProc; - wndclass.cbClsExtra = 0; - wndclass.cbWndExtra = 0; - wndclass.hInstance = hInstance; - wndclass.hIcon = LoadIcon(NULL, IDI_APPLICATION); - wndclass.hCursor = LoadCursor(NULL, IDC_ARROW); - wndclass.hbrBackground = (HBRUSH) GetStockObject(WHITE_BRUSH); - wndclass.lpszMenuName = NULL; - wndclass.lpszClassName = appname; - wndclass.hIconSm = LoadIcon(NULL, IDI_APPLICATION); - RegisterClassEx(&wndclass); - - hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT, - WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT, - CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance, NULL); - - ShowWindow(hwnd, iCmdShow); - UpdateWindow(hwnd); - - - while (GetMessage(&msg, NULL, 0, 0)) - { - TranslateMessage(&msg); - DispatchMessage(&msg); - } - - return msg.wParam; - } - -LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam) - { - HDC hdc; - PAINTSTRUCT ps; - RECT rect; - char buffer[200]; - static int seeded = 0; - - switch (iMsg) - { - case WM_PAINT: - hdc = BeginPaint(hwnd, &ps); - GetClientRect(hwnd, &rect); - DrawText(hdc, "Seeding the PRNG. Please move the mouse!", -1, - &rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER); - EndPaint(hwnd, &ps); - return 0; - - case WM_DESTROY: - PostQuitMessage(0); - return 0; - } - - if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0) - { - seeded = 1; - if (RAND_write_file(filename) <= 0) - MessageBox(hwnd, "Couldn't write random file!", - "OpenSSL", MB_OK | MB_ICONERROR); - PostQuitMessage(0); - } - - return DefWindowProc(hwnd, iMsg, wParam, lParam); - } diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c deleted file mode 100644 index 2d6384184c9e0..0000000000000 --- a/crypto/openssl/apps/x509.c +++ /dev/null @@ -1,1257 +0,0 @@ -/* apps/x509.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <assert.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#ifdef NO_STDIO -#define APPS_WIN16 -#endif -#include "apps.h" -#include <openssl/bio.h> -#include <openssl/asn1.h> -#include <openssl/err.h> -#include <openssl/bn.h> -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/x509v3.h> -#include <openssl/objects.h> -#include <openssl/pem.h> - -#undef PROG -#define PROG x509_main - -#undef POSTFIX -#define POSTFIX ".srl" -#define DEF_DAYS 30 - -#define CERT_HDR "certificate" - -static char *x509_usage[]={ -"usage: x509 args\n", -" -inform arg - input format - default PEM (one of DER, NET or PEM)\n", -" -outform arg - output format - default PEM (one of DER, NET or PEM)\n", -" -keyform arg - private key format - default PEM\n", -" -CAform arg - CA format - default PEM\n", -" -CAkeyform arg - CA key format - default PEM\n", -" -in arg - input file - default stdin\n", -" -out arg - output file - default stdout\n", -" -passin arg - private key password source\n", -" -serial - print serial number value\n", -" -hash - print hash value\n", -" -subject - print subject DN\n", -" -issuer - print issuer DN\n", -" -startdate - notBefore field\n", -" -enddate - notAfter field\n", -" -purpose - print out certificate purposes\n", -" -dates - both Before and After dates\n", -" -modulus - print the RSA key modulus\n", -" -pubkey - output the public key\n", -" -fingerprint - print the certificate fingerprint\n", -" -alias - output certificate alias\n", -" -noout - no certificate output\n", -" -trustout - output a \"trusted\" certificate\n", -" -clrtrust - clear all trusted purposes\n", -" -clrreject - clear all rejected purposes\n", -" -addtrust arg - trust certificate for a given purpose\n", -" -addreject arg - reject certificate for a given purpose\n", -" -setalias arg - set certificate alias\n", -" -days arg - How long till expiry of a signed certificate - def 30 days\n", -" -signkey arg - self sign cert with arg\n", -" -x509toreq - output a certification request object\n", -" -req - input is a certificate request, sign and output.