/MINFO
/TABLE
/*.a
-/include
/*.pc
/rehash.time
/inc.*
/out.*
/tmp.*
-# Most *.c files under test/ are symlinks
-/test/*.c
-# Apart from these
-!/test/asn1test.c
-!/test/methtest.c
-!/test/dummytest.c
-!/test/igetest.c
-!/test/r160test.c
-!/test/fips_algvs.c
-!/test/testutil.c
-
/test/*.ss
/test/*.srl
/test/.rnd
!/crypto/des/times/486-50.sol
# Misc auto generated files
+include/openssl/opensslconf.h
/tools/c_rehash
-/test/evptests.txt
lib
Makefile.save
*.bak
my @skip=();
my $Makefile="Makefile";
my $des_locl="crypto/des/des_locl.h";
-my $des ="crypto/des/des.h";
-my $bn ="crypto/bn/bn.h";
-my $md2 ="crypto/md2/md2.h";
-my $rc4 ="crypto/rc4/rc4.h";
+my $des ="include/openssl/des.h";
+my $bn ="include/openssl/bn.h";
+my $md2 ="include/openssl/md2.h";
+my $rc4 ="include/openssl/rc4.h";
my $rc4_locl="crypto/rc4/rc4_locl.h";
-my $idea ="crypto/idea/idea.h";
-my $rc2 ="crypto/rc2/rc2.h";
+my $idea ="include/openssl/idea.h";
+my $rc2 ="include/openssl/rc2.h";
my $bf ="crypto/bf/bf_locl.h";
my $bn_asm ="bn_asm.o";
my $des_enc="des_enc.o fcrypt_b.o";
my $libkrb5="";
my $target;
my $options;
-my $symlink;
my $make_depend=0;
my %withargs=();
my $build_prefix = "release_";
$libs="";
$target="";
$options="";
- $symlink=1;
$argv_unprocessed=0;
$argvstring=join(' ',@argvcopy);
{ }
elsif (/^zlib-dynamic$/)
{ }
- elsif (/^symlinks$/)
- { $symlink = 0; }
elsif (/^sse2$/)
{ $no_sse2 = 1; }
else
my $shlib_major = "unknown";
my $shlib_minor = "unknown";
-open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
+open(IN,'<include/openssl/opensslv.h') || die "unable to read opensslv.h:$!\n";
while (<IN>)
{
$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
}
open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
-unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
-open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
+unlink("include/openssl/opensslconf.h.new") || die "unable to remove old include/openssl/opensslconf.h.new:$!\n" if -e "include/openssl/opensslconf.h.new";
+open(OUT,'>include/openssl/opensslconf.h.new') || die "unable to create include/openssl/opensslconf.h.new:$!\n";
print OUT "/* opensslconf.h */\n";
print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
print OUT "}\n";
print OUT "#endif\n";
close(OUT);
-rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
-rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
+rename("include/openssl/opensslconf.h","include/openssl/opensslconf.h.bak") || die "unable to rename include/openssl/opensslconf.h\n" if -e "include/openssl/opensslconf.h";
+rename("include/openssl/opensslconf.h.new","include/openssl/opensslconf.h") || die "unable to rename include/openssl/opensslconf.h.new\n";
# Fix the date
} else {
my $make_command = "$make PERL=\'$perl\'";
my $make_targets = "";
- $make_targets .= " links" if $symlink;
$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
- $make_targets .= " gentests" if $symlink;
(system $make_command.$make_targets) == 0 or die "make $make_targets failed"
if $make_targets ne "";
if ( $perl =~ m@^/@) {
DIRS= crypto ssl engines apps test tools
ENGDIRS= ccgost
SHLIBDIRS= crypto ssl
+INSTALL_SUBS= engines apps tools
# dirs in crypto to build
SDIRS= \
$(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
@set -e; target=files; $(RECURSIVE_BUILD_CMD)
-links:
- @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
- @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
- @set -e; target=links; $(RECURSIVE_BUILD_CMD)
-
gentests:
@(cd test && echo "generating dummy tests (if needed)..." && \
$(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update
-crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
- $(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
-crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
- $(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
+crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl include/openssl/obj_mac.h
+ $(PERL) crypto/objects/obj_dat.pl include/openssl/obj_mac.h crypto/objects/obj_dat.h
+include/openssl/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
+ $(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num include/openssl/obj_mac.h
crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
install_sw:
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALLDIRS)
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ @set -e; for i in include/openssl/*.h; do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$$i ); \
done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ @set -e; target=install; for dir in $(INSTALL_SUBS); do $(BUILD_CMD); done
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
+++ /dev/null
-/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_H
-# define HEADER_AES_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_AES
-# error AES is disabled.
-# endif
-
-# include <stddef.h>
-
-# define AES_ENCRYPT 1
-# define AES_DECRYPT 0
-
-/*
- * Because array size can't be a const in C, the following two are macros.
- * Both sizes are in bytes.
- */
-# define AES_MAXNR 14
-# define AES_BLOCK_SIZE 16
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-struct aes_key_st {
-# ifdef AES_LONG
- unsigned long rd_key[4 * (AES_MAXNR + 1)];
-# else
- unsigned int rd_key[4 * (AES_MAXNR + 1)];
-# endif
- int rounds;
-};
-typedef struct aes_key_st AES_KEY;
-
-const char *AES_options(void);
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
-
-void AES_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key);
-void AES_decrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key);
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key, const int enc);
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, const int enc);
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num);
-/* NB: the IV is _two_ blocks long */
-void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, const int enc);
-/* NB: the IV is _four_ blocks long */
-void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- const AES_KEY *key2, const unsigned char *ivec,
- const int enc);
-
-int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen);
-int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen);
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* !HEADER_AES_H */
+++ /dev/null
-/* crypto/asn1/asn1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_H
-# define HEADER_ASN1_H
-
-# include <time.h>
-# include <openssl/e_os2.h>
-# include <openssl/bio.h>
-# include <openssl/stack.h>
-# include <openssl/safestack.h>
-
-# include <openssl/symhacks.h>
-
-# include <openssl/ossl_typ.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# endif
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define V_ASN1_UNIVERSAL 0x00
-# define V_ASN1_APPLICATION 0x40
-# define V_ASN1_CONTEXT_SPECIFIC 0x80
-# define V_ASN1_PRIVATE 0xc0
-
-# define V_ASN1_CONSTRUCTED 0x20
-# define V_ASN1_PRIMITIVE_TAG 0x1f
-# define V_ASN1_PRIMATIVE_TAG 0x1f
-
-# define V_ASN1_APP_CHOOSE -2/* let the recipient choose */
-# define V_ASN1_OTHER -3/* used in ASN1_TYPE */
-# define V_ASN1_ANY -4/* used in ASN1 template code */
-
-# define V_ASN1_NEG 0x100/* negative flag */
-
-# define V_ASN1_UNDEF -1
-# define V_ASN1_EOC 0
-# define V_ASN1_BOOLEAN 1 /**/
-# define V_ASN1_INTEGER 2
-# define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
-# define V_ASN1_BIT_STRING 3
-# define V_ASN1_OCTET_STRING 4
-# define V_ASN1_NULL 5
-# define V_ASN1_OBJECT 6
-# define V_ASN1_OBJECT_DESCRIPTOR 7
-# define V_ASN1_EXTERNAL 8
-# define V_ASN1_REAL 9
-# define V_ASN1_ENUMERATED 10
-# define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
-# define V_ASN1_UTF8STRING 12
-# define V_ASN1_SEQUENCE 16
-# define V_ASN1_SET 17
-# define V_ASN1_NUMERICSTRING 18 /**/
-# define V_ASN1_PRINTABLESTRING 19
-# define V_ASN1_T61STRING 20
-# define V_ASN1_TELETEXSTRING 20/* alias */
-# define V_ASN1_VIDEOTEXSTRING 21 /**/
-# define V_ASN1_IA5STRING 22
-# define V_ASN1_UTCTIME 23
-# define V_ASN1_GENERALIZEDTIME 24 /**/
-# define V_ASN1_GRAPHICSTRING 25 /**/
-# define V_ASN1_ISO64STRING 26 /**/
-# define V_ASN1_VISIBLESTRING 26/* alias */
-# define V_ASN1_GENERALSTRING 27 /**/
-# define V_ASN1_UNIVERSALSTRING 28 /**/
-# define V_ASN1_BMPSTRING 30
-/* For use with d2i_ASN1_type_bytes() */
-# define B_ASN1_NUMERICSTRING 0x0001
-# define B_ASN1_PRINTABLESTRING 0x0002
-# define B_ASN1_T61STRING 0x0004
-# define B_ASN1_TELETEXSTRING 0x0004
-# define B_ASN1_VIDEOTEXSTRING 0x0008
-# define B_ASN1_IA5STRING 0x0010
-# define B_ASN1_GRAPHICSTRING 0x0020
-# define B_ASN1_ISO64STRING 0x0040
-# define B_ASN1_VISIBLESTRING 0x0040
-# define B_ASN1_GENERALSTRING 0x0080
-# define B_ASN1_UNIVERSALSTRING 0x0100
-# define B_ASN1_OCTET_STRING 0x0200
-# define B_ASN1_BIT_STRING 0x0400
-# define B_ASN1_BMPSTRING 0x0800
-# define B_ASN1_UNKNOWN 0x1000
-# define B_ASN1_UTF8STRING 0x2000
-# define B_ASN1_UTCTIME 0x4000
-# define B_ASN1_GENERALIZEDTIME 0x8000
-# define B_ASN1_SEQUENCE 0x10000
-/* For use with ASN1_mbstring_copy() */
-# define MBSTRING_FLAG 0x1000
-# define MBSTRING_UTF8 (MBSTRING_FLAG)
-# define MBSTRING_ASC (MBSTRING_FLAG|1)
-# define MBSTRING_BMP (MBSTRING_FLAG|2)
-# define MBSTRING_UNIV (MBSTRING_FLAG|4)
-# define SMIME_OLDMIME 0x400
-# define SMIME_CRLFEOL 0x800
-# define SMIME_STREAM 0x1000
- struct X509_algor_st;
-DECLARE_STACK_OF(X509_ALGOR)
-
-/*
- * We MUST make sure that, except for constness, asn1_ctx_st and
- * asn1_const_ctx are exactly the same. Fortunately, as soon as the old ASN1
- * parsing macros are gone, we can throw this away as well...
- */
-typedef struct asn1_ctx_st {
- unsigned char *p; /* work char pointer */
- int eos; /* end of sequence read for indefinite
- * encoding */
- int error; /* error code to use when returning an error */
- int inf; /* constructed if 0x20, indefinite is 0x21 */
- int tag; /* tag from last 'get object' */
- int xclass; /* class from last 'get object' */
- long slen; /* length of last 'get object' */
- unsigned char *max; /* largest value of p allowed */
- unsigned char *q; /* temporary variable */
- unsigned char **pp; /* variable */
- int line; /* used in error processing */
-} ASN1_CTX;
-
-typedef struct asn1_const_ctx_st {
- const unsigned char *p; /* work char pointer */
- int eos; /* end of sequence read for indefinite
- * encoding */
- int error; /* error code to use when returning an error */
- int inf; /* constructed if 0x20, indefinite is 0x21 */
- int tag; /* tag from last 'get object' */
- int xclass; /* class from last 'get object' */
- long slen; /* length of last 'get object' */
- const unsigned char *max; /* largest value of p allowed */
- const unsigned char *q; /* temporary variable */
- const unsigned char **pp; /* variable */
- int line; /* used in error processing */
-} ASN1_const_CTX;
-
-# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
-/*
- * This indicates that the ASN1_STRING is not a real value but just a place
- * holder for the location where indefinite length constructed data should be
- * inserted in the memory buffer
- */
-# define ASN1_STRING_FLAG_NDEF 0x010
-
-/*
- * This flag is used by the CMS code to indicate that a string is not
- * complete and is a place holder for content when it had all been accessed.
- * The flag will be reset when content has been written to it.
- */
-
-# define ASN1_STRING_FLAG_CONT 0x020
-/*
- * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
- * type.
- */
-# define ASN1_STRING_FLAG_MSTRING 0x040
-/* This is the base type that holds just about everything :-) */
-struct asn1_string_st {
- int length;
- int type;
- unsigned char *data;
- /*
- * The value of the following field depends on the type being held. It
- * is mostly being used for BIT_STRING so if the input data has a
- * non-zero 'unused bits' value, it will be handled correctly
- */
- long flags;
-};
-
-/*
- * ASN1_ENCODING structure: this is used to save the received encoding of an
- * ASN1 type. This is useful to get round problems with invalid encodings
- * which can break signatures.
- */
-
-typedef struct ASN1_ENCODING_st {
- unsigned char *enc; /* DER encoding */
- long len; /* Length of encoding */
- int modified; /* set to 1 if 'enc' is invalid */
-} ASN1_ENCODING;
-
-/* Used with ASN1 LONG type: if a long is set to this it is omitted */
-# define ASN1_LONG_UNDEF 0x7fffffffL
-
-# define STABLE_FLAGS_MALLOC 0x01
-/*
- * A zero passed to ASN1_STRING_TABLE_new_add for the flags is interpreted
- * as "don't change" and STABLE_FLAGS_MALLOC is always set. By setting
- * STABLE_FLAGS_MALLOC only we can clear the existing value. Use the alias
- * STABLE_FLAGS_CLEAR to reflect this.
- */
-# define STABLE_FLAGS_CLEAR STABLE_FLAGS_MALLOC
-# define STABLE_NO_MASK 0x02
-# define DIRSTRING_TYPE \
- (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
-# define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
-
-typedef struct asn1_string_table_st {
- int nid;
- long minsize;
- long maxsize;
- unsigned long mask;
- unsigned long flags;
-} ASN1_STRING_TABLE;
-
-DECLARE_STACK_OF(ASN1_STRING_TABLE)
-
-/* size limits: this stuff is taken straight from RFC2459 */
-
-# define ub_name 32768
-# define ub_common_name 64
-# define ub_locality_name 128
-# define ub_state_name 128
-# define ub_organization_name 64
-# define ub_organization_unit_name 64
-# define ub_title 64
-# define ub_email_address 128
-
-/*
- * Declarations for template structures: for full definitions see asn1t.h
- */
-typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
-typedef struct ASN1_TLC_st ASN1_TLC;
-/* This is just an opaque pointer */
-typedef struct ASN1_VALUE_st ASN1_VALUE;
-
-/* Declare ASN1 functions: the implement macro in in asn1t.h */
-
-# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
-
-# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
-
-# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
-
-# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
-
-# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
- type *d2i_##name(type **a, const unsigned char **in, long len); \
- int i2d_##name(type *a, unsigned char **out); \
- DECLARE_ASN1_ITEM(itname)
-
-# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
- type *d2i_##name(type **a, const unsigned char **in, long len); \
- int i2d_##name(const type *a, unsigned char **out); \
- DECLARE_ASN1_ITEM(name)
-
-# define DECLARE_ASN1_NDEF_FUNCTION(name) \
- int i2d_##name##_NDEF(name *a, unsigned char **out);
-
-# define DECLARE_ASN1_FUNCTIONS_const(name) \
- DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
-
-# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- type *name##_new(void); \
- void name##_free(type *a);
-
-# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
- DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
-
-# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
- int fname##_print_ctx(BIO *out, stname *x, int indent, \
- const ASN1_PCTX *pctx);
-
-# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
-# define I2D_OF(type) int (*)(type *,unsigned char **)
-# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
-
-# define CHECKED_D2I_OF(type, d2i) \
- ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
-# define CHECKED_I2D_OF(type, i2d) \
- ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
-# define CHECKED_NEW_OF(type, xnew) \
- ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
-# define CHECKED_PTR_OF(type, p) \
- ((void*) (1 ? p : (type*)0))
-# define CHECKED_PPTR_OF(type, p) \
- ((void**) (1 ? p : (type**)0))
-
-# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
-# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
-# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
-
-TYPEDEF_D2I2D_OF(void);
-
-/*-
- * The following macros and typedefs allow an ASN1_ITEM
- * to be embedded in a structure and referenced. Since
- * the ASN1_ITEM pointers need to be globally accessible
- * (possibly from shared libraries) they may exist in
- * different forms. On platforms that support it the
- * ASN1_ITEM structure itself will be globally exported.
- * Other platforms will export a function that returns
- * an ASN1_ITEM pointer.
- *
- * To handle both cases transparently the macros below
- * should be used instead of hard coding an ASN1_ITEM
- * pointer in a structure.
- *
- * The structure will look like this:
- *
- * typedef struct SOMETHING_st {
- * ...
- * ASN1_ITEM_EXP *iptr;
- * ...
- * } SOMETHING;
- *
- * It would be initialised as e.g.:
- *
- * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
- *
- * and the actual pointer extracted with:
- *
- * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
- *
- * Finally an ASN1_ITEM pointer can be extracted from an
- * appropriate reference with: ASN1_ITEM_rptr(X509). This
- * would be used when a function takes an ASN1_ITEM * argument.
- *
- */
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM ASN1_ITEM_EXP;
-
-/* Macro to obtain ASN1_ITEM pointer from exported type */
-# define ASN1_ITEM_ptr(iptr) (iptr)
-
-/* Macro to include ASN1_ITEM pointer from base type */
-# define ASN1_ITEM_ref(iptr) (&(iptr##_it))
-
-# define ASN1_ITEM_rptr(ref) (&(ref##_it))
-
-# define DECLARE_ASN1_ITEM(name) \
- OPENSSL_EXTERN const ASN1_ITEM name##_it;
-
-# else
-
-/*
- * Platforms that can't easily handle shared global variables are declared as
- * functions returning ASN1_ITEM pointers.
- */
-
-/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
-
-/* Macro to obtain ASN1_ITEM pointer from exported type */
-# define ASN1_ITEM_ptr(iptr) (iptr())
-
-/* Macro to include ASN1_ITEM pointer from base type */
-# define ASN1_ITEM_ref(iptr) (iptr##_it)
-
-# define ASN1_ITEM_rptr(ref) (ref##_it())
-
-# define DECLARE_ASN1_ITEM(name) \
- const ASN1_ITEM * name##_it(void);
-
-# endif
-
-/* Parameters used by ASN1_STRING_print_ex() */
-
-/*
- * These determine which characters to escape: RFC2253 special characters,
- * control characters and MSB set characters
- */
-
-# define ASN1_STRFLGS_ESC_2253 1
-# define ASN1_STRFLGS_ESC_CTRL 2
-# define ASN1_STRFLGS_ESC_MSB 4
-
-/*
- * This flag determines how we do escaping: normally RC2253 backslash only,
- * set this to use backslash and quote.
- */
-
-# define ASN1_STRFLGS_ESC_QUOTE 8
-
-/* These three flags are internal use only. */
-
-/* Character is a valid PrintableString character */
-# define CHARTYPE_PRINTABLESTRING 0x10
-/* Character needs escaping if it is the first character */
-# define CHARTYPE_FIRST_ESC_2253 0x20
-/* Character needs escaping if it is the last character */
-# define CHARTYPE_LAST_ESC_2253 0x40
-
-/*
- * NB the internal flags are safely reused below by flags handled at the top
- * level.
- */
-
-/*
- * If this is set we convert all character strings to UTF8 first
- */
-
-# define ASN1_STRFLGS_UTF8_CONVERT 0x10
-
-/*
- * If this is set we don't attempt to interpret content: just assume all
- * strings are 1 byte per character. This will produce some pretty odd
- * looking output!
- */
-
-# define ASN1_STRFLGS_IGNORE_TYPE 0x20
-
-/* If this is set we include the string type in the output */
-# define ASN1_STRFLGS_SHOW_TYPE 0x40
-
-/*
- * This determines which strings to display and which to 'dump' (hex dump of
- * content octets or DER encoding). We can only dump non character strings or
- * everything. If we don't dump 'unknown' they are interpreted as character
- * strings with 1 octet per character and are subject to the usual escaping
- * options.
- */
-
-# define ASN1_STRFLGS_DUMP_ALL 0x80
-# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
-
-/*
- * These determine what 'dumping' does, we can dump the content octets or the
- * DER encoding: both use the RFC2253 #XXXXX notation.
- */
-
-# define ASN1_STRFLGS_DUMP_DER 0x200
-
-/*
- * All the string flags consistent with RFC2253, escaping control characters
- * isn't essential in RFC2253 but it is advisable anyway.
- */
-
-# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
- ASN1_STRFLGS_ESC_CTRL | \
- ASN1_STRFLGS_ESC_MSB | \
- ASN1_STRFLGS_UTF8_CONVERT | \
- ASN1_STRFLGS_DUMP_UNKNOWN | \
- ASN1_STRFLGS_DUMP_DER)
-
-DECLARE_STACK_OF(ASN1_INTEGER)
-
-DECLARE_STACK_OF(ASN1_GENERALSTRING)
-
-typedef struct asn1_type_st {
- int type;
- union {
- char *ptr;
- ASN1_BOOLEAN boolean;
- ASN1_STRING *asn1_string;
- ASN1_OBJECT *object;
- ASN1_INTEGER *integer;
- ASN1_ENUMERATED *enumerated;
- ASN1_BIT_STRING *bit_string;
- ASN1_OCTET_STRING *octet_string;
- ASN1_PRINTABLESTRING *printablestring;
- ASN1_T61STRING *t61string;
- ASN1_IA5STRING *ia5string;
- ASN1_GENERALSTRING *generalstring;
- ASN1_BMPSTRING *bmpstring;
- ASN1_UNIVERSALSTRING *universalstring;
- ASN1_UTCTIME *utctime;
- ASN1_GENERALIZEDTIME *generalizedtime;
- ASN1_VISIBLESTRING *visiblestring;
- ASN1_UTF8STRING *utf8string;
- /*
- * set and sequence are left complete and still contain the set or
- * sequence bytes
- */
- ASN1_STRING *set;
- ASN1_STRING *sequence;
- ASN1_VALUE *asn1_value;
- } value;
-} ASN1_TYPE;
-
-DECLARE_STACK_OF(ASN1_TYPE)
-
-typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
-
-typedef struct NETSCAPE_X509_st {
- ASN1_OCTET_STRING *header;
- X509 *cert;
-} NETSCAPE_X509;
-
-/* This is used to contain a list of bit names */
-typedef struct BIT_STRING_BITNAME_st {
- int bitnum;
- const char *lname;
- const char *sname;
-} BIT_STRING_BITNAME;
-
-# define B_ASN1_TIME \
- B_ASN1_UTCTIME | \
- B_ASN1_GENERALIZEDTIME
-
-# define B_ASN1_PRINTABLE \
- B_ASN1_NUMERICSTRING| \
- B_ASN1_PRINTABLESTRING| \
- B_ASN1_T61STRING| \
- B_ASN1_IA5STRING| \
- B_ASN1_BIT_STRING| \
- B_ASN1_UNIVERSALSTRING|\
- B_ASN1_BMPSTRING|\
- B_ASN1_UTF8STRING|\
- B_ASN1_SEQUENCE|\
- B_ASN1_UNKNOWN
-
-# define B_ASN1_DIRECTORYSTRING \
- B_ASN1_PRINTABLESTRING| \
- B_ASN1_TELETEXSTRING|\
- B_ASN1_BMPSTRING|\
- B_ASN1_UNIVERSALSTRING|\
- B_ASN1_UTF8STRING
-
-# define B_ASN1_DISPLAYTEXT \
- B_ASN1_IA5STRING| \
- B_ASN1_VISIBLESTRING| \
- B_ASN1_BMPSTRING|\
- B_ASN1_UTF8STRING
-
-DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
-
-int ASN1_TYPE_get(ASN1_TYPE *a);
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
-int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
-int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
-
-ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t);
-void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
-
-ASN1_OBJECT *ASN1_OBJECT_new(void);
-void ASN1_OBJECT_free(ASN1_OBJECT *a);
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
- long length);
-
-DECLARE_ASN1_ITEM(ASN1_OBJECT)
-
-DECLARE_STACK_OF(ASN1_OBJECT)
-
-ASN1_STRING *ASN1_STRING_new(void);
-void ASN1_STRING_free(ASN1_STRING *a);
-void ASN1_STRING_clear_free(ASN1_STRING *a);
-int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
-ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
-ASN1_STRING *ASN1_STRING_type_new(int type);
-int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
- /*
- * Since this is used to store all sorts of things, via macros, for now,
- * make its data void *
- */
-int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
-int ASN1_STRING_length(const ASN1_STRING *x);
-void ASN1_STRING_length_set(ASN1_STRING *x, int n);
-int ASN1_STRING_type(ASN1_STRING *x);
-unsigned char *ASN1_STRING_data(ASN1_STRING *x);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
-int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n);
-int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a,
- const unsigned char *flags, int flags_len);
-
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
- BIT_STRING_BITNAME *tbl, int indent);
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
- BIT_STRING_BITNAME *tbl);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
- long length);
-ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
-
-int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
-ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
- int offset_day, long offset_sec);
-int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
-int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
-
-int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
- time_t t);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
- time_t t, int offset_day,
- long offset_sec);
-int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
-int ASN1_TIME_diff(int *pday, int *psec,
- const ASN1_TIME *from, const ASN1_TIME *to);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
-int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
- const ASN1_OCTET_STRING *b);
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
- int len);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
-DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
-int UTF8_putc(unsigned char *str, int len, unsigned long value);
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
-DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
-
-DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
-
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
-ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
- int offset_day, long offset_sec);
-int ASN1_TIME_check(const ASN1_TIME *t);
-ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME
- **out);
-int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
-
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
-int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
-int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a);
-int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
-int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
-
-int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
- const char *sn, const char *ln);
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(const ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
-
-/* General */
-/* given a string, return the correct type, max is the maximum length */
-int ASN1_PRINTABLE_type(const unsigned char *s, int max);
-
-unsigned long ASN1_tag2bit(int tag);
-/* PARSING */
-int asn1_Finish(ASN1_CTX *c);
-int asn1_const_Finish(ASN1_const_CTX *c);
-
-/* SPECIALS */
-int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
- int *pclass, long omax);
-int ASN1_check_infinite_end(unsigned char **p, long len);
-int ASN1_const_check_infinite_end(const unsigned char **p, long len);
-void ASN1_put_object(unsigned char **pp, int constructed, int length,
- int tag, int xclass);
-int ASN1_put_eoc(unsigned char **pp);
-int ASN1_object_size(int constructed, int length, int tag);
-
-/* Used to implement other functions */
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
-
-# define ASN1_dup_of(type,i2d,d2i,x) \
- ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
- CHECKED_D2I_OF(type, d2i), \
- CHECKED_PTR_OF(type, x)))
-
-# define ASN1_dup_of_const(type,i2d,d2i,x) \
- ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
- CHECKED_D2I_OF(type, d2i), \
- CHECKED_PTR_OF(const type, x)))
-
-void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
-
-/* ASN1 alloc/free macros for when a type is only used internally */
-
-# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
-# define M_ASN1_free_of(x, type) \
- ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
-
-# ifndef OPENSSL_NO_STDIO
-void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
-
-# define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
- ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
- CHECKED_D2I_OF(type, d2i), \
- in, \
- CHECKED_PPTR_OF(type, x)))
-
-void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
-int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
-
-# define ASN1_i2d_fp_of(type,i2d,out,x) \
- (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
- out, \
- CHECKED_PTR_OF(type, x)))
-
-# define ASN1_i2d_fp_of_const(type,i2d,out,x) \
- (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
- out, \
- CHECKED_PTR_OF(const type, x)))
-
-int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
-# endif
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
-
-void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
-
-# define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
- ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
- CHECKED_D2I_OF(type, d2i), \
- in, \
- CHECKED_PPTR_OF(type, x)))
-
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
-int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x);
-
-# define ASN1_i2d_bio_of(type,i2d,out,x) \
- (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
- out, \
- CHECKED_PTR_OF(type, x)))
-
-# define ASN1_i2d_bio_of_const(type,i2d,out,x) \
- (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
- out, \
- CHECKED_PTR_OF(const type, x)))
-
-int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
-int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
- unsigned char *buf, int off);
-int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
-int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
- int dump);
-const char *ASN1_tag2str(int tag);
-
-/* Used to load and write netscape format cert */
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
- unsigned char *data, int len);
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
- unsigned char *data, int max_len);
-
-void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
-
-ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
- ASN1_OCTET_STRING **oct);
-
-void ASN1_STRING_set_default_mask(unsigned long mask);
-int ASN1_STRING_set_default_mask_asc(const char *p);
-unsigned long ASN1_STRING_get_default_mask(void);
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask);
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask,
- long minsize, long maxsize);
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
- const unsigned char *in, int inlen,
- int inform, int nid);
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
-int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
-void ASN1_STRING_TABLE_cleanup(void);
-
-/* ASN1 template functions */
-
-/* Old API compatible functions */
-ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
-void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
-ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
- long len, const ASN1_ITEM *it);
-int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
-int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
- const ASN1_ITEM *it);
-
-void ASN1_add_oid_module(void);
-void ASN1_add_stable_module(void);
-
-ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
-ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
-int ASN1_str2mask(const char *str, unsigned long *pmask);
-
-/* ASN1 Print flags */
-
-/* Indicate missing OPTIONAL fields */
-# define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
-/* Mark start and end of SEQUENCE */
-# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
-/* Mark start and end of SEQUENCE/SET OF */
-# define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
-/* Show the ASN1 type of primitives */
-# define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
-/* Don't show ASN1 type of ANY */
-# define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
-/* Don't show ASN1 type of MSTRINGs */
-# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
-/* Don't show field names in SEQUENCE */
-# define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
-/* Show structure names of each SEQUENCE field */
-# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
-/* Don't show structure name even at top level */
-# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
-
-int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
- const ASN1_ITEM *it, const ASN1_PCTX *pctx);
-ASN1_PCTX *ASN1_PCTX_new(void);
-void ASN1_PCTX_free(ASN1_PCTX *p);
-unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
-
-ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx));
-void ASN1_SCTX_free(ASN1_SCTX *p);
-const ASN1_ITEM *ASN1_SCTX_get_item(ASN1_SCTX *p);
-const ASN1_TEMPLATE *ASN1_SCTX_get_template(ASN1_SCTX *p);
-unsigned long ASN1_SCTX_get_flags(ASN1_SCTX *p);
-void ASN1_SCTX_set_app_data(ASN1_SCTX *p, void *data);
-void *ASN1_SCTX_get_app_data(ASN1_SCTX *p);
-
-BIO_METHOD *BIO_f_asn1(void);
-
-BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
-
-int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
- const ASN1_ITEM *it);
-int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
- const char *hdr, const ASN1_ITEM *it);
-int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
- int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
-ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
-int SMIME_text(BIO *in, BIO *out);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ASN1_strings(void);
-
-/* Error codes for the ASN1 functions. */
-
-/* Function codes. */
-# define ASN1_F_A2D_ASN1_OBJECT 100
-# define ASN1_F_A2I_ASN1_ENUMERATED 101
-# define ASN1_F_A2I_ASN1_INTEGER 102
-# define ASN1_F_A2I_ASN1_STRING 103
-# define ASN1_F_APPEND_EXP 176
-# define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
-# define ASN1_F_ASN1_CB 177
-# define ASN1_F_ASN1_CHECK_TLEN 104
-# define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
-# define ASN1_F_ASN1_COLLECT 106
-# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
-# define ASN1_F_ASN1_D2I_FP 109
-# define ASN1_F_ASN1_D2I_READ_BIO 107
-# define ASN1_F_ASN1_DIGEST 184
-# define ASN1_F_ASN1_DO_ADB 110
-# define ASN1_F_ASN1_DUP 111
-# define ASN1_F_ASN1_ENUMERATED_SET 112
-# define ASN1_F_ASN1_ENUMERATED_TO_BN 113
-# define ASN1_F_ASN1_EX_C2I 204
-# define ASN1_F_ASN1_FIND_END 190
-# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
-# define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
-# define ASN1_F_ASN1_GENERATE_V3 178
-# define ASN1_F_ASN1_GET_OBJECT 114
-# define ASN1_F_ASN1_HEADER_NEW 115
-# define ASN1_F_ASN1_I2D_BIO 116
-# define ASN1_F_ASN1_I2D_FP 117
-# define ASN1_F_ASN1_INTEGER_SET 118
-# define ASN1_F_ASN1_INTEGER_TO_BN 119
-# define ASN1_F_ASN1_ITEM_D2I_FP 206
-# define ASN1_F_ASN1_ITEM_DUP 191
-# define ASN1_F_ASN1_ITEM_EX_NEW 121
-# define ASN1_F_ASN1_ITEM_EX_D2I 120
-# define ASN1_F_ASN1_ITEM_I2D_BIO 192
-# define ASN1_F_ASN1_ITEM_I2D_FP 193
-# define ASN1_F_ASN1_ITEM_PACK 198
-# define ASN1_F_ASN1_ITEM_SIGN 195
-# define ASN1_F_ASN1_ITEM_SIGN_CTX 220
-# define ASN1_F_ASN1_ITEM_UNPACK 199
-# define ASN1_F_ASN1_ITEM_VERIFY 197
-# define ASN1_F_ASN1_MBSTRING_NCOPY 122
-# define ASN1_F_ASN1_OBJECT_NEW 123
-# define ASN1_F_ASN1_OUTPUT_DATA 214
-# define ASN1_F_ASN1_PACK_STRING 124
-# define ASN1_F_ASN1_PCTX_NEW 205
-# define ASN1_F_ASN1_PKCS5_PBE_SET 125
-# define ASN1_F_ASN1_SCTX_NEW 221
-# define ASN1_F_ASN1_SEQ_PACK 126
-# define ASN1_F_ASN1_SEQ_UNPACK 127
-# define ASN1_F_ASN1_SIGN 128
-# define ASN1_F_ASN1_STR2TYPE 179
-# define ASN1_F_ASN1_STRING_SET 186
-# define ASN1_F_ASN1_STRING_TABLE_ADD 129
-# define ASN1_F_ASN1_STRING_TYPE_NEW 130
-# define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
-# define ASN1_F_ASN1_TEMPLATE_NEW 133
-# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
-# define ASN1_F_ASN1_TIME_ADJ 217
-# define ASN1_F_ASN1_TIME_SET 175
-# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
-# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
-# define ASN1_F_ASN1_UNPACK_STRING 136
-# define ASN1_F_ASN1_UTCTIME_ADJ 218
-# define ASN1_F_ASN1_UTCTIME_SET 187
-# define ASN1_F_ASN1_VERIFY 137
-# define ASN1_F_B64_READ_ASN1 209
-# define ASN1_F_B64_WRITE_ASN1 210
-# define ASN1_F_BIO_NEW_NDEF 208
-# define ASN1_F_BITSTR_CB 180
-# define ASN1_F_BN_TO_ASN1_ENUMERATED 138
-# define ASN1_F_BN_TO_ASN1_INTEGER 139
-# define ASN1_F_C2I_ASN1_BIT_STRING 189
-# define ASN1_F_C2I_ASN1_INTEGER 194
-# define ASN1_F_C2I_ASN1_OBJECT 196
-# define ASN1_F_COLLECT_DATA 140
-# define ASN1_F_D2I_ASN1_BIT_STRING 141
-# define ASN1_F_D2I_ASN1_BOOLEAN 142
-# define ASN1_F_D2I_ASN1_BYTES 143
-# define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
-# define ASN1_F_D2I_ASN1_HEADER 145
-# define ASN1_F_D2I_ASN1_INTEGER 146
-# define ASN1_F_D2I_ASN1_OBJECT 147
-# define ASN1_F_D2I_ASN1_SET 148
-# define ASN1_F_D2I_ASN1_TYPE_BYTES 149
-# define ASN1_F_D2I_ASN1_UINTEGER 150
-# define ASN1_F_D2I_ASN1_UTCTIME 151
-# define ASN1_F_D2I_AUTOPRIVATEKEY 207
-# define ASN1_F_D2I_NETSCAPE_RSA 152
-# define ASN1_F_D2I_NETSCAPE_RSA_2 153
-# define ASN1_F_D2I_PRIVATEKEY 154
-# define ASN1_F_D2I_PUBLICKEY 155
-# define ASN1_F_D2I_RSA_NET 200
-# define ASN1_F_D2I_RSA_NET_2 201
-# define ASN1_F_D2I_X509 156
-# define ASN1_F_D2I_X509_CINF 157
-# define ASN1_F_D2I_X509_PKEY 159
-# define ASN1_F_DO_TCREATE 222
-# define ASN1_F_I2D_ASN1_BIO_STREAM 211
-# define ASN1_F_I2D_ASN1_SET 188
-# define ASN1_F_I2D_ASN1_TIME 160
-# define ASN1_F_I2D_DSA_PUBKEY 161
-# define ASN1_F_I2D_EC_PUBKEY 181
-# define ASN1_F_I2D_PRIVATEKEY 163
-# define ASN1_F_I2D_PUBLICKEY 164
-# define ASN1_F_I2D_RSA_NET 162
-# define ASN1_F_I2D_RSA_PUBKEY 165
-# define ASN1_F_LONG_C2I 166
-# define ASN1_F_OID_MODULE_INIT 174
-# define ASN1_F_PARSE_TAGGING 182
-# define ASN1_F_PKCS5_PBE2_SET_IV 167
-# define ASN1_F_PKCS5_PBE_SET 202
-# define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
-# define ASN1_F_PKCS5_PBKDF2_SET 219
-# define ASN1_F_SMIME_READ_ASN1 212
-# define ASN1_F_SMIME_TEXT 213
-# define ASN1_F_STBL_MODULE_INIT 223
-# define ASN1_F_X509_CINF_NEW 168
-# define ASN1_F_X509_CRL_ADD0_REVOKED 169
-# define ASN1_F_X509_INFO_NEW 170
-# define ASN1_F_X509_NAME_ENCODE 203
-# define ASN1_F_X509_NAME_EX_D2I 158
-# define ASN1_F_X509_NAME_EX_NEW 171
-# define ASN1_F_X509_NEW 172
-# define ASN1_F_X509_PKEY_NEW 173
-
-/* Reason codes. */
-# define ASN1_R_ADDING_OBJECT 171
-# define ASN1_R_ASN1_PARSE_ERROR 203
-# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
-# define ASN1_R_AUX_ERROR 100
-# define ASN1_R_BAD_CLASS 101
-# define ASN1_R_BAD_OBJECT_HEADER 102
-# define ASN1_R_BAD_PASSWORD_READ 103