\n", -" -CA arg - set the CA certificate, must be PEM format.\n", -" -CAkey arg - set the CA key, must be PEM format\n", -" missing, it is assumed to be in the CA file.\n", -" -CAcreateserial - create serial number file if it does not exist\n", -" -CAserial - serial file\n", -" -text - print the certificate in text form\n", -" -C - print out C code forms\n", -" -md2/-md5/-sha1/-mdc2 - digest to use\n", -" -extfile - configuration file with X509V3 extensions to add\n", -" -extensions - section from config file with X509V3 extensions to add\n", -" -clrext - delete extensions before signing and input certificate\n", -NULL -}; - -static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx); -static EVP_PKEY *load_key(char *file, int format, char *passin); -static X509 *load_cert(char *file, int format); -static int sign (X509 *x, EVP_PKEY *pkey,int days,int clrext, const EVP_MD *digest, - LHASH *conf, char *section); -static int x509_certify (X509_STORE *ctx,char *CAfile,const EVP_MD *digest, - X509 *x,X509 *xca,EVP_PKEY *pkey,char *serial, - int create,int days, int clrext, LHASH *conf, char *section); -static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt); -static int reqfile=0; - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) - { - int ret=1; - X509_REQ *req=NULL; - X509 *x=NULL,*xca=NULL; - ASN1_OBJECT *objtmp; - EVP_PKEY *Upkey=NULL,*CApkey=NULL; - int i,num,badops=0; - BIO *out=NULL; - BIO *STDout=NULL; - STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL; - int informat,outformat,keyformat,CAformat,CAkeyformat; - char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL; - char *CAkeyfile=NULL,*CAserial=NULL; - char *alias=NULL; - int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0; - int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0; - int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0; - int C=0; - int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0; - int pprint = 0; - char **pp; - X509_STORE *ctx=NULL; - X509_REQ *rq=NULL; - int fingerprint=0; - char buf[256]; - const EVP_MD *md_alg,*digest=EVP_md5(); - LHASH *extconf = NULL; - char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL; - int need_rand = 0; - - reqfile=0; - - apps_startup(); - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - STDout=BIO_new_fp(stdout,BIO_NOCLOSE); - - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - keyformat=FORMAT_PEM; - CAformat=FORMAT_PEM; - CAkeyformat=FORMAT_PEM; - - ctx=X509_STORE_new(); - if (ctx == NULL) goto end; - X509_STORE_set_verify_cb_func(ctx,callb); - - argc--; - argv++; - num=0; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-keyform") == 0) - { - if (--argc < 1) goto bad; - keyformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-req") == 0) - { - reqfile=1; - need_rand = 1; - } - else if (strcmp(*argv,"-CAform") == 0) - { - if (--argc < 1) goto bad; - CAformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-CAkeyform") == 0) - { - if (--argc < 1) goto bad; - CAformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-days") == 0) - { - if (--argc < 1) goto bad; - days=atoi(*(++argv)); - if (days == 0) - { - BIO_printf(STDout,"bad number of days\n"); - goto bad; - } - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-extfile") == 0) - { - if (--argc < 1) goto bad; - extfile= *(++argv); - } - else if (strcmp(*argv,"-extensions") == 0) - { - if (--argc < 1) goto bad; - extsect= *(++argv); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-signkey") == 0) - { - if (--argc < 1) goto bad; - keyfile= *(++argv); - sign_flag= ++num; - need_rand = 1; - } - else if (strcmp(*argv,"-CA") == 0) - { - if (--argc < 1) goto bad; - CAfile= *(++argv); - CA_flag= ++num; - need_rand = 1; - } - else if (strcmp(*argv,"-CAkey") == 0) - { - if (--argc < 1) goto bad; - CAkeyfile= *(++argv); - } - else if (strcmp(*argv,"-CAserial") == 0) - { - if (--argc < 1) goto bad; - CAserial= *(++argv); - } - else if (strcmp(*argv,"-addtrust") == 0) - { - if (--argc < 1) goto bad; - if(!(objtmp = OBJ_txt2obj(*(++argv), 0))) { - BIO_printf(bio_err, - "Invalid trust object value %s\n", *argv); - goto bad; - } - if(!trust) trust = sk_ASN1_OBJECT_new_null(); - sk_ASN1_OBJECT_push(trust, objtmp); - trustout = 1; - } - else if (strcmp(*argv,"-addreject") == 0) - { - if (--argc < 1) goto bad; - if(!(objtmp = OBJ_txt2obj(*(++argv), 0))) { - BIO_printf(bio_err, - "Invalid reject object value %s\n", *argv); - goto bad; - } - if(!reject) reject = sk_ASN1_OBJECT_new_null(); - sk_ASN1_OBJECT_push(reject, objtmp); - trustout = 1; - } - else if (strcmp(*argv,"-setalias") == 0) - { - if (--argc < 1) goto bad; - alias= *(++argv); - trustout = 1; - } - else if (strcmp(*argv,"-setalias") == 0) - { - if (--argc < 1) goto bad; - alias= *(++argv); - trustout = 1; - } - else if (strcmp(*argv,"-C") == 0) - C= ++num; - else if (strcmp(*argv,"-serial") == 0) - serial= ++num; - else if (strcmp(*argv,"-modulus") == 0) - modulus= ++num; - else if (strcmp(*argv,"-pubkey") == 0) - pubkey= ++num; - else if (strcmp(*argv,"-x509toreq") == 0) - x509req= ++num; - else if (strcmp(*argv,"-text") == 0) - text= ++num; - else if (strcmp(*argv,"-hash") == 0) - hash= ++num; - else if (strcmp(*argv,"-subject") == 0) - subject= ++num; - else if (strcmp(*argv,"-issuer") == 0) - issuer= ++num; - else if (strcmp(*argv,"-fingerprint") == 0) - fingerprint= ++num; - else if (strcmp(*argv,"-dates") == 0) - { - startdate= ++num; - enddate= ++num; - } - else if (strcmp(*argv,"-purpose") == 0) - pprint= ++num; - else if (strcmp(*argv,"-startdate") == 0) - startdate= ++num; - else if (strcmp(*argv,"-enddate") == 0) - enddate= ++num; - else if (strcmp(*argv,"-noout") == 0) - noout= ++num; - else if (strcmp(*argv,"-trustout") == 0) - trustout= 1; - else if (strcmp(*argv,"-clrtrust") == 0) - clrtrust= ++num; - else if (strcmp(*argv,"-clrreject") == 0) - clrreject= ++num; - else if (strcmp(*argv,"-alias") == 0) - aliasout= ++num; - else if (strcmp(*argv,"-CAcreateserial") == 0) - CA_createserial= ++num; - else if (strcmp(*argv,"-clrext") == 0) - clrext = 1; -#if 1 /* stay backwards-compatible with 0.9.5; this should go away soon */ - else if (strcmp(*argv,"-crlext") == 0) - { - BIO_printf(bio_err,"use -clrext instead of -crlext\n"); - clrext = 1; - } -#endif - else if ((md_alg=EVP_get_digestbyname(*argv + 1))) - { - /* ok */ - digest=md_alg; - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; - break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - for (pp=x509_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,*pp); - goto end; - } - - if (need_rand) - app_RAND_load_file(NULL, bio_err, 0); - - ERR_load_crypto_strings(); - - if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { - BIO_printf(bio_err, "Error getting password\n"); - goto end; - } - - if (!X509_STORE_set_default_paths(ctx)) - { - ERR_print_errors(bio_err); - goto end; - } - - if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM)) - { CAkeyfile=CAfile; } - else if ((CA_flag) && (CAkeyfile == NULL)) - { - BIO_printf(bio_err,"need to specify a CAkey if using the CA command\n"); - goto end; - } - - if (extfile) { - long errorline; - X509V3_CTX ctx2; - if (!