-# define ASN1_R_BAD_TAG 104
-# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
-# define ASN1_R_BN_LIB 105
-# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
-# define ASN1_R_BUFFER_TOO_SMALL 107
-# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
-# define ASN1_R_CONTEXT_NOT_INITIALISED 217
-# define ASN1_R_DATA_IS_WRONG 109
-# define ASN1_R_DECODE_ERROR 110
-# define ASN1_R_DECODING_ERROR 111
-# define ASN1_R_DEPTH_EXCEEDED 174
-# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
-# define ASN1_R_ENCODE_ERROR 112
-# define ASN1_R_ERROR_GETTING_TIME 173
-# define ASN1_R_ERROR_LOADING_SECTION 172
-# define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
-# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
-# define ASN1_R_EXPECTING_AN_INTEGER 115
-# define ASN1_R_EXPECTING_AN_OBJECT 116
-# define ASN1_R_EXPECTING_A_BOOLEAN 117
-# define ASN1_R_EXPECTING_A_TIME 118
-# define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
-# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
-# define ASN1_R_FIELD_MISSING 121
-# define ASN1_R_FIRST_NUM_TOO_LARGE 122
-# define ASN1_R_HEADER_TOO_LONG 123
-# define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
-# define ASN1_R_ILLEGAL_BOOLEAN 176
-# define ASN1_R_ILLEGAL_CHARACTERS 124
-# define ASN1_R_ILLEGAL_FORMAT 177
-# define ASN1_R_ILLEGAL_HEX 178
-# define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
-# define ASN1_R_ILLEGAL_INTEGER 180
-# define ASN1_R_ILLEGAL_NESTED_TAGGING 181
-# define ASN1_R_ILLEGAL_NULL 125
-# define ASN1_R_ILLEGAL_NULL_VALUE 182
-# define ASN1_R_ILLEGAL_OBJECT 183
-# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
-# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
-# define ASN1_R_ILLEGAL_TAGGED_ANY 127
-# define ASN1_R_ILLEGAL_TIME_VALUE 184
-# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
-# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
-# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
-# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
-# define ASN1_R_INVALID_DIGIT 130
-# define ASN1_R_INVALID_MIME_TYPE 205
-# define ASN1_R_INVALID_MODIFIER 186
-# define ASN1_R_INVALID_NUMBER 187
-# define ASN1_R_INVALID_OBJECT_ENCODING 216
-# define ASN1_R_INVALID_SEPARATOR 131
-# define ASN1_R_INVALID_STRING_TABLE_VALUE 218
-# define ASN1_R_INVALID_TIME_FORMAT 132
-# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
-# define ASN1_R_INVALID_UTF8STRING 134
-# define ASN1_R_INVALID_VALUE 219
-# define ASN1_R_IV_TOO_LARGE 135
-# define ASN1_R_LENGTH_ERROR 136
-# define ASN1_R_LIST_ERROR 188
-# define ASN1_R_MIME_NO_CONTENT_TYPE 206
-# define ASN1_R_MIME_PARSE_ERROR 207
-# define ASN1_R_MIME_SIG_PARSE_ERROR 208
-# define ASN1_R_MISSING_EOC 137
-# define ASN1_R_MISSING_SECOND_NUMBER 138
-# define ASN1_R_MISSING_VALUE 189
-# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
-# define ASN1_R_MSTRING_WRONG_TAG 140
-# define ASN1_R_NESTED_ASN1_STRING 197
-# define ASN1_R_NON_HEX_CHARACTERS 141
-# define ASN1_R_NOT_ASCII_FORMAT 190
-# define ASN1_R_NOT_ENOUGH_DATA 142
-# define ASN1_R_NO_CONTENT_TYPE 209
-# define ASN1_R_NO_DEFAULT_DIGEST 201
-# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
-# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
-# define ASN1_R_NO_MULTIPART_BOUNDARY 211
-# define ASN1_R_NO_SIG_CONTENT_TYPE 212
-# define ASN1_R_NULL_IS_WRONG_LENGTH 144
-# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
-# define ASN1_R_ODD_NUMBER_OF_CHARS 145
-# define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
-# define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
-# define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
-# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
-# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
-# define ASN1_R_SHORT_LINE 150
-# define ASN1_R_SIG_INVALID_MIME_TYPE 213
-# define ASN1_R_STREAMING_NOT_SUPPORTED 202
-# define ASN1_R_STRING_TOO_LONG 151
-# define ASN1_R_STRING_TOO_SHORT 152
-# define ASN1_R_TAG_VALUE_TOO_HIGH 153
-# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
-# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
-# define ASN1_R_TOO_LONG 155
-# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
-# define ASN1_R_TYPE_NOT_PRIMITIVE 195
-# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
-# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
-# define ASN1_R_UNEXPECTED_EOC 159
-# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
-# define ASN1_R_UNKNOWN_FORMAT 160
-# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
-# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
-# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
-# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
-# define ASN1_R_UNKNOWN_TAG 194
-# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
-# define ASN1_R_UNSUPPORTED_CIPHER 165
-# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
-# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
-# define ASN1_R_UNSUPPORTED_TYPE 196
-# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
-# define ASN1_R_WRONG_TAG 168
-# define ASN1_R_WRONG_TYPE 169
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/asn1/asn1_mac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_MAC_H
-# define HEADER_ASN1_MAC_H
-
-# include <openssl/asn1.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifndef ASN1_MAC_ERR_LIB
-# define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
-# endif
-
-# define ASN1_MAC_H_err(f,r,line) \
- ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
-
-# define M_ASN1_D2I_vars(a,type,func) \
- ASN1_const_CTX c; \
- type ret=NULL; \
- \
- c.pp=(const unsigned char **)pp; \
- c.q= *(const unsigned char **)pp; \
- c.error=ERR_R_NESTED_ASN1_ERROR; \
- if ((a == NULL) || ((*a) == NULL)) \
- { if ((ret=(type)func()) == NULL) \
- { c.line=__LINE__; goto err; } } \
- else ret=(*a);
-
-# define M_ASN1_D2I_Init() \
- c.p= *(const unsigned char **)pp; \
- c.max=(length == 0)?0:(c.p+length);
-
-# define M_ASN1_D2I_Finish_2(a) \
- if (!asn1_const_Finish(&c)) \
- { c.line=__LINE__; goto err; } \
- *(const unsigned char **)pp=c.p; \
- if (a != NULL) (*a)=ret; \
- return(ret);
-
-# define M_ASN1_D2I_Finish(a,func,e) \
- M_ASN1_D2I_Finish_2(a); \
-err:\
- ASN1_MAC_H_err((e),c.error,c.line); \
- asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
- return(NULL)
-
-# define M_ASN1_D2I_start_sequence() \
- if (!asn1_GetSequence(&c,&length)) \
- { c.line=__LINE__; goto err; }
-/* Begin reading ASN1 without a surrounding sequence */
-# define M_ASN1_D2I_begin() \
- c.slen = length;
-
-/* End reading ASN1 with no check on length */
-# define M_ASN1_D2I_Finish_nolen(a, func, e) \
- *pp=c.p; \
- if (a != NULL) (*a)=ret; \
- return(ret); \
-err:\
- ASN1_MAC_H_err((e),c.error,c.line); \
- asn1_add_error(*pp,(int)(c.q- *pp)); \
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
- return(NULL)
-
-# define M_ASN1_D2I_end_sequence() \
- (((c.inf&1) == 0)?(c.slen <= 0): \
- (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-# define M_ASN1_D2I_get(b, func) \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-# define M_ASN1_D2I_get_x(type,b,func) \
- c.q=c.p; \
- if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-/* use this instead () */
-# define M_ASN1_D2I_get_int(b,func) \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) < 0) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_opt(b,func,type) \
- if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
- == (V_ASN1_UNIVERSAL|(type)))) \
- { \
- M_ASN1_D2I_get(b,func); \
- }
-
-# define M_ASN1_D2I_get_int_opt(b,func,type) \
- if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
- == (V_ASN1_UNIVERSAL|(type)))) \
- { \
- M_ASN1_D2I_get_int(b,func); \
- }
-
-# define M_ASN1_D2I_get_imp(b,func, type) \
- M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
- c.slen-=(c.p-c.q);\
- M_ASN1_next_prev=_tmp;
-
-# define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
- if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
- (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
- { \
- unsigned char _tmp = M_ASN1_next; \
- M_ASN1_D2I_get_imp(b,func, type);\
- }
-
-# define M_ASN1_D2I_get_set(r,func,free_func) \
- M_ASN1_D2I_get_imp_set(r,func,free_func, \
- V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-# define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
- V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-# define M_ASN1_D2I_get_set_opt(r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
- { M_ASN1_D2I_get_set(r,func,free_func); }
-
-# define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
- { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
-
-# define M_ASN1_I2D_len_SET_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_len_SET(a,f);
-
-# define M_ASN1_I2D_put_SET_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SET(a,f);
-
-# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE(a,f);
-
-# define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-
-# define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
- if ((c.slen != 0) && \
- (M_ASN1_next == \
- (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
- { \
- M_ASN1_D2I_get_imp_set(b,func,free_func,\
- tag,V_ASN1_CONTEXT_SPECIFIC); \
- }
-
-# define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
- if ((c.slen != 0) && \
- (M_ASN1_next == \
- (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
- { \
- M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
- tag,V_ASN1_CONTEXT_SPECIFIC); \
- }
-
-# define M_ASN1_D2I_get_seq(r,func,free_func) \
- M_ASN1_D2I_get_imp_set(r,func,free_func,\
- V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-# define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
- V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-# define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
- { M_ASN1_D2I_get_seq(r,func,free_func); }
-
-# define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
- { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
-
-# define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
- M_ASN1_D2I_get_imp_set(r,func,free_func,\
- x,V_ASN1_CONTEXT_SPECIFIC);
-
-# define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
- x,V_ASN1_CONTEXT_SPECIFIC);
-
-# define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
- (void (*)())free_func,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
- free_func,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_set_strings(r,func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
- if ((c.slen != 0L) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (func(&(r),&c.p,Tlen) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
-
-# define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
- if ((c.slen != 0) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
- (void (*)())free_func, \
- b,V_ASN1_UNIVERSAL) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
-
-# define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
- if ((c.slen != 0) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
- free_func,b,V_ASN1_UNIVERSAL) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
-
-/* New macros */
-# define M_ASN1_New_Malloc(ret,type) \
- if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
- { c.line=__LINE__; goto err2; }
-
-# define M_ASN1_New(arg,func) \
- if (((arg)=func()) == NULL) return(NULL)
-
-# define M_ASN1_New_Error(a) \
-/*- err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
- return(NULL);*/ \
- err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
- return(NULL)
-
-/*
- * BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, some
- * macros that use ASN1_const_CTX still insist on writing in the input
- * stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. Please? --
- * Richard Levitte
- */
-# define M_ASN1_next (*((unsigned char *)(c.p)))
-# define M_ASN1_next_prev (*((unsigned char *)(c.q)))
-
-/*************************************************/
-
-# define M_ASN1_I2D_vars(a) int r=0,ret=0; \
- unsigned char *p; \
- if (a == NULL) return(0)
-
-/* Length Macros */
-# define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
-# define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
-
-# define M_ASN1_I2D_len_SET(a,f) \
- ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-
-# define M_ASN1_I2D_len_SET_type(type,a,f) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
- V_ASN1_UNIVERSAL,IS_SET);
-
-# define M_ASN1_I2D_len_SEQUENCE(a,f) \
- ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
- V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-# define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_len_SEQUENCE(a,f);
-
-# define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-
-# define M_ASN1_I2D_len_IMP_SET(a,f,x) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
- if (a != NULL)\
- { \
- v=f(a,NULL); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-# define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0))\
- { \
- v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-# define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0))\
- { \
- v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-# define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_##type##_num(a) != 0))\
- { \
- v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
- V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-/* Put Macros */
-# define M_ASN1_I2D_put(a,f) f(a,&p)
-
-# define M_ASN1_I2D_put_IMP_opt(a,f,t) \
- if (a != NULL) \
- { \
- unsigned char *q=p; \
- f(a,&p); \
- *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
- }
-
-# define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
- V_ASN1_UNIVERSAL,IS_SET)
-# define M_ASN1_I2D_put_SET_type(type,a,f) \
- i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
-# define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
- V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-# define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
- i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-# define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
- V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
-
-# define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
- V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-# define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
- i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE)
-
-# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE(a,f);
-
-# define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET); }
-
-# define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET); }
-
-# define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE); }
-
-# define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE); }
-
-# define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
- if (a != NULL) \
- { \
- ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
- f(a,&p); \
- }
-
-# define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
- }
-
-# define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
- }
-
-# define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- }
-
-# define M_ASN1_I2D_seq_total() \
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
- if (pp == NULL) return(r); \
- p= *pp; \
- ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-# define M_ASN1_I2D_INF_seq_start(tag,ctx) \
- *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
- *(p++)=0x80
-
-# define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
-
-# define M_ASN1_I2D_finish() *pp=p; \
- return(r);
-
-int asn1_GetSequence(ASN1_const_CTX *c, long *length);
-void asn1_add_error(const unsigned char *address, int offset);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* asn1t.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ASN1T_H
-# define HEADER_ASN1T_H
-
-# include <stddef.h>
-# include <openssl/e_os2.h>
-# include <openssl/asn1.h>
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-/* ASN1 template defines, structures and functions */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-# define ASN1_ITEM_start(itname) \
- OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
-
-# define ASN1_ITEM_end(itname) \
- };
-
-# else
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-# define ASN1_ITEM_start(itname) \
- const ASN1_ITEM * itname##_it(void) \
- { \
- static const ASN1_ITEM local_it = {
-
-# define ASN1_ITEM_end(itname) \
- }; \
- return &local_it; \
- }
-
-# endif
-
-/* Macros to aid ASN1 template writing */
-
-# define ASN1_ITEM_TEMPLATE(tname) \
- static const ASN1_TEMPLATE tname##_item_tt
-
-# define ASN1_ITEM_TEMPLATE_END(tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_PRIMITIVE,\
- -1,\
- &tname##_item_tt,\
- 0,\
- NULL,\
- 0,\
- #tname \
- ASN1_ITEM_end(tname)
-
-/* This is a ASN1 type which just embeds a template */
-
-/*-
- * This pair helps declare a SEQUENCE. We can do:
- *
- * ASN1_SEQUENCE(stname) = {
- * ... SEQUENCE components ...
- * } ASN1_SEQUENCE_END(stname)
- *
- * This will produce an ASN1_ITEM called stname_it
- * for a structure called stname.
- *
- * If you want the same structure but a different
- * name then use:
- *
- * ASN1_SEQUENCE(itname) = {
- * ... SEQUENCE components ...
- * } ASN1_SEQUENCE_END_name(stname, itname)
- *
- * This will create an item called itname_it using
- * a structure called stname.
- */
-
-# define ASN1_SEQUENCE(tname) \
- static const ASN1_TEMPLATE tname##_seq_tt[]
-
-# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
-
-# define ASN1_SEQUENCE_END_name(stname, tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_SEQUENCE,\
- V_ASN1_SEQUENCE,\
- tname##_seq_tt,\
- sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
- NULL,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
-
-# define ASN1_NDEF_SEQUENCE(tname) \
- ASN1_SEQUENCE(tname)
-
-# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
- ASN1_SEQUENCE_cb(tname, cb)
-
-# define ASN1_SEQUENCE_cb(tname, cb) \
- static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
- ASN1_SEQUENCE(tname)
-
-# define ASN1_BROKEN_SEQUENCE(tname) \
- static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
- ASN1_SEQUENCE(tname)
-
-# define ASN1_SEQUENCE_ref(tname, cb, lck) \
- static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
- ASN1_SEQUENCE(tname)
-
-# define ASN1_SEQUENCE_enc(tname, enc, cb) \
- static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
- ASN1_SEQUENCE(tname)
-
-# define ASN1_NDEF_SEQUENCE_END(tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_NDEF_SEQUENCE,\
- V_ASN1_SEQUENCE,\
- tname##_seq_tt,\
- sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
- NULL,\
- sizeof(tname),\
- #tname \
- ASN1_ITEM_end(tname)
-
-# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
-
-# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-# define ASN1_SEQUENCE_END_ref(stname, tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_SEQUENCE,\
- V_ASN1_SEQUENCE,\
- tname##_seq_tt,\
- sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
- &tname##_aux,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
-
-# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_NDEF_SEQUENCE,\
- V_ASN1_SEQUENCE,\
- tname##_seq_tt,\
- sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
- &tname##_aux,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
-
-/*-
- * This pair helps declare a CHOICE type. We can do:
- *
- * ASN1_CHOICE(chname) = {
- * ... CHOICE options ...
- * ASN1_CHOICE_END(chname)
- *
- * This will produce an ASN1_ITEM called chname_it
- * for a structure called chname. The structure
- * definition must look like this:
- * typedef struct {
- * int type;
- * union {
- * ASN1_SOMETHING *opt1;
- * ASN1_SOMEOTHER *opt2;
- * } value;
- * } chname;
- *
- * the name of the selector must be 'type'.
- * to use an alternative selector name use the
- * ASN1_CHOICE_END_selector() version.
- */
-
-# define ASN1_CHOICE(tname) \
- static const ASN1_TEMPLATE tname##_ch_tt[]
-
-# define ASN1_CHOICE_cb(tname, cb) \
- static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
- ASN1_CHOICE(tname)
-
-# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
-
-# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
-
-# define ASN1_CHOICE_END_selector(stname, tname, selname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_CHOICE,\
- offsetof(stname,selname) ,\
- tname##_ch_tt,\
- sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
- NULL,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
-
-# define ASN1_CHOICE_END_cb(stname, tname, selname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_CHOICE,\
- offsetof(stname,selname) ,\
- tname##_ch_tt,\
- sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
- &tname##_aux,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
-
-/* This helps with the template wrapper form of ASN1_ITEM */
-
-# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
- (flags), (tag), 0,\
- #name, ASN1_ITEM_ref(type) }
-
-/* These help with SEQUENCE or CHOICE components */
-
-/* used to declare other types */
-
-# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
- (flags), (tag), offsetof(stname, field),\
- #field, ASN1_ITEM_ref(type) }
-
-/* implicit and explicit helper macros */
-
-# define ASN1_IMP_EX(stname, field, type, tag, ex) \
- ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
-
-# define ASN1_EXP_EX(stname, field, type, tag, ex) \
- ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
-
-/* Any defined by macros: the field used is in the table itself */
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-# else
-# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
-# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
-# endif
-/* Plain simple type */
-# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
-
-/* OPTIONAL simple type */
-# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* IMPLICIT tagged simple type */
-# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
-
-/* IMPLICIT tagged OPTIONAL simple type */
-# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* Same as above but EXPLICIT */
-
-# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
-# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* SEQUENCE OF type */
-# define ASN1_SEQUENCE_OF(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
-
-/* OPTIONAL SEQUENCE OF */
-# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Same as above but for SET OF */
-
-# define ASN1_SET_OF(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
-
-# define ASN1_SET_OF_OPT(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
-
-# define ASN1_IMP_SET_OF(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-# define ASN1_EXP_SET_OF(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-/* EXPLICIT using indefinite length constructed form */
-# define ASN1_NDEF_EXP(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
-
-/* EXPLICIT OPTIONAL using indefinite length constructed form */
-# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
-
-/* Macros for the ASN1_ADB structure */
-
-# define ASN1_ADB(name) \
- static const ASN1_ADB_TABLE name##_adbtbl[]
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
- ;\
- static const ASN1_ADB name##_adb = {\
- flags,\
- offsetof(name, field),\
- app_table,\
- name##_adbtbl,\
- sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
- def,\
- none\
- }
-
-# else
-
-# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
- ;\
- static const ASN1_ITEM *name##_adb(void) \
- { \
- static const ASN1_ADB internal_adb = \
- {\
- flags,\
- offsetof(name, field),\
- app_table,\
- name##_adbtbl,\
- sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
- def,\
- none\
- }; \
- return (const ASN1_ITEM *) &internal_adb; \
- } \
- void dummy_function(void)
-
-# endif
-
-# define ADB_ENTRY(val, template) {val, template}
-
-# define ASN1_ADB_TEMPLATE(name) \
- static const ASN1_TEMPLATE name##_tt
-
-/*
- * This is the ASN1 template structure that defines a wrapper round the
- * actual type. It determines the actual position of the field in the value
- * structure, various flags such as OPTIONAL and the field name.
- */
-
-struct ASN1_TEMPLATE_st {
- unsigned long flags; /* Various flags */
- long tag; /* tag, not used if no tagging */
- unsigned long offset; /* Offset of this field in structure */
-# ifndef NO_ASN1_FIELD_NAMES
- const char *field_name; /* Field name */
-# endif
- ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
-};
-
-/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
-
-# define ASN1_TEMPLATE_item(t) (t->item_ptr)
-# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
-
-typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
-typedef struct ASN1_ADB_st ASN1_ADB;
-
-struct ASN1_ADB_st {
- unsigned long flags; /* Various flags */
- unsigned long offset; /* Offset of selector field */
- STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
- const ASN1_ADB_TABLE *tbl; /* Table of possible types */
- long tblcount; /* Number of entries in tbl */
- const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
- const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
-};
-
-struct ASN1_ADB_TABLE_st {
- long value; /* NID for an object or value for an int */
- const ASN1_TEMPLATE tt; /* item for this value */
-};
-
-/* template flags */
-
-/* Field is optional */
-# define ASN1_TFLG_OPTIONAL (0x1)
-
-/* Field is a SET OF */
-# define ASN1_TFLG_SET_OF (0x1 << 1)
-
-/* Field is a SEQUENCE OF */
-# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
-
-/*
- * Special case: this refers to a SET OF that will be sorted into DER order
- * when encoded *and* the corresponding STACK will be modified to match the
- * new order.
- */
-# define ASN1_TFLG_SET_ORDER (0x3 << 1)
-
-/* Mask for SET OF or SEQUENCE OF */
-# define ASN1_TFLG_SK_MASK (0x3 << 1)
-
-/*
- * These flags mean the tag should be taken from the tag field. If EXPLICIT
- * then the underlying type is used for the inner tag.
- */
-
-/* IMPLICIT tagging */
-# define ASN1_TFLG_IMPTAG (0x1 << 3)
-
-/* EXPLICIT tagging, inner tag from underlying type */
-# define ASN1_TFLG_EXPTAG (0x2 << 3)
-
-# define ASN1_TFLG_TAG_MASK (0x3 << 3)
-
-/* context specific IMPLICIT */
-# define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
-
-/* context specific EXPLICIT */
-# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
-
-/*
- * If tagging is in force these determine the type of tag to use. Otherwise
- * the tag is determined by the underlying type. These values reflect the
- * actual octet format.
- */
-
-/* Universal tag */
-# define ASN1_TFLG_UNIVERSAL (0x0<<6)
-/* Application tag */
-# define ASN1_TFLG_APPLICATION (0x1<<6)
-/* Context specific tag */
-# define ASN1_TFLG_CONTEXT (0x2<<6)
-/* Private tag */
-# define ASN1_TFLG_PRIVATE (0x3<<6)
-
-# define ASN1_TFLG_TAG_CLASS (0x3<<6)
-
-/*
- * These are for ANY DEFINED BY type. In this case the 'item' field points to
- * an ASN1_ADB structure which contains a table of values to decode the
- * relevant type
- */
-
-# define ASN1_TFLG_ADB_MASK (0x3<<8)
-
-# define ASN1_TFLG_ADB_OID (0x1<<8)
-
-# define ASN1_TFLG_ADB_INT (0x1<<9)
-
-/*
- * This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
- * indefinite length constructed encoding to be used if required.
- */
-
-# define ASN1_TFLG_NDEF (0x1<<11)
-
-/* This is the actual ASN1 item itself */
-
-struct ASN1_ITEM_st {
- char itype; /* The item type, primitive, SEQUENCE, CHOICE
- * or extern */
- long utype; /* underlying type */
- const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
- * the contents */
- long tcount; /* Number of templates if SEQUENCE or CHOICE */
- const void *funcs; /* functions that handle this type */
- long size; /* Structure size (usually) */
-# ifndef NO_ASN1_FIELD_NAMES
- const char *sname; /* Structure name */
-# endif
-};
-
-/*-
- * These are values for the itype field and
- * determine how the type is interpreted.
- *
- * For PRIMITIVE types the underlying type
- * determines the behaviour if items is NULL.
- *
- * Otherwise templates must contain a single
- * template and the type is treated in the
- * same way as the type specified in the template.
- *
- * For SEQUENCE types the templates field points
- * to the members, the size field is the
- * structure size.
- *
- * For CHOICE types the templates field points
- * to each possible member (typically a union)
- * and the 'size' field is the offset of the
- * selector.
- *
- * The 'funcs' field is used for application
- * specific functions.
- *
- * The EXTERN type uses a new style d2i/i2d.
- * The new style should be used where possible
- * because it avoids things like the d2i IMPLICIT
- * hack.
- *
- * MSTRING is a multiple string type, it is used
- * for a CHOICE of character strings where the
- * actual strings all occupy an ASN1_STRING
- * structure. In this case the 'utype' field
- * has a special meaning, it is used as a mask
- * of acceptable types using the B_ASN1 constants.
- *
- * NDEF_SEQUENCE is the same as SEQUENCE except
- * that it will use indefinite length constructed
- * encoding if requested.
- *
- */
-
-# define ASN1_ITYPE_PRIMITIVE 0x0
-
-# define ASN1_ITYPE_SEQUENCE 0x1
-
-# define ASN1_ITYPE_CHOICE 0x2
-
-# define ASN1_ITYPE_EXTERN 0x4
-
-# define ASN1_ITYPE_MSTRING 0x5
-
-# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
-
-/*
- * Cache for ASN1 tag and length, so we don't keep re-reading it for things
- * like CHOICE
- */
-
-struct ASN1_TLC_st {
- char valid; /* Values below are valid */
- int ret; /* return value */
- long plen; /* length */
- int ptag; /* class value */
- int pclass; /* class value */
- int hdrlen; /* header length */
-};
-
-/* Typedefs for ASN1 function pointers */
-
-typedef ASN1_VALUE *ASN1_new_func(void);
-typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
- long length);
-typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
-
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
- const ASN1_ITEM *it, int tag, int aclass, char opt,
- ASN1_TLC *ctx);
-
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass);
-typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
- int indent, const char *fname,
- const ASN1_PCTX *pctx);
-
-typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
- int *putype, const ASN1_ITEM *it);
-typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
- int len, int utype, char *free_cont,
- const ASN1_ITEM *it);
-typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
- const ASN1_ITEM *it, int indent,
- const ASN1_PCTX *pctx);
-
-typedef struct ASN1_EXTERN_FUNCS_st {
- void *app_data;
- ASN1_ex_new_func *asn1_ex_new;
- ASN1_ex_free_func *asn1_ex_free;
- ASN1_ex_free_func *asn1_ex_clear;
- ASN1_ex_d2i *asn1_ex_d2i;
- ASN1_ex_i2d *asn1_ex_i2d;
- ASN1_ex_print_func *asn1_ex_print;
-} ASN1_EXTERN_FUNCS;
-
-typedef struct ASN1_PRIMITIVE_FUNCS_st {
- void *app_data;
- unsigned long flags;
- ASN1_ex_new_func *prim_new;
- ASN1_ex_free_func *prim_free;
- ASN1_ex_free_func *prim_clear;
- ASN1_primitive_c2i *prim_c2i;
- ASN1_primitive_i2c *prim_i2c;
- ASN1_primitive_print *prim_print;
-} ASN1_PRIMITIVE_FUNCS;
-
-/*
- * This is the ASN1_AUX structure: it handles various miscellaneous
- * requirements. For example the use of reference counts and an informational
- * callback. The "informational callback" is called at various points during
- * the ASN1 encoding and decoding. It can be used to provide minor
- * customisation of the structures used. This is most useful where the
- * supplied routines *almost* do the right thing but need some extra help at
- * a few points. If the callback returns zero then it is assumed a fatal
- * error has occurred and the main operation should be abandoned. If major
- * changes in the default behaviour are required then an external type is
- * more appropriate.
- */
-
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
- void *exarg);
-
-typedef struct ASN1_AUX_st {
- void *app_data;
- int flags;
- int ref_offset; /* Offset of reference value */
- int ref_lock; /* Lock type to use */
- ASN1_aux_cb *asn1_cb;
- int enc_offset; /* Offset of ASN1_ENCODING structure */
-} ASN1_AUX;
-
-/* For print related callbacks exarg points to this structure */
-typedef struct ASN1_PRINT_ARG_st {
- BIO *out;
- int indent;
- const ASN1_PCTX *pctx;
-} ASN1_PRINT_ARG;
-
-/* For streaming related callbacks exarg points to this structure */
-typedef struct ASN1_STREAM_ARG_st {
- /* BIO to stream through */
- BIO *out;
- /* BIO with filters appended */
- BIO *ndef_bio;
- /* Streaming I/O boundary */
- unsigned char **boundary;
-} ASN1_STREAM_ARG;
-
-/* Flags in ASN1_AUX */
-
-/* Use a reference count */
-# define ASN1_AFLG_REFCOUNT 1
-/* Save the encoding of structure (useful for signatures) */
-# define ASN1_AFLG_ENCODING 2
-/* The Sequence length is invalid */
-# define ASN1_AFLG_BROKEN 4
-
-/* operation values for asn1_cb */
-
-# define ASN1_OP_NEW_PRE 0
-# define ASN1_OP_NEW_POST 1
-# define ASN1_OP_FREE_PRE 2
-# define ASN1_OP_FREE_POST 3
-# define ASN1_OP_D2I_PRE 4
-# define ASN1_OP_D2I_POST 5
-# define ASN1_OP_I2D_PRE 6
-# define ASN1_OP_I2D_POST 7
-# define ASN1_OP_PRINT_PRE 8
-# define ASN1_OP_PRINT_POST 9
-# define ASN1_OP_STREAM_PRE 10
-# define ASN1_OP_STREAM_POST 11
-# define ASN1_OP_DETACHED_PRE 12
-# define ASN1_OP_DETACHED_POST 13
-
-/* Macro to implement a primitive type */
-# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
-# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
- ASN1_ITEM_start(itname) \
- ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
- ASN1_ITEM_end(itname)
-
-/* Macro to implement a multi string type */
-# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
- ASN1_ITEM_start(itname) \
- ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
- ASN1_ITEM_end(itname)
-
-# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
- ASN1_ITEM_start(sname) \
- ASN1_ITYPE_EXTERN, \
- tag, \
- NULL, \
- 0, \
- &fptrs, \
- 0, \
- #sname \
- ASN1_ITEM_end(sname)
-
-/* Macro to implement standard functions in terms of ASN1_ITEM structures */
-
-# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
-
-# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
-
-# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
- IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
-
-# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
- IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
-
-# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
- IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
-
-# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
- pre stname *fname##_new(void) \
- { \
- return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
- } \
- pre void fname##_free(stname *a) \
- { \
- ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
- }
-
-# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
- stname *fname##_new(void) \
- { \
- return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
- } \
- void fname##_free(stname *a) \
- { \
- ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
- }
-
-# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
- stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
- { \
- return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
- } \
- int i2d_##fname(stname *a, unsigned char **out) \
- { \
- return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
- }
-
-# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
- int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
- { \
- return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
- }
-
-/*
- * This includes evil casts to remove const: they will go away when full ASN1
- * constification is done.
- */
-# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
- stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
- { \
- return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
- } \
- int i2d_##fname(const stname *a, unsigned char **out) \
- { \
- return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
- }
-
-# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
- stname * stname##_dup(stname *x) \
- { \
- return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
- }
-
-# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
- IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
-
-# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
- int fname##_print_ctx(BIO *out, stname *x, int indent, \
- const ASN1_PCTX *pctx) \
- { \
- return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
- ASN1_ITEM_rptr(itname), pctx); \
- }
-
-# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
- IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
-
-# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-/* external definitions for primitive types */
-
-DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
-DECLARE_ASN1_ITEM(CBIGNUM)
-DECLARE_ASN1_ITEM(BIGNUM)
-DECLARE_ASN1_ITEM(LONG)
-DECLARE_ASN1_ITEM(ZLONG)
-
-DECLARE_STACK_OF(ASN1_VALUE)
-
-/* Functions used internally by the ASN1 code */
-
-int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
- const ASN1_ITEM *it, int tag, int aclass, char opt,
- ASN1_TLC *ctx);
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/bf/bftest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * This has been a quickly hacked 'ideatest.c'. When I add tests for other
- * RC2 modes, more of the code will be uncommented.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_BF is defined */
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_BF
-int main(int argc, char *argv[])
-{
- printf("No BF support\n");
- return (0);
-}
-#else
-# include <openssl/blowfish.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-static char *bf_key[2] = {
- "abcdefghijklmnopqrstuvwxyz",
- "Who is John Galt?"
-};
-
-/* big endian */
-static BF_LONG bf_plain[2][2] = {
- {0x424c4f57L, 0x46495348L},
- {0xfedcba98L, 0x76543210L}
-};
-
-static BF_LONG bf_cipher[2][2] = {
- {0x324ed0feL, 0xf413a203L},
- {0xcc91732bL, 0x8022f684L}
-};
-
-/************/
-
-/* Lets use the DES test vectors :-) */
-# define NUM_TESTS 34
-static unsigned char ecb_data[NUM_TESTS][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
- {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
- {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
- {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
- {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
- {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
- {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
- {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
- {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
- {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
- {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
- {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
- {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
- {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
- {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
- {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
- {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
- {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
- {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
- {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
- {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
- {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}
-};
-
-static unsigned char plain_data[NUM_TESTS][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
- {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
- {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
- {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
- {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
- {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
- {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
- {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
- {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
- {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
- {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
- {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
- {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
- {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
- {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
- {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
- {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
- {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
- {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
-};
-
-static unsigned char cipher_data[NUM_TESTS][8] = {
- {0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
- {0x51, 0x86, 0x6F, 0xD5, 0xB8, 0x5E, 0xCB, 0x8A},
- {0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2},
- {0x24, 0x66, 0xDD, 0x87, 0x8B, 0x96, 0x3C, 0x9D},
- {0x61, 0xF9, 0xC3, 0x80, 0x22, 0x81, 0xB0, 0x96},
- {0x7D, 0x0C, 0xC6, 0x30, 0xAF, 0xDA, 0x1E, 0xC7},
- {0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
- {0x0A, 0xCE, 0xAB, 0x0F, 0xC6, 0xA0, 0xA2, 0x8D},
- {0x59, 0xC6, 0x82, 0x45, 0xEB, 0x05, 0x28, 0x2B},
- {0xB1, 0xB8, 0xCC, 0x0B, 0x25, 0x0F, 0x09, 0xA0},
- {0x17, 0x30, 0xE5, 0x77, 0x8B, 0xEA, 0x1D, 0xA4},
- {0xA2, 0x5E, 0x78, 0x56, 0xCF, 0x26, 0x51, 0xEB},
- {0x35, 0x38, 0x82, 0xB1, 0x09, 0xCE, 0x8F, 0x1A},
- {0x48, 0xF4, 0xD0, 0x88, 0x4C, 0x37, 0x99, 0x18},
- {0x43, 0x21, 0x93, 0xB7, 0x89, 0x51, 0xFC, 0x98},
- {0x13, 0xF0, 0x41, 0x54, 0xD6, 0x9D, 0x1A, 0xE5},
- {0x2E, 0xED, 0xDA, 0x93, 0xFF, 0xD3, 0x9C, 0x79},
- {0xD8, 0x87, 0xE0, 0x39, 0x3C, 0x2D, 0xA6, 0xE3},
- {0x5F, 0x99, 0xD0, 0x4F, 0x5B, 0x16, 0x39, 0x69},
- {0x4A, 0x05, 0x7A, 0x3B, 0x24, 0xD3, 0x97, 0x7B},
- {0x45, 0x20, 0x31, 0xC1, 0xE4, 0xFA, 0xDA, 0x8E},
- {0x75, 0x55, 0xAE, 0x39, 0xF5, 0x9B, 0x87, 0xBD},
- {0x53, 0xC5, 0x5F, 0x9C, 0xB4, 0x9F, 0xC0, 0x19},
- {0x7A, 0x8E, 0x7B, 0xFA, 0x93, 0x7E, 0x89, 0xA3},
- {0xCF, 0x9C, 0x5D, 0x7A, 0x49, 0x86, 0xAD, 0xB5},
- {0xD1, 0xAB, 0xB2, 0x90, 0x65, 0x8B, 0xC7, 0x78},
- {0x55, 0xCB, 0x37, 0x74, 0xD1, 0x3E, 0xF2, 0x01},
- {0xFA, 0x34, 0xEC, 0x48, 0x47, 0xB2, 0x68, 0xB2},
- {0xA7, 0x90, 0x79, 0x51, 0x08, 0xEA, 0x3C, 0xAE},
- {0xC3, 0x9E, 0x07, 0x2D, 0x9F, 0xAC, 0x63, 0x1D},
- {0x01, 0x49, 0x33, 0xE0, 0xCD, 0xAF, 0xF6, 0xE4},
- {0xF2, 0x1E, 0x9A, 0x77, 0xB7, 0x1C, 0x49, 0xBC},
- {0x24, 0x59, 0x46, 0x88, 0x57, 0x54, 0x36, 0x9A},
- {0x6B, 0x5C, 0x5A, 0x9C, 0x5D, 0x9E, 0x0A, 0x5A},
-};
-
-static unsigned char cbc_key[16] = {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
- 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87
-};
-static unsigned char cbc_iv[8] =
- { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
-static char cbc_data[40] = "7654321 Now is the time for ";
-static unsigned char cbc_ok[32] = {
- 0x6B, 0x77, 0xB4, 0xD6, 0x30, 0x06, 0xDE, 0xE6,
- 0x05, 0xB1, 0x56, 0xE2, 0x74, 0x03, 0x97, 0x93,
- 0x58, 0xDE, 0xB9, 0xE7, 0x15, 0x46, 0x16, 0xD9,
- 0x59, 0xF1, 0x65, 0x2B, 0xD5, 0xFF, 0x92, 0xCC
-};
-
-static unsigned char cfb64_ok[] = {
- 0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
- 0xF2, 0x6E, 0xCF, 0x6D, 0x2E, 0xB9, 0xE7, 0x6E,
- 0x3D, 0xA3, 0xDE, 0x04, 0xD1, 0x51, 0x72, 0x00,
- 0x51, 0x9D, 0x57, 0xA6, 0xC3
-};
-
-static unsigned char ofb64_ok[] = {
- 0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
- 0x62, 0xB3, 0x43, 0xCC, 0x5B, 0x65, 0x58, 0x73,
- 0x10, 0xDD, 0x90, 0x8D, 0x0C, 0x24, 0x1B, 0x22,
- 0x63, 0xC2, 0xCF, 0x80, 0xDA
-};
-
-# define KEY_TEST_NUM 25
-static unsigned char key_test[KEY_TEST_NUM] = {
- 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87,
- 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f,
- 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
- 0x88
-};
-
-static unsigned char key_data[8] =
- { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 };
-
-static unsigned char key_out[KEY_TEST_NUM][8] = {
- {0xF9, 0xAD, 0x59, 0x7C, 0x49, 0xDB, 0x00, 0x5E},
- {0xE9, 0x1D, 0x21, 0xC1, 0xD9, 0x61, 0xA6, 0xD6},
- {0xE9, 0xC2, 0xB7, 0x0A, 0x1B, 0xC6, 0x5C, 0xF3},
- {0xBE, 0x1E, 0x63, 0x94, 0x08, 0x64, 0x0F, 0x05},
- {0xB3, 0x9E, 0x44, 0x48, 0x1B, 0xDB, 0x1E, 0x6E},
- {0x94, 0x57, 0xAA, 0x83, 0xB1, 0x92, 0x8C, 0x0D},
- {0x8B, 0xB7, 0x70, 0x32, 0xF9, 0x60, 0x62, 0x9D},
- {0xE8, 0x7A, 0x24, 0x4E, 0x2C, 0xC8, 0x5E, 0x82},
- {0x15, 0x75, 0x0E, 0x7A, 0x4F, 0x4E, 0xC5, 0x77},
- {0x12, 0x2B, 0xA7, 0x0B, 0x3A, 0xB6, 0x4A, 0xE0},
- {0x3A, 0x83, 0x3C, 0x9A, 0xFF, 0xC5, 0x37, 0xF6},
- {0x94, 0x09, 0xDA, 0x87, 0xA9, 0x0F, 0x6B, 0xF2},
- {0x88, 0x4F, 0x80, 0x62, 0x50, 0x60, 0xB8, 0xB4},
- {0x1F, 0x85, 0x03, 0x1C, 0x19, 0xE1, 0x19, 0x68},
- {0x79, 0xD9, 0x37, 0x3A, 0x71, 0x4C, 0xA3, 0x4F},
- {0x93, 0x14, 0x28, 0x87, 0xEE, 0x3B, 0xE1, 0x5C},
- {0x03, 0x42, 0x9E, 0x83, 0x8C, 0xE2, 0xD1, 0x4B},
- {0xA4, 0x29, 0x9E, 0x27, 0x46, 0x9F, 0xF6, 0x7B},
- {0xAF, 0xD5, 0xAE, 0xD1, 0xC1, 0xBC, 0x96, 0xA8},
- {0x10, 0x85, 0x1C, 0x0E, 0x38, 0x58, 0xDA, 0x9F},
- {0xE6, 0xF5, 0x1E, 0xD7, 0x9B, 0x9D, 0xB2, 0x1F},
- {0x64, 0xA6, 0xE1, 0x4A, 0xFD, 0x36, 0xB4, 0x6F},
- {0x80, 0xC7, 0xD7, 0xD4, 0x5A, 0x54, 0x79, 0xAD},
- {0x05, 0x04, 0x4B, 0x62, 0xFA, 0x52, 0xD0, 0x80},
-};
-
-static int test(void);
-static int print_test_data(void);
-int main(int argc, char *argv[])
-{
- int ret;
-
- if (argc > 1)
- ret = print_test_data();
- else
- ret = test();
-
-# ifdef OPENSSL_SYS_NETWARE
- if (ret)
- printf("ERROR: %d\n", ret);
-# endif
- EXIT(ret);
-}
-
-static int print_test_data(void)
-{
- unsigned int i, j;
-
- printf("ecb test data\n");
- printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
- for (i = 0; i < NUM_TESTS; i++) {
- for (j = 0; j < 8; j++)
- printf("%02X", ecb_data[i][j]);
- printf("\t");
- for (j = 0; j < 8; j++)
- printf("%02X", plain_data[i][j]);
- printf("\t");
- for (j = 0; j < 8; j++)
- printf("%02X", cipher_data[i][j]);
- printf("\n");
- }
-
- printf("set_key test data\n");
- printf("data[8]= ");
- for (j = 0; j < 8; j++)
- printf("%02X", key_data[j]);
- printf("\n");
- for (i = 0; i < KEY_TEST_NUM - 1; i++) {
- printf("c=");
- for (j = 0; j < 8; j++)
- printf("%02X", key_out[i][j]);
- printf(" k[%2u]=", i + 1);
- for (j = 0; j < i + 1; j++)
- printf("%02X", key_test[j]);
- printf("\n");
- }
-
- printf("\nchaining mode test data\n");
- printf("key[16] = ");
- for (j = 0; j < 16; j++)
- printf("%02X", cbc_key[j]);
- printf("\niv[8] = ");
- for (j = 0; j < 8; j++)
- printf("%02X", cbc_iv[j]);
- printf("\ndata[%d] = '%s'", (int)strlen(cbc_data) + 1, cbc_data);
- printf("\ndata[%d] = ", (int)strlen(cbc_data) + 1);
- for (j = 0; j < strlen(cbc_data) + 1; j++)
- printf("%02X", cbc_data[j]);
- printf("\n");
- printf("cbc cipher text\n");
- printf("cipher[%d]= ", 32);
- for (j = 0; j < 32; j++)
- printf("%02X", cbc_ok[j]);
- printf("\n");
-
- printf("cfb64 cipher text\n");
- printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
- for (j = 0; j < strlen(cbc_data) + 1; j++)
- printf("%02X", cfb64_ok[j]);
- printf("\n");
-
- printf("ofb64 cipher text\n");
- printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
- for (j = 0; j < strlen(cbc_data) + 1; j++)
- printf("%02X", ofb64_ok[j]);
- printf("\n");
- return (0);
-}
-
-static int test(void)
-{
- unsigned char cbc_in[40], cbc_out[40], iv[8];
- int i, n, err = 0;
- BF_KEY key;
- BF_LONG data[2];
- unsigned char out[8];
- BF_LONG len;
-
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
-# endif
-
- printf("testing blowfish in raw ecb mode\n");
- for (n = 0; n < 2; n++) {
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
-# endif
- BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]);
-
- data[0] = bf_plain[n][0];
- data[1] = bf_plain[n][1];
- BF_encrypt(data, &key);
- if (memcmp(&(bf_cipher[n][0]), &(data[0]), 8) != 0) {
- printf("BF_encrypt error encrypting\n");
- printf("got :");
- for (i = 0; i < 2; i++)
- printf("%08lX ", (unsigned long)data[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 2; i++)
- printf("%08lX ", (unsigned long)bf_cipher[n][i]);
- err = 1;
- printf("\n");
- }
-
- BF_decrypt(&(data[0]), &key);
- if (memcmp(&(bf_plain[n][0]), &(data[0]), 8) != 0) {
- printf("BF_encrypt error decrypting\n");
- printf("got :");
- for (i = 0; i < 2; i++)
- printf("%08lX ", (unsigned long)data[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 2; i++)
- printf("%08lX ", (unsigned long)bf_plain[n][i]);
- printf("\n");
- err = 1;
- }
- }
-
- printf("testing blowfish in ecb mode\n");
-
- for (n = 0; n < NUM_TESTS; n++) {
- BF_set_key(&key, 8, ecb_data[n]);
-
- BF_ecb_encrypt(&(plain_data[n][0]), out, &key, BF_ENCRYPT);
- if (memcmp(&(cipher_data[n][0]), out, 8) != 0) {
- printf("BF_ecb_encrypt blowfish error encrypting\n");
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", out[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", cipher_data[n][i]);
- err = 1;
- printf("\n");
- }
-
- BF_ecb_encrypt(out, out, &key, BF_DECRYPT);
- if (memcmp(&(plain_data[n][0]), out, 8) != 0) {
- printf("BF_ecb_encrypt error decrypting\n");
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", out[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", plain_data[n][i]);
- printf("\n");
- err = 1;
- }
- }
-
- printf("testing blowfish set_key\n");
- for (n = 1; n < KEY_TEST_NUM; n++) {
- BF_set_key(&key, n, key_test);
- BF_ecb_encrypt(key_data, out, &key, BF_ENCRYPT);
- /* mips-sgi-irix6.5-gcc vv -mabi=64 bug workaround */
- if (memcmp(out, &(key_out[i = n - 1][0]), 8) != 0) {
- printf("blowfish setkey error\n");
- err = 1;
- }
- }
-
- printf("testing blowfish in cbc mode\n");
- len = strlen(cbc_data) + 1;
-
- BF_set_key(&key, 16, cbc_key);
- memset(cbc_in, 0, sizeof cbc_in);
- memset(cbc_out, 0, sizeof cbc_out);
- memcpy(iv, cbc_iv, sizeof iv);
- BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len,
- &key, iv, BF_ENCRYPT);
- if (memcmp(cbc_out, cbc_ok, 32) != 0) {
- err = 1;
- printf("BF_cbc_encrypt encrypt error\n");
- for (i = 0; i < 32; i++)
- printf("0x%02X,", cbc_out[i]);
- }
- memcpy(iv, cbc_iv, 8);
- BF_cbc_encrypt(cbc_out, cbc_in, len, &key, iv, BF_DECRYPT);
- if (memcmp(cbc_in, cbc_data, strlen(cbc_data) + 1) != 0) {
- printf("BF_cbc_encrypt decrypt error\n");
- err = 1;
- }
-
- printf("testing blowfish in cfb64 mode\n");
-
- BF_set_key(&key, 16, cbc_key);
- memset(cbc_in, 0, 40);
- memset(cbc_out, 0, 40);
- memcpy(iv, cbc_iv, 8);
- n = 0;
- BF_cfb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13,
- &key, iv, &n, BF_ENCRYPT);
- BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
- len - 13, &key, iv, &n, BF_ENCRYPT);
- if (memcmp(cbc_out, cfb64_ok, (int)len) != 0) {
- err = 1;
- printf("BF_cfb64_encrypt encrypt error\n");
- for (i = 0; i < (int)len; i++)
- printf("0x%02X,", cbc_out[i]);
- }
- n = 0;
- memcpy(iv, cbc_iv, 8);
- BF_cfb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n, BF_DECRYPT);
- BF_cfb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17,
- &key, iv, &n, BF_DECRYPT);
- if (memcmp(cbc_in, cbc_data, (int)len) != 0) {
- printf("BF_cfb64_encrypt decrypt error\n");
- err = 1;
- }
-
- printf("testing blowfish in ofb64\n");
-
- BF_set_key(&key, 16, cbc_key);
- memset(cbc_in, 0, 40);
- memset(cbc_out, 0, 40);
- memcpy(iv, cbc_iv, 8);
- n = 0;
- BF_ofb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13, &key, iv,
- &n);
- BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
- len - 13, &key, iv, &n);
- if (memcmp(cbc_out, ofb64_ok, (int)len) != 0) {
- err = 1;
- printf("BF_ofb64_encrypt encrypt error\n");
- for (i = 0; i < (int)len; i++)
- printf("0x%02X,", cbc_out[i]);
- }
- n = 0;
- memcpy(iv, cbc_iv, 8);
- BF_ofb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n);
- BF_ofb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n);
- if (memcmp(cbc_in, cbc_data, (int)len) != 0) {
- printf("BF_ofb64_encrypt decrypt error\n");
- err = 1;
- }
-
- return (err);
-}
-#endif
+++ /dev/null
-/* crypto/bf/blowfish.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BLOWFISH_H
-# define HEADER_BLOWFISH_H
-
-# include <openssl/e_os2.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_BF
-# error BF is disabled.
-# endif
-
-# define BF_ENCRYPT 1
-# define BF_DECRYPT 0
-
-/*-
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! BF_LONG has to be at least 32 bits wide. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-# define BF_LONG unsigned int
-
-# define BF_ROUNDS 16
-# define BF_BLOCK 8
-
-typedef struct bf_key_st {
- BF_LONG P[BF_ROUNDS + 2];
- BF_LONG S[4 * 256];
-} BF_KEY;
-
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
-void BF_encrypt(BF_LONG *data, const BF_KEY *key);
-void BF_decrypt(BF_LONG *data, const BF_KEY *key);
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const BF_KEY *key, int enc);
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int enc);
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, const BF_KEY *schedule,
- unsigned char *ivec, int *num, int enc);
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, const BF_KEY *schedule,
- unsigned char *ivec, int *num);
-const char *BF_options(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/bio/bio.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BIO_H
-# define HEADER_BIO_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_STDIO
-# include <stdio.h>
-# endif
-# include <stdarg.h>
-
-# include <openssl/crypto.h>
-
-# ifndef OPENSSL_NO_SCTP
-# ifndef OPENSSL_SYS_VMS
-# include <stdint.h>
-# else
-# include <inttypes.h>
-# endif
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These are the 'types' of BIOs */
-# define BIO_TYPE_NONE 0
-# define BIO_TYPE_MEM (1|0x0400)
-# define BIO_TYPE_FILE (2|0x0400)
-
-# define BIO_TYPE_FD (4|0x0400|0x0100)
-# define BIO_TYPE_SOCKET (5|0x0400|0x0100)
-# define BIO_TYPE_NULL (6|0x0400)
-# define BIO_TYPE_SSL (7|0x0200)
-# define BIO_TYPE_MD (8|0x0200)/* passive filter */
-# define BIO_TYPE_BUFFER (9|0x0200)/* filter */
-# define BIO_TYPE_CIPHER (10|0x0200)/* filter */
-# define BIO_TYPE_BASE64 (11|0x0200)/* filter */
-# define BIO_TYPE_CONNECT (12|0x0400|0x0100)/* socket - connect */
-# define BIO_TYPE_ACCEPT (13|0x0400|0x0100)/* socket for accept */
-# define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
-# define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
-# define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
-# define BIO_TYPE_NULL_FILTER (17|0x0200)
-# define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
-# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
-# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
-# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
-# ifndef OPENSSL_NO_SCTP
-# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
-# endif
-# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
-# define BIO_TYPE_COMP (23|0x0200)/* filter */
-
-# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
-# define BIO_TYPE_FILTER 0x0200
-# define BIO_TYPE_SOURCE_SINK 0x0400
-
-/*
- * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE);
- */
-# define BIO_NOCLOSE 0x00
-# define BIO_CLOSE 0x01
-
-/*
- * These are used in the following macros and are passed to BIO_ctrl()
- */
-# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
-# define BIO_CTRL_EOF 2/* opt - are we at the eof */
-# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
-# define BIO_CTRL_SET 4/* man - set the 'IO' type */
-# define BIO_CTRL_GET 5/* man - get the 'IO' type */
-# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
-# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
-# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
-# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
-# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
-# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
-# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
-# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
-/* callback is int cb(BIO *bio,state,ret); */
-# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
-# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
-
-# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
-
-/* dgram BIO stuff */
-# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
-# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
- * socket to be passed in */
-# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
-# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
-# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
-# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
-
-# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
-# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
-
-/* #ifdef IP_MTU_DISCOVER */
-# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
-/* #endif */
-
-# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
-# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
-# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
-# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
- * want to use this if asking
- * the kernel fails */
-
-# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
- * exceed in the previous write
- * operation */
-
-# define BIO_CTRL_DGRAM_GET_PEER 46
-# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
-
-# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
- * to adjust socket timeouts */
-# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
-
-# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
-
-# ifndef OPENSSL_NO_SCTP
-/* SCTP stuff */
-# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
-# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
-# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
-# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
-# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
-# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
-# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
-# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
-# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
-# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
-# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
-# endif
-
-/* modifiers */
-# define BIO_FP_READ 0x02
-# define BIO_FP_WRITE 0x04
-# define BIO_FP_APPEND 0x08
-# define BIO_FP_TEXT 0x10
-
-# define BIO_FLAGS_READ 0x01
-# define BIO_FLAGS_WRITE 0x02
-# define BIO_FLAGS_IO_SPECIAL 0x04
-# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-# define BIO_FLAGS_SHOULD_RETRY 0x08
-# ifndef BIO_FLAGS_UPLINK
-/*
- * "UPLINK" flag denotes file descriptors provided by application. It
- * defaults to 0, as most platforms don't require UPLINK interface.
- */
-# define BIO_FLAGS_UPLINK 0
-# endif
-
-/* Used in BIO_gethostbyname() */
-# define BIO_GHBN_CTRL_HITS 1
-# define BIO_GHBN_CTRL_MISSES 2
-# define BIO_GHBN_CTRL_CACHE_SIZE 3
-# define BIO_GHBN_CTRL_GET_ENTRY 4
-# define BIO_GHBN_CTRL_FLUSH 5
-
-/* Mostly used in the SSL BIO */
-/*-
- * Not used anymore
- * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
- * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
- */
-
-# define BIO_FLAGS_BASE64_NO_NL 0x100
-
-/*
- * This is used with memory BIOs: it means we shouldn't free up or change the
- * data in any way.
- */
-# define BIO_FLAGS_MEM_RDONLY 0x200
-
-typedef struct bio_st BIO;
-
-void BIO_set_flags(BIO *b, int flags);
-int BIO_test_flags(const BIO *b, int flags);
-void BIO_clear_flags(BIO *b, int flags);
-
-# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
-# define BIO_set_retry_special(b) \
- BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_set_retry_read(b) \
- BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_set_retry_write(b) \
- BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
-
-/* These are normally used internally in BIOs */
-# define BIO_clear_retry_flags(b) \
- BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_get_retry_flags(b) \
- BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-
-/* These should be used by the application to tell why we should retry */
-# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
-# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
-# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
-# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
-# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
-
-/*
- * The next three are used in conjunction with the BIO_should_io_special()
- * condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
- * *reason); will walk the BIO stack and return the 'reason' for the special
- * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
- * the code.
- */
-/*
- * Returned from the SSL bio when the certificate retrieval code had an error
- */
-# define BIO_RR_SSL_X509_LOOKUP 0x01
-/* Returned from the connect BIO when a connect would have blocked */
-# define BIO_RR_CONNECT 0x02
-/* Returned from the accept BIO when an accept would have blocked */
-# define BIO_RR_ACCEPT 0x03
-
-/* These are passed by the BIO callback */
-# define BIO_CB_FREE 0x01
-# define BIO_CB_READ 0x02
-# define BIO_CB_WRITE 0x03
-# define BIO_CB_PUTS 0x04
-# define BIO_CB_GETS 0x05
-# define BIO_CB_CTRL 0x06
-
-/*
- * The callback is called before and after the underling operation, The
- * BIO_CB_RETURN flag indicates if it is after the call
- */
-# define BIO_CB_RETURN 0x80
-# define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
-# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
-# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
-
-long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
- int, long, long);
-void BIO_set_callback(BIO *b,
- long (*callback) (struct bio_st *, int, const char *,
- int, long, long));
-char *BIO_get_callback_arg(const BIO *b);
-void BIO_set_callback_arg(BIO *b, char *arg);
-
-const char *BIO_method_name(const BIO *b);
-int BIO_method_type(const BIO *b);
-
-typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
- long);
-
-typedef struct bio_method_st {
- int type;
- const char *name;
- int (*bwrite) (BIO *, const char *, int);
- int (*bread) (BIO *, char *, int);
- int (*bputs) (BIO *, const char *);
- int (*bgets) (BIO *, char *, int);
- long (*ctrl) (BIO *, int, long, void *);
- int (*create) (BIO *);
- int (*destroy) (BIO *);
- long (*callback_ctrl) (BIO *, int, bio_info_cb *);
-} BIO_METHOD;
-
-struct bio_st {
- BIO_METHOD *method;
- /* bio, mode, argp, argi, argl, ret */
- long (*callback) (struct bio_st *, int, const char *, int, long, long);
- char *cb_arg; /* first argument for the callback */
- int init;
- int shutdown;
- int flags; /* extra storage */
- int retry_reason;
- int num;
- void *ptr;
- struct bio_st *next_bio; /* used by filter BIOs */
- struct bio_st *prev_bio; /* used by filter BIOs */
- int references;
- unsigned long num_read;
- unsigned long num_write;
- CRYPTO_EX_DATA ex_data;
-};
-
-DECLARE_STACK_OF(BIO)
-
-typedef struct bio_f_buffer_ctx_struct {
- /*-
- * Buffers are setup like this:
- *
- * <---------------------- size ----------------------->
- * +---------------------------------------------------+
- * | consumed | remaining | free space |
- * +---------------------------------------------------+
- * <-- off --><------- len ------->
- */
- /*- BIO *bio; *//*
- * this is now in the BIO struct
- */
- int ibuf_size; /* how big is the input buffer */
- int obuf_size; /* how big is the output buffer */
- char *ibuf; /* the char array */
- int ibuf_len; /* how many bytes are in it */
- int ibuf_off; /* write/read offset */
- char *obuf; /* the char array */
- int obuf_len; /* how many bytes are in it */
- int obuf_off; /* write/read offset */
-} BIO_F_BUFFER_CTX;
-
-/* Prefix and suffix callback in ASN1 BIO */
-typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
- void *parg);
-
-# ifndef OPENSSL_NO_SCTP
-/* SCTP parameter structs */
-struct bio_dgram_sctp_sndinfo {
- uint16_t snd_sid;
- uint16_t snd_flags;
- uint32_t snd_ppid;
- uint32_t snd_context;
-};
-
-struct bio_dgram_sctp_rcvinfo {
- uint16_t rcv_sid;
- uint16_t rcv_ssn;
- uint16_t rcv_flags;
- uint32_t rcv_ppid;
- uint32_t rcv_tsn;
- uint32_t rcv_cumtsn;
- uint32_t rcv_context;
-};
-
-struct bio_dgram_sctp_prinfo {
- uint16_t pr_policy;
- uint32_t pr_value;
-};
-# endif
-
-/* connect BIO stuff */
-# define BIO_CONN_S_BEFORE 1
-# define BIO_CONN_S_GET_IP 2
-# define BIO_CONN_S_GET_PORT 3
-# define BIO_CONN_S_CREATE_SOCKET 4
-# define BIO_CONN_S_CONNECT 5
-# define BIO_CONN_S_OK 6
-# define BIO_CONN_S_BLOCKED_CONNECT 7
-# define BIO_CONN_S_NBIO 8
-/*
- * #define BIO_CONN_get_param_hostname BIO_ctrl
- */
-
-# define BIO_C_SET_CONNECT 100
-# define BIO_C_DO_STATE_MACHINE 101
-# define BIO_C_SET_NBIO 102
-# define BIO_C_SET_PROXY_PARAM 103
-# define BIO_C_SET_FD 104
-# define BIO_C_GET_FD 105
-# define BIO_C_SET_FILE_PTR 106
-# define BIO_C_GET_FILE_PTR 107
-# define BIO_C_SET_FILENAME 108
-# define BIO_C_SET_SSL 109
-# define BIO_C_GET_SSL 110
-# define BIO_C_SET_MD 111
-# define BIO_C_GET_MD 112
-# define BIO_C_GET_CIPHER_STATUS 113
-# define BIO_C_SET_BUF_MEM 114
-# define BIO_C_GET_BUF_MEM_PTR 115
-# define BIO_C_GET_BUFF_NUM_LINES 116
-# define BIO_C_SET_BUFF_SIZE 117
-# define BIO_C_SET_ACCEPT 118
-# define BIO_C_SSL_MODE 119
-# define BIO_C_GET_MD_CTX 120
-# define BIO_C_GET_PROXY_PARAM 121
-# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
-# define BIO_C_GET_CONNECT 123
-# define BIO_C_GET_ACCEPT 124
-# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
-# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
-# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
-# define BIO_C_FILE_SEEK 128
-# define BIO_C_GET_CIPHER_CTX 129
-# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
- * value */
-# define BIO_C_SET_BIND_MODE 131
-# define BIO_C_GET_BIND_MODE 132
-# define BIO_C_FILE_TELL 133
-# define BIO_C_GET_SOCKS 134
-# define BIO_C_SET_SOCKS 135
-
-# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
-# define BIO_C_GET_WRITE_BUF_SIZE 137
-# define BIO_C_MAKE_BIO_PAIR 138
-# define BIO_C_DESTROY_BIO_PAIR 139
-# define BIO_C_GET_WRITE_GUARANTEE 140
-# define BIO_C_GET_READ_REQUEST 141
-# define BIO_C_SHUTDOWN_WR 142
-# define BIO_C_NREAD0 143
-# define BIO_C_NREAD 144
-# define BIO_C_NWRITE0 145
-# define BIO_C_NWRITE 146
-# define BIO_C_RESET_READ_REQUEST 147
-# define BIO_C_SET_MD_CTX 148
-
-# define BIO_C_SET_PREFIX 149
-# define BIO_C_GET_PREFIX 150
-# define BIO_C_SET_SUFFIX 151
-# define BIO_C_GET_SUFFIX 152
-
-# define BIO_C_SET_EX_ARG 153
-# define BIO_C_GET_EX_ARG 154
-
-# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
-# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
-
-/* BIO_s_connect() and BIO_s_socks4a_connect() */
-# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-# define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
-
-# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
-
-/* BIO_s_accept_socket() */
-# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
-# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-
-# define BIO_BIND_NORMAL 0
-# define BIO_BIND_REUSEADDR_IF_UNUSED 1
-# define BIO_BIND_REUSEADDR 2
-# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-# define BIO_do_connect(b) BIO_do_handshake(b)
-# define BIO_do_accept(b) BIO_do_handshake(b)
-# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-/* BIO_s_proxy_client() */
-# define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-# define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
-/* BIO_set_nbio(b,n) */
-# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
-/* BIO *BIO_get_filter_bio(BIO *bio); */
-# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-
-# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-
-# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
-# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-
-# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-
-/*
- * name is cast to lose const, but might be better to route through a
- * function so we can do it safely
- */
-# ifdef CONST_STRICT
-/*
- * If you are wondering why this isn't defined, its because CONST_STRICT is
- * purely a compile-time kludge to allow const to be checked.
- */
-int BIO_read_filename(BIO *b, const char *name);
-# else
-# define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ,(char *)name)
-# endif
-# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_WRITE,name)
-# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_APPEND,name)
-# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-
-/*
- * WARNING WARNING, this ups the reference count on the read bio of the SSL
- * structure. This is because the ssl read BIO is now pointed to by the
- * next_bio field in the bio. So when you free the BIO, make sure you are
- * doing a BIO_free_all() to catch the underlying BIO.
- */
-# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-# define BIO_set_ssl_renegotiate_bytes(b,num) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
-# define BIO_get_num_renegotiates(b) \
- BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
-# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
-
-/* defined in evp.h */
-/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-
-# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-# define BIO_set_mem_eof_return(b,v) \
- BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
-
-/* For the BIO_f_buffer() type */
-# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-/* Don't use the next one unless you know what you are doing :-) */
-# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-
-# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
-/* ...pending macros have inappropriate return type */
-size_t BIO_ctrl_pending(BIO *b);
-size_t BIO_ctrl_wpending(BIO *b);
-# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
- cbp)
-# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
-
-/* For the BIO_f_buffer() type */
-# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
-
-/* For BIO_s_bio() */
-# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-/* macros with inappropriate type -- but ...pending macros use int too: */
-# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
-size_t BIO_ctrl_get_write_guarantee(BIO *b);
-size_t BIO_ctrl_get_read_request(BIO *b);
-int BIO_ctrl_reset_read_request(BIO *b);
-
-/* ctrl macros for dgram */
-# define BIO_ctrl_dgram_connect(b,peer) \
- (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
-# define BIO_ctrl_set_connected(b, state, peer) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
-# define BIO_dgram_recv_timedout(b) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
-# define BIO_dgram_send_timedout(b) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
-# define BIO_dgram_get_peer(b,peer) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
-# define BIO_dgram_set_peer(b,peer) \
- (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
-# define BIO_dgram_get_mtu_overhead(b) \
- (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
-
-/* These two aren't currently implemented */
-/* int BIO_get_ex_num(BIO *bio); */
-/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio, int idx, void *data);
-void *BIO_get_ex_data(BIO *bio, int idx);
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-unsigned long BIO_number_read(BIO *bio);
-unsigned long BIO_number_written(BIO *bio);
-
-/* For BIO_f_asn1() */
-int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
- asn1_ps_func *prefix_free);
-int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
- asn1_ps_func **pprefix_free);
-int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
- asn1_ps_func *suffix_free);
-int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
- asn1_ps_func **psuffix_free);
-
-# ifndef OPENSSL_NO_STDIO
-BIO_METHOD *BIO_s_file(void);
-BIO *BIO_new_file(const char *filename, const char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-# define BIO_s_file_internal BIO_s_file
-# endif
-BIO *BIO_new(BIO_METHOD *type);
-int BIO_set(BIO *a, BIO_METHOD *type);
-int BIO_free(BIO *a);
-void BIO_vfree(BIO *a);
-int BIO_read(BIO *b, void *data, int len);
-int BIO_gets(BIO *bp, char *buf, int size);
-int BIO_write(BIO *b, const void *data, int len);
-int BIO_puts(BIO *bp, const char *buf);
-int BIO_indent(BIO *b, int indent, int max);
-long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
-long BIO_callback_ctrl(BIO *b, int cmd,
- void (*fp) (struct bio_st *, int, const char *, int,
- long, long));
-char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
-long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
-BIO *BIO_push(BIO *b, BIO *append);
-BIO *BIO_pop(BIO *b);
-void BIO_free_all(BIO *a);
-BIO *BIO_find_type(BIO *b, int bio_type);
-BIO *BIO_next(BIO *b);
-BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
-int BIO_get_retry_reason(BIO *bio);
-BIO *BIO_dup_chain(BIO *in);
-
-int BIO_nread0(BIO *bio, char **buf);
-int BIO_nread(BIO *bio, char **buf, int num);
-int BIO_nwrite0(BIO *bio, char **buf);
-int BIO_nwrite(BIO *bio, char **buf, int num);
-
-long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
- long argl, long ret);
-
-BIO_METHOD *BIO_s_mem(void);
-BIO *BIO_new_mem_buf(void *buf, int len);
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_connect(void);
-BIO_METHOD *BIO_s_accept(void);
-BIO_METHOD *BIO_s_fd(void);
-# ifndef OPENSSL_SYS_OS2
-BIO_METHOD *BIO_s_log(void);
-# endif
-BIO_METHOD *BIO_s_bio(void);
-BIO_METHOD *BIO_s_null(void);
-BIO_METHOD *BIO_f_null(void);
-BIO_METHOD *BIO_f_buffer(void);
-# ifdef OPENSSL_SYS_VMS
-BIO_METHOD *BIO_f_linebuffer(void);
-# endif
-BIO_METHOD *BIO_f_nbio_test(void);
-# ifndef OPENSSL_NO_DGRAM
-BIO_METHOD *BIO_s_datagram(void);
-# ifndef OPENSSL_NO_SCTP
-BIO_METHOD *BIO_s_datagram_sctp(void);
-# endif
-# endif
-
-/* BIO_METHOD *BIO_f_ber(void); */
-
-int BIO_sock_should_retry(int i);
-int BIO_sock_non_fatal_error(int error);
-int BIO_dgram_non_fatal_error(int error);
-
-int BIO_fd_should_retry(int i);
-int BIO_fd_non_fatal_error(int error);
-int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
- void *u, const char *s, int len);
-int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
- void *u, const char *s, int len, int indent);
-int BIO_dump(BIO *b, const char *bytes, int len);
-int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
-# ifndef OPENSSL_NO_STDIO
-int BIO_dump_fp(FILE *fp, const char *s, int len);
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
-# endif
-int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
- int datalen);
-
-struct hostent *BIO_gethostbyname(const char *name);
-/*-
- * We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- * struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
-int BIO_sock_error(int sock);
-int BIO_socket_ioctl(int fd, long type, void *arg);
-int BIO_socket_nbio(int fd, int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port, int mode);
-int BIO_accept(int sock, char **ip_port);
-int BIO_sock_init(void);
-void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock, int turn_on);
-
-BIO *BIO_new_socket(int sock, int close_flag);
-BIO *BIO_new_dgram(int fd, int close_flag);
-# ifndef OPENSSL_NO_SCTP
-BIO *BIO_new_dgram_sctp(int fd, int close_flag);
-int BIO_dgram_is_sctp(BIO *bio);
-int BIO_dgram_sctp_notification_cb(BIO *b,
- void (*handle_notifications) (BIO *bio,
- void
- *context,
- void *buf),
- void *context);
-int BIO_dgram_sctp_wait_for_dry(BIO *b);
-int BIO_dgram_sctp_msg_waiting(BIO *b);
-# endif
-BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(const char *host_port);
-BIO *BIO_new_accept(const char *host_port);
-
-int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
- BIO **bio2, size_t writebuf2);
-/*
- * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
- * value.