(extconf=CONF_load(NULL,extfile,&errorline))) { - if (errorline <= 0) - BIO_printf(bio_err, - "error loading the config file '%s'\n", - extfile); - else - BIO_printf(bio_err, - "error on line %ld of config file '%s'\n" - ,errorline,extfile); - goto end; - } - if(!extsect && !(extsect = CONF_get_string(extconf, "default", - "extensions"))) extsect = "default"; - X509V3_set_ctx_test(&ctx2); - X509V3_set_conf_lhash(&ctx2, extconf); - if(!X509V3_EXT_add_conf(extconf, &ctx2, extsect, NULL)) { - BIO_printf(bio_err, - "Error Loading extension section %s\n", - extsect); - ERR_print_errors(bio_err); - goto end; - } - } - - - if (reqfile) - { - EVP_PKEY *pkey; - X509_CINF *ci; - BIO *in; - - if (!sign_flag && !CA_flag) - { - BIO_printf(bio_err,"We need a private key to sign with\n"); - goto end; - } - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE|BIO_FP_TEXT); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); - BIO_free(in); - - if (req == NULL) { perror(infile); goto end; } - - if ( (req->req_info == NULL) || - (req->req_info->pubkey == NULL) || - (req->req_info->pubkey->public_key == NULL) || - (req->req_info->pubkey->public_key->data == NULL)) - { - BIO_printf(bio_err,"The certificate request appears to corrupted\n"); - BIO_printf(bio_err,"It does not contain a public key\n"); - goto end; - } - if ((pkey=X509_REQ_get_pubkey(req)) == NULL) - { - BIO_printf(bio_err,"error unpacking public key\n"); - goto end; - } - i=X509_REQ_verify(req,pkey); - EVP_PKEY_free(pkey); - if (i < 0) - { - BIO_printf(bio_err,"Signature verification error\n"); - ERR_print_errors(bio_err); - goto end; - } - if (i == 0) - { - BIO_printf(bio_err,"Signature did not match the certificate request\n"); - goto end; - } - else - BIO_printf(bio_err,"Signature ok\n"); - - X509_NAME_oneline(req->req_info->subject,buf,256); - BIO_printf(bio_err,"subject=%s\n",buf); - - if ((x=X509_new()) == NULL) goto end; - ci=x->cert_info; - - if (!ASN1_INTEGER_set(X509_get_serialNumber(x),0)) goto end; - if (!X509_set_issuer_name(x,req->req_info->subject)) goto end; - if (!X509_set_subject_name(x,req->req_info->subject)) goto end; - - X509_gmtime_adj(X509_get_notBefore(x),0); - X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days); - - pkey = X509_REQ_get_pubkey(req); - X509_set_pubkey(x,pkey); - EVP_PKEY_free(pkey); - } - else - x=load_cert(infile,informat); - - if (x == NULL) goto end; - if (CA_flag) - { - xca=load_cert(CAfile,CAformat); - if (xca == NULL) goto end; - } - - if (!noout || text) - { - OBJ_create("2.99999.3", - "SET.ex3","SET x509v3 extension 3"); - - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - if (outfile == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - } - - if(alias) X509_alias_set1(x, (unsigned char *)alias, -1); - - if(clrtrust) X509_trust_clear(x); - if(clrreject) X509_reject_clear(x); - - if(trust) { - for(i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { - objtmp = sk_ASN1_OBJECT_value(trust, i); - X509_add1_trust_object(x, objtmp); - } - } - - if(reject) { - for(i = 0; i < sk_ASN1_OBJECT_num(reject); i++) { - objtmp = sk_ASN1_OBJECT_value(reject, i); - X509_add1_reject_object(x, objtmp); - } - } - - if (num) - { - for (i=1; i<=num; i++) - { - if (issuer == i) - { - X509_NAME_oneline(X509_get_issuer_name(x), - buf,256); - BIO_printf(STDout,"issuer= %s\n",buf); - } - else if (subject == i) - { - X509_NAME_oneline(X509_get_subject_name(x), - buf,256); - BIO_printf(STDout,"subject=%s\n",buf); - } - else if (serial == i) - { - BIO_printf(STDout,"serial="); - i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber); - BIO_printf(STDout,"\n"); - } - else if (aliasout == i) - { - unsigned char *alstr; - alstr = X509_alias_get0(x, NULL); - if(alstr) BIO_printf(STDout,"%s\n", alstr); - else BIO_puts(STDout,"<No Alias>\n"); - } - else if (hash == i) - { - BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x)); - } - else if (pprint == i) - { - X509_PURPOSE *ptmp; - int j; - BIO_printf(STDout, "Certificate purposes:\n"); - for(j = 0; j < X509_PURPOSE_get_count(); j++) - { - ptmp = X509_PURPOSE_get0(j); - purpose_print(STDout, x, ptmp); - } - } - else - if (modulus == i) - { - EVP_PKEY *pkey; - - pkey=X509_get_pubkey(x); - if (pkey == NULL) - { - BIO_printf(bio_err,"Modulus=unavailable\n"); - ERR_print_errors(bio_err); - goto end; - } - BIO_printf(STDout,"Modulus="); -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - BN_print(STDout,pkey->pkey.rsa->n); - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - BN_print(STDout,pkey->pkey.dsa->pub_key); - else -#endif - BIO_printf(STDout,"Wrong Algorithm type"); - BIO_printf(STDout,"\n"); - EVP_PKEY_free(pkey); - } - else - if (pubkey == i) - { - EVP_PKEY *pkey; - - pkey=X509_get_pubkey(x); - if (pkey == NULL) - { - BIO_printf(bio_err,"Error getting public key\n"); - ERR_print_errors(bio_err); - goto end; - } - PEM_write_bio_PUBKEY(STDout, pkey); - EVP_PKEY_free(pkey); - } - else - if (C == i) - { - unsigned char *d; - char *m; - int y,z; - - X509_NAME_oneline(X509_get_subject_name(x), - buf,256); - BIO_printf(STDout,"/* subject:%s */\n",buf); - m=X509_NAME_oneline( - X509_get_issuer_name(x),buf,256); - BIO_printf(STDout,"/* issuer :%s */\n",buf); - - z=i2d_X509(x,NULL); - m=Malloc(z); - - d=(unsigned char *)m; - z=i2d_X509_NAME(X509_get_subject_name(x),&d); - BIO_printf(STDout,"unsigned char XXX_subject_name[%d]={\n",z); - d=(unsigned char *)m; - for (y=0; y<z; y++) - { - BIO_printf(STDout,"0x%02X,",d[y]); - if ((y & 0x0f) == 0x0f) BIO_printf(STDout,"\n"); - } - if (y%16 != 0) BIO_printf(STDout,"\n"); - BIO_printf(STDout,"};\n"); - - z=i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x),&d); - BIO_printf(STDout,"unsigned char XXX_public_key[%d]={\n",z); - d=(unsigned char *)m; - for (y=0; y<z; y++) - { - BIO_printf(STDout,"0x%02X,",d[y]); - if ((y & 0x0f) == 0x0f) - BIO_printf(STDout,"\n"); - } - if (y%16 != 0) BIO_printf(STDout,"\n"); - BIO_printf(STDout,"};\n"); - - z=i2d_X509(x,&d); - BIO_printf(STDout,"unsigned char XXX_certificate[%d]={\n",z); - d=(unsigned char *)m; - for (y=0; y<z; y++) - { - BIO_printf(STDout,"0x%02X,",d[y]); - if ((y & 0x0f) == 0x0f) - BIO_printf(STDout,"\n"); - } - if (y%16 != 0) BIO_printf(STDout,"\n"); - BIO_printf(STDout,"};\n"); - - Free(m); - } - else if (text == i) - { - X509_print(out,x); - } - else if (startdate == i) - { - BIO_puts(STDout,"notBefore="); - ASN1_TIME_print(STDout,X509_get_notBefore(x)); - BIO_puts(STDout,"\n"); - } - else if (enddate == i) - { - BIO_puts(STDout,"notAfter="); - ASN1_TIME_print(STDout,X509_get_notAfter(x)); - BIO_puts(STDout,"\n"); - } - else if (fingerprint == i) - { - int j; - unsigned int n; - unsigned char md[EVP_MAX_MD_SIZE]; - - if (!X509_digest(x,digest,md,&n)) - { - BIO_printf(bio_err,"out of memory\n"); - goto end; - } - BIO_printf(STDout,"%s Fingerprint=", - OBJ_nid2sn(EVP_MD_type(digest))); - for (j=0; j<(int)n; j++) - { - BIO_printf(STDout,"%02X%c",md[j], - (j+1 == (int)n) - ?'