- */
-
-void BIO_copy_next_retry(BIO *b);
-
-/*
- * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
- */
-
-# ifdef __GNUC__
-# define __bio_h__attr__ __attribute__
-# else
-# define __bio_h__attr__(x)
-# endif
-int BIO_printf(BIO *bio, const char *format, ...)
-__bio_h__attr__((__format__(__printf__, 2, 3)));
-int BIO_vprintf(BIO *bio, const char *format, va_list args)
-__bio_h__attr__((__format__(__printf__, 2, 0)));
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-__bio_h__attr__((__format__(__printf__, 3, 4)));
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-__bio_h__attr__((__format__(__printf__, 3, 0)));
-# undef __bio_h__attr__
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BIO_strings(void);
-
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-# define BIO_F_ACPT_STATE 100
-# define BIO_F_BIO_ACCEPT 101
-# define BIO_F_BIO_BER_GET_HEADER 102
-# define BIO_F_BIO_CALLBACK_CTRL 131
-# define BIO_F_BIO_CTRL 103
-# define BIO_F_BIO_GETHOSTBYNAME 120
-# define BIO_F_BIO_GETS 104
-# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
-# define BIO_F_BIO_GET_HOST_IP 106
-# define BIO_F_BIO_GET_PORT 107
-# define BIO_F_BIO_MAKE_PAIR 121
-# define BIO_F_BIO_NEW 108
-# define BIO_F_BIO_NEW_FILE 109
-# define BIO_F_BIO_NEW_MEM_BUF 126
-# define BIO_F_BIO_NREAD 123
-# define BIO_F_BIO_NREAD0 124
-# define BIO_F_BIO_NWRITE 125
-# define BIO_F_BIO_NWRITE0 122
-# define BIO_F_BIO_PUTS 110
-# define BIO_F_BIO_READ 111
-# define BIO_F_BIO_SOCK_INIT 112
-# define BIO_F_BIO_WRITE 113
-# define BIO_F_BUFFER_CTRL 114
-# define BIO_F_CONN_CTRL 127
-# define BIO_F_CONN_STATE 115
-# define BIO_F_DGRAM_SCTP_READ 132
-# define BIO_F_DGRAM_SCTP_WRITE 133
-# define BIO_F_FILE_CTRL 116
-# define BIO_F_FILE_READ 130
-# define BIO_F_LINEBUFFER_CTRL 129
-# define BIO_F_MEM_READ 128
-# define BIO_F_MEM_WRITE 117
-# define BIO_F_SSL_NEW 118
-# define BIO_F_WSASTARTUP 119
-
-/* Reason codes. */
-# define BIO_R_ACCEPT_ERROR 100
-# define BIO_R_BAD_FOPEN_MODE 101
-# define BIO_R_BAD_HOSTNAME_LOOKUP 102
-# define BIO_R_BROKEN_PIPE 124
-# define BIO_R_CONNECT_ERROR 103
-# define BIO_R_EOF_ON_MEMORY_BIO 127
-# define BIO_R_ERROR_SETTING_NBIO 104
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
-# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
-# define BIO_R_INVALID_ARGUMENT 125
-# define BIO_R_INVALID_IP_ADDRESS 108
-# define BIO_R_IN_USE 123
-# define BIO_R_KEEPALIVE 109
-# define BIO_R_NBIO_CONNECT_ERROR 110
-# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
-# define BIO_R_NO_HOSTNAME_SPECIFIED 112
-# define BIO_R_NO_PORT_DEFINED 113
-# define BIO_R_NO_PORT_SPECIFIED 114
-# define BIO_R_NO_SUCH_FILE 128
-# define BIO_R_NULL_PARAMETER 115
-# define BIO_R_TAG_MISMATCH 116
-# define BIO_R_UNABLE_TO_BIND_SOCKET 117
-# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
-# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
-# define BIO_R_UNINITIALIZED 120
-# define BIO_R_UNSUPPORTED_METHOD 121
-# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
-# define BIO_R_WSASTARTUP 122
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/bn/bn.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_BN_H
-# define HEADER_BN_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_STDIO
-# include <stdio.h> /* FILE */
-# endif
-# include <openssl/ossl_typ.h>
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * These preprocessor symbols control various aspects of the bignum headers
- * and library code. They're not defined by any "normal" configuration, as
- * they are intended for development and testing purposes. NB: defining all
- * three can be useful for debugging application code as well as openssl
- * itself. BN_DEBUG - turn on various debugging alterations to the bignum
- * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
- * mismanagement of bignum internals. You must also define BN_DEBUG.
- */
-/* #define BN_DEBUG */
-/* #define BN_DEBUG_RAND */
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-# define BN_MUL_COMBA
-# define BN_SQR_COMBA
-# define BN_RECURSION
-# endif
-
-/*
- * This next option uses the C libraries (2 word)/(1 word) function. If it is
- * not defined, I use my C version (which is slower). The reason for this
- * flag is that when the particular C compiler library routine is used, and
- * the library is linked with a different compiler, the library is missing.
- * This mostly happens when the library is built with gcc and then linked
- * using normal cc. This would be a common occurrence because gcc normally
- * produces code that is 2 times faster than system compilers for the big
- * number stuff. For machines with only one compiler (or shared libraries),
- * this should be on. Again this in only really a problem on machines using
- * "long long's", are 32bit, and are not using my assembler code.
- */
-# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
- defined(OPENSSL_SYS_WIN32) || defined(linux)
-# ifndef BN_DIV2W
-# define BN_DIV2W
-# endif
-# endif
-
-/*
- * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
- * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
- */
-# ifdef SIXTY_FOUR_BIT_LONG
-# define BN_ULLONG unsigned long long
-# define BN_ULONG unsigned long
-# define BN_LONG long
-# define BN_BITS 128
-# define BN_BYTES 8
-# define BN_BITS2 64
-# define BN_BITS4 32
-# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
-# define BN_MASK2 (0xffffffffffffffffL)
-# define BN_MASK2l (0xffffffffL)
-# define BN_MASK2h (0xffffffff00000000L)
-# define BN_MASK2h1 (0xffffffff80000000L)
-# define BN_TBIT (0x8000000000000000L)
-# define BN_DEC_CONV (10000000000000000000UL)
-# define BN_DEC_FMT1 "%lu"
-# define BN_DEC_FMT2 "%019lu"
-# define BN_DEC_NUM 19
-# define BN_HEX_FMT1 "%lX"
-# define BN_HEX_FMT2 "%016lX"
-# endif
-
-/*
- * This is where the long long data type is 64 bits, but long is 32. For
- * machines where there are 64bit registers, this is the mode to use. IRIX,
- * on R4000 and above should use this mode, along with the relevant assembler
- * code :-). Do NOT define BN_LLONG.
- */
-# ifdef SIXTY_FOUR_BIT
-# undef BN_LLONG
-# undef BN_ULLONG
-# define BN_ULONG unsigned long long
-# define BN_LONG long long
-# define BN_BITS 128
-# define BN_BYTES 8
-# define BN_BITS2 64
-# define BN_BITS4 32
-# define BN_MASK2 (0xffffffffffffffffLL)
-# define BN_MASK2l (0xffffffffL)
-# define BN_MASK2h (0xffffffff00000000LL)
-# define BN_MASK2h1 (0xffffffff80000000LL)
-# define BN_TBIT (0x8000000000000000LL)
-# define BN_DEC_CONV (10000000000000000000ULL)
-# define BN_DEC_FMT1 "%llu"
-# define BN_DEC_FMT2 "%019llu"
-# define BN_DEC_NUM 19
-# define BN_HEX_FMT1 "%llX"
-# define BN_HEX_FMT2 "%016llX"
-# endif
-
-# ifdef THIRTY_TWO_BIT
-# ifdef BN_LLONG
-# if defined(_WIN32) && !defined(__GNUC__)
-# define BN_ULLONG unsigned __int64
-# define BN_MASK (0xffffffffffffffffI64)
-# else
-# define BN_ULLONG unsigned long long
-# define BN_MASK (0xffffffffffffffffLL)
-# endif
-# endif
-# define BN_ULONG unsigned int
-# define BN_LONG int
-# define BN_BITS 64
-# define BN_BYTES 4
-# define BN_BITS2 32
-# define BN_BITS4 16
-# define BN_MASK2 (0xffffffffL)
-# define BN_MASK2l (0xffff)
-# define BN_MASK2h1 (0xffff8000L)
-# define BN_MASK2h (0xffff0000L)
-# define BN_TBIT (0x80000000L)
-# define BN_DEC_CONV (1000000000L)
-# define BN_DEC_FMT1 "%u"
-# define BN_DEC_FMT2 "%09u"
-# define BN_DEC_NUM 9
-# define BN_HEX_FMT1 "%X"
-# define BN_HEX_FMT2 "%08X"
-# endif
-
-# define BN_DEFAULT_BITS 1280
-
-# define BN_FLG_MALLOCED 0x01
-# define BN_FLG_STATIC_DATA 0x02
-
-/*
- * avoid leaking exponent information through timing,
- * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
- * BN_div() will call BN_div_no_branch,
- * BN_mod_inverse() will call BN_mod_inverse_no_branch.
- */
-# define BN_FLG_CONSTTIME 0x04
-
-# ifdef OPENSSL_USE_DEPRECATED
-/* deprecated name for the flag */
-# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
-/*
- * avoid leaking exponent information through timings
- * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
- */
-# endif
-
-# ifdef OPENSSL_USE_DEPRECATED
-# define BN_FLG_FREE 0x8000
- /* used for debuging */
-# endif
-
-void BN_set_flags(BIGNUM *b, int n);
-int BN_get_flags(const BIGNUM *b, int n);
-
-/*
- * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
- * two BIGNUMs cannot not be used in parallel!)
- */
-void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int n);
-
-/* Wrapper function to make using BN_GENCB easier, */
-int BN_GENCB_call(BN_GENCB *cb, int a, int b);
-
-BN_GENCB *BN_GENCB_new(void);
-void BN_GENCB_free(BN_GENCB *cb);
-
-/* Populate a BN_GENCB structure with an "old"-style callback */
-void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback) (int, int, void *),
- void *cb_arg);
-
-/* Populate a BN_GENCB structure with a "new"-style callback */
-void BN_GENCB_set(BN_GENCB *gencb, int (*callback) (int, int, BN_GENCB *),
- void *cb_arg);
-
-void *BN_GENCB_get_arg(BN_GENCB *cb);
-
-# define BN_prime_checks 0 /* default: select number of iterations based
- * on the size of the number */
-
-/*
- * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
- * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
- * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error
- * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
- * 177-194)
- */
-# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
- (b) >= 850 ? 3 : \
- (b) >= 650 ? 4 : \
- (b) >= 550 ? 5 : \
- (b) >= 450 ? 6 : \
- (b) >= 400 ? 7 : \
- (b) >= 350 ? 8 : \
- (b) >= 300 ? 9 : \
- (b) >= 250 ? 12 : \
- (b) >= 200 ? 15 : \
- (b) >= 150 ? 18 : \
- /* b >= 100 */ 27)
-
-# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
-
-int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
-int BN_is_zero(const BIGNUM *a);
-int BN_is_one(const BIGNUM *a);
-int BN_is_word(const BIGNUM *a, const BN_ULONG w);
-int BN_is_odd(const BIGNUM *a);
-
-# define BN_one(a) (BN_set_word((a),1))
-
-void BN_zero_ex(BIGNUM *a);
-
-# ifndef OPENSSL_USE_DEPRECATED
-# define BN_zero(a) BN_zero_ex(a)
-# else
-# define BN_zero(a) (BN_set_word((a),0))
-# endif
-
-const BIGNUM *BN_value_one(void);
-char *BN_options(void);
-BN_CTX *BN_CTX_new(void);
-void BN_CTX_free(BN_CTX *c);
-void BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void BN_CTX_end(BN_CTX *ctx);
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_num_bits(const BIGNUM *a);
-int BN_num_bits_word(BN_ULONG l);
-int BN_security_bits(int L, int N);
-BIGNUM *BN_new(void);
-void BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/** BN_set_negative sets sign of a BIGNUM
- * \param b pointer to the BIGNUM object
- * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
- */
-void BN_set_negative(BIGNUM *b, int n);
-/** BN_is_negative returns 1 if the BIGNUM is negative
- * \param a pointer to the BIGNUM object
- * \return 1 if a < 0 and 0 otherwise
- */
-int BN_is_negative(const BIGNUM *b);
-
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
- BN_CTX *ctx);
-# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int BN_mul_word(BIGNUM *a, BN_ULONG w);
-int BN_add_word(BIGNUM *a, BN_ULONG w);
-int BN_sub_word(BIGNUM *a, BN_ULONG w);
-int BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(const BIGNUM *a);
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void BN_free(BIGNUM *a);
-int BN_is_bit_set(const BIGNUM *a, int n);
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
-int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
- const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-int BN_mask_bits(BIGNUM *a, int n);
-# ifndef OPENSSL_NO_STDIO
-int BN_print_fp(FILE *fp, const BIGNUM *a);
-# endif
-# ifdef HEADER_BIO_H
-int BN_print(BIO *fp, const BIGNUM *a);
-# else
-int BN_print(void *fp, const BIGNUM *a);
-# endif
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int BN_set_bit(BIGNUM *a, int n);
-int BN_clear_bit(BIGNUM *a, int n);
-char *BN_bn2hex(const BIGNUM *a);
-char *BN_bn2dec(const BIGNUM *a);
-int BN_hex2bn(BIGNUM **a, const char *str);
-int BN_dec2bn(BIGNUM **a, const char *str);
-int BN_asc2bn(BIGNUM **a, const char *str);
-int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
- * -2 for
- * error */
-BIGNUM *BN_mod_inverse(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-BIGNUM *BN_mod_sqrt(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-
-void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
-
-/* Deprecated versions */
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
- const BIGNUM *add,
- const BIGNUM *rem,
- void (*callback) (int, int,
- void *),
- void *cb_arg));
-DECLARE_DEPRECATED(int
- BN_is_prime(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *),
- BN_CTX *ctx, void *cb_arg));
-DECLARE_DEPRECATED(int
- BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *),
- BN_CTX *ctx, void *cb_arg,
- int do_trial_division));
-# endif /* defined(OPENSSL_USE_DEPRECATED) */
-
-/* Newer versions */
-int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
- const BIGNUM *rem, BN_GENCB *cb);
-int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
-int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
- int do_trial_division, BN_GENCB *cb);
-
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
-
-int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
- const BIGNUM *Xp, const BIGNUM *Xp1,
- const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
- BN_GENCB *cb);
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
- BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
- BN_CTX *ctx, BN_GENCB *cb);
-
-BN_MONT_CTX *BN_MONT_CTX_new(void);
-int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- BN_MONT_CTX *mont, BN_CTX *ctx);
-int BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx);
-int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
- const BIGNUM *mod, BN_CTX *ctx);
-
-/* BN_BLINDING flags */
-# define BN_BLINDING_NO_UPDATE 0x00000001
-# define BN_BLINDING_NO_RECREATE 0x00000002
-
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
- BN_CTX *);
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(unsigned long
- BN_BLINDING_get_thread_id(const BN_BLINDING *));
-DECLARE_DEPRECATED(void
- BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long));
-# endif
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
-void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
-BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
- const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
- int (*bn_mod_exp) (BIGNUM *r,
- const BIGNUM *a,
- const BIGNUM *p,
- const BIGNUM *m,
- BN_CTX *ctx,
- BN_MONT_CTX *m_ctx),
- BN_MONT_CTX *m_ctx);
-
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(void BN_set_params(int mul, int high, int low, int mont));
-DECLARE_DEPRECATED(int BN_get_params(int which)); /* 0, mul, 1 high, 2 low, 3
- * mont */
-# endif
-
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_EC2M
-
-/*
- * Functions for arithmetic over binary polynomials represented by BIGNUMs.
- * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
- * ignored. Note that input arguments are not const so that their bit arrays
- * can be expanded to the appropriate size if needed.
- */
-
-/*
- * r = a + b
- */
-int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-/*
- * r=a mod p
- */
-int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx);
-# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
-/*-
- * Some functions allow for representation of the irreducible polynomials
- * as an unsigned int[], say p. The irreducible f(t) is then of the form:
- * t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-/* r = a mod p */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
- BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
- BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
- const int p[], BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
- const int p[], BN_CTX *ctx);
-int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
-int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
-
-# endif
-
-/*
- * faster mod functions for the 'NIST primes' 0 <= a < p^2
- */
-int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-const BIGNUM *BN_get0_nist_prime_192(void);
-const BIGNUM *BN_get0_nist_prime_224(void);
-const BIGNUM *BN_get0_nist_prime_256(void);
-const BIGNUM *BN_get0_nist_prime_384(void);
-const BIGNUM *BN_get0_nist_prime_521(void);
-
-int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
- const BIGNUM *field, BN_CTX *ctx);
-
-int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
- const BIGNUM *priv, const unsigned char *message,
- size_t message_len, BN_CTX *ctx);
-
-/* Primes from RFC 2409 */
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
-
-/* Primes from RFC 3526 */
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BN_strings(void);
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-# define BN_F_BNRAND 127
-# define BN_F_BN_BLINDING_CONVERT_EX 100
-# define BN_F_BN_BLINDING_CREATE_PARAM 128
-# define BN_F_BN_BLINDING_INVERT_EX 101
-# define BN_F_BN_BLINDING_NEW 102
-# define BN_F_BN_BLINDING_UPDATE 103
-# define BN_F_BN_BN2DEC 104
-# define BN_F_BN_BN2HEX 105
-# define BN_F_BN_COMPUTE_WNAF 142
-# define BN_F_BN_CTX_GET 116
-# define BN_F_BN_CTX_NEW 106
-# define BN_F_BN_CTX_START 129
-# define BN_F_BN_DIV 107
-# define BN_F_BN_DIV_NO_BRANCH 138
-# define BN_F_BN_DIV_RECP 130
-# define BN_F_BN_EXP 123
-# define BN_F_BN_EXPAND2 108
-# define BN_F_BN_EXPAND_INTERNAL 120
-# define BN_F_BN_GENCB_NEW 143
-# define BN_F_BN_GENERATE_DSA_NONCE 140
-# define BN_F_BN_GENERATE_PRIME_EX 141
-# define BN_F_BN_GF2M_MOD 131
-# define BN_F_BN_GF2M_MOD_EXP 132
-# define BN_F_BN_GF2M_MOD_MUL 133
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
-# define BN_F_BN_GF2M_MOD_SQR 136
-# define BN_F_BN_GF2M_MOD_SQRT 137
-# define BN_F_BN_MOD_EXP2_MONT 118
-# define BN_F_BN_MOD_EXP_MONT 109
-# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
-# define BN_F_BN_MOD_EXP_MONT_WORD 117
-# define BN_F_BN_MOD_EXP_RECP 125
-# define BN_F_BN_MOD_EXP_SIMPLE 126
-# define BN_F_BN_MOD_INVERSE 110
-# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
-# define BN_F_BN_MOD_LSHIFT_QUICK 119
-# define BN_F_BN_MOD_MUL_RECIPROCAL 111
-# define BN_F_BN_MOD_SQRT 121
-# define BN_F_BN_MPI2BN 112
-# define BN_F_BN_NEW 113
-# define BN_F_BN_RAND 114
-# define BN_F_BN_RAND_RANGE 122
-# define BN_F_BN_USUB 115
-
-/* Reason codes. */
-# define BN_R_ARG2_LT_ARG3 100
-# define BN_R_BAD_RECIPROCAL 101
-# define BN_R_BIGNUM_TOO_LONG 114
-# define BN_R_BITS_TOO_SMALL 118
-# define BN_R_CALLED_WITH_EVEN_MODULUS 102
-# define BN_R_DIV_BY_ZERO 103
-# define BN_R_ENCODING_ERROR 104
-# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
-# define BN_R_INPUT_NOT_REDUCED 110
-# define BN_R_INVALID_LENGTH 106
-# define BN_R_INVALID_RANGE 115
-# define BN_R_NOT_A_SQUARE 111
-# define BN_R_NOT_INITIALIZED 107
-# define BN_R_NO_INVERSE 108
-# define BN_R_NO_SOLUTION 116
-# define BN_R_PRIVATE_KEY_TOO_LARGE 117
-# define BN_R_P_IS_NOT_PRIME 112
-# define BN_R_TOO_MANY_ITERATIONS 113
-# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/bn/bntest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-
-#include "../crypto/bn/bn_lcl.h"
-
-const int num0 = 100; /* number of tests */
-const int num1 = 50; /* additional tests for some functions */
-const int num2 = 5; /* number of tests for slow functions */
-
-int test_add(BIO *bp);
-int test_sub(BIO *bp);
-int test_lshift1(BIO *bp);
-int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_);
-int test_rshift1(BIO *bp);
-int test_rshift(BIO *bp, BN_CTX *ctx);
-int test_div(BIO *bp, BN_CTX *ctx);
-int test_div_word(BIO *bp);
-int test_div_recp(BIO *bp, BN_CTX *ctx);
-int test_mul(BIO *bp);
-int test_sqr(BIO *bp, BN_CTX *ctx);
-int test_mont(BIO *bp, BN_CTX *ctx);
-int test_mod(BIO *bp, BN_CTX *ctx);
-int test_mod_mul(BIO *bp, BN_CTX *ctx);
-int test_mod_exp(BIO *bp, BN_CTX *ctx);
-int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx);
-int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx);
-int test_exp(BIO *bp, BN_CTX *ctx);
-int test_gf2m_add(BIO *bp);
-int test_gf2m_mod(BIO *bp);
-int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx);
-int test_kron(BIO *bp, BN_CTX *ctx);
-int test_sqrt(BIO *bp, BN_CTX *ctx);
-int test_small_prime(BIO *bp, BN_CTX *ctx);
-int test_probable_prime_coprime(BIO *bp, BN_CTX *ctx);
-int rand_neg(void);
-static int results = 0;
-
-static unsigned char lst[] =
- "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
- "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-static void message(BIO *out, char *m)
-{
- fprintf(stderr, "test %s\n", m);
- BIO_puts(out, "print \"test ");
- BIO_puts(out, m);
- BIO_puts(out, "\\n\"\n");
-}
-
-int main(int argc, char *argv[])
-{
- BN_CTX *ctx;
- BIO *out;
- char *outfile = NULL;
-
- results = 0;
-
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
-
- argc--;
- argv++;
- while (argc >= 1) {
- if (strcmp(*argv, "-results") == 0)
- results = 1;
- else if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- break;
- outfile = *(++argv);
- }
- argc--;
- argv++;
- }
-
- ctx = BN_CTX_new();
- if (ctx == NULL)
- EXIT(1);
-
- out = BIO_new(BIO_s_file());
- if (out == NULL)
- EXIT(1);
- if (outfile == NULL) {
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
- } else {
- if (!BIO_write_filename(out, outfile)) {
- perror(outfile);
- EXIT(1);
- }
- }
-
- if (!results)
- BIO_puts(out, "obase=16\nibase=16\n");
-
- message(out, "BN_add");
- if (!test_add(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_sub");
- if (!test_sub(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_lshift1");
- if (!test_lshift1(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_lshift (fixed)");
- if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL)))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_lshift");
- if (!test_lshift(out, ctx, NULL))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_rshift1");
- if (!test_rshift1(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_rshift");
- if (!test_rshift(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_sqr");
- if (!test_sqr(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mul");
- if (!test_mul(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_div");
- if (!test_div(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_div_word");
- if (!test_div_word(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_div_recp");
- if (!test_div_recp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod");
- if (!test_mod(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_mul");
- if (!test_mod_mul(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mont");
- if (!test_mont(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_exp");
- if (!test_mod_exp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_exp_mont_consttime");
- if (!test_mod_exp_mont_consttime(out, ctx))
- goto err;
- if (!test_mod_exp_mont5(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_exp");
- if (!test_exp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_kronecker");
- if (!test_kron(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_sqrt");
- if (!test_sqrt(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "Small prime generation");
- if (!test_small_prime(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
-#ifdef OPENSSL_SYS_WIN32
- message(out, "Probable prime generation with coprimes disabled");
-#else
- message(out, "Probable prime generation with coprimes");
- if (!test_probable_prime_coprime(out, ctx))
- goto err;
-#endif
- (void)BIO_flush(out);
-
-#ifndef OPENSSL_NO_EC2M
- message(out, "BN_GF2m_add");
- if (!test_gf2m_add(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod");
- if (!test_gf2m_mod(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_mul");
- if (!test_gf2m_mod_mul(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_sqr");
- if (!test_gf2m_mod_sqr(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_inv");
- if (!test_gf2m_mod_inv(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_div");
- if (!test_gf2m_mod_div(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_exp");
- if (!test_gf2m_mod_exp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_sqrt");
- if (!test_gf2m_mod_sqrt(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_solve_quad");
- if (!test_gf2m_mod_solve_quad(out, ctx))
- goto err;
- (void)BIO_flush(out);
-#endif
- BN_CTX_free(ctx);
- BIO_free(out);
-
- EXIT(0);
- err:
- BIO_puts(out, "1\n"); /* make sure the Perl script fed by bc
- * notices the failure, see test_bn in
- * test/Makefile.ssl */
- (void)BIO_flush(out);
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stderr);
- EXIT(1);
-}
-
-int test_add(BIO *bp)
-{
- BIGNUM *a, *b, *c;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
-
- BN_bntest_rand(a, 512, 0, 0);
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(b, 450 + i, 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- BN_add(c, a, b);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " + ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- a->neg = !a->neg;
- b->neg = !b->neg;
- BN_add(c, c, b);
- BN_add(c, c, a);
- if (!BN_is_zero(c)) {
- fprintf(stderr, "Add test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- return (1);
-}
-
-int test_sub(BIO *bp)
-{
- BIGNUM *a, *b, *c;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
-
- for (i = 0; i < num0 + num1; i++) {
- if (i < num1) {
- BN_bntest_rand(a, 512, 0, 0);
- BN_copy(b, a);
- if (BN_set_bit(a, i) == 0)
- return (0);
- BN_add_word(b, i);
- } else {
- BN_bntest_rand(b, 400 + i - num1, 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- }
- BN_sub(c, a, b);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " - ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_add(c, c, b);
- BN_sub(c, c, a);
- if (!BN_is_zero(c)) {
- fprintf(stderr, "Subtract test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- return (1);
-}
-
-int test_div(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- for (i = 0; i < num0 + num1; i++) {
- if (i < num1) {
- BN_bntest_rand(a, 400, 0, 0);
- BN_copy(b, a);
- BN_lshift(a, a, i);
- BN_add_word(a, i);
- } else
- BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- BN_div(d, c, a, b, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " / ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
-
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_mul(e, d, b, ctx);
- BN_add(d, e, c);
- BN_sub(d, d, a);
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Division test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-static void print_word(BIO *bp, BN_ULONG w)
-{
-#ifdef SIXTY_FOUR_BIT
- if (sizeof(w) > sizeof(unsigned long)) {
- unsigned long h = (unsigned long)(w >> 32), l = (unsigned long)(w);
-
- if (h)
- BIO_printf(bp, "%lX%08lX", h, l);
- else
- BIO_printf(bp, "%lX", l);
- return;
- }
-#endif
- BIO_printf(bp, BN_HEX_FMT1, w);
-}
-
-int test_div_word(BIO *bp)
-{
- BIGNUM *a, *b;
- BN_ULONG r, s;
- int i;
-
- a = BN_new();
- b = BN_new();
-
- for (i = 0; i < num0; i++) {
- do {
- BN_bntest_rand(a, 512, -1, 0);
- BN_bntest_rand(b, BN_BITS2, -1, 0);
- s = b->d[0];
- } while (!s);
-
- BN_copy(b, a);
- r = BN_div_word(b, s);
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " / ");
- print_word(bp, s);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
-
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- print_word(bp, s);
- BIO_puts(bp, " - ");
- }
- print_word(bp, r);
- BIO_puts(bp, "\n");
- }
- BN_mul_word(b, s);
- BN_add_word(b, r);
- BN_sub(b, a, b);
- if (!BN_is_zero(b)) {
- fprintf(stderr, "Division (word) test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- return (1);
-}
-
-int test_div_recp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- BN_RECP_CTX *recp;
- int i;
-
- recp = BN_RECP_CTX_new();
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- for (i = 0; i < num0 + num1; i++) {
- if (i < num1) {
- BN_bntest_rand(a, 400, 0, 0);
- BN_copy(b, a);
- BN_lshift(a, a, i);
- BN_add_word(a, i);
- } else
- BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- BN_RECP_CTX_set(recp, b, ctx);
- BN_div_recp(d, c, a, recp, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " / ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
-
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_mul(e, d, b, ctx);
- BN_add(d, e, c);
- BN_sub(d, d, a);
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Reciprocal division test failed!\n");
- fprintf(stderr, "a=");
- BN_print_fp(stderr, a);
- fprintf(stderr, "\nb=");
- BN_print_fp(stderr, b);
- fprintf(stderr, "\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_RECP_CTX_free(recp);
- return (1);
-}
-
-int test_mul(BIO *bp)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
- BN_CTX *ctx;
-
- ctx = BN_CTX_new();
- if (ctx == NULL)
- EXIT(1);
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- for (i = 0; i < num0 + num1; i++) {
- if (i <= num1) {
- BN_bntest_rand(a, 100, 0, 0);
- BN_bntest_rand(b, 100, 0, 0);
- } else
- BN_bntest_rand(b, i - num1, 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- BN_mul(c, a, b, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_div(d, e, c, a, ctx);
- BN_sub(d, d, b);
- if (!BN_is_zero(d) || !BN_is_zero(e)) {
- fprintf(stderr, "Multiplication test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_CTX_free(ctx);
- return (1);
-}
-
-int test_sqr(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *c, *d, *e;
- int i, ret = 0;
-
- a = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- if (a == NULL || c == NULL || d == NULL || e == NULL) {
- goto err;
- }
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 40 + i * 10, 0, 0);
- a->neg = rand_neg();
- BN_sqr(c, a, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, a);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_div(d, e, c, a, ctx);
- BN_sub(d, d, a);
- if (!BN_is_zero(d) || !BN_is_zero(e)) {
- fprintf(stderr, "Square test failed!\n");
- goto err;
- }
- }
-
- /* Regression test for a BN_sqr overflow bug. */
- BN_hex2bn(&a,
- "80000000000000008000000000000001"
- "FFFFFFFFFFFFFFFE0000000000000000");
- BN_sqr(c, a, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, a);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, a, ctx);
- if (BN_cmp(c, d)) {
- fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
- "different results!\n");
- goto err;
- }
-
- /* Regression test for a BN_sqr overflow bug. */
- BN_hex2bn(&a,
- "80000000000000000000000080000001"
- "FFFFFFFE000000000000000000000000");
- BN_sqr(c, a, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, a);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, a, ctx);
- if (BN_cmp(c, d)) {
- fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
- "different results!\n");
- goto err;
- }
- ret = 1;
- err:
- if (a != NULL)
- BN_free(a);
- if (c != NULL)
- BN_free(c);
- if (d != NULL)
- BN_free(d);
- if (e != NULL)
- BN_free(e);
- return ret;
-}
-
-int test_mont(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *A, *B;
- BIGNUM *n;
- int i;
- BN_MONT_CTX *mont;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- A = BN_new();
- B = BN_new();
- n = BN_new();
-
- mont = BN_MONT_CTX_new();
- if (mont == NULL)
- return 0;
-
- BN_bntest_rand(a, 100, 0, 0);
- BN_bntest_rand(b, 100, 0, 0);
- for (i = 0; i < num2; i++) {
- int bits = (200 * (i + 1)) / num2;
-
- if (bits == 0)
- continue;
- BN_bntest_rand(n, bits, 0, 1);
- BN_MONT_CTX_set(mont, n, ctx);
-
- BN_nnmod(a, a, n, ctx);
- BN_nnmod(b, b, n, ctx);
-
- BN_to_montgomery(A, a, mont, ctx);
- BN_to_montgomery(B, b, mont, ctx);
-
- BN_mod_mul_montgomery(c, A, B, mont, ctx);
- BN_from_montgomery(A, c, mont, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, b);
- BIO_puts(bp, " % ");
- BN_print(bp, &mont->N);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, A);
- BIO_puts(bp, "\n");
- }
- BN_mod_mul(d, a, b, n, ctx);
- BN_sub(d, d, A);
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Montgomery multiplication test failed!\n");
- return 0;
- }
- }
- BN_MONT_CTX_free(mont);
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(A);
- BN_free(B);
- BN_free(n);
- return (1);
-}
-
-int test_mod(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_bntest_rand(a, 1024, 0, 0);
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(b, 450 + i * 10, 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- BN_mod(c, a, b, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_div(d, e, a, b, ctx);
- BN_sub(e, e, c);
- if (!BN_is_zero(e)) {
- fprintf(stderr, "Modulo test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_mod_mul(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i, j;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- for (j = 0; j < 3; j++) {
- BN_bntest_rand(c, 1024, 0, 0);
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 475 + i * 10, 0, 0);
- BN_bntest_rand(b, 425 + i * 11, 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- if (!BN_mod_mul(e, a, b, c, ctx)) {
- unsigned long l;
-
- while ((l = ERR_get_error()))
- fprintf(stderr, "ERROR:%s\n", ERR_error_string(l, NULL));
- EXIT(1);
- }
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, b);
- BIO_puts(bp, " % ");
- BN_print(bp, c);
- if ((a->neg ^ b->neg) && !BN_is_zero(e)) {
- /*
- * If (a*b) % c is negative, c must be added in order
- * to obtain the normalized remainder (new with
- * OpenSSL 0.9.7, previous versions of BN_mod_mul
- * could generate negative results)
- */
- BIO_puts(bp, " + ");
- BN_print(bp, c);
- }
- BIO_puts(bp, " - ");
- }
- BN_print(bp, e);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, b, ctx);
- BN_sub(d, d, e);
- BN_div(a, b, d, c, ctx);
- if (!BN_is_zero(b)) {
- fprintf(stderr, "Modulo multiply test failed!\n");
- ERR_print_errors_fp(stderr);
- return 0;
- }
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_mod_exp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
- for (i = 0; i < num2; i++) {
- BN_bntest_rand(a, 20 + i * 5, 0, 0);
- BN_bntest_rand(b, 2 + i, 0, 0);
-
- if (!BN_mod_exp(d, a, b, c, ctx))
- return (0);
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ ");
- BN_print(bp, b);
- BIO_puts(bp, " % ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
- }
- BN_exp(e, a, b, ctx);
- BN_sub(e, e, d);
- BN_div(a, b, e, c, ctx);
- if (!BN_is_zero(b)) {
- fprintf(stderr, "Modulo exponentiation test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
- for (i = 0; i < num2; i++) {
- BN_bntest_rand(a, 20 + i * 5, 0, 0);
- BN_bntest_rand(b, 2 + i, 0, 0);
-
- if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL))
- return (00);
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ ");
- BN_print(bp, b);
- BIO_puts(bp, " % ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
- }
- BN_exp(e, a, b, ctx);
- BN_sub(e, e, d);
- BN_div(a, b, e, c, ctx);
- if (!BN_is_zero(b)) {
- fprintf(stderr, "Modulo exponentiation test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-/*
- * Test constant-time modular exponentiation with 1024-bit inputs, which on
- * x86_64 cause a different code branch to be taken.