\n':':'); - } - } - - /* should be in the library */ - else if ((sign_flag == i) && (x509req == 0)) - { - BIO_printf(bio_err,"Getting Private key\n"); - if (Upkey == NULL) - { - Upkey=load_key(keyfile,keyformat, passin); - if (Upkey == NULL) goto end; - } -#ifndef NO_DSA - if (Upkey->type == EVP_PKEY_DSA) - digest=EVP_dss1(); -#endif - - assert(need_rand); - if (!sign(x,Upkey,days,clrext,digest, - extconf, extsect)) goto end; - } - else if (CA_flag == i) - { - BIO_printf(bio_err,"Getting CA Private Key\n"); - if (CAkeyfile != NULL) - { - CApkey=load_key(CAkeyfile,CAkeyformat, passin); - if (CApkey == NULL) goto end; - } -#ifndef NO_DSA - if (CApkey->type == EVP_PKEY_DSA) - digest=EVP_dss1(); -#endif - - assert(need_rand); - if (!x509_certify(ctx,CAfile,digest,x,xca, - CApkey, CAserial,CA_createserial,days, clrext, - extconf, extsect)) - goto end; - } - else if (x509req == i) - { - EVP_PKEY *pk; - - BIO_printf(bio_err,"Getting request Private Key\n"); - if (keyfile == NULL) - { - BIO_printf(bio_err,"no request key file specified\n"); - goto end; - } - else - { - pk=load_key(keyfile,FORMAT_PEM, passin); - if (pk == NULL) goto end; - } - - BIO_printf(bio_err,"Generating certificate request\n"); - - if (pk->type == EVP_PKEY_DSA) - digest=EVP_dss1(); - - rq=X509_to_X509_REQ(x,pk,digest); - EVP_PKEY_free(pk); - if (rq == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - if (!noout) - { - X509_REQ_print(out,rq); - PEM_write_bio_X509_REQ(out,rq); - } - noout=1; - } - } - } - - if (noout) - { - ret=0; - goto end; - } - - if (outformat == FORMAT_ASN1) - i=i2d_X509_bio(out,x); - else if (outformat == FORMAT_PEM) { - if(trustout) i=PEM_write_bio_X509_AUX(out,x); - else i=PEM_write_bio_X509(out,x); - } else if (outformat == FORMAT_NETSCAPE) - { - ASN1_HEADER ah; - ASN1_OCTET_STRING os; - - os.data=(unsigned char *)CERT_HDR; - os.length=strlen(CERT_HDR); - ah.header= &os; - ah.data=(char *)x; - ah.meth=X509_asn1_meth(); - - /* no macro for this one yet */ - i=ASN1_i2d_bio(i2d_ASN1_HEADER,out,(unsigned char *)&ah); - } - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } - if (!i) { - BIO_printf(bio_err,"unable to write certificate\n"); - ERR_print_errors(bio_err); - goto end; - } - ret=0; -end: - if (need_rand) - app_RAND_write_file(NULL, bio_err); - OBJ_cleanup(); - CONF_free(extconf); - BIO_free(out); - BIO_free(STDout); - X509_STORE_free(ctx); - X509_REQ_free(req); - X509_free(x); - X509_free(xca); - EVP_PKEY_free(Upkey); - EVP_PKEY_free(CApkey); - X509_REQ_free(rq); - sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); - sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free); - if(passin) Free(passin); - EXIT(ret); - } - -static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, - X509 *x, X509 *xca, EVP_PKEY *pkey, char *serialfile, int create, - int days, int clrext, LHASH *conf, char *section) - { - int ret=0; - BIO *io=NULL; - MS_STATIC char buf2[1024]; - char *buf=NULL,*p; - BIGNUM *serial=NULL; - ASN1_INTEGER *bs=NULL,bs2; - X509_STORE_CTX xsc; - EVP_PKEY *upkey; - - upkey = X509_get_pubkey(xca); - EVP_PKEY_copy_parameters(upkey,pkey); - EVP_PKEY_free(upkey); - - X509_STORE_CTX_init(&xsc,ctx,x,NULL); - buf=Malloc(EVP_PKEY_size(pkey)*2+ - ((serialfile == NULL) - ?(strlen(CAfile)+strlen(POSTFIX)+1) - :(strlen(serialfile)))+1); - if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; } - if (serialfile == NULL) - { - strcpy(buf,CAfile); - for (p=buf; *p; p++) - if (*p == '.') - { - *p='\0'; - break; - } - strcat(buf,POSTFIX); - } - else - strcpy(buf,serialfile); - serial=BN_new(); - bs=ASN1_INTEGER_new(); - if ((serial == NULL) || (bs == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - - io=BIO_new(BIO_s_file()); - if (io == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (BIO_read_filename(io,buf) <= 0) - { - if (!create) - { - perror(buf); - goto end; - } - else - { - ASN1_INTEGER_set(bs,1); - BN_one(serial); - } - } - else - { - if (!a2i_ASN1_INTEGER(io,bs,buf2,1024)) - { - BIO_printf(bio_err,"unable to load serial number from %s\n",buf); - ERR_print_errors(bio_err); - goto end; - } - else - { - serial=BN_bin2bn(bs->data,bs->length,serial); - if (serial == NULL) - { - BIO_printf(bio_err,"error converting bin 2 bn"); - goto end; - } - } - } - - if (!BN_add_word(serial,1)) - { BIO_printf(bio_err,"add_word failure\n"); goto end; } - bs2.data=(unsigned char *)buf2; - bs2.length=BN_bn2bin(serial,bs2.data); - - if (BIO_write_filename(io,buf) <= 0) - { - BIO_printf(bio_err,"error attempting to write serial number file\n"); - perror(buf); - goto end; - } - i2a_ASN1_INTEGER(io,&bs2); - BIO_puts(io,"\n"); - BIO_free(io); - io=NULL; - - if (!X509_STORE_add_cert(ctx,x)) goto end; - - /* NOTE: this certificate can/should be self signed, unless it was - * a certificate request in which case it is not. */ - X509_STORE_CTX_set_cert(&xsc,x); - if (!reqfile && !X509_verify_cert(&xsc)) - goto end; - - if (!X509_check_private_key(xca,pkey)) - { - BIO_printf(bio_err,"CA certificate and CA private key do not match\n"); - goto end; - } - - if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end; - if (!X509_set_serialNumber(x,bs)) goto end; - - if (X509_gmtime_adj(X509_get_notBefore(x),0L) == NULL) - goto end; - - /* hardwired expired */ - if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL) - goto end; - - if(clrext) { - while(X509_get_ext_count(x) > 0) X509_delete_ext(x, 0); - } - - if(conf) { - X509V3_CTX ctx2; - X509_set_version(x,2); /* version 3 certificate */ - X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0); - X509V3_set_conf_lhash(&ctx2, conf); - if(!X509V3_EXT_add_conf(conf, &ctx2, section, x)) goto end; - } - - if (!X509_sign(x,pkey,digest)) goto end; - ret=1; -end: - X509_STORE_CTX_cleanup(&xsc); - if (!ret) - ERR_print_errors(bio_err); - if (buf != NULL) Free(buf); - if (bs != NULL) ASN1_INTEGER_free(bs); - if (io != NULL) BIO_free(io); - if (serial != NULL) BN_free(serial); - return(ret); - } - -static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx) - { - char buf[256]; - int err; - X509 *err_cert; - - /* it is ok to use a self signed certificate - * This case will catch both the initial ok == 0 and the - * final ok == 1 calls to this function */ - err=X509_STORE_CTX_get_error(ctx); - if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) - return(1); - - /* BAD we should have gotten an error. Normally if everything - * worked X509_STORE_CTX_get_error(ctx) will still be set to - * DEPTH_ZERO_SELF_.... */ - if (ok) - { - BIO_printf(bio_err,"error with certificate to be certified - should be self signed\n"); - return(0); - } - else - { - err_cert=X509_STORE_CTX_get_current_cert(ctx); - X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256); - BIO_printf(bio_err,"%s\n",buf); - BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n", - err,X509_STORE_CTX_get_error_depth(ctx), - X509_verify_cert_error_string(err)); - return(1); - } - } - -static EVP_PKEY *load_key(char *file, int format, char *passin) - { - BIO *key=NULL; - EVP_PKEY *pkey=NULL; - - if (file == NULL) - { - BIO_printf(bio_err,"no keyfile specified\n"); - goto end; - } - key=BIO_new(BIO_s_file()); - if (key == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - if (BIO_read_filename(key,file) <= 0) - { - perror(file); - goto end; - } - if (format == FORMAT_ASN1) - { - pkey=d2i_PrivateKey_bio(key, NULL); - } - else if (format == FORMAT_PEM) - { - pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,passin); - } - else - { - BIO_printf(bio_err,"bad input format specified for key\n"); - goto end; - } -end: - if (key != NULL) BIO_free(key); - if (pkey == NULL) - BIO_printf(bio_err,"unable to load Private Key\n"); - return(pkey); - } - -static X509 *load_cert(char *file, int format) - { - ASN1_HEADER *ah=NULL; - BUF_MEM *buf=NULL; - X509 *x=NULL; - BIO *cert; - - if ((cert=BIO_new(BIO_s_file())) == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (file == NULL) - BIO_set_fp(cert,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(cert,file) <= 0) - { - perror(file); - goto end; - } - } - if (format == FORMAT_ASN1) - x=d2i_X509_bio(cert,NULL); - else if (format == FORMAT_NETSCAPE) - { - unsigned char *p,*op; - int size=0,i; - - /* We sort of have to do it this way because it is sort of nice - * to read the header first and check it, then - * try to read the certificate */ - buf=BUF_MEM_new(); - for (;;) - { - if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10))) - goto end; - i=BIO_read(cert,&(buf->data[size]),1024*10); - size+=i; - if (i == 0) break; - if (i < 0) - { - perror("reading certificate"); - goto end; - } - } - p=(unsigned char *)buf->data; - op=p; - - /* First load the header */ - if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL) - goto end; - if ((ah->header == NULL) || (ah->header->data == NULL) || - (strncmp(CERT_HDR,(char *)ah->header->data, - ah->header->length) != 0)) - { - BIO_printf(bio_err,"Error reading header on certificate\n"); - goto end; - } - /* header is ok, so now read the object */ - p=op; - ah->meth=X509_asn1_meth(); - if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL) - goto end; - x=(X509 *)ah->data; - ah->data=NULL; - } - else if (format == FORMAT_PEM) - x=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input cert\n"); - goto end; - } -end: - if (x == NULL) - { - BIO_printf(bio_err,"unable to load certificate\n"); - ERR_print_errors(bio_err); - } - if (ah != NULL) ASN1_HEADER_free(ah); - if (cert != NULL) BIO_free(cert); - if (buf != NULL) BUF_MEM_free(buf); - return(x); - } - -/* self sign */ -static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest, - LHASH *conf, char *section) - { - - EVP_PKEY *pktmp; - - pktmp = X509_get_pubkey(x); - EVP_PKEY_copy_parameters(pktmp,pkey); - EVP_PKEY_save_parameters(pktmp,1); - EVP_PKEY_free(pktmp); - - if (!X509_set_issuer_name(x,X509_get_subject_name(x))) goto err; - if (X509_gmtime_adj(X509_get_notBefore(x),0) == NULL) goto err; - - /* Lets just make it 12:00am GMT, Jan 1 1970 */ - /* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */ - /* 28 days to be certified */ - - if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL) - goto err; - - if (!X509_set_pubkey(x,pkey)) goto err; - if(clrext) { - while(X509_get_ext_count(x) > 0) X509_delete_ext(x, 0); - } - if(conf) { - X509V3_CTX ctx; - X509_set_version(x,2); /* version 3 certificate */ - X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0); - X509V3_set_conf_lhash(&ctx, conf); - if(!X509V3_EXT_add_conf(conf, &ctx, section, x)) goto err; - } - if (!X509_sign(x,pkey,digest)) goto err; - return(1); -err: - ERR_print_errors(bio_err); - return(0); - } - -static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt) -{ - int id, i, idret; - char *pname; - id = X509_PURPOSE_get_id(pt); - pname = X509_PURPOSE_get0_name(pt); - for(i = 0; i < 2; i++) { - idret = X509_check_purpose(cert, id, i); - BIO_printf(bio, "%s%s : ", pname, i ? " CA" : ""); - if(idret == 1) BIO_printf(bio, "Yes\n"); - else if (idret == 0) BIO_printf(bio, "No\n"); - else BIO_printf(bio, "Yes (WARNING code=%d)\n", idret); - } - return 1; -} - - - |