- */
-int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *p, *m, *d, *e;
-
- BN_MONT_CTX *mont;
-
- a = BN_new();
- p = BN_new();
- m = BN_new();
- d = BN_new();
- e = BN_new();
-
- mont = BN_MONT_CTX_new();
-
- BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */
- /* Zero exponent */
- BN_bntest_rand(a, 1024, 0, 0);
- BN_zero(p);
- if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
- return 0;
- if (!BN_is_one(d)) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- /* Zero input */
- BN_bntest_rand(p, 1024, 0, 0);
- BN_zero(a);
- if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
- return 0;
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- /*
- * Craft an input whose Montgomery representation is 1, i.e., shorter
- * than the modulus m, in order to test the const time precomputation
- * scattering/gathering.
- */
- BN_one(a);
- BN_MONT_CTX_set(mont, m, ctx);
- if (!BN_from_montgomery(e, a, mont, ctx))
- return 0;
- if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
- return 0;
- if (!BN_mod_exp_simple(a, e, p, m, ctx))
- return 0;
- if (BN_cmp(a, d) != 0) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- /* Finally, some regular test vectors. */
- BN_bntest_rand(e, 1024, 0, 0);
- if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
- return 0;
- if (!BN_mod_exp_simple(a, e, p, m, ctx))
- return 0;
- if (BN_cmp(a, d) != 0) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- BN_free(a);
- BN_free(p);
- BN_free(m);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_exp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *d, *e, *one;
- int i;
-
- a = BN_new();
- b = BN_new();
- d = BN_new();
- e = BN_new();
- one = BN_new();
- BN_one(one);
-
- for (i = 0; i < num2; i++) {
- BN_bntest_rand(a, 20 + i * 5, 0, 0);
- BN_bntest_rand(b, 2 + i, 0, 0);
-
- if (BN_exp(d, a, b, ctx) <= 0)
- return (0);
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
- }
- BN_one(e);
- for (; !BN_is_zero(b); BN_sub(b, b, one))
- BN_mul(e, e, a, ctx);
- BN_sub(e, e, d);
- if (!BN_is_zero(e)) {
- fprintf(stderr, "Exponentiation test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(d);
- BN_free(e);
- BN_free(one);
- return (1);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int test_gf2m_add(BIO *bp)
-{
- BIGNUM *a, *b, *c;
- int i, ret = 0;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
-
- for (i = 0; i < num0; i++) {
- BN_rand(a, 512, 0, 0);
- BN_copy(b, BN_value_one());
- a->neg = rand_neg();
- b->neg = rand_neg();
- BN_GF2m_add(c, a, b);
- /* Test that two added values have the correct parity. */
- if ((BN_is_odd(a) && BN_is_odd(c))
- || (!BN_is_odd(a) && !BN_is_odd(c))) {
- fprintf(stderr, "GF(2^m) addition test (a) failed!\n");
- goto err;
- }
- BN_GF2m_add(c, c, c);
- /* Test that c + c = 0. */
- if (!BN_is_zero(c)) {
- fprintf(stderr, "GF(2^m) addition test (b) failed!\n");
- goto err;
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b);
- BN_free(c);
- return ret;
-}
-
-int test_gf2m_mod(BIO *bp)
-{
- BIGNUM *a, *b[2], *c, *d, *e;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 1024, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod(c, a, b[j]);
- BN_GF2m_add(d, a, c);
- BN_GF2m_mod(e, d, b[j]);
- /* Test that a + (a mod p) mod p == 0. */
- if (!BN_is_zero(e)) {
- fprintf(stderr, "GF(2^m) modulo test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return ret;
-}
-
-int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
- g = BN_new();
- h = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 1024, 0, 0);
- BN_bntest_rand(c, 1024, 0, 0);
- BN_bntest_rand(d, 1024, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_mul(e, a, c, b[j], ctx);
- BN_GF2m_add(f, a, d);
- BN_GF2m_mod_mul(g, f, c, b[j], ctx);
- BN_GF2m_mod_mul(h, d, c, b[j], ctx);
- BN_GF2m_add(f, e, g);
- BN_GF2m_add(f, f, h);
- /* Test that (a+d)*c = a*c + d*c. */
- if (!BN_is_zero(f)) {
- fprintf(stderr,
- "GF(2^m) modular multiplication test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- BN_free(g);
- BN_free(h);
- return ret;
-}
-
-int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 1024, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_sqr(c, a, b[j], ctx);
- BN_copy(d, a);
- BN_GF2m_mod_mul(d, a, d, b[j], ctx);
- BN_GF2m_add(d, c, d);
- /* Test that a*a = a^2. */
- if (!BN_is_zero(d)) {
- fprintf(stderr, "GF(2^m) modular squaring test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- return ret;
-}
-
-int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_inv(c, a, b[j], ctx);
- BN_GF2m_mod_mul(d, a, c, b[j], ctx);
- /* Test that ((1/a)*a) = 1. */
- if (!BN_is_one(d)) {
- fprintf(stderr, "GF(2^m) modular inversion test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- return ret;
-}
-
-int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- BN_bntest_rand(c, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_div(d, a, c, b[j], ctx);
- BN_GF2m_mod_mul(e, d, c, b[j], ctx);
- BN_GF2m_mod_div(f, a, e, b[j], ctx);
- /* Test that ((a/c)*c)/a = 1. */
- if (!BN_is_one(f)) {
- fprintf(stderr, "GF(2^m) modular division test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- return ret;
-}
-
-int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- BN_bntest_rand(c, 512, 0, 0);
- BN_bntest_rand(d, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_exp(e, a, c, b[j], ctx);
- BN_GF2m_mod_exp(f, a, d, b[j], ctx);
- BN_GF2m_mod_mul(e, e, f, b[j], ctx);
- BN_add(f, c, d);
- BN_GF2m_mod_exp(f, a, f, b[j], ctx);
- BN_GF2m_add(f, e, f);
- /* Test that a^(c+d)=a^c*a^d. */
- if (!BN_is_zero(f)) {
- fprintf(stderr,
- "GF(2^m) modular exponentiation test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- return ret;
-}
-
-int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod(c, a, b[j]);
- BN_GF2m_mod_sqrt(d, a, b[j], ctx);
- BN_GF2m_mod_sqr(e, d, b[j], ctx);
- BN_GF2m_add(f, c, e);
- /* Test that d^2 = a, where d = sqrt(a). */
- if (!BN_is_zero(f)) {
- fprintf(stderr, "GF(2^m) modular square root test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- return ret;
-}
-
-int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e;
- int i, j, s = 0, t, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
- if (t) {
- s++;
- BN_GF2m_mod_sqr(d, c, b[j], ctx);
- BN_GF2m_add(d, c, d);
- BN_GF2m_mod(e, a, b[j]);
- BN_GF2m_add(e, e, d);
- /*
- * Test that solution of quadratic c satisfies c^2 + c = a.
- */
- if (!BN_is_zero(e)) {
- fprintf(stderr,
- "GF(2^m) modular solve quadratic test failed!\n");
- goto err;
- }
-
- }
- }
- }
- if (s == 0) {
- fprintf(stderr,
- "All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n",
- num0);
- fprintf(stderr,
- "this is very unlikely and probably indicates an error.\n");
- goto err;
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return ret;
-}
-#endif
-static int genprime_cb(int p, int n, BN_GENCB *arg)
-{
- char c = '*';
-
- if (p == 0)
- c = '.';
- if (p == 1)
- c = '+';
- if (p == 2)
- c = '*';
- if (p == 3)
- c = '\n';
- putc(c, stderr);
- fflush(stderr);
- return 1;
-}
-
-int test_kron(BIO *bp, BN_CTX *ctx)
-{
- BN_GENCB cb;
- BIGNUM *a, *b, *r, *t;
- int i;
- int legendre, kronecker;
- int ret = 0;
-
- a = BN_new();
- b = BN_new();
- r = BN_new();
- t = BN_new();
- if (a == NULL || b == NULL || r == NULL || t == NULL)
- goto err;
-
- BN_GENCB_set(&cb, genprime_cb, NULL);
-
- /*
- * We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). In
- * this case we know that if b is prime, then BN_kronecker(a, b, ctx) is
- * congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol). So we
- * generate a random prime b and compare these values for a number of
- * random a's. (That is, we run the Solovay-Strassen primality test to
- * confirm that b is prime, except that we don't want to test whether b
- * is prime but whether BN_kronecker works.)
- */
-
- if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb))
- goto err;
- b->neg = rand_neg();
- putc('\n', stderr);
-
- for (i = 0; i < num0; i++) {
- if (!BN_bntest_rand(a, 512, 0, 0))
- goto err;
- a->neg = rand_neg();
-
- /* t := (|b|-1)/2 (note that b is odd) */
- if (!BN_copy(t, b))
- goto err;
- t->neg = 0;
- if (!BN_sub_word(t, 1))
- goto err;
- if (!BN_rshift1(t, t))
- goto err;
- /* r := a^t mod b */
- b->neg = 0;
-
- if (!BN_mod_exp_recp(r, a, t, b, ctx))
- goto err;
- b->neg = 1;
-
- if (BN_is_word(r, 1))
- legendre = 1;
- else if (BN_is_zero(r))
- legendre = 0;
- else {
- if (!BN_add_word(r, 1))
- goto err;
- if (0 != BN_ucmp(r, b)) {
- fprintf(stderr, "Legendre symbol computation failed\n");
- goto err;
- }
- legendre = -1;
- }
-
- kronecker = BN_kronecker(a, b, ctx);
- if (kronecker < -1)
- goto err;
- /* we actually need BN_kronecker(a, |b|) */
- if (a->neg && b->neg)
- kronecker = -kronecker;
-
- if (legendre != kronecker) {
- fprintf(stderr, "legendre != kronecker; a = ");
- BN_print_fp(stderr, a);
- fprintf(stderr, ", b = ");
- BN_print_fp(stderr, b);
- fprintf(stderr, "\n");
- goto err;
- }
-
- putc('.', stderr);
- fflush(stderr);
- }
-
- putc('\n', stderr);
- fflush(stderr);
- ret = 1;
- err:
- if (a != NULL)
- BN_free(a);
- if (b != NULL)
- BN_free(b);
- if (r != NULL)
- BN_free(r);
- if (t != NULL)
- BN_free(t);
- return ret;
-}
-
-int test_sqrt(BIO *bp, BN_CTX *ctx)
-{
- BN_GENCB cb;
- BIGNUM *a, *p, *r;
- int i, j;
- int ret = 0;
-
- a = BN_new();
- p = BN_new();
- r = BN_new();
- if (a == NULL || p == NULL || r == NULL)
- goto err;
-
- BN_GENCB_set(&cb, genprime_cb, NULL);
-
- for (i = 0; i < 16; i++) {
- if (i < 8) {
- unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 };
-
- if (!BN_set_word(p, primes[i]))
- goto err;
- } else {
- if (!BN_set_word(a, 32))
- goto err;
- if (!BN_set_word(r, 2 * i + 1))
- goto err;
-
- if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb))
- goto err;
- putc('\n', stderr);
- }
- p->neg = rand_neg();
-
- for (j = 0; j < num2; j++) {
- /*
- * construct 'a' such that it is a square modulo p, but in
- * general not a proper square and not reduced modulo p
- */
- if (!BN_bntest_rand(r, 256, 0, 3))
- goto err;
- if (!BN_nnmod(r, r, p, ctx))
- goto err;
- if (!BN_mod_sqr(r, r, p, ctx))
- goto err;
- if (!BN_bntest_rand(a, 256, 0, 3))
- goto err;
- if (!BN_nnmod(a, a, p, ctx))
- goto err;
- if (!BN_mod_sqr(a, a, p, ctx))
- goto err;
- if (!BN_mul(a, a, r, ctx))
- goto err;
- if (rand_neg())
- if (!BN_sub(a, a, p))
- goto err;
-
- if (!BN_mod_sqrt(r, a, p, ctx))
- goto err;
- if (!BN_mod_sqr(r, r, p, ctx))
- goto err;
-
- if (!BN_nnmod(a, a, p, ctx))
- goto err;
-
- if (BN_cmp(a, r) != 0) {
- fprintf(stderr, "BN_mod_sqrt failed: a = ");
- BN_print_fp(stderr, a);
- fprintf(stderr, ", r = ");
- BN_print_fp(stderr, r);
- fprintf(stderr, ", p = ");
- BN_print_fp(stderr, p);
- fprintf(stderr, "\n");
- goto err;
- }
-
- putc('.', stderr);
- fflush(stderr);
- }
-
- putc('\n', stderr);
- fflush(stderr);
- }
- ret = 1;
- err:
- if (a != NULL)
- BN_free(a);
- if (p != NULL)
- BN_free(p);
- if (r != NULL)
- BN_free(r);
- return ret;
-}
-
-int test_small_prime(BIO *bp, BN_CTX *ctx)
-{
- static const int bits = 10;
- int ret = 0;
- BIGNUM *r;
-
- r = BN_new();
- if (!BN_generate_prime_ex(r, bits, 0, NULL, NULL, NULL))
- goto err;
- if (BN_num_bits(r) != bits) {
- BIO_printf(bp, "Expected %d bit prime, got %d bit number\n", bits,
- BN_num_bits(r));
- goto err;
- }
-
- ret = 1;
-
- err:
- BN_clear_free(r);
- return ret;
-}
-
-#ifndef OPENSSL_SYS_WIN32
-int test_probable_prime_coprime(BIO *bp, BN_CTX *ctx)
-{
- int i, j, ret = 0;
- BIGNUM *r;
- BN_ULONG primes[5] = { 2, 3, 5, 7, 11 };
-
- r = BN_new();
-
- for (i = 0; i < 1000; i++) {
- if (!bn_probable_prime_dh_coprime(r, 1024, ctx))
- goto err;
-
- for (j = 0; j < 5; j++) {
- if (BN_mod_word(r, primes[j]) == 0) {
- BIO_printf(bp, "Number generated is not coprime to %ld:\n",
- primes[j]);
- BN_print_fp(stdout, r);
- BIO_printf(bp, "\n");
- goto err;
- }
- }
- }
-
- ret = 1;
-
- err:
- BN_clear_free(r);
- return ret;
-}
-#endif
-int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_)
-{
- BIGNUM *a, *b, *c, *d;
- int i;
-
- b = BN_new();
- c = BN_new();
- d = BN_new();
- BN_one(c);
-
- if (a_)
- a = a_;
- else {
- a = BN_new();
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- }
- for (i = 0; i < num0; i++) {
- BN_lshift(b, a, i + 1);
- BN_add(c, c, c);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, c, ctx);
- BN_sub(d, d, b);
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Left shift test failed!\n");
- fprintf(stderr, "a=");
- BN_print_fp(stderr, a);
- fprintf(stderr, "\nb=");
- BN_print_fp(stderr, b);
- fprintf(stderr, "\nc=");
- BN_print_fp(stderr, c);
- fprintf(stderr, "\nd=");
- BN_print_fp(stderr, d);
- fprintf(stderr, "\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- return (1);
-}
-
-int test_lshift1(BIO *bp)
-{
- BIGNUM *a, *b, *c;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
-
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- for (i = 0; i < num0; i++) {
- BN_lshift1(b, a);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * 2");
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_add(c, a, a);
- BN_sub(a, b, c);
- if (!BN_is_zero(a)) {
- fprintf(stderr, "Left shift one test failed!\n");
- return 0;
- }
-
- BN_copy(a, b);
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- return (1);
-}
-
-int test_rshift(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- BN_one(c);
-
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- for (i = 0; i < num0; i++) {
- BN_rshift(b, a, i + 1);
- BN_add(c, c, c);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " / ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_div(d, e, a, c, ctx);
- BN_sub(d, d, b);
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Right shift test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_rshift1(BIO *bp)
-{
- BIGNUM *a, *b, *c;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
-
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- for (i = 0; i < num0; i++) {
- BN_rshift1(b, a);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " / 2");
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_sub(c, a, b);
- BN_sub(c, c, b);
- if (!BN_is_zero(c) && !BN_abs_is_word(c, 1)) {
- fprintf(stderr, "Right shift one test failed!\n");
- return 0;
- }
- BN_copy(a, b);
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- return (1);
-}
-
-int rand_neg(void)
-{
- static unsigned int neg = 0;
- static int sign[8] = { 0, 0, 0, 1, 1, 0, 1, 1 };
-
- return (sign[(neg++) % 8]);
-}
+++ /dev/null
-/* crypto/bn/exptest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-
-#define NUM_BITS (BN_BITS*2)
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-/*
- * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
- */
-static int test_exp_mod_zero()
-{
- BIGNUM *a = NULL, *p = NULL, *m = NULL;
- BIGNUM *r = NULL;
- BN_CTX *ctx = BN_CTX_new();
- int ret = 1;
-
- m = BN_new();
- if (!m)
- goto err;
- BN_one(m);
-
- a = BN_new();
- if (!a)
- goto err;
- BN_one(a);
-
- p = BN_new();
- if (!p)
- goto err;
- BN_zero(p);
-
- r = BN_new();
- if (!r)
- goto err;
- BN_mod_exp(r, a, p, m, ctx);
- BN_CTX_free(ctx);
-
- if (BN_is_zero(r))
- ret = 0;
- else {
- printf("1**0 mod 1 = ");
- BN_print_fp(stdout, r);
- printf(", should be 0\n");
- }
-
- err:
- BN_free(r);
- BN_free(a);
- BN_free(p);
- BN_free(m);
-
- return ret;
-}
-
-int main(int argc, char *argv[])
-{
- BN_CTX *ctx;
- BIO *out = NULL;
- int i, ret;
- unsigned char c;
- BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
-
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
- * don't even check its return
- * value (which we should) */
-
- ERR_load_BN_strings();
-
- ctx = BN_CTX_new();
- if (ctx == NULL)
- EXIT(1);
- r_mont = BN_new();
- r_mont_const = BN_new();
- r_recp = BN_new();
- r_simple = BN_new();
- a = BN_new();
- b = BN_new();
- m = BN_new();
- if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
- goto err;
-
- out = BIO_new(BIO_s_file());
-
- if (out == NULL)
- EXIT(1);
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-
- for (i = 0; i < 200; i++) {
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(a, NUM_BITS + c, 0, 0);
-
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(b, NUM_BITS + c, 0, 0);
-
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(m, NUM_BITS + c, 0, 1);
-
- BN_mod(a, a, m, ctx);
- BN_mod(b, b, m, ctx);
-
- ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
- if (ret <= 0) {
- printf("BN_mod_exp_mont() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
- if (ret <= 0) {
- printf("BN_mod_exp_recp() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
- if (ret <= 0) {
- printf("BN_mod_exp_simple() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
- if (ret <= 0) {
- printf("BN_mod_exp_mont_consttime() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- if (BN_cmp(r_simple, r_mont) == 0
- && BN_cmp(r_simple, r_recp) == 0
- && BN_cmp(r_simple, r_mont_const) == 0) {
- printf(".");
- fflush(stdout);
- } else {
- if (BN_cmp(r_simple, r_mont) != 0)
- printf("\nsimple and mont results differ\n");
- if (BN_cmp(r_simple, r_mont_const) != 0)
- printf("\nsimple and mont const time results differ\n");
- if (BN_cmp(r_simple, r_recp) != 0)
- printf("\nsimple and recp results differ\n");
-
- printf("a (%3d) = ", BN_num_bits(a));
- BN_print(out, a);
- printf("\nb (%3d) = ", BN_num_bits(b));
- BN_print(out, b);
- printf("\nm (%3d) = ", BN_num_bits(m));
- BN_print(out, m);
- printf("\nsimple =");
- BN_print(out, r_simple);
- printf("\nrecp =");
- BN_print(out, r_recp);
- printf("\nmont =");
- BN_print(out, r_mont);
- printf("\nmont_ct =");
- BN_print(out, r_mont_const);
- printf("\n");
- EXIT(1);
- }
- }
- BN_free(r_mont);
- BN_free(r_mont_const);
- BN_free(r_recp);
- BN_free(r_simple);
- BN_free(a);
- BN_free(b);
- BN_free(m);
- BN_CTX_free(ctx);
- ERR_remove_thread_state(NULL);
- CRYPTO_mem_leaks(out);
- BIO_free(out);
- printf("\n");
-
- if (test_exp_mod_zero() != 0)
- goto err;
-
- printf("done\n");
-
- EXIT(0);
- err:
- ERR_load_crypto_strings();
- ERR_print_errors(out);
-#ifdef OPENSSL_SYS_NETWARE
- printf("ERROR\n");
-#endif
- EXIT(1);
-}
+++ /dev/null
-/* crypto/buffer/buffer.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BUFFER_H
-# define HEADER_BUFFER_H
-
-# include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <stddef.h>
-
-# if !defined(NO_SYS_TYPES_H)
-# include <sys/types.h>
-# endif
-
-/* Already declared in ossl_typ.h */
-/* typedef struct buf_mem_st BUF_MEM; */
-
-struct buf_mem_st {
- size_t length; /* current number of bytes */
- char *data;
- size_t max; /* size of buffer */
-};
-
-BUF_MEM *BUF_MEM_new(void);
-void BUF_MEM_free(BUF_MEM *a);
-size_t BUF_MEM_grow(BUF_MEM *str, size_t len);
-size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
-size_t BUF_strnlen(const char *str, size_t maxlen);
-char *BUF_strdup(const char *str);
-char *BUF_strndup(const char *str, size_t siz);
-void *BUF_memdup(const void *data, size_t siz);
-void BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
-
-/* safe string functions */
-size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
-size_t BUF_strlcat(char *dst, const char *src, size_t siz);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BUF_strings(void);
-
-/* Error codes for the BUF functions. */
-
-/* Function codes. */
-# define BUF_F_BUF_MEMDUP 103
-# define BUF_F_BUF_MEM_GROW 100
-# define BUF_F_BUF_MEM_GROW_CLEAN 105
-# define BUF_F_BUF_MEM_NEW 101
-# define BUF_F_BUF_STRDUP 102
-# define BUF_F_BUF_STRNDUP 104
-
-/* Reason codes. */
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_CAMELLIA_H
-# define HEADER_CAMELLIA_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_CAMELLIA
-# error CAMELLIA is disabled.
-# endif
-
-# include <stddef.h>
-
-# define CAMELLIA_ENCRYPT 1
-# define CAMELLIA_DECRYPT 0
-
-/*
- * Because array size can't be a const in C, the following two are macros.
- * Both sizes are in bytes.
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-
-# define CAMELLIA_BLOCK_SIZE 16
-# define CAMELLIA_TABLE_BYTE_LEN 272
-# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
-
-typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
- * with WORD */
-
-struct camellia_key_st {
- union {
- double d; /* ensures 64-bit align */
- KEY_TABLE_TYPE rd_key;
- } u;
- int grand_rounds;
-};
-typedef struct camellia_key_st CAMELLIA_KEY;
-
-int Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key);
-
-void Camellia_encrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key);
-void Camellia_decrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key);
-
-void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const CAMELLIA_KEY *key, const int enc);
-void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, const int enc);
-void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char *ivec, int *num);
-void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const CAMELLIA_KEY *key,
- unsigned char ivec[CAMELLIA_BLOCK_SIZE],
- unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
- unsigned int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* !HEADER_Camellia_H */
+++ /dev/null
-/* crypto/cast/cast.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CAST_H
-# define HEADER_CAST_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_CAST
-# error CAST is disabled.
-# endif
-
-# define CAST_ENCRYPT 1
-# define CAST_DECRYPT 0
-
-# define CAST_LONG unsigned int
-
-# define CAST_BLOCK 8
-# define CAST_KEY_LENGTH 16
-
-typedef struct cast_key_st {
- CAST_LONG data[32];
- int short_key; /* Use reduced rounds for short key */
-} CAST_KEY;
-
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const CAST_KEY *key, int enc);
-void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
- long length, const CAST_KEY *ks, unsigned char *iv,
- int enc);
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, const CAST_KEY *schedule,
- unsigned char *ivec, int *num, int enc);
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, const CAST_KEY *schedule,
- unsigned char *ivec, int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/cast/casttest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_CAST is defined */
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_CAST
-int main(int argc, char *argv[])
-{
- printf("No CAST support\n");
- return (0);
-}
-#else
-# include <openssl/cast.h>
-
-# define FULL_TEST
-
-static unsigned char k[16] = {
- 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
- 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
-};
-
-static unsigned char in[8] =
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF };
-
-static int k_len[3] = { 16, 10, 5 };
-
-static unsigned char c[3][8] = {
- {0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2},
- {0xEB, 0x6A, 0x71, 0x1A, 0x2C, 0x02, 0x27, 0x1B},
- {0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E},
-};
-
-static unsigned char out[80];
-
-static unsigned char in_a[16] = {
- 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
- 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
-};
-
-static unsigned char in_b[16] = {
- 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
- 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
-};
-
-static unsigned char c_a[16] = {
- 0xEE, 0xA9, 0xD0, 0xA2, 0x49, 0xFD, 0x3B, 0xA6,
- 0xB3, 0x43, 0x6F, 0xB8, 0x9D, 0x6D, 0xCA, 0x92
-};
-
-static unsigned char c_b[16] = {
- 0xB2, 0xC9, 0x5E, 0xB0, 0x0C, 0x31, 0xAD, 0x71,
- 0x80, 0xAC, 0x05, 0xB8, 0xE8, 0x3D, 0x69, 0x6E
-};
-
-int main(int argc, char *argv[])
-{
-# ifdef FULL_TEST
- long l;
- CAST_KEY key_b;
-# endif
- int i, z, err = 0;
- CAST_KEY key;
-
- for (z = 0; z < 3; z++) {
- CAST_set_key(&key, k_len[z], k);
-
- CAST_ecb_encrypt(in, out, &key, CAST_ENCRYPT);
- if (memcmp(out, &(c[z][0]), 8) != 0) {
- printf("ecb cast error encrypting for keysize %d\n",
- k_len[z] * 8);
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", out[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", c[z][i]);
- err = 20;
- printf("\n");
- }
-
- CAST_ecb_encrypt(out, out, &key, CAST_DECRYPT);
- if (memcmp(out, in, 8) != 0) {
- printf("ecb cast error decrypting for keysize %d\n",
- k_len[z] * 8);
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", out[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", in[i]);
- printf("\n");
- err = 3;
- }
- }
- if (err == 0)
- printf("ecb cast5 ok\n");
-
-# ifdef FULL_TEST
- {
- unsigned char out_a[16], out_b[16];
- static char *hex = "0123456789ABCDEF";
-
- printf("This test will take some time....");
- fflush(stdout);
- memcpy(out_a, in_a, sizeof(in_a));
- memcpy(out_b, in_b, sizeof(in_b));
- i = 1;
-
- for (l = 0; l < 1000000L; l++) {
- CAST_set_key(&key_b, 16, out_b);
- CAST_ecb_encrypt(&(out_a[0]), &(out_a[0]), &key_b, CAST_ENCRYPT);
- CAST_ecb_encrypt(&(out_a[8]), &(out_a[8]), &key_b, CAST_ENCRYPT);
- CAST_set_key(&key, 16, out_a);
- CAST_ecb_encrypt(&(out_b[0]), &(out_b[0]), &key, CAST_ENCRYPT);
- CAST_ecb_encrypt(&(out_b[8]), &(out_b[8]), &key, CAST_ENCRYPT);
- if ((l & 0xffff) == 0xffff) {
- printf("%c", hex[i & 0x0f]);
- fflush(stdout);
- i++;
- }
- }
-
- if ((memcmp(out_a, c_a, sizeof(c_a)) != 0) ||
- (memcmp(out_b, c_b, sizeof(c_b)) != 0)) {
- printf("\n");
- printf("Error\n");
-
- printf("A out =");
- for (i = 0; i < 16; i++)
- printf("%02X ", out_a[i]);
- printf("\nactual=");
- for (i = 0; i < 16; i++)
- printf("%02X ", c_a[i]);
- printf("\n");
-
- printf("B out =");
- for (i = 0; i < 16; i++)
- printf("%02X ", out_b[i]);
- printf("\nactual=");
- for (i = 0; i < 16; i++)
- printf("%02X ", c_b[i]);
- printf("\n");
- } else
- printf(" ok\n");
- }
-# endif
-
- EXIT(err);
-}
-#endif
+++ /dev/null
-/* crypto/cmac/cmac.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMAC_H
-# define HEADER_CMAC_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/evp.h>
-
-/* Opaque */
-typedef struct CMAC_CTX_st CMAC_CTX;
-
-CMAC_CTX *CMAC_CTX_new(void);
-void CMAC_CTX_cleanup(CMAC_CTX *ctx);
-void CMAC_CTX_free(CMAC_CTX *ctx);
-EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
-int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
-
-int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
- const EVP_CIPHER *cipher, ENGINE *impl);
-int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
-int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
-int CMAC_resume(CMAC_CTX *ctx);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/cms/cms.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMS_H
-# define HEADER_CMS_H
-
-# include <openssl/x509.h>
-
-# ifdef OPENSSL_NO_CMS
-# error CMS is disabled.
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct CMS_ContentInfo_st CMS_ContentInfo;
-typedef struct CMS_SignerInfo_st CMS_SignerInfo;
-typedef struct CMS_CertificateChoices CMS_CertificateChoices;
-typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
-typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
-typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
-typedef struct CMS_Receipt_st CMS_Receipt;
-typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
-typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
-
-DECLARE_STACK_OF(CMS_SignerInfo)
-DECLARE_STACK_OF(GENERAL_NAMES)
-DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
-DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
-DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-
-# define CMS_SIGNERINFO_ISSUER_SERIAL 0
-# define CMS_SIGNERINFO_KEYIDENTIFIER 1
-
-# define CMS_RECIPINFO_NONE -1
-# define CMS_RECIPINFO_TRANS 0
-# define CMS_RECIPINFO_AGREE 1
-# define CMS_RECIPINFO_KEK 2
-# define CMS_RECIPINFO_PASS 3
-# define CMS_RECIPINFO_OTHER 4
-
-/* S/MIME related flags */
-
-# define CMS_TEXT 0x1
-# define CMS_NOCERTS 0x2
-# define CMS_NO_CONTENT_VERIFY 0x4
-# define CMS_NO_ATTR_VERIFY 0x8
-# define CMS_NOSIGS \
- (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
-# define CMS_NOINTERN 0x10
-# define CMS_NO_SIGNER_CERT_VERIFY 0x20
-# define CMS_NOVERIFY 0x20
-# define CMS_DETACHED 0x40
-# define CMS_BINARY 0x80
-# define CMS_NOATTR 0x100
-# define CMS_NOSMIMECAP 0x200
-# define CMS_NOOLDMIMETYPE 0x400
-# define CMS_CRLFEOL 0x800
-# define CMS_STREAM 0x1000
-# define CMS_NOCRL 0x2000
-# define CMS_PARTIAL 0x4000
-# define CMS_REUSE_DIGEST 0x8000
-# define CMS_USE_KEYID 0x10000
-# define CMS_DEBUG_DECRYPT 0x20000
-# define CMS_KEY_PARAM 0x40000
-# define CMS_ASCIICRLF 0x80000
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
-
-BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
-int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
-
-ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
-int CMS_is_detached(CMS_ContentInfo *cms);
-int CMS_set_detached(CMS_ContentInfo *cms, int detached);
-
-# ifdef HEADER_PEM_H
-DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
-# endif
-int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
-CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
-int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
-
-BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
-int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
-int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
- int flags);
-CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
-int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
-
-int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
- unsigned int flags);
-
-CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data,
- unsigned int flags);
-
-CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
- X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, unsigned int flags);
-
-int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
-CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
-
-int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
- unsigned int flags);
-CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
- unsigned int flags);
-
-int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
- const unsigned char *key, size_t keylen,
- BIO *dcont, BIO *out, unsigned int flags);
-
-CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
- const unsigned char *key,
- size_t keylen, unsigned int flags);
-
-int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
- const unsigned char *key, size_t keylen);
-
-int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
- X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
- STACK_OF(X509) *certs,
- X509_STORE *store, unsigned int flags);
-
-STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
- const EVP_CIPHER *cipher, unsigned int flags);
-
-int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
- BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
-int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
- unsigned char *key, size_t keylen,
- unsigned char *id, size_t idlen);
-int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
- unsigned char *pass, ossl_ssize_t passlen);
-
-STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
-int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
-EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
-CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
-CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
- X509 *recip, unsigned int flags);
-int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
-int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
-int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
- EVP_PKEY **pk, X509 **recip,
- X509_ALGOR **palg);
-int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer,
- ASN1_INTEGER **sno);
-
-CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
- unsigned char *key, size_t keylen,
- unsigned char *id, size_t idlen,
- ASN1_GENERALIZEDTIME *date,
- ASN1_OBJECT *otherTypeId,
- ASN1_TYPE *otherType);
-
-int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
- X509_ALGOR **palg,
- ASN1_OCTET_STRING **pid,
- ASN1_GENERALIZEDTIME **pdate,
- ASN1_OBJECT **potherid,
- ASN1_TYPE **pothertype);
-
-int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
- unsigned char *key, size_t keylen);
-
-int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
- const unsigned char *id, size_t idlen);
-
-int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
- unsigned char *pass,
- ossl_ssize_t passlen);
-
-CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
- int iter, int wrap_nid,
- int pbe_nid,
- unsigned char *pass,
- ossl_ssize_t passlen,
- const EVP_CIPHER *kekciph);
-
-int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-
-int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
- unsigned int flags);
-CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
-
-int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
-const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
-
-CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
-int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
-int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
-STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
-
-CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
-int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
-
-int CMS_SignedData_init(CMS_ContentInfo *cms);
-CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
- X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
- unsigned int flags);
-EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
-EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
-STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
-
-void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
-int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
-int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
- unsigned int flags);
-void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
- X509 **signer, X509_ALGOR **pdig,
- X509_ALGOR **psig);
-ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
-int CMS_SignerInfo_sign(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
-
-int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
-int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
- int algnid, int keysize);
-int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
-
-int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
-int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
- int lastpos);
-int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
- const ASN1_OBJECT *obj, int type,
- const void *bytes, int len);
-int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
- int nid, int type,
- const void *bytes, int len);
-int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
- const char *attrname, int type,
- const void *bytes, int len);
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
- int lastpos, int type);
-
-int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
-int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
- int lastpos);
-int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
- const ASN1_OBJECT *obj, int type,
- const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
- int nid, int type,
- const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
- const char *attrname, int type,
- const void *bytes, int len);
-void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
- int lastpos, int type);
-
-# ifdef HEADER_X509V3_H
-
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
- int allorfirst,
- STACK_OF(GENERAL_NAMES)
- *receiptList, STACK_OF(GENERAL_NAMES)
- *receiptsTo);
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
- ASN1_STRING **pcid,
- int *pallorfirst,
- STACK_OF(GENERAL_NAMES) **plist,
- STACK_OF(GENERAL_NAMES) **prto);
-# endif
-int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
- X509_ALGOR **palg,
- ASN1_OCTET_STRING **pukm);
-STACK_OF(CMS_RecipientEncryptedKey)
-*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
-
-int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
- X509_ALGOR **pubalg,
- ASN1_BIT_STRING **pubkey,
- ASN1_OCTET_STRING **keyid,
- X509_NAME **issuer,
- ASN1_INTEGER **sno);
-
-int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
-
-int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
- ASN1_OCTET_STRING **keyid,
- ASN1_GENERALIZEDTIME **tm,
- CMS_OtherKeyAttribute **other,
- X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
- X509 *cert);
-int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
-EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
-int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
- CMS_RecipientInfo *ri,
- CMS_RecipientEncryptedKey *rek);
-
-int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
- ASN1_OCTET_STRING *ukm, int keylen);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CMS_strings(void);
-
-/* Error codes for the CMS functions. */
-
-/* Function codes. */
-# define CMS_F_CHECK_CONTENT 99
-# define CMS_F_CMS_ADD0_CERT 164
-# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
-# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
-# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
-# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
-# define CMS_F_CMS_ADD1_SIGNER 102
-# define CMS_F_CMS_ADD1_SIGNINGTIME 103
-# define CMS_F_CMS_COMPRESS 104
-# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
-# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
-# define CMS_F_CMS_COPY_CONTENT 107
-# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
-# define CMS_F_CMS_DATA 109
-# define CMS_F_CMS_DATAFINAL 110
-# define CMS_F_CMS_DATAINIT 111
-# define CMS_F_CMS_DECRYPT 112
-# define CMS_F_CMS_DECRYPT_SET1_KEY 113
-# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
-# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
-# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
-# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
-# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
-# define CMS_F_CMS_DIGEST_VERIFY 118
-# define CMS_F_CMS_ENCODE_RECEIPT 161
-# define CMS_F_CMS_ENCRYPT 119
-# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
-# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
-# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
-# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
-# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
-# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
-# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
-# define CMS_F_CMS_ENV_ASN1_CTRL 171
-# define CMS_F_CMS_FINAL 127
-# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
-# define CMS_F_CMS_GET0_CONTENT 129
-# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
-# define CMS_F_CMS_GET0_ENVELOPED 131
-# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
-# define CMS_F_CMS_GET0_SIGNED 133
-# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
-# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
-# define CMS_F_CMS_RECEIPT_VERIFY 160
-# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
-# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
-# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
-# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
-# define CMS_F_CMS_SD_ASN1_CTRL 170
-# define CMS_F_CMS_SET1_IAS 176
-# define CMS_F_CMS_SET1_KEYID 177
-# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
-# define CMS_F_CMS_SET_DETACHED 147
-# define CMS_F_CMS_SIGN 148
-# define CMS_F_CMS_SIGNED_DATA_INIT 149
-# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
-# define CMS_F_CMS_SIGNERINFO_SIGN 151
-# define CMS_F_CMS_SIGNERINFO_VERIFY 152
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
-# define CMS_F_CMS_SIGN_RECEIPT 163
-# define CMS_F_CMS_STREAM 155
-# define CMS_F_CMS_UNCOMPRESS 156
-# define CMS_F_CMS_VERIFY 157
-
-/* Reason codes. */
-# define CMS_R_ADD_SIGNER_ERROR 99
-# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
-# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
-# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
-# define CMS_R_CIPHER_INITIALISATION_ERROR 101
-# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
-# define CMS_R_CMS_DATAFINAL_ERROR 103
-# define CMS_R_CMS_LIB 104
-# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
-# define CMS_R_CONTENT_NOT_FOUND 105
-# define CMS_R_CONTENT_TYPE_MISMATCH 171
-# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
-# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
-# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
-# define CMS_R_CONTENT_VERIFY_ERROR 109
-# define CMS_R_CTRL_ERROR 110
-# define CMS_R_CTRL_FAILURE 111
-# define CMS_R_DECRYPT_ERROR 112
-# define CMS_R_DIGEST_ERROR 161
-# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
-# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
-# define CMS_R_ERROR_SETTING_KEY 115
-# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
-# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
-# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
-# define CMS_R_INVALID_KEY_LENGTH 118
-# define CMS_R_MD_BIO_INIT_ERROR 119
-# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
-# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
-# define CMS_R_MSGSIGDIGEST_ERROR 172
-# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
-# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
-# define CMS_R_NEED_ONE_SIGNER 164
-# define CMS_R_NOT_A_SIGNED_RECEIPT 165
-# define CMS_R_NOT_ENCRYPTED_DATA 122
-# define CMS_R_NOT_KEK 123
-# define CMS_R_NOT_KEY_AGREEMENT 181
-# define CMS_R_NOT_KEY_TRANSPORT 124
-# define CMS_R_NOT_PWRI 177
-# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
-# define CMS_R_NO_CIPHER 126
-# define CMS_R_NO_CONTENT 127
-# define CMS_R_NO_CONTENT_TYPE 173
-# define CMS_R_NO_DEFAULT_DIGEST 128
-# define CMS_R_NO_DIGEST_SET 129
-# define CMS_R_NO_KEY 130
-# define CMS_R_NO_KEY_OR_CERT 174
-# define CMS_R_NO_MATCHING_DIGEST 131
-# define CMS_R_NO_MATCHING_RECIPIENT 132
-# define CMS_R_NO_MATCHING_SIGNATURE 166
-# define CMS_R_NO_MSGSIGDIGEST 167
-# define CMS_R_NO_PASSWORD 178
-# define CMS_R_NO_PRIVATE_KEY 133
-# define CMS_R_NO_PUBLIC_KEY 134
-# define CMS_R_NO_RECEIPT_REQUEST 168
-# define CMS_R_NO_SIGNERS 135
-# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
-# define CMS_R_RECEIPT_DECODE_ERROR 169
-# define CMS_R_RECIPIENT_ERROR 137
-# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
-# define CMS_R_SIGNFINAL_ERROR 139
-# define CMS_R_SMIME_TEXT_ERROR 140
-# define CMS_R_STORE_INIT_ERROR 141
-# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
-# define CMS_R_TYPE_NOT_DATA 143
-# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
-# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
-# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
-# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
-# define CMS_R_UNKNOWN_CIPHER 148
-# define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
-# define CMS_R_UNKNOWN_ID 150
-# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
-# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
-# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
-# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
-# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
-# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
-# define CMS_R_UNSUPPORTED_TYPE 156
-# define CMS_R_UNWRAP_ERROR 157
-# define CMS_R_UNWRAP_FAILURE 180
-# define CMS_R_VERIFICATION_FAILURE 158
-# define CMS_R_WRAP_ERROR 159
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-
-#ifndef HEADER_COMP_H
-# define HEADER_COMP_H
-
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct comp_ctx_st COMP_CTX;
-
-typedef struct comp_method_st {
- int type; /* NID for compression library */
- const char *name; /* A text string to identify the library */
- int (*init) (COMP_CTX *ctx);
- void (*finish) (COMP_CTX *ctx);
- int (*compress) (COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- int (*expand) (COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- /*
- * The following two do NOTHING, but are kept for backward compatibility
- */
- long (*ctrl) (void);
- long (*callback_ctrl) (void);
-} COMP_METHOD;
-
-struct comp_ctx_st {
- COMP_METHOD *meth;
- unsigned long compress_in;
- unsigned long compress_out;
- unsigned long expand_in;
- unsigned long expand_out;
- CRYPTO_EX_DATA ex_data;
-};
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
-void COMP_CTX_free(COMP_CTX *ctx);
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void);
-COMP_METHOD *COMP_zlib(void);
-void COMP_zlib_cleanup(void);
-
-# ifdef HEADER_BIO_H
-# ifdef ZLIB
-BIO_METHOD *BIO_f_zlib(void);
-# endif
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_COMP_strings(void);
-
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-# define COMP_F_BIO_ZLIB_FLUSH 99
-# define COMP_F_BIO_ZLIB_NEW 100
-# define COMP_F_BIO_ZLIB_READ 101
-# define COMP_F_BIO_ZLIB_WRITE 102
-
-/* Reason codes. */
-# define COMP_R_ZLIB_DEFLATE_ERROR 99
-# define COMP_R_ZLIB_INFLATE_ERROR 100
-# define COMP_R_ZLIB_NOT_SUPPORTED 101
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/conf/conf.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CONF_H
-# define HEADER_CONF_H
-
-# include <openssl/bio.h>
-# include <openssl/lhash.h>
-# include <openssl/stack.h>
-# include <openssl/safestack.h>
-# include <openssl/e_os2.h>
-
-# include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct {
- char *section;
- char *name;
- char *value;
-} CONF_VALUE;
-
-DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_LHASH_OF(CONF_VALUE);
-
-struct conf_st;
-struct conf_method_st;
-typedef struct conf_method_st CONF_METHOD;
-
-struct conf_method_st {
- const char *name;
- CONF *(*create) (CONF_METHOD *meth);
- int (*init) (CONF *conf);
- int (*destroy) (CONF *conf);
- int (*destroy_data) (CONF *conf);
- int (*load_bio) (CONF *conf, BIO *bp, long *eline);
- int (*dump) (const CONF *conf, BIO *bp);
- int (*is_number) (const CONF *conf, char c);
- int (*to_int) (const CONF *conf, char c);
- int (*load) (CONF *conf, const char *name, long *eline);
-};
-
-/* Module definitions */
-
-typedef struct conf_imodule_st CONF_IMODULE;
-typedef struct conf_module_st CONF_MODULE;
-
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
-
-/* DSO module function typedefs */
-typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
-typedef void conf_finish_func (CONF_IMODULE *md);
-
-# define CONF_MFLAGS_IGNORE_ERRORS 0x1
-# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
-# define CONF_MFLAGS_SILENT 0x4
-# define CONF_MFLAGS_NO_DSO 0x8
-# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
-# define CONF_MFLAGS_DEFAULT_SECTION 0x20
-
-int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
-LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
- long *eline);
-# ifndef OPENSSL_NO_STDIO
-LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
- long *eline);
-# endif
-LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
- long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
- const char *section);
-char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
- const char *name);
-long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
- const char *name);
-void CONF_free(LHASH_OF(CONF_VALUE) *conf);
-int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
-int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
-
-void OPENSSL_config(const char *config_name);
-void OPENSSL_no_config(void);
-
-/*
- * New conf code. The semantics are different from the functions above. If
- * that wasn't the case, the above functions would have been replaced
- */
-
-struct conf_st {
- CONF_METHOD *meth;
- void *meth_data;
- LHASH_OF(CONF_VALUE) *data;
-};
-
-CONF *NCONF_new(CONF_METHOD *meth);
-CONF_METHOD *NCONF_default(void);
-CONF_METHOD *NCONF_WIN32(void);
-void NCONF_free(CONF *conf);
-void NCONF_free_data(CONF *conf);
-
-int NCONF_load(CONF *conf, const char *file, long *eline);
-# ifndef OPENSSL_NO_STDIO
-int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
-# endif
-int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
- const char *section);
-char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
-int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
- long *result);
-int NCONF_dump_fp(const CONF *conf, FILE *out);
-int NCONF_dump_bio(const CONF *conf, BIO *out);
-
-#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
-
-/* Module functions */
-
-int CONF_modules_load(const CONF *cnf, const char *appname,
- unsigned long flags);
-int CONF_modules_load_file(const char *filename, const char *appname,
- unsigned long flags);
-void CONF_modules_unload(int all);
-void CONF_modules_finish(void);
-void CONF_modules_free(void);
-int CONF_module_add(const char *name, conf_init_func *ifunc,
- conf_finish_func *ffunc);
-
-const char *CONF_imodule_get_name(const CONF_IMODULE *md);
-const char *CONF_imodule_get_value(const CONF_IMODULE *md);
-void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
-void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
-CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
-unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
-void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
-void *CONF_module_get_usr_data(CONF_MODULE *pmod);
-void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
-
-char *CONF_get1_default_config_file(void);
-
-int CONF_parse_list(const char *list, int sep, int nospc,
- int (*list_cb) (const char *elem, int len, void *usr),
- void *arg);
-
-void OPENSSL_load_builtin_modules(void);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CONF_strings(void);
-
-/* Error codes for the CONF functions. */
-
-/* Function codes. */
-# define CONF_F_CONF_DUMP_FP 104
-# define CONF_F_CONF_LOAD 100
-# define CONF_F_CONF_LOAD_BIO 102
-# define CONF_F_CONF_LOAD_FP 103
-# define CONF_F_CONF_MODULES_LOAD 116
-# define CONF_F_CONF_PARSE_LIST 119
-# define CONF_F_DEF_LOAD 120
-# define CONF_F_DEF_LOAD_BIO 121
-# define CONF_F_MODULE_INIT 115
-# define CONF_F_MODULE_LOAD_DSO 117
-# define CONF_F_MODULE_RUN 118
-# define CONF_F_NCONF_DUMP_BIO 105
-# define CONF_F_NCONF_DUMP_FP 106
-# define CONF_F_NCONF_GET_NUMBER 107
-# define CONF_F_NCONF_GET_NUMBER_E 112
-# define CONF_F_NCONF_GET_SECTION 108
-# define CONF_F_NCONF_GET_STRING 109
-# define CONF_F_NCONF_LOAD 113
-# define CONF_F_NCONF_LOAD_BIO 110
-# define CONF_F_NCONF_LOAD_FP 114
-# define CONF_F_NCONF_NEW 111
-# define CONF_F_STR_COPY 101
-
-/* Reason codes. */
-# define CONF_R_ERROR_LOADING_DSO 110
-# define CONF_R_LIST_CANNOT_BE_NULL 115
-# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
-# define CONF_R_MISSING_EQUAL_SIGN 101
-# define CONF_R_MISSING_FINISH_FUNCTION 111
-# define CONF_R_MISSING_INIT_FUNCTION 112
-# define CONF_R_MODULE_INITIALIZATION_ERROR 109
-# define CONF_R_NO_CLOSE_BRACE 102
-# define CONF_R_NO_CONF 105
-# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
-# define CONF_R_NO_SECTION 107
-# define CONF_R_NO_SUCH_FILE 114
-# define CONF_R_NO_VALUE 108
-# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
-# define CONF_R_UNKNOWN_MODULE_NAME 113
-# define CONF_R_VARIABLE_HAS_NO_VALUE 104
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* conf_api.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CONF_API_H
-# define HEADER_CONF_API_H
-
-# include <openssl/lhash.h>
-# include <openssl/conf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
- const char *section);
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
-char *_CONF_get_string(const CONF *conf, const char *section,
- const char *name);
-long _CONF_get_number(const CONF *conf, const char *section,
- const char *name);
-
-int _CONF_new_data(CONF *conf);
-void _CONF_free_data(CONF *conf);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/constant_time_test.c */
-/*-
- * Utilities for constant-time cryptography.
- *
- * Author: Emilia Kasper (emilia@openssl.org)
- * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
- * (Google).
- * ====================================================================
- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "../crypto/constant_time_locl.h"
-
-#include <limits.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-static const unsigned int CONSTTIME_TRUE = (unsigned)(~0);
-static const unsigned int CONSTTIME_FALSE = 0;
-static const unsigned char CONSTTIME_TRUE_8 = 0xff;
-static const unsigned char CONSTTIME_FALSE_8 = 0;
-
-static int test_binary_op(unsigned int (*op) (unsigned int a, unsigned int b),
- const char *op_name, unsigned int a, unsigned int b,
- int is_true)
-{
- unsigned c = op(a, b);
- if (is_true && c != CONSTTIME_TRUE) {
- fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
- "(TRUE), got %du\n", op_name, a, b, CONSTTIME_TRUE, c);
- return 1;
- } else if (!is_true && c != CONSTTIME_FALSE) {
- fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
- "(FALSE), got %du\n", op_name, a, b, CONSTTIME_FALSE, c);
- return 1;
- }
- return 0;
-}
-
-static int test_binary_op_8(unsigned
- char (*op) (unsigned int a, unsigned int b),
- const char *op_name, unsigned int a,
- unsigned int b, int is_true)
-{
- unsigned char c = op(a, b);
- if (is_true && c != CONSTTIME_TRUE_8) {
- fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
- "(TRUE), got %u\n", op_name, a, b, CONSTTIME_TRUE_8, c);
- return 1;
- } else if (!is_true && c != CONSTTIME_FALSE_8) {
- fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
- "(FALSE), got %u\n", op_name, a, b, CONSTTIME_FALSE_8, c);
- return 1;
- }
- return 0;
-}
-
-static int test_is_zero(unsigned int a)
-{
- unsigned int c = constant_time_is_zero(a);
- if (a == 0 && c != CONSTTIME_TRUE) {
- fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
- "expected %du (TRUE), got %du\n", a, CONSTTIME_TRUE, c);
- return 1;
- } else if (a != 0 && c != CONSTTIME_FALSE) {
- fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
- "expected %du (FALSE), got %du\n", a, CONSTTIME_FALSE, c);
- return 1;
- }
- return 0;
-}
-
-static int test_is_zero_8(unsigned int a)
-{
- unsigned char c = constant_time_is_zero_8(a);
- if (a == 0 && c != CONSTTIME_TRUE_8) {
- fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
- "expected %u (TRUE), got %u\n", a, CONSTTIME_TRUE_8, c);
- return 1;
- } else if (a != 0 && c != CONSTTIME_FALSE) {
- fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
- "expected %u (FALSE), got %u\n", a, CONSTTIME_FALSE_8, c);
- return 1;
- }
- return 0;
-}
-
-static int test_select(unsigned int a, unsigned int b)
-{
- unsigned int selected = constant_time_select(CONSTTIME_TRUE, a, b);
- if (selected != a) {
- fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
- "%du): expected %du(first value), got %du\n",
- CONSTTIME_TRUE, a, b, a, selected);
- return 1;
- }
- selected = constant_time_select(CONSTTIME_FALSE, a, b);
- if (selected != b) {
- fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
- "%du): expected %du(second value), got %du\n",
- CONSTTIME_FALSE, a, b, b, selected);
- return 1;
- }
- return 0;
-}
-
-static int test_select_8(unsigned char a, unsigned char b)
-{
- unsigned char selected = constant_time_select_8(CONSTTIME_TRUE_8, a, b);
- if (selected != a) {
- fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
- "%u): expected %u(first value), got %u\n",
- CONSTTIME_TRUE, a, b, a, selected);
- return 1;
- }
- selected = constant_time_select_8(CONSTTIME_FALSE_8, a, b);
- if (selected != b) {
- fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
- "%u): expected %u(second value), got %u\n",
- CONSTTIME_FALSE, a, b, b, selected);
- return 1;
- }
- return 0;
-}
-
-static int test_select_int(int a, int b)
-{
- int selected = constant_time_select_int(CONSTTIME_TRUE, a, b);
- if (selected != a) {
- fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
- "%d): expected %d(first value), got %d\n",
- CONSTTIME_TRUE, a, b, a, selected);
- return 1;
- }
- selected = constant_time_select_int(CONSTTIME_FALSE, a, b);
- if (selected != b) {
- fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
- "%d): expected %d(second value), got %d\n",
- CONSTTIME_FALSE, a, b, b, selected);
- return 1;
- }
- return 0;
-}
-
-static int test_eq_int(int a, int b)
-{
- unsigned int equal = constant_time_eq_int(a, b);
- if (a == b && equal != CONSTTIME_TRUE) {
- fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
- "expected %du(TRUE), got %du\n", a, b, CONSTTIME_TRUE, equal);
- return 1;
- } else if (a != b && equal != CONSTTIME_FALSE) {
- fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
- "expected %du(FALSE), got %du\n",
- a, b, CONSTTIME_FALSE, equal);
- return 1;
- }
- return 0;
-}
-
-static int test_eq_int_8(int a, int b)
-{
- unsigned char equal = constant_time_eq_int_8(a, b);
- if (a == b && equal != CONSTTIME_TRUE_8) {
- fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
- "expected %u(TRUE), got %u\n", a, b, CONSTTIME_TRUE_8, equal);
- return 1;
- } else if (a != b && equal != CONSTTIME_FALSE_8) {
- fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
- "expected %u(FALSE), got %u\n",
- a, b, CONSTTIME_FALSE_8, equal);
- return 1;
- }
- return 0;
-}
-
-static unsigned int test_values[] =
- { 0, 1, 1024, 12345, 32000, UINT_MAX / 2 - 1,
- UINT_MAX / 2, UINT_MAX / 2 + 1, UINT_MAX - 1,
- UINT_MAX
-};
-
-static unsigned char test_values_8[] =
- { 0, 1, 2, 20, 32, 127, 128, 129, 255 };
-
-static int signed_test_values[] = { 0, 1, -1, 1024, -1024, 12345, -12345,
- 32000, -32000, INT_MAX, INT_MIN, INT_MAX - 1,
- INT_MIN + 1
-};
-
-int main(int argc, char *argv[])
-{
- unsigned int a, b, i, j;
- int c, d;
- unsigned char e, f;
- int num_failed = 0, num_all = 0;
- fprintf(stdout, "Testing constant time operations...\n");
-
- for (i = 0; i < sizeof(test_values) / sizeof(int); ++i) {
- a = test_values[i];
- num_failed += test_is_zero(a);
- num_failed += test_is_zero_8(a);
- num_all += 2;
- for (j = 0; j < sizeof(test_values) / sizeof(int); ++j) {
- b = test_values[j];
- num_failed += test_binary_op(&constant_time_lt,
- "constant_time_lt", a, b, a < b);
- num_failed += test_binary_op_8(&constant_time_lt_8,
- "constant_time_lt_8", a, b, a < b);
- num_failed += test_binary_op(&constant_time_lt,
- "constant_time_lt_8", b, a, b < a);
- num_failed += test_binary_op_8(&constant_time_lt_8,
- "constant_time_lt_8", b, a, b < a);
- num_failed += test_binary_op(&constant_time_ge,
- "constant_time_ge", a, b, a >= b);
- num_failed += test_binary_op_8(&constant_time_ge_8,
- "constant_time_ge_8", a, b,
- a >= b);
- num_failed +=
- test_binary_op(&constant_time_ge, "constant_time_ge", b, a,
- b >= a);
- num_failed +=
- test_binary_op_8(&constant_time_ge_8, "constant_time_ge_8", b,
- a, b >= a);
- num_failed +=
- test_binary_op(&constant_time_eq, "constant_time_eq", a, b,
- a == b);
- num_failed +=
- test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", a,
- b, a == b);
- num_failed +=
- test_binary_op(&constant_time_eq, "constant_time_eq", b, a,
- b == a);
- num_failed +=
- test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", b,
- a, b == a);
- num_failed += test_select(a, b);
- num_all += 13;
- }
- }
-
- for (i = 0; i < sizeof(signed_test_values) / sizeof(int); ++i) {
- c = signed_test_values[i];
- for (j = 0; j < sizeof(signed_test_values) / sizeof(int); ++j) {
- d = signed_test_values[j];
- num_failed += test_select_int(c, d);
- num_failed += test_eq_int(c, d);
- num_failed += test_eq_int_8(c, d);
- num_all += 3;
- }
- }
-
- for (i = 0; i < sizeof(test_values_8); ++i) {
- e = test_values_8[i];
- for (j = 0; j < sizeof(test_values_8); ++j) {
- f = test_values_8[j];
- num_failed += test_select_8(e, f);
- num_all += 1;
- }
- }
-
- if (!num_failed) {
- fprintf(stdout, "ok (ran %d tests)\n", num_all);
- return EXIT_SUCCESS;
- } else {
- fprintf(stdout, "%d of %d tests failed!\n", num_failed, num_all);
- return EXIT_FAILURE;
- }
-}
+++ /dev/null
-/* crypto/crypto.h */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_CRYPTO_H
-# define HEADER_CRYPTO_H
-
-# include <stdlib.h>
-# include <time.h>
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_STDIO
-# include <stdio.h>
-# endif
-
-# include <openssl/stack.h>
-# include <openssl/safestack.h>
-# include <openssl/opensslv.h>
-# include <openssl/ossl_typ.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-/*
- * Resolve problems on some operating systems with symbol names that clash
- * one way or another
- */
-# include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Backward compatibility to SSLeay */
-/*
- * This is more to be used to check the correct DLL is being used in the MS
- * world.
- */
-# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
-# define SSLEAY_VERSION 0
-/* #define SSLEAY_OPTIONS 1 no longer supported */
-# define SSLEAY_CFLAGS 2
-# define SSLEAY_BUILT_ON 3
-# define SSLEAY_PLATFORM 4
-# define SSLEAY_DIR 5
-
-/* A generic structure to pass assorted data in a expandable way */
-typedef struct openssl_item_st {
- int code;
- void *value; /* Not used for flag attributes */
- size_t value_size; /* Max size of value for output, length for
- * input */
- size_t *value_length; /* Returned length of value for output */
-} OPENSSL_ITEM;
-
-/*
- * When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
- * names in cryptlib.c
- */
-
-# define CRYPTO_LOCK_ERR 1
-# define CRYPTO_LOCK_EX_DATA 2
-# define CRYPTO_LOCK_X509 3
-# define CRYPTO_LOCK_X509_INFO 4
-# define CRYPTO_LOCK_X509_PKEY 5
-# define CRYPTO_LOCK_X509_CRL 6
-# define CRYPTO_LOCK_X509_REQ 7
-# define CRYPTO_LOCK_DSA 8
-# define CRYPTO_LOCK_RSA 9
-# define CRYPTO_LOCK_EVP_PKEY 10
-# define CRYPTO_LOCK_X509_STORE 11
-# define CRYPTO_LOCK_SSL_CTX 12
-# define CRYPTO_LOCK_SSL_CERT 13
-# define CRYPTO_LOCK_SSL_SESSION 14
-# define CRYPTO_LOCK_SSL_SESS_CERT 15
-# define CRYPTO_LOCK_SSL 16
-# define CRYPTO_LOCK_SSL_METHOD 17
-# define CRYPTO_LOCK_RAND 18
-# define CRYPTO_LOCK_RAND2 19
-# define CRYPTO_LOCK_MALLOC 20
-# define CRYPTO_LOCK_BIO 21
-# define CRYPTO_LOCK_GETHOSTBYNAME 22
-# define CRYPTO_LOCK_GETSERVBYNAME 23
-# define CRYPTO_LOCK_READDIR 24
-# define CRYPTO_LOCK_RSA_BLINDING 25
-# define CRYPTO_LOCK_DH 26
-# define CRYPTO_LOCK_MALLOC2 27
-# define CRYPTO_LOCK_DSO 28
-# define CRYPTO_LOCK_DYNLOCK 29
-# define CRYPTO_LOCK_ENGINE 30
-# define CRYPTO_LOCK_UI 31
-# define CRYPTO_LOCK_ECDSA 32
-# define CRYPTO_LOCK_EC 33
-# define CRYPTO_LOCK_ECDH 34
-# define CRYPTO_LOCK_BN 35
-# define CRYPTO_LOCK_EC_PRE_COMP 36
-# define CRYPTO_LOCK_STORE 37
-# define CRYPTO_LOCK_COMP 38
-# define CRYPTO_LOCK_FIPS 39
-# define CRYPTO_LOCK_FIPS2 40
-# define CRYPTO_NUM_LOCKS 41
-
-# define CRYPTO_LOCK 1
-# define CRYPTO_UNLOCK 2
-# define CRYPTO_READ 4
-# define CRYPTO_WRITE 8
-
-# ifndef OPENSSL_NO_LOCKING
-# ifndef CRYPTO_w_lock
-# define CRYPTO_w_lock(type) \
- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-# define CRYPTO_w_unlock(type) \
- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-# define CRYPTO_r_lock(type) \
- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-# define CRYPTO_r_unlock(type) \
- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-# define CRYPTO_add(addr,amount,type) \
- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-# endif
-# else
-# define CRYPTO_w_lock(a)
-# define CRYPTO_w_unlock(a)
-# define CRYPTO_r_lock(a)
-# define CRYPTO_r_unlock(a)
-# define CRYPTO_add(a,b,c) ((*(a))+=(b))
-# endif
-
-/*
- * Some applications as well as some parts of OpenSSL need to allocate and
- * deallocate locks in a dynamic fashion. The following typedef makes this
- * possible in a type-safe manner.
- */
-/* struct CRYPTO_dynlock_value has to be defined by the application. */
-typedef struct {
- int references;
- struct CRYPTO_dynlock_value *data;
-} CRYPTO_dynlock;
-
-/*
- * The following can be used to detect memory leaks in the SSLeay library. It
- * used, it turns on malloc checking
- */
-
-# define CRYPTO_MEM_CHECK_OFF 0x0/* an enume */
-# define CRYPTO_MEM_CHECK_ON 0x1/* a bit */
-# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
-# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
-
-/*
- * The following are bit values to turn on or off options connected to the
- * malloc checking functionality
- */
-
-/* Adds time to the memory checking information */
-# define V_CRYPTO_MDEBUG_TIME 0x1/* a bit */
-/* Adds thread number to the memory checking information */
-# define V_CRYPTO_MDEBUG_THREAD 0x2/* a bit */
-
-# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
-
-/* predec of the BIO type */
-typedef struct bio_st BIO_dummy;
-
-struct crypto_ex_data_st {
- STACK_OF(void) *sk;
- /* gcc is screwing up this data structure :-( */
- int dummy;
-};
-DECLARE_STACK_OF(void)
-
-/*
- * This stuff is basically class callback functions The current classes are
- * SSL_CTX, SSL, SSL_SESSION, and a few more
- */
-
-typedef struct crypto_ex_data_func_st {
- long argl; /* Arbitary long */
- void *argp; /* Arbitary void * */
- CRYPTO_EX_new *new_func;
- CRYPTO_EX_free *free_func;
- CRYPTO_EX_dup *dup_func;
-} CRYPTO_EX_DATA_FUNCS;
-
-DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
-
-/*
- * Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
- * entry.
- */
-
-# define CRYPTO_EX_INDEX_BIO 0
-# define CRYPTO_EX_INDEX_SSL 1
-# define CRYPTO_EX_INDEX_SSL_CTX 2
-# define CRYPTO_EX_INDEX_SSL_SESSION 3
-# define CRYPTO_EX_INDEX_X509_STORE 4
-# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
-# define CRYPTO_EX_INDEX_RSA 6
-# define CRYPTO_EX_INDEX_DSA 7
-# define CRYPTO_EX_INDEX_DH 8
-# define CRYPTO_EX_INDEX_ENGINE 9
-# define CRYPTO_EX_INDEX_X509 10
-# define CRYPTO_EX_INDEX_UI 11
-# define CRYPTO_EX_INDEX_ECDSA 12
-# define CRYPTO_EX_INDEX_ECDH 13
-# define CRYPTO_EX_INDEX_COMP 14
-# define CRYPTO_EX_INDEX_STORE 15
-
-/*
- * Dynamically assigned indexes start from this value (don't use directly,
- * use via CRYPTO_ex_data_new_class).
- */
-# define CRYPTO_EX_INDEX_USER 100
-
-/*
- * This is the default callbacks, but we can have others as well: this is
- * needed in Win32 where the application malloc and the library malloc may
- * not be the same.
- */
-# define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
- malloc, realloc, free)
-
-# if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
-# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
-# define CRYPTO_MDEBUG
-# endif
-# endif
-
-/*
- * Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
- * is defined)
- */
-# define CRYPTO_malloc_debug_init() do {\
- CRYPTO_set_mem_debug_functions(\
- CRYPTO_dbg_malloc,\
- CRYPTO_dbg_realloc,\
- CRYPTO_dbg_free,\
- CRYPTO_dbg_set_options,\
- CRYPTO_dbg_get_options);\
- } while(0)
-
-int CRYPTO_mem_ctrl(int mode);
-int CRYPTO_is_mem_check_on(void);
-
-/* for applications */
-# define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
-# define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
-
-/* for library-internal use */
-# define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
-# define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
-# define is_MemCheck_on() CRYPTO_is_mem_check_on()
-
-# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
-# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)
-# define OPENSSL_realloc(addr,num) \
- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
-# define OPENSSL_realloc_clean(addr,old_num,num) \
- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
-# define OPENSSL_remalloc(addr,num) \
- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
-# define OPENSSL_freeFunc CRYPTO_free
-# define OPENSSL_free(addr) CRYPTO_free(addr)
-
-# define OPENSSL_malloc_locked(num) \
- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
-# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
-# define OPENSSL_MALLOC_MAX_NELEMS(type) (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
-
-const char *SSLeay_version(int type);
-unsigned long SSLeay(void);
-
-int OPENSSL_issetugid(void);
-
-/* An opaque type representing an implementation of "ex_data" support */
-typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
-/* Return an opaque pointer to the current "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
-/* Sets the "ex_data" implementation to be used (if it's not too late) */
-int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
-/* Get a new "ex_data" class, and return the corresponding "class_index" */
-int CRYPTO_ex_data_new_class(void);
-/* Within a given class, get/register a new index */
-int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
- CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-/*
- * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
- * given class (invokes whatever per-class callbacks are applicable)
- */
-int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
- CRYPTO_EX_DATA *from);
-void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-/*
- * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
- * index (relative to the class type involved)
- */
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
-/*
- * This function cleans up all "ex_data" state. It mustn't be called under
- * potential race-conditions.
- */
-void CRYPTO_cleanup_all_ex_data(void);
-
-int CRYPTO_get_new_lockid(char *name);
-
-int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
-void CRYPTO_lock(int mode, int type, const char *file, int line);
-void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
- const char *file, int line));
-void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
- const char *file, int line);
-void CRYPTO_set_add_lock_callback(int (*func)
- (int *num, int mount, int type,
- const char *file, int line));
-int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
- const char *file, int line);
-
-/* Don't use this structure directly. */
-typedef struct crypto_threadid_st {
- void *ptr;
- unsigned long val;
-} CRYPTO_THREADID;
-/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
-void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
-void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
-int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
-void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
-void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
-int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
-void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
-unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(void CRYPTO_set_id_callback(unsigned long (*func) (void)));
-/*
- * mkdef.pl cannot handle this next one so not inside DECLARE_DEPRECATED,
- * but still inside OPENSSL_USE_DEPRECATED
- */
-unsigned long (*CRYPTO_get_id_callback(void)) (void);
-DECLARE_DEPRECATED(unsigned long CRYPTO_thread_id(void));
-# endif
-
-const char *CRYPTO_get_lock_name(int type);
-int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
- int line);
-
-int CRYPTO_get_new_dynlockid(void);
-void CRYPTO_destroy_dynlockid(int i);
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
- *(*dyn_create_function) (const char
- *file,
- int line));
-void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
- (int mode,
- struct CRYPTO_dynlock_value *l,
- const char *file, int line));
-void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
- (struct CRYPTO_dynlock_value *l,
- const char *file, int line));
-struct CRYPTO_dynlock_value
-*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
-void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
- struct CRYPTO_dynlock_value
- *l, const char *file,
- int line);
-void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
- *l, const char *file,
- int line);
-
-/*
- * CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
- * the latter last if you need different functions
- */
-int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
- void (*f) (void *));
-int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
- void (*free_func) (void *));
-int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
- void *(*r) (void *, size_t, const char *,
- int), void (*f) (void *));
-int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
- void (*free_func) (void *));
-int CRYPTO_set_mem_debug_functions(void (*m)
- (void *, int, const char *, int, int),
- void (*r) (void *, void *, int,
- const char *, int, int),
- void (*f) (void *, int), void (*so) (long),
- long (*go) (void));
-void CRYPTO_get_mem_functions(void *(**m) (size_t),
- void *(**r) (void *, size_t),
- void (**f) (void *));
-void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
- void (**f) (void *));
-void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
- void *(**r) (void *, size_t, const char *,
- int), void (**f) (void *));
-void CRYPTO_get_locked_mem_ex_functions(void
- *(**m) (size_t, const char *, int),
- void (**f) (void *));
-void CRYPTO_get_mem_debug_functions(void (**m)
- (void *, int, const char *, int, int),
- void (**r) (void *, void *, int,
- const char *, int, int),
- void (**f) (void *, int),
- void (**so) (long), long (**go) (void));
-
-void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *ptr);
-void *CRYPTO_malloc(int num, const char *file, int line);
-char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *ptr);
-void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
-void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
- int line);
-void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
-
-void OPENSSL_cleanse(void *ptr, size_t len);
-
-void CRYPTO_set_mem_debug_options(long bits);
-long CRYPTO_get_mem_debug_options(void);
-
-# define CRYPTO_push_info(info) \
- CRYPTO_push_info_(info, __FILE__, __LINE__);
-int CRYPTO_push_info_(const char *info, const char *file, int line);
-int CRYPTO_pop_info(void);
-int CRYPTO_remove_all_info(void);
-
-/*
- * Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
- * used as default in CRYPTO_MDEBUG compilations):
- */
-/*-
- * The last argument has the following significance:
- *
- * 0: called before the actual memory allocation has taken place
- * 1: called after the actual memory allocation has taken place
- */
-void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
- int before_p);
-void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
- int line, int before_p);
-void CRYPTO_dbg_free(void *addr, int before_p);
-/*-
- * Tell the debugging code about options. By default, the following values
- * apply:
- *
- * 0: Clear all options.
- * V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option.
- * V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option.
- * V_CRYPTO_MDEBUG_ALL (3): 1 + 2
- */
-void CRYPTO_dbg_set_options(long bits);
-long CRYPTO_dbg_get_options(void);
-
-# ifndef OPENSSL_NO_STDIO
-void CRYPTO_mem_leaks_fp(FILE *);
-# endif
-void CRYPTO_mem_leaks(struct bio_st *bio);
-/* unsigned long order, char *file, int line, int num_bytes, char *addr */
-typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
- void *);
-void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
-
-/* die if we have to */
-void OpenSSLDie(const char *file, int line, const char *assertion);
-# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
-
-unsigned int *OPENSSL_ia32cap_loc(void);
-# define OPENSSL_ia32cap ((OPENSSL_ia32cap_loc())[0])
-int OPENSSL_isservice(void);
-
-int FIPS_mode(void);
-int FIPS_mode_set(int r);
-
-void OPENSSL_init(void);
-
-/*
- * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
- * It takes an amount of time dependent on |len|, but independent of the
- * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
- * into a defined order as the return value when a != b is undefined, other
- * than to be non-zero.
- */
-int CRYPTO_memcmp(const void *a, const void *b, size_t len);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CRYPTO_strings(void);
-
-struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
-int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
-int OPENSSL_gmtime_diff(int *pday, int *psec,
- const struct tm *from, const struct tm *to);
-
-/* Error codes for the CRYPTO functions. */
-
-/* Function codes. */
-# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
-# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
-# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
-# define CRYPTO_F_CRYPTO_SET_EX_DATA 102
-# define CRYPTO_F_DEF_ADD_INDEX 104
-# define CRYPTO_F_DEF_GET_CLASS 105
-# define CRYPTO_F_FIPS_MODE_SET 109
-# define CRYPTO_F_INT_DUP_EX_DATA 106
-# define CRYPTO_F_INT_FREE_EX_DATA 107
-# define CRYPTO_F_INT_NEW_EX_DATA 108
-
-/* Reason codes. */
-# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
-# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/des/des.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_NEW_DES_H
-# define HEADER_NEW_DES_H
-
-# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
- * (via openssl/opensslconf.h */
-
-# ifdef OPENSSL_NO_DES
-# error DES is disabled.
-# endif
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef unsigned char DES_cblock[8];
-typedef /* const */ unsigned char const_DES_cblock[8];
-/*
- * With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
- * const_DES_cblock * are incompatible pointer types.
- */
-
-typedef struct DES_ks {
- union {
- DES_cblock cblock;
- /*
- * make sure things are correct size on machines with 8 byte longs
- */
- DES_LONG deslong[2];
- } ks[16];
-} DES_key_schedule;
-
-# define DES_KEY_SZ (sizeof(DES_cblock))
-# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
-
-# define DES_ENCRYPT 1
-# define DES_DECRYPT 0
-
-# define DES_CBC_MODE 0
-# define DES_PCBC_MODE 1
-
-# define DES_ecb2_encrypt(i,o,k1,k2,e) \
- DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
-# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
-OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
-# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
-
-const char *DES_options(void);
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
- DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3, int enc);
-DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
- long length, DES_key_schedule *schedule,
- const_DES_cblock *ivec);
-/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
-void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int enc);
-void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int enc);
-void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, const_DES_cblock *inw,
- const_DES_cblock *outw, int enc);
-void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int enc);
-void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
- DES_key_schedule *ks, int enc);
-
-/*
- * This is the DES encryption function that gets called by just about every
- * other DES routine in the library. You should not use this function except
- * to implement 'modes' of DES. I say this because the functions that call
- * this routine do the conversion from 'char *' to long, and this needs to be
- * done to make sure 'non-aligned' memory access do not occur. The
- * characters are loaded 'little endian'. Data is a pointer to 2 unsigned
- * long's and ks is the DES_key_schedule to use. enc, is non zero specifies
- * encryption, zero if decryption.
- */
-void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
-
-/*
- * This functions is the same as DES_encrypt1() except that the DES initial
- * permutation (IP) and final permutation (FP) have been left out. As for
- * DES_encrypt1(), you should not use this function. It is used by the
- * routines in the library that implement triple DES. IP() DES_encrypt2()
- * DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
- * DES_encrypt1() DES_encrypt1() except faster :-).
- */
-void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
- long length,
- DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3, DES_cblock *ivec, int enc);
-void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
- DES_cblock *ivec, int *num, int enc);
-void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
- int numbits, long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
- DES_cblock *ivec, int enc);
-void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
- DES_cblock *ivec, int *num);
-int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
- DES_cblock *iv);
-int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
- DES_cblock *iv);
-char *DES_fcrypt(const char *buf, const char *salt, char *ret);
-char *DES_crypt(const char *buf, const char *salt);
-void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec);
-void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int enc);
-DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
- long length, int out_count, DES_cblock *seed);
-int DES_random_key(DES_cblock *ret);
-void DES_set_odd_parity(DES_cblock *key);
-int DES_check_key_parity(const_DES_cblock *key);
-int DES_is_weak_key(const_DES_cblock *key);
-/*
- * DES_set_key (= set_key = DES_key_sched = key_sched) calls
- * DES_set_key_checked if global variable DES_check_key is set,
- * DES_set_key_unchecked otherwise.
- */
-int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
-int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
-int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
-void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
-void DES_string_to_key(const char *str, DES_cblock *key);
-void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
-void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int *num, int enc);
-void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int *num);
-
-int DES_read_password(DES_cblock *key, const char *prompt, int verify);
-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
- const char *prompt, int verify);
-
-# define DES_fixup_key_parity DES_set_odd_parity
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/des/destest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/e_os2.h>
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINDOWS)
-# ifndef OPENSSL_SYS_MSDOS
-# define OPENSSL_SYS_MSDOS
-# endif
-#endif
-
-#ifndef OPENSSL_SYS_MSDOS
-# if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC)
-# include OPENSSL_UNISTD
-# endif
-#else
-# include <io.h>
-#endif
-#include <string.h>
-
-#ifdef OPENSSL_NO_DES
-int main(int argc, char *argv[])
-{
- printf("No DES support\n");
- return (0);
-}
-#else
-# include <openssl/des.h>
-
-# define crypt(c,s) (DES_crypt((c),(s)))
-
-/* tisk tisk - the test keys don't all have odd parity :-( */
-/* test data */
-# define NUM_TESTS 34
-static unsigned char key_data[NUM_TESTS][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
- {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
- {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
- {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
- {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
- {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
- {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
- {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
- {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
- {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
- {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
- {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
- {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
- {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
- {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
- {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
- {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
- {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
- {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
- {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
- {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
- {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}
-};
-
-static unsigned char plain_data[NUM_TESTS][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
- {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
- {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
- {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
- {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
- {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
- {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
- {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
- {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
- {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
- {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
- {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
- {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
- {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
- {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
- {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
- {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
- {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
- {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
-};
-
-static unsigned char cipher_data[NUM_TESTS][8] = {
- {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7},
- {0x73, 0x59, 0xB2, 0x16, 0x3E, 0x4E, 0xDC, 0x58},
- {0x95, 0x8E, 0x6E, 0x62, 0x7A, 0x05, 0x55, 0x7B},
- {0xF4, 0x03, 0x79, 0xAB, 0x9E, 0x0E, 0xC5, 0x33},
- {0x17, 0x66, 0x8D, 0xFC, 0x72, 0x92, 0x53, 0x2D},
- {0x8A, 0x5A, 0xE1, 0xF8, 0x1A, 0xB8, 0xF2, 0xDD},
- {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7},
- {0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4},
- {0x69, 0x0F, 0x5B, 0x0D, 0x9A, 0x26, 0x93, 0x9B},
- {0x7A, 0x38, 0x9D, 0x10, 0x35, 0x4B, 0xD2, 0x71},
- {0x86, 0x8E, 0xBB, 0x51, 0xCA, 0xB4, 0x59, 0x9A},
- {0x71, 0x78, 0x87, 0x6E, 0x01, 0xF1, 0x9B, 0x2A},
- {0xAF, 0x37, 0xFB, 0x42, 0x1F, 0x8C, 0x40, 0x95},
- {0x86, 0xA5, 0x60, 0xF1, 0x0E, 0xC6, 0xD8, 0x5B},
- {0x0C, 0xD3, 0xDA, 0x02, 0x00, 0x21, 0xDC, 0x09},
- {0xEA, 0x67, 0x6B, 0x2C, 0xB7, 0xDB, 0x2B, 0x7A},
- {0xDF, 0xD6, 0x4A, 0x81, 0x5C, 0xAF, 0x1A, 0x0F},
- {0x5C, 0x51, 0x3C, 0x9C, 0x48, 0x86, 0xC0, 0x88},
- {0x0A, 0x2A, 0xEE, 0xAE, 0x3F, 0xF4, 0xAB, 0x77},
- {0xEF, 0x1B, 0xF0, 0x3E, 0x5D, 0xFA, 0x57, 0x5A},
- {0x88, 0xBF, 0x0D, 0xB6, 0xD7, 0x0D, 0xEE, 0x56},
- {0xA1, 0xF9, 0x91, 0x55, 0x41, 0x02, 0x0B, 0x56},
- {0x6F, 0xBF, 0x1C, 0xAF, 0xCF, 0xFD, 0x05, 0x56},
- {0x2F, 0x22, 0xE4, 0x9B, 0xAB, 0x7C, 0xA1, 0xAC},
- {0x5A, 0x6B, 0x61, 0x2C, 0xC2, 0x6C, 0xCE, 0x4A},
- {0x5F, 0x4C, 0x03, 0x8E, 0xD1, 0x2B, 0x2E, 0x41},
- {0x63, 0xFA, 0xC0, 0xD0, 0x34, 0xD9, 0xF7, 0x93},
- {0x61, 0x7B, 0x3A, 0x0C, 0xE8, 0xF0, 0x71, 0x00},
- {0xDB, 0x95, 0x86, 0x05, 0xF8, 0xC8, 0xC6, 0x06},
- {0xED, 0xBF, 0xD1, 0xC6, 0x6C, 0x29, 0xCC, 0xC7},
- {0x35, 0x55, 0x50, 0xB2, 0x15, 0x0E, 0x24, 0x51},
- {0xCA, 0xAA, 0xAF, 0x4D, 0xEA, 0xF1, 0xDB, 0xAE},
- {0xD5, 0xD4, 0x4F, 0xF7, 0x20, 0x68, 0x3D, 0x0D},
- {0x2A, 0x2B, 0xB0, 0x08, 0xDF, 0x97, 0xC2, 0xF2}
-};
-
-static unsigned char cipher_ecb2[NUM_TESTS - 1][8] = {
- {0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E},
- {0x19, 0x9E, 0x9D, 0x6D, 0xF3, 0x9A, 0xA8, 0x16},
- {0x2A, 0x4B, 0x4D, 0x24, 0x52, 0x43, 0x84, 0x27},
- {0x35, 0x84, 0x3C, 0x01, 0x9D, 0x18, 0xC5, 0xB6},
- {0x4A, 0x5B, 0x2F, 0x42, 0xAA, 0x77, 0x19, 0x25},
- {0xA0, 0x6B, 0xA9, 0xB8, 0xCA, 0x5B, 0x17, 0x8A},
- {0xAB, 0x9D, 0xB7, 0xFB, 0xED, 0x95, 0xF2, 0x74},
- {0x3D, 0x25, 0x6C, 0x23, 0xA7, 0x25, 0x2F, 0xD6},
- {0xB7, 0x6F, 0xAB, 0x4F, 0xBD, 0xBD, 0xB7, 0x67},
- {0x8F, 0x68, 0x27, 0xD6, 0x9C, 0xF4, 0x1A, 0x10},
- {0x82, 0x57, 0xA1, 0xD6, 0x50, 0x5E, 0x81, 0x85},
- {0xA2, 0x0F, 0x0A, 0xCD, 0x80, 0x89, 0x7D, 0xFA},
- {0xCD, 0x2A, 0x53, 0x3A, 0xDB, 0x0D, 0x7E, 0xF3},
- {0xD2, 0xC2, 0xBE, 0x27, 0xE8, 0x1B, 0x68, 0xE3},
- {0xE9, 0x24, 0xCF, 0x4F, 0x89, 0x3C, 0x5B, 0x0A},
- {0xA7, 0x18, 0xC3, 0x9F, 0xFA, 0x9F, 0xD7, 0x69},
- {0x77, 0x2C, 0x79, 0xB1, 0xD2, 0x31, 0x7E, 0xB1},
- {0x49, 0xAB, 0x92, 0x7F, 0xD0, 0x22, 0x00, 0xB7},
- {0xCE, 0x1C, 0x6C, 0x7D, 0x85, 0xE3, 0x4A, 0x6F},
- {0xBE, 0x91, 0xD6, 0xE1, 0x27, 0xB2, 0xE9, 0x87},
- {0x70, 0x28, 0xAE, 0x8F, 0xD1, 0xF5, 0x74, 0x1A},
- {0xAA, 0x37, 0x80, 0xBB, 0xF3, 0x22, 0x1D, 0xDE},
- {0xA6, 0xC4, 0xD2, 0x5E, 0x28, 0x93, 0xAC, 0xB3},
- {0x22, 0x07, 0x81, 0x5A, 0xE4, 0xB7, 0x1A, 0xAD},
- {0xDC, 0xCE, 0x05, 0xE7, 0x07, 0xBD, 0xF5, 0x84},
- {0x26, 0x1D, 0x39, 0x2C, 0xB3, 0xBA, 0xA5, 0x85},
- {0xB4, 0xF7, 0x0F, 0x72, 0xFB, 0x04, 0xF0, 0xDC},
- {0x95, 0xBA, 0xA9, 0x4E, 0x87, 0x36, 0xF2, 0x89},
- {0xD4, 0x07, 0x3A, 0xF1, 0x5A, 0x17, 0x82, 0x0E},
- {0xEF, 0x6F, 0xAF, 0xA7, 0x66, 0x1A, 0x7E, 0x89},
- {0xC1, 0x97, 0xF5, 0x58, 0x74, 0x8A, 0x20, 0xE7},
- {0x43, 0x34, 0xCF, 0xDA, 0x22, 0xC4, 0x86, 0xC8},
- {0x08, 0xD7, 0xB4, 0xFB, 0x62, 0x9D, 0x08, 0x85}
-};
-
-static unsigned char cbc_key[8] =
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
-static unsigned char cbc2_key[8] =
- { 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86 };
-static unsigned char cbc3_key[8] =
- { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
-static unsigned char cbc_iv[8] =
- { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
-/*
- * Changed the following text constant to binary so it will work on ebcdic
- * machines :-)
- */
-/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
-static unsigned char cbc_data[40] = {
- 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20,
- 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
- 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20,
- 0x66, 0x6F, 0x72, 0x20, 0x00, 0x31, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-};
-
-static unsigned char cbc_ok[32] = {
- 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4,
- 0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb,
- 0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68,
- 0x1d, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4
-};
-
-# ifdef SCREW_THE_PARITY
-# error "SCREW_THE_PARITY is not ment to be defined."
-# error "Original vectors are preserved for reference only."
-static unsigned char cbc2_key[8] =
- { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 };
-static unsigned char xcbc_ok[32] = {
- 0x86, 0x74, 0x81, 0x0D, 0x61, 0xA4, 0xA5, 0x48,
- 0xB9, 0x93, 0x03, 0xE1, 0xB8, 0xBB, 0xBD, 0xBD,
- 0x64, 0x30, 0x0B, 0xB9, 0x06, 0x65, 0x81, 0x76,
- 0x04, 0x1D, 0x77, 0x62, 0x17, 0xCA, 0x2B, 0xD2,
-};
-# else
-static unsigned char xcbc_ok[32] = {
- 0x84, 0x6B, 0x29, 0x14, 0x85, 0x1E, 0x9A, 0x29,
- 0x54, 0x73, 0x2F, 0x8A, 0xA0, 0xA6, 0x11, 0xC1,
- 0x15, 0xCD, 0xC2, 0xD7, 0x95, 0x1B, 0x10, 0x53,
- 0xA6, 0x3C, 0x5E, 0x03, 0xB2, 0x1A, 0xA3, 0xC4,
-};
-# endif
-
-static unsigned char cbc3_ok[32] = {
- 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0,
- 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC,
- 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4,
- 0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75
-};
-
-static unsigned char pcbc_ok[32] = {
- 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4,
- 0x6d, 0xec, 0xb4, 0x70, 0xa0, 0xe5, 0x6b, 0x15,
- 0xae, 0xa6, 0xbf, 0x61, 0xed, 0x7d, 0x9c, 0x9f,
- 0xf7, 0x17, 0x46, 0x3b, 0x8a, 0xb3, 0xcc, 0x88
-};
-
-static unsigned char cfb_key[8] =
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
-static unsigned char cfb_iv[8] =
- { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef };
-static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
-static unsigned char plain[24] = {
- 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
- 0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
- 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
- 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
-};
-
-static unsigned char cfb_cipher8[24] = {
- 0xf3, 0x1f, 0xda, 0x07, 0x01, 0x14, 0x62, 0xee, 0x18, 0x7f, 0x43, 0xd8,
- 0x0a, 0x7c, 0xd9, 0xb5, 0xb0, 0xd2, 0x90, 0xda, 0x6e, 0x5b, 0x9a, 0x87
-};
-
-static unsigned char cfb_cipher16[24] = {
- 0xF3, 0x09, 0x87, 0x87, 0x7F, 0x57, 0xF7, 0x3C, 0x36, 0xB6, 0xDB, 0x70,
- 0xD8, 0xD5, 0x34, 0x19, 0xD3, 0x86, 0xB2, 0x23, 0xB7, 0xB2, 0xAD, 0x1B
-};
-
-static unsigned char cfb_cipher32[24] = {
- 0xF3, 0x09, 0x62, 0x49, 0xA4, 0xDF, 0xA4, 0x9F, 0x33, 0xDC, 0x7B, 0xAD,
- 0x4C, 0xC8, 0x9F, 0x64, 0xE4, 0x53, 0xE5, 0xEC, 0x67, 0x20, 0xDA, 0xB6
-};
-
-static unsigned char cfb_cipher48[24] = {
- 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x30, 0xB5, 0x15, 0xEC, 0xBB, 0x85,
- 0x97, 0x5A, 0x13, 0x8C, 0x68, 0x60, 0xE2, 0x38, 0x34, 0x3C, 0xDC, 0x1F
-};
-
-static unsigned char cfb_cipher64[24] = {
- 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x6E, 0x51, 0xA6, 0x9E, 0x83, 0x9B,
- 0x1A, 0x92, 0xF7, 0x84, 0x03, 0x46, 0x71, 0x33, 0x89, 0x8E, 0xA6, 0x22
-};
-
-static unsigned char ofb_key[8] =
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
-static unsigned char ofb_iv[8] =
- { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef };
-static unsigned char ofb_buf1[24], ofb_buf2[24], ofb_tmp[8];
-static unsigned char ofb_cipher[24] = {
- 0xf3, 0x09, 0x62, 0x49, 0xc7, 0xf4, 0x6e, 0x51,
- 0x35, 0xf2, 0x4a, 0x24, 0x2e, 0xeb, 0x3d, 0x3f,
- 0x3d, 0x6d, 0x5b, 0xe3, 0x25, 0x5a, 0xf8, 0xc3
-};
-static DES_LONG cbc_cksum_ret = 0xF7FE62B4L;
-static unsigned char cbc_cksum_data[8] =
- { 0x1D, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 };
-
-static char *pt(unsigned char *p);
-static int cfb_test(int bits, unsigned char *cfb_cipher);
-static int cfb64_test(unsigned char *cfb_cipher);
-static int ede_cfb64_test(unsigned char *cfb_cipher);
-int main(int argc, char *argv[])
-{
- int j, err = 0;
- unsigned int i;
- DES_cblock in, out, outin, iv3;
- DES_key_schedule ks, ks2, ks3;
- unsigned char cbc_in[40];
- unsigned char cbc_out[40];
- DES_LONG cs;
- unsigned char cret[8];
- DES_LONG lqret[4];
- int num;
- char *str;
-
- printf("Doing ecb\n");
- for (i = 0; i < NUM_TESTS; i++) {
- DES_set_key_unchecked(&key_data[i], &ks);
- memcpy(in, plain_data[i], 8);
- memset(out, 0, 8);
- memset(outin, 0, 8);
- DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT);
- DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT);
-
- if (memcmp(out, cipher_data[i], 8) != 0) {
- printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
- i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]),
- pt(out));
- err = 1;
- }
- if (memcmp(in, outin, 8) != 0) {
- printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
- i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
- err = 1;
- }
- }
-
-# ifndef LIBDES_LIT
- printf("Doing ede ecb\n");
- for (i = 0; i < (NUM_TESTS - 2); i++) {
- DES_set_key_unchecked(&key_data[i], &ks);
- DES_set_key_unchecked(&key_data[i + 1], &ks2);
- DES_set_key_unchecked(&key_data[i + 2], &ks3);
- memcpy(in, plain_data[i], 8);
- memset(out, 0, 8);
- memset(outin, 0, 8);
- DES_ecb3_encrypt(&in,&out,&ks,&ks2,&ks,DES_ENCRYPT);
- DES_ecb3_encrypt(&out,&outin,&ks,&ks2,&ks,DES_DECRYPT);
-
- if (memcmp(out, cipher_ecb2[i], 8) != 0) {
- printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
- i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]),
- pt(out));
- err = 1;
- }
- if (memcmp(in, outin, 8) != 0) {
- printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
- i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
- err = 1;
- }
- }
-# endif
-
- printf("Doing cbc\n");
- if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- memset(cbc_out, 0, 40);
- memset(cbc_in, 0, 40);
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- DES_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
- &iv3, DES_ENCRYPT);
- if (memcmp(cbc_out, cbc_ok, 32) != 0) {
- printf("cbc_encrypt encrypt error\n");
- err = 1;
- }
-
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- DES_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
- &iv3, DES_DECRYPT);
- if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) {
- printf("cbc_encrypt decrypt error\n");
- err = 1;
- }
-# ifndef LIBDES_LIT
- printf("Doing desx cbc\n");
- if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- memset(cbc_out, 0, 40);
- memset(cbc_in, 0, 40);
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- DES_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
- &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT);
- if (memcmp(cbc_out, xcbc_ok, 32) != 0) {
- printf("des_xcbc_encrypt encrypt error\n");
- err = 1;
- }
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- DES_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
- &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT);
- if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
- printf("des_xcbc_encrypt decrypt error\n");
- err = 1;
- }
-# endif
-
- printf("Doing ede cbc\n");
- if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- memset(cbc_out, 0, 40);
- memset(cbc_in, 0, 40);
- i = strlen((char *)cbc_data) + 1;
- /* i=((i+7)/8)*8; */
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
-
- DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3,
- DES_ENCRYPT);
- DES_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, &ks, &ks2,
- &ks3, &iv3, DES_ENCRYPT);
- if (memcmp
- (cbc_out, cbc3_ok,
- (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) {
- unsigned int n;
-
- printf("des_ede3_cbc_encrypt encrypt error\n");
- for (n = 0; n < i; ++n)
- printf(" %02x", cbc_out[n]);
- printf("\n");
- for (n = 0; n < i; ++n)
- printf(" %02x", cbc3_ok[n]);
- printf("\n");
- err = 1;
- }
-
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, DES_DECRYPT);
- if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
- unsigned int n;
-
- printf("DES_ede3_cbc_encrypt decrypt error\n");
- for (n = 0; n < i; ++n)
- printf(" %02x", cbc_data[n]);
- printf("\n");
- for (n = 0; n < i; ++n)
- printf(" %02x", cbc_in[n]);
- printf("\n");
- err = 1;
- }
-# ifndef LIBDES_LIT
- printf("Doing pcbc\n");
- if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- memset(cbc_out, 0, 40);
- memset(cbc_in, 0, 40);
- DES_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
- &cbc_iv, DES_ENCRYPT);
- if (memcmp(cbc_out, pcbc_ok, 32) != 0) {
- printf("pcbc_encrypt encrypt error\n");
- err = 1;
- }
- DES_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
- &cbc_iv, DES_DECRYPT);
- if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
- printf("pcbc_encrypt decrypt error\n");
- err = 1;
- }
-
- printf("Doing ");
- printf("cfb8 ");
- err += cfb_test(8, cfb_cipher8);
- printf("cfb16 ");
- err += cfb_test(16, cfb_cipher16);
- printf("cfb32 ");
- err += cfb_test(32, cfb_cipher32);
- printf("cfb48 ");
- err += cfb_test(48, cfb_cipher48);
- printf("cfb64 ");
- err += cfb_test(64, cfb_cipher64);
-
- printf("cfb64() ");
- err += cfb64_test(cfb_cipher64);
-
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- for (i = 0; i < sizeof(plain); i++)
- DES_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]),
- 8, 1, &ks, &cfb_tmp, DES_ENCRYPT);
- if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) {
- printf("cfb_encrypt small encrypt error\n");
- err = 1;
- }
-
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- for (i = 0; i < sizeof(plain); i++)
- DES_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]),
- 8, 1, &ks, &cfb_tmp, DES_DECRYPT);
- if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
- printf("cfb_encrypt small decrypt error\n");
- err = 1;
- }
-
- printf("ede_cfb64() ");
- err += ede_cfb64_test(cfb_cipher64);
-
- printf("done\n");
-
- printf("Doing ofb\n");
- DES_set_key_checked(&ofb_key, &ks);
- memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
- DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp);
- if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
- printf("ofb_encrypt encrypt error\n");
- printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
- ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2],
- ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5],
- ofb_buf1[8 + 6], ofb_buf1[8 + 7]);
- printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0],
- ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3],
- ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6],
- ofb_cipher[8 + 7]);
- err = 1;
- }
- memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
- DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks,
- &ofb_tmp);
- if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
- printf("ofb_encrypt decrypt error\n");
- printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
- ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2],
- ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5],
- ofb_buf2[8 + 6], ofb_buf2[8 + 7]);
- printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0],
- plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4],
- plain[8 + 5], plain[8 + 6], plain[8 + 7]);
- err = 1;
- }
-
- printf("Doing ofb64\n");
- DES_set_key_checked(&ofb_key, &ks);
- memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
- memset(ofb_buf1, 0, sizeof(ofb_buf1));
- memset(ofb_buf2, 0, sizeof(ofb_buf1));
- num = 0;
- for (i = 0; i < sizeof(plain); i++) {
- DES_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ofb_tmp, &num);
- }
- if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
- printf("ofb64_encrypt encrypt error\n");
- err = 1;
- }
- memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
- num = 0;
- DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp,
- &num);
- if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
- printf("ofb64_encrypt decrypt error\n");
- err = 1;
- }
-
- printf("Doing ede_ofb64\n");
- DES_set_key_checked(&ofb_key, &ks);
- memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
- memset(ofb_buf1, 0, sizeof(ofb_buf1));
- memset(ofb_buf2, 0, sizeof(ofb_buf1));
- num = 0;
- for (i = 0; i < sizeof(plain); i++) {
- DES_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ks,
- &ks, &ofb_tmp, &num);
- }
- if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
- printf("ede_ofb64_encrypt encrypt error\n");
- err = 1;
- }
- memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
- num = 0;
- DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks,
- &ofb_tmp, &num);
- if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
- printf("ede_ofb64_encrypt decrypt error\n");
- err = 1;
- }
-
- printf("Doing cbc_cksum\n");
- DES_set_key_checked(&cbc_key, &ks);
- cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks,
- &cbc_iv);
- if (cs != cbc_cksum_ret) {
- printf("bad return value (%08lX), should be %08lX\n",
- (unsigned long)cs, (unsigned long)cbc_cksum_ret);
- err = 1;
- }
- if (memcmp(cret, cbc_cksum_data, 8) != 0) {
- printf("bad cbc_cksum block returned\n");
- err = 1;
- }
-
- printf("Doing quad_cksum\n");
- cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret,
- (long)strlen((char *)cbc_data), 2,
- (DES_cblock *)cbc_iv);
- if (cs != 0x70d7a63aL) {
- printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
- (unsigned long)cs);
- err = 1;
- }
- if (lqret[0] != 0x327eba8dL) {
- printf("quad_cksum error, out[0] %08lx is not %08lx\n",
- (unsigned long)lqret[0], 0x327eba8dUL);
- err = 1;
- }
- if (lqret[1] != 0x201a49ccL) {
- printf("quad_cksum error, out[1] %08lx is not %08lx\n",
- (unsigned long)lqret[1], 0x201a49ccUL);
- err = 1;
- }
- if (lqret[2] != 0x70d7a63aL) {
- printf("quad_cksum error, out[2] %08lx is not %08lx\n",
- (unsigned long)lqret[2], 0x70d7a63aUL);
- err = 1;
- }
- if (lqret[3] != 0x501c2c26L) {
- printf("quad_cksum error, out[3] %08lx is not %08lx\n",
- (unsigned long)lqret[3], 0x501c2c26UL);
- err = 1;
- }
-# endif
-
- printf("input word alignment test");
- for (i = 0; i < 4; i++) {
- printf(" %d", i);
- DES_ncbc_encrypt(&(cbc_out[i]), cbc_in,
- strlen((char *)cbc_data) + 1, &ks,
- &cbc_iv, DES_ENCRYPT);
- }
- printf("\noutput word alignment test");
- for (i = 0; i < 4; i++) {
- printf(" %d", i);
- DES_ncbc_encrypt(cbc_out, &(cbc_in[i]),
- strlen((char *)cbc_data) + 1, &ks,
- &cbc_iv, DES_ENCRYPT);
- }
- printf("\n");
- printf("fast crypt test ");
- str = crypt("testing", "ef");
- if (strcmp("efGnQx2725bI2", str) != 0) {
- printf("fast crypt error, %s should be efGnQx2725bI2\n", str);
- err = 1;
- }
- str = crypt("bca76;23", "yA");
- if (strcmp("yA1Rp/1hZXIJk", str) != 0) {
- printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str);
- err = 1;
- }
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- printf("\n");
- return (err);
-}
-
-static char *pt(unsigned char *p)
-{
- static char bufs[10][20];
- static int bnum = 0;
- char *ret;
- int i;
- static char *f = "0123456789ABCDEF";
-
- ret = &(bufs[bnum++][0]);
- bnum %= 10;
- for (i = 0; i < 8; i++) {
- ret[i * 2] = f[(p[i] >> 4) & 0xf];
- ret[i * 2 + 1] = f[p[i] & 0xf];
- }
- ret[16] = '\0';
- return (ret);
-}
-
-# ifndef LIBDES_LIT
-
-static int cfb_test(int bits, unsigned char *cfb_cipher)
-{
- DES_key_schedule ks;
- int i, err = 0;
-
- DES_set_key_checked(&cfb_key, &ks);
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- DES_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), &ks, &cfb_tmp,
- DES_ENCRYPT);
- if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
- err = 1;
- printf("cfb_encrypt encrypt error\n");
- for (i = 0; i < 24; i += 8)
- printf("%s\n", pt(&(cfb_buf1[i])));
- }
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- DES_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), &ks, &cfb_tmp,
- DES_DECRYPT);
- if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
- err = 1;
- printf("cfb_encrypt decrypt error\n");
- for (i = 0; i < 24; i += 8)
- printf("%s\n", pt(&(cfb_buf1[i])));
- }
- return (err);
-}
-
-static int cfb64_test(unsigned char *cfb_cipher)
-{
- DES_key_schedule ks;
- int err = 0, i, n;
-
- DES_set_key_checked(&cfb_key, &ks);
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- n = 0;
- DES_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &cfb_tmp, &n, DES_ENCRYPT);
- DES_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]), sizeof(plain) - 12, &ks,
- &cfb_tmp, &n, DES_ENCRYPT);
- if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
- err = 1;
- printf("cfb_encrypt encrypt error\n");
- for (i = 0; i < 24; i += 8)
- printf("%s\n", pt(&(cfb_buf1[i])));
- }
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- n = 0;
- DES_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, &ks, &cfb_tmp, &n, DES_DECRYPT);
- DES_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
- sizeof(plain) - 17, &ks, &cfb_tmp, &n, DES_DECRYPT);
- if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
- err = 1;
- printf("cfb_encrypt decrypt error\n");
- for (i = 0; i < 24; i += 8)
- printf("%s\n", pt(&(cfb_buf2[i])));
- }
- return (err);
-}
-
-static int ede_cfb64_test(unsigned char *cfb_cipher)
-{
- DES_key_schedule ks;
- int err = 0, i, n;
-
- DES_set_key_checked(&cfb_key, &ks);
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- n = 0;
- DES_ede3_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &ks, &ks, &cfb_tmp, &n,
- DES_ENCRYPT);
- DES_ede3_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
- sizeof(plain) - 12, &ks, &ks, &ks,
- &cfb_tmp, &n, DES_ENCRYPT);
- if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
- err = 1;
- printf("ede_cfb_encrypt encrypt error\n");
- for (i = 0; i < 24; i += 8)
- printf("%s\n", pt(&(cfb_buf1[i])));
- }
- memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
- n = 0;
- DES_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &ks, &ks, &ks,
- &cfb_tmp, &n, DES_DECRYPT);
- DES_ede3_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
- sizeof(plain) - 17, &ks, &ks, &ks,
- &cfb_tmp, &n, DES_DECRYPT);
- if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
- err = 1;
- printf("ede_cfb_encrypt decrypt error\n");
- for (i = 0; i < 24; i += 8)
- printf("%s\n", pt(&(cfb_buf2[i])));
- }
- return (err);
-}
-
-# endif
-#endif
+++ /dev/null
-/* crypto/dh/dh.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DH_H
-# define HEADER_DH_H
-
-# include <openssl/e_os2.h>
-
-# ifdef OPENSSL_NO_DH
-# error DH is disabled.
-# endif
-
-# include <openssl/bio.h>
-# include <openssl/ossl_typ.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# endif
-
-# ifndef OPENSSL_DH_MAX_MODULUS_BITS
-# define OPENSSL_DH_MAX_MODULUS_BITS 10000
-# endif
-
-# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
-
-# define DH_FLAG_CACHE_MONT_P 0x01
-
-/*
- * new with 0.9.7h; the built-in DH
- * implementation now uses constant time
- * modular exponentiation for secret exponents
- * by default. This flag causes the
- * faster variable sliding window method to
- * be used for all exponents.
- */
-# define DH_FLAG_NO_EXP_CONSTTIME 0x02
-
-/*
- * If this flag is set the DH method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its reposibility to ensure the
- * result is compliant.
- */
-
-# define DH_FLAG_FIPS_METHOD 0x0400
-
-/*
- * If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-# define DH_FLAG_NON_FIPS_ALLOW 0x0400
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dh_st DH; */
-/* typedef struct dh_method DH_METHOD; */
-
-struct dh_method {
- const char *name;
- /* Methods here */
- int (*generate_key) (DH *dh);
- int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
- /* Can be null */
- int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
- int (*init) (DH *dh);
- int (*finish) (DH *dh);
- int flags;
- char *app_data;
- /* If this is non-NULL, it will be used to generate parameters */
- int (*generate_params) (DH *dh, int prime_len, int generator,
- BN_GENCB *cb);
-};
-
-struct dh_st {
- /*
- * This first argument is used to pick up errors when a DH is passed
- * instead of a EVP_PKEY
- */
- int pad;
- int version;
- BIGNUM *p;
- BIGNUM *g;
- long length; /* optional */
- BIGNUM *pub_key; /* g^x */
- BIGNUM *priv_key; /* x */
- int flags;
- BN_MONT_CTX *method_mont_p;
- /* Place holders if we want to do X9.42 DH */
- BIGNUM *q;
- BIGNUM *j;
- unsigned char *seed;
- int seedlen;
- BIGNUM *counter;
- int references;
- CRYPTO_EX_DATA ex_data;
- const DH_METHOD *meth;
- ENGINE *engine;
-};
-
-# define DH_GENERATOR_2 2
-/* #define DH_GENERATOR_3 3 */
-# define DH_GENERATOR_5 5
-
-/* DH_check error codes */
-# define DH_CHECK_P_NOT_PRIME 0x01
-# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
-# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
-# define DH_NOT_SUITABLE_GENERATOR 0x08
-# define DH_CHECK_Q_NOT_PRIME 0x10
-# define DH_CHECK_INVALID_Q_VALUE 0x20
-# define DH_CHECK_INVALID_J_VALUE 0x40
-
-/* DH_check_pub_key error codes */
-# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
-# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
-
-/*
- * primes p where (p-1)/2 is prime too are called "safe"; we define this for
- * backward compatibility:
- */
-# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
-
-# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
- (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
- (unsigned char *)(x))
-# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
-
-DH *DHparams_dup(DH *);
-
-const DH_METHOD *DH_OpenSSL(void);
-
-void DH_set_default_method(const DH_METHOD *meth);
-const DH_METHOD *DH_get_default_method(void);
-int DH_set_method(DH *dh, const DH_METHOD *meth);
-DH *DH_new_method(ENGINE *engine);
-
-DH *DH_new(void);
-void DH_free(DH *dh);
-int DH_up_ref(DH *dh);
-int DH_size(const DH *dh);
-int DH_security_bits(const DH *dh);
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
-
-/* Deprecated version */
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(DH *DH_generate_parameters(int prime_len, int generator,
- void (*callback) (int, int,
- void *),
- void *cb_arg));
-# endif /* defined(OPENSSL_USE_DEPRECATED) */
-
-/* New version */
-int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
- BN_GENCB *cb);
-
-int DH_check(const DH *dh, int *codes);
-int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
-int DH_generate_key(DH *dh);
-int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
-int i2d_DHparams(const DH *a, unsigned char **pp);
-DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
-int i2d_DHxparams(const DH *a, unsigned char **pp);
-# ifndef OPENSSL_NO_STDIO
-int DHparams_print_fp(FILE *fp, const DH *x);
-# endif
-int DHparams_print(BIO *bp, const DH *x);
-
-/* RFC 5114 parameters */
-DH *DH_get_1024_160(void);
-DH *DH_get_2048_224(void);
-DH *DH_get_2048_256(void);
-
-/* RFC2631 KDF */
-int DH_KDF_X9_42(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- ASN1_OBJECT *key_oid,
- const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
-
-# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
- EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
-
-# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
- EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
-
-# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
- EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
-
-# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
- EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
-
-# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
- EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
-
-# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
- EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
-
-# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
-
-# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
-
-# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
-
-# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
-
-# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
-
-# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
-
-# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
-
-# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
-
-# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
-
-# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
-# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
-# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
-# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
-# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
-# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
-# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
-
-/* KDF types */
-# define EVP_PKEY_DH_KDF_NONE 1
-# define EVP_PKEY_DH_KDF_X9_42 2
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DH_strings(void);
-
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-# define DH_F_COMPUTE_KEY 102
-# define DH_F_DHPARAMS_PRINT_FP 101
-# define DH_F_DH_BUILTIN_GENPARAMS 106
-# define DH_F_DH_CMS_DECRYPT 114
-# define DH_F_DH_CMS_SET_PEERKEY 115
-# define DH_F_DH_CMS_SET_SHARED_INFO 116
-# define DH_F_DH_NEW_METHOD 105
-# define DH_F_DH_PARAM_DECODE 107
-# define DH_F_DH_PRIV_DECODE 110
-# define DH_F_DH_PRIV_ENCODE 111
-# define DH_F_DH_PUB_DECODE 108
-# define DH_F_DH_PUB_ENCODE 109
-# define DH_F_DO_DH_PRINT 100
-# define DH_F_GENERATE_KEY 103
-# define DH_F_GENERATE_PARAMETERS 104
-# define DH_F_PKEY_DH_DERIVE 112
-# define DH_F_PKEY_DH_KEYGEN 113
-
-/* Reason codes. */
-# define DH_R_BAD_GENERATOR 101
-# define DH_R_BN_DECODE_ERROR 109
-# define DH_R_BN_ERROR 106
-# define DH_R_DECODE_ERROR 104
-# define DH_R_INVALID_PUBKEY 102
-# define DH_R_KDF_PARAMETER_ERROR 112
-# define DH_R_KEYS_NOT_SET 108
-# define DH_R_KEY_SIZE_TOO_SMALL 110
-# define DH_R_MODULUS_TOO_LARGE 103
-# define DH_R_NO_PARAMETERS_SET 107
-# define DH_R_NO_PRIVATE_VALUE 100
-# define DH_R_PARAMETER_ENCODING_ERROR 105
-# define DH_R_PEER_KEY_ERROR 111
-# define DH_R_SHARED_INFO_ERROR 113
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/dh/dhtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-
-#ifdef OPENSSL_NO_DH
-int main(int argc, char *argv[])
-{
- printf("No DH support\n");
- return (0);
-}
-#else
-# include <openssl/dh.h>
-
-static int cb(int p, int n, BN_GENCB *arg);
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-static int run_rfc5114_tests(void);
-
-int main(int argc, char *argv[])
-{
- BN_GENCB *_cb;
- DH *a = NULL;
- DH *b = NULL;
- char buf[12];
- unsigned char *abuf = NULL, *bbuf = NULL;
- int i, alen, blen, aout, bout, ret = 1;
- BIO *out;
-
- CRYPTO_malloc_debug_init();
- CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-# ifdef OPENSSL_SYS_WIN32
- CRYPTO_malloc_init();
-# endif
-
- RAND_seed(rnd_seed, sizeof rnd_seed);
-
- out = BIO_new(BIO_s_file());
- if (out == NULL)
- EXIT(1);
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-
- _cb = BN_GENCB_new();
- if (!_cb)
- goto err;
- BN_GENCB_set(_cb, &cb, out);
- if (((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,
- DH_GENERATOR_5,
- _cb))
- goto err;
-
- if (!DH_check(a, &i))
- goto err;
- if (i & DH_CHECK_P_NOT_PRIME)
- BIO_puts(out, "p value is not prime\n");
- if (i & DH_CHECK_P_NOT_SAFE_PRIME)
- BIO_puts(out, "p value is not a safe prime\n");
- if (i & DH_UNABLE_TO_CHECK_GENERATOR)
- BIO_puts(out, "unable to check the generator value\n");
- if (i & DH_NOT_SUITABLE_GENERATOR)
- BIO_puts(out, "the g value is not a generator\n");
-
- BIO_puts(out, "\np =");
- BN_print(out, a->p);
- BIO_puts(out, "\ng =");
- BN_print(out, a->g);
- BIO_puts(out, "\n");
-
- b = DH_new();
- if (b == NULL)
- goto err;
-
- b->p = BN_dup(a->p);
- b->g = BN_dup(a->g);
- if ((b->p == NULL) || (b->g == NULL))
- goto err;
-
- /* Set a to run with normal modexp and b to use constant time */
- a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
- b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
-
- if (!DH_generate_key(a))
- goto err;
- BIO_puts(out, "pri 1=");
- BN_print(out, a->priv_key);
- BIO_puts(out, "\npub 1=");
- BN_print(out, a->pub_key);
- BIO_puts(out, "\n");
-
- if (!DH_generate_key(b))
- goto err;
- BIO_puts(out, "pri 2=");
- BN_print(out, b->priv_key);
- BIO_puts(out, "\npub 2=");
- BN_print(out, b->pub_key);
- BIO_puts(out, "\n");
-
- alen = DH_size(a);
- abuf = (unsigned char *)OPENSSL_malloc(alen);
- aout = DH_compute_key(abuf, b->pub_key, a);
-
- BIO_puts(out, "key1 =");
- for (i = 0; i < aout; i++) {
- sprintf(buf, "%02X", abuf[i]);
- BIO_puts(out, buf);
- }
- BIO_puts(out, "\n");
-
- blen = DH_size(b);
- bbuf = (unsigned char *)OPENSSL_malloc(blen);
- bout = DH_compute_key(bbuf, a->pub_key, b);
-
- BIO_puts(out, "key2 =");
- for (i = 0; i < bout; i++) {
- sprintf(buf, "%02X", bbuf[i]);
- BIO_puts(out, buf);
- }
- BIO_puts(out, "\n");
- if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
- fprintf(stderr, "Error in DH routines\n");
- ret = 1;
- } else
- ret = 0;
- if (!run_rfc5114_tests())
- ret = 1;
- err:
- ERR_print_errors_fp(stderr);
-
- if (abuf != NULL)
- OPENSSL_free(abuf);
- if (bbuf != NULL)
- OPENSSL_free(bbuf);
- DH_free(b);
- DH_free(a);
- if (_cb)
- BN_GENCB_free(_cb);
- BIO_free(out);
-# ifdef OPENSSL_SYS_NETWARE
- if (ret)
- printf("ERROR: %d\n", ret);
-# endif
- EXIT(ret);
-}
-
-static int cb(int p, int n, BN_GENCB *arg)
-{
- char c = '*';
-
- if (p == 0)
- c = '.';
- if (p == 1)
- c = '+';
- if (p == 2)
- c = '*';
- if (p == 3)
- c = '\n';
- BIO_write(BN_GENCB_get_arg(arg), &c, 1);
- (void)BIO_flush(BN_GENCB_get_arg(arg));
- return 1;
-}
-
-/* Test data from RFC 5114 */
-
-static const unsigned char dhtest_1024_160_xA[] = {
- 0xB9, 0xA3, 0xB3, 0xAE, 0x8F, 0xEF, 0xC1, 0xA2, 0x93, 0x04, 0x96, 0x50,
- 0x70, 0x86, 0xF8, 0x45, 0x5D, 0x48, 0x94, 0x3E
-};
-
-static const unsigned char dhtest_1024_160_yA[] = {
- 0x2A, 0x85, 0x3B, 0x3D, 0x92, 0x19, 0x75, 0x01, 0xB9, 0x01, 0x5B, 0x2D,
- 0xEB, 0x3E, 0xD8, 0x4F, 0x5E, 0x02, 0x1D, 0xCC, 0x3E, 0x52, 0xF1, 0x09,
- 0xD3, 0x27, 0x3D, 0x2B, 0x75, 0x21, 0x28, 0x1C, 0xBA, 0xBE, 0x0E, 0x76,
- 0xFF, 0x57, 0x27, 0xFA, 0x8A, 0xCC, 0xE2, 0x69, 0x56, 0xBA, 0x9A, 0x1F,
- 0xCA, 0x26, 0xF2, 0x02, 0x28, 0xD8, 0x69, 0x3F, 0xEB, 0x10, 0x84, 0x1D,
- 0x84, 0xA7, 0x36, 0x00, 0x54, 0xEC, 0xE5, 0xA7, 0xF5, 0xB7, 0xA6, 0x1A,
- 0xD3, 0xDF, 0xB3, 0xC6, 0x0D, 0x2E, 0x43, 0x10, 0x6D, 0x87, 0x27, 0xDA,
- 0x37, 0xDF, 0x9C, 0xCE, 0x95, 0xB4, 0x78, 0x75, 0x5D, 0x06, 0xBC, 0xEA,
- 0x8F, 0x9D, 0x45, 0x96, 0x5F, 0x75, 0xA5, 0xF3, 0xD1, 0xDF, 0x37, 0x01,
- 0x16, 0x5F, 0xC9, 0xE5, 0x0C, 0x42, 0x79, 0xCE, 0xB0, 0x7F, 0x98, 0x95,
- 0x40, 0xAE, 0x96, 0xD5, 0xD8, 0x8E, 0xD7, 0x76
-};
-
-static const unsigned char dhtest_1024_160_xB[] = {
- 0x93, 0x92, 0xC9, 0xF9, 0xEB, 0x6A, 0x7A, 0x6A, 0x90, 0x22, 0xF7, 0xD8,
- 0x3E, 0x72, 0x23, 0xC6, 0x83, 0x5B, 0xBD, 0xDA
-};
-
-static const unsigned char dhtest_1024_160_yB[] = {
- 0x71, 0x7A, 0x6C, 0xB0, 0x53, 0x37, 0x1F, 0xF4, 0xA3, 0xB9, 0x32, 0x94,
- 0x1C, 0x1E, 0x56, 0x63, 0xF8, 0x61, 0xA1, 0xD6, 0xAD, 0x34, 0xAE, 0x66,
- 0x57, 0x6D, 0xFB, 0x98, 0xF6, 0xC6, 0xCB, 0xF9, 0xDD, 0xD5, 0xA5, 0x6C,
- 0x78, 0x33, 0xF6, 0xBC, 0xFD, 0xFF, 0x09, 0x55, 0x82, 0xAD, 0x86, 0x8E,
- 0x44, 0x0E, 0x8D, 0x09, 0xFD, 0x76, 0x9E, 0x3C, 0xEC, 0xCD, 0xC3, 0xD3,
- 0xB1, 0xE4, 0xCF, 0xA0, 0x57, 0x77, 0x6C, 0xAA, 0xF9, 0x73, 0x9B, 0x6A,
- 0x9F, 0xEE, 0x8E, 0x74, 0x11, 0xF8, 0xD6, 0xDA, 0xC0, 0x9D, 0x6A, 0x4E,
- 0xDB, 0x46, 0xCC, 0x2B, 0x5D, 0x52, 0x03, 0x09, 0x0E, 0xAE, 0x61, 0x26,
- 0x31, 0x1E, 0x53, 0xFD, 0x2C, 0x14, 0xB5, 0x74, 0xE6, 0xA3, 0x10, 0x9A,
- 0x3D, 0xA1, 0xBE, 0x41, 0xBD, 0xCE, 0xAA, 0x18, 0x6F, 0x5C, 0xE0, 0x67,
- 0x16, 0xA2, 0xB6, 0xA0, 0x7B, 0x3C, 0x33, 0xFE
-};
-
-static const unsigned char dhtest_1024_160_Z[] = {
- 0x5C, 0x80, 0x4F, 0x45, 0x4D, 0x30, 0xD9, 0xC4, 0xDF, 0x85, 0x27, 0x1F,
- 0x93, 0x52, 0x8C, 0x91, 0xDF, 0x6B, 0x48, 0xAB, 0x5F, 0x80, 0xB3, 0xB5,
- 0x9C, 0xAA, 0xC1, 0xB2, 0x8F, 0x8A, 0xCB, 0xA9, 0xCD, 0x3E, 0x39, 0xF3,
- 0xCB, 0x61, 0x45, 0x25, 0xD9, 0x52, 0x1D, 0x2E, 0x64, 0x4C, 0x53, 0xB8,
- 0x07, 0xB8, 0x10, 0xF3, 0x40, 0x06, 0x2F, 0x25, 0x7D, 0x7D, 0x6F, 0xBF,
- 0xE8, 0xD5, 0xE8, 0xF0, 0x72, 0xE9, 0xB6, 0xE9, 0xAF, 0xDA, 0x94, 0x13,
- 0xEA, 0xFB, 0x2E, 0x8B, 0x06, 0x99, 0xB1, 0xFB, 0x5A, 0x0C, 0xAC, 0xED,
- 0xDE, 0xAE, 0xAD, 0x7E, 0x9C, 0xFB, 0xB3, 0x6A, 0xE2, 0xB4, 0x20, 0x83,
- 0x5B, 0xD8, 0x3A, 0x19, 0xFB, 0x0B, 0x5E, 0x96, 0xBF, 0x8F, 0xA4, 0xD0,
- 0x9E, 0x34, 0x55, 0x25, 0x16, 0x7E, 0xCD, 0x91, 0x55, 0x41, 0x6F, 0x46,
- 0xF4, 0x08, 0xED, 0x31, 0xB6, 0x3C, 0x6E, 0x6D
-};
-
-static const unsigned char dhtest_2048_224_xA[] = {
- 0x22, 0xE6, 0x26, 0x01, 0xDB, 0xFF, 0xD0, 0x67, 0x08, 0xA6, 0x80, 0xF7,
- 0x47, 0xF3, 0x61, 0xF7, 0x6D, 0x8F, 0x4F, 0x72, 0x1A, 0x05, 0x48, 0xE4,
- 0x83, 0x29, 0x4B, 0x0C
-};
-
-static const unsigned char dhtest_2048_224_yA[] = {
- 0x1B, 0x3A, 0x63, 0x45, 0x1B, 0xD8, 0x86, 0xE6, 0x99, 0xE6, 0x7B, 0x49,
- 0x4E, 0x28, 0x8B, 0xD7, 0xF8, 0xE0, 0xD3, 0x70, 0xBA, 0xDD, 0xA7, 0xA0,
- 0xEF, 0xD2, 0xFD, 0xE7, 0xD8, 0xF6, 0x61, 0x45, 0xCC, 0x9F, 0x28, 0x04,
- 0x19, 0x97, 0x5E, 0xB8, 0x08, 0x87, 0x7C, 0x8A, 0x4C, 0x0C, 0x8E, 0x0B,
- 0xD4, 0x8D, 0x4A, 0x54, 0x01, 0xEB, 0x1E, 0x87, 0x76, 0xBF, 0xEE, 0xE1,
- 0x34, 0xC0, 0x38, 0x31, 0xAC, 0x27, 0x3C, 0xD9, 0xD6, 0x35, 0xAB, 0x0C,
- 0xE0, 0x06, 0xA4, 0x2A, 0x88, 0x7E, 0x3F, 0x52, 0xFB, 0x87, 0x66, 0xB6,
- 0x50, 0xF3, 0x80, 0x78, 0xBC, 0x8E, 0xE8, 0x58, 0x0C, 0xEF, 0xE2, 0x43,
- 0x96, 0x8C, 0xFC, 0x4F, 0x8D, 0xC3, 0xDB, 0x08, 0x45, 0x54, 0x17, 0x1D,
- 0x41, 0xBF, 0x2E, 0x86, 0x1B, 0x7B, 0xB4, 0xD6, 0x9D, 0xD0, 0xE0, 0x1E,
- 0xA3, 0x87, 0xCB, 0xAA, 0x5C, 0xA6, 0x72, 0xAF, 0xCB, 0xE8, 0xBD, 0xB9,
- 0xD6, 0x2D, 0x4C, 0xE1, 0x5F, 0x17, 0xDD, 0x36, 0xF9, 0x1E, 0xD1, 0xEE,
- 0xDD, 0x65, 0xCA, 0x4A, 0x06, 0x45, 0x5C, 0xB9, 0x4C, 0xD4, 0x0A, 0x52,
- 0xEC, 0x36, 0x0E, 0x84, 0xB3, 0xC9, 0x26, 0xE2, 0x2C, 0x43, 0x80, 0xA3,
- 0xBF, 0x30, 0x9D, 0x56, 0x84, 0x97, 0x68, 0xB7, 0xF5, 0x2C, 0xFD, 0xF6,
- 0x55, 0xFD, 0x05, 0x3A, 0x7E, 0xF7, 0x06, 0x97, 0x9E, 0x7E, 0x58, 0x06,
- 0xB1, 0x7D, 0xFA, 0xE5, 0x3A, 0xD2, 0xA5, 0xBC, 0x56, 0x8E, 0xBB, 0x52,
- 0x9A, 0x7A, 0x61, 0xD6, 0x8D, 0x25, 0x6F, 0x8F, 0xC9, 0x7C, 0x07, 0x4A,
- 0x86, 0x1D, 0x82, 0x7E, 0x2E, 0xBC, 0x8C, 0x61, 0x34, 0x55, 0x31, 0x15,
- 0xB7, 0x0E, 0x71, 0x03, 0x92, 0x0A, 0xA1, 0x6D, 0x85, 0xE5, 0x2B, 0xCB,
- 0xAB, 0x8D, 0x78, 0x6A, 0x68, 0x17, 0x8F, 0xA8, 0xFF, 0x7C, 0x2F, 0x5C,
- 0x71, 0x64, 0x8D, 0x6F
-};
-
-static const unsigned char dhtest_2048_224_xB[] = {
- 0x4F, 0xF3, 0xBC, 0x96, 0xC7, 0xFC, 0x6A, 0x6D, 0x71, 0xD3, 0xB3, 0x63,
- 0x80, 0x0A, 0x7C, 0xDF, 0xEF, 0x6F, 0xC4, 0x1B, 0x44, 0x17, 0xEA, 0x15,
- 0x35, 0x3B, 0x75, 0x90
-};
-
-static const unsigned char dhtest_2048_224_yB[] = {
- 0x4D, 0xCE, 0xE9, 0x92, 0xA9, 0x76, 0x2A, 0x13, 0xF2, 0xF8, 0x38, 0x44,
- 0xAD, 0x3D, 0x77, 0xEE, 0x0E, 0x31, 0xC9, 0x71, 0x8B, 0x3D, 0xB6, 0xC2,
- 0x03, 0x5D, 0x39, 0x61, 0x18, 0x2C, 0x3E, 0x0B, 0xA2, 0x47, 0xEC, 0x41,
- 0x82, 0xD7, 0x60, 0xCD, 0x48, 0xD9, 0x95, 0x99, 0x97, 0x06, 0x22, 0xA1,
- 0x88, 0x1B, 0xBA, 0x2D, 0xC8, 0x22, 0x93, 0x9C, 0x78, 0xC3, 0x91, 0x2C,
- 0x66, 0x61, 0xFA, 0x54, 0x38, 0xB2, 0x07, 0x66, 0x22, 0x2B, 0x75, 0xE2,
- 0x4C, 0x2E, 0x3A, 0xD0, 0xC7, 0x28, 0x72, 0x36, 0x12, 0x95, 0x25, 0xEE,
- 0x15, 0xB5, 0xDD, 0x79, 0x98, 0xAA, 0x04, 0xC4, 0xA9, 0x69, 0x6C, 0xAC,
- 0xD7, 0x17, 0x20, 0x83, 0xA9, 0x7A, 0x81, 0x66, 0x4E, 0xAD, 0x2C, 0x47,
- 0x9E, 0x44, 0x4E, 0x4C, 0x06, 0x54, 0xCC, 0x19, 0xE2, 0x8D, 0x77, 0x03,
- 0xCE, 0xE8, 0xDA, 0xCD, 0x61, 0x26, 0xF5, 0xD6, 0x65, 0xEC, 0x52, 0xC6,
- 0x72, 0x55, 0xDB, 0x92, 0x01, 0x4B, 0x03, 0x7E, 0xB6, 0x21, 0xA2, 0xAC,
- 0x8E, 0x36, 0x5D, 0xE0, 0x71, 0xFF, 0xC1, 0x40, 0x0A, 0xCF, 0x07, 0x7A,
- 0x12, 0x91, 0x3D, 0xD8, 0xDE, 0x89, 0x47, 0x34, 0x37, 0xAB, 0x7B, 0xA3,
- 0x46, 0x74, 0x3C, 0x1B, 0x21, 0x5D, 0xD9, 0xC1, 0x21, 0x64, 0xA7, 0xE4,
- 0x05, 0x31, 0x18, 0xD1, 0x99, 0xBE, 0xC8, 0xEF, 0x6F, 0xC5, 0x61, 0x17,
- 0x0C, 0x84, 0xC8, 0x7D, 0x10, 0xEE, 0x9A, 0x67, 0x4A, 0x1F, 0xA8, 0xFF,
- 0xE1, 0x3B, 0xDF, 0xBA, 0x1D, 0x44, 0xDE, 0x48, 0x94, 0x6D, 0x68, 0xDC,
- 0x0C, 0xDD, 0x77, 0x76, 0x35, 0xA7, 0xAB, 0x5B, 0xFB, 0x1E, 0x4B, 0xB7,
- 0xB8, 0x56, 0xF9, 0x68, 0x27, 0x73, 0x4C, 0x18, 0x41, 0x38, 0xE9, 0x15,
- 0xD9, 0xC3, 0x00, 0x2E, 0xBC, 0xE5, 0x31, 0x20, 0x54, 0x6A, 0x7E, 0x20,
- 0x02, 0x14, 0x2B, 0x6C
-};
-
-static const unsigned char dhtest_2048_224_Z[] = {
- 0x34, 0xD9, 0xBD, 0xDC, 0x1B, 0x42, 0x17, 0x6C, 0x31, 0x3F, 0xEA, 0x03,
- 0x4C, 0x21, 0x03, 0x4D, 0x07, 0x4A, 0x63, 0x13, 0xBB, 0x4E, 0xCD, 0xB3,
- 0x70, 0x3F, 0xFF, 0x42, 0x45, 0x67, 0xA4, 0x6B, 0xDF, 0x75, 0x53, 0x0E,
- 0xDE, 0x0A, 0x9D, 0xA5, 0x22, 0x9D, 0xE7, 0xD7, 0x67, 0x32, 0x28, 0x6C,
- 0xBC, 0x0F, 0x91, 0xDA, 0x4C, 0x3C, 0x85, 0x2F, 0xC0, 0x99, 0xC6, 0x79,
- 0x53, 0x1D, 0x94, 0xC7, 0x8A, 0xB0, 0x3D, 0x9D, 0xEC, 0xB0, 0xA4, 0xE4,
- 0xCA, 0x8B, 0x2B, 0xB4, 0x59, 0x1C, 0x40, 0x21, 0xCF, 0x8C, 0xE3, 0xA2,
- 0x0A, 0x54, 0x1D, 0x33, 0x99, 0x40, 0x17, 0xD0, 0x20, 0x0A, 0xE2, 0xC9,
- 0x51, 0x6E, 0x2F, 0xF5, 0x14, 0x57, 0x79, 0x26, 0x9E, 0x86, 0x2B, 0x0F,
- 0xB4, 0x74, 0xA2, 0xD5, 0x6D, 0xC3, 0x1E, 0xD5, 0x69, 0xA7, 0x70, 0x0B,
- 0x4C, 0x4A, 0xB1, 0x6B, 0x22, 0xA4, 0x55, 0x13, 0x53, 0x1E, 0xF5, 0x23,
- 0xD7, 0x12, 0x12, 0x07, 0x7B, 0x5A, 0x16, 0x9B, 0xDE, 0xFF, 0xAD, 0x7A,
- 0xD9, 0x60, 0x82, 0x84, 0xC7, 0x79, 0x5B, 0x6D, 0x5A, 0x51, 0x83, 0xB8,
- 0x70, 0x66, 0xDE, 0x17, 0xD8, 0xD6, 0x71, 0xC9, 0xEB, 0xD8, 0xEC, 0x89,
- 0x54, 0x4D, 0x45, 0xEC, 0x06, 0x15, 0x93, 0xD4, 0x42, 0xC6, 0x2A, 0xB9,
- 0xCE, 0x3B, 0x1C, 0xB9, 0x94, 0x3A, 0x1D, 0x23, 0xA5, 0xEA, 0x3B, 0xCF,
- 0x21, 0xA0, 0x14, 0x71, 0xE6, 0x7E, 0x00, 0x3E, 0x7F, 0x8A, 0x69, 0xC7,
- 0x28, 0xBE, 0x49, 0x0B, 0x2F, 0xC8, 0x8C, 0xFE, 0xB9, 0x2D, 0xB6, 0xA2,
- 0x15, 0xE5, 0xD0, 0x3C, 0x17, 0xC4, 0x64, 0xC9, 0xAC, 0x1A, 0x46, 0xE2,
- 0x03, 0xE1, 0x3F, 0x95, 0x29, 0x95, 0xFB, 0x03, 0xC6, 0x9D, 0x3C, 0xC4,
- 0x7F, 0xCB, 0x51, 0x0B, 0x69, 0x98, 0xFF, 0xD3, 0xAA, 0x6D, 0xE7, 0x3C,
- 0xF9, 0xF6, 0x38, 0x69
-};
-
-static const unsigned char dhtest_2048_256_xA[] = {
- 0x08, 0x81, 0x38, 0x2C, 0xDB, 0x87, 0x66, 0x0C, 0x6D, 0xC1, 0x3E, 0x61,
- 0x49, 0x38, 0xD5, 0xB9, 0xC8, 0xB2, 0xF2, 0x48, 0x58, 0x1C, 0xC5, 0xE3,
- 0x1B, 0x35, 0x45, 0x43, 0x97, 0xFC, 0xE5, 0x0E
-};
-
-static const unsigned char dhtest_2048_256_yA[] = {
- 0x2E, 0x93, 0x80, 0xC8, 0x32, 0x3A, 0xF9, 0x75, 0x45, 0xBC, 0x49, 0x41,
- 0xDE, 0xB0, 0xEC, 0x37, 0x42, 0xC6, 0x2F, 0xE0, 0xEC, 0xE8, 0x24, 0xA6,
- 0xAB, 0xDB, 0xE6, 0x6C, 0x59, 0xBE, 0xE0, 0x24, 0x29, 0x11, 0xBF, 0xB9,
- 0x67, 0x23, 0x5C, 0xEB, 0xA3, 0x5A, 0xE1, 0x3E, 0x4E, 0xC7, 0x52, 0xBE,
- 0x63, 0x0B, 0x92, 0xDC, 0x4B, 0xDE, 0x28, 0x47, 0xA9, 0xC6, 0x2C, 0xB8,
- 0x15, 0x27, 0x45, 0x42, 0x1F, 0xB7, 0xEB, 0x60, 0xA6, 0x3C, 0x0F, 0xE9,
- 0x15, 0x9F, 0xCC, 0xE7, 0x26, 0xCE, 0x7C, 0xD8, 0x52, 0x3D, 0x74, 0x50,
- 0x66, 0x7E, 0xF8, 0x40, 0xE4, 0x91, 0x91, 0x21, 0xEB, 0x5F, 0x01, 0xC8,
- 0xC9, 0xB0, 0xD3, 0xD6, 0x48, 0xA9, 0x3B, 0xFB, 0x75, 0x68, 0x9E, 0x82,
- 0x44, 0xAC, 0x13, 0x4A, 0xF5, 0x44, 0x71, 0x1C, 0xE7, 0x9A, 0x02, 0xDC,
- 0xC3, 0x42, 0x26, 0x68, 0x47, 0x80, 0xDD, 0xDC, 0xB4, 0x98, 0x59, 0x41,
- 0x06, 0xC3, 0x7F, 0x5B, 0xC7, 0x98, 0x56, 0x48, 0x7A, 0xF5, 0xAB, 0x02,
- 0x2A, 0x2E, 0x5E, 0x42, 0xF0, 0x98, 0x97, 0xC1, 0xA8, 0x5A, 0x11, 0xEA,
- 0x02, 0x12, 0xAF, 0x04, 0xD9, 0xB4, 0xCE, 0xBC, 0x93, 0x7C, 0x3C, 0x1A,
- 0x3E, 0x15, 0xA8, 0xA0, 0x34, 0x2E, 0x33, 0x76, 0x15, 0xC8, 0x4E, 0x7F,
- 0xE3, 0xB8, 0xB9, 0xB8, 0x7F, 0xB1, 0xE7, 0x3A, 0x15, 0xAF, 0x12, 0xA3,
- 0x0D, 0x74, 0x6E, 0x06, 0xDF, 0xC3, 0x4F, 0x29, 0x0D, 0x79, 0x7C, 0xE5,
- 0x1A, 0xA1, 0x3A, 0xA7, 0x85, 0xBF, 0x66, 0x58, 0xAF, 0xF5, 0xE4, 0xB0,
- 0x93, 0x00, 0x3C, 0xBE, 0xAF, 0x66, 0x5B, 0x3C, 0x2E, 0x11, 0x3A, 0x3A,
- 0x4E, 0x90, 0x52, 0x69, 0x34, 0x1D, 0xC0, 0x71, 0x14, 0x26, 0x68, 0x5F,
- 0x4E, 0xF3, 0x7E, 0x86, 0x8A, 0x81, 0x26, 0xFF, 0x3F, 0x22, 0x79, 0xB5,
- 0x7C, 0xA6, 0x7E, 0x29
-};
-
-static const unsigned char dhtest_2048_256_xB[] = {
- 0x7D, 0x62, 0xA7, 0xE3, 0xEF, 0x36, 0xDE, 0x61, 0x7B, 0x13, 0xD1, 0xAF,
- 0xB8, 0x2C, 0x78, 0x0D, 0x83, 0xA2, 0x3B, 0xD4, 0xEE, 0x67, 0x05, 0x64,
- 0x51, 0x21, 0xF3, 0x71, 0xF5, 0x46, 0xA5, 0x3D
-};
-
-static const unsigned char dhtest_2048_256_yB[] = {
- 0x57, 0x5F, 0x03, 0x51, 0xBD, 0x2B, 0x1B, 0x81, 0x74, 0x48, 0xBD, 0xF8,
- 0x7A, 0x6C, 0x36, 0x2C, 0x1E, 0x28, 0x9D, 0x39, 0x03, 0xA3, 0x0B, 0x98,
- 0x32, 0xC5, 0x74, 0x1F, 0xA2, 0x50, 0x36, 0x3E, 0x7A, 0xCB, 0xC7, 0xF7,
- 0x7F, 0x3D, 0xAC, 0xBC, 0x1F, 0x13, 0x1A, 0xDD, 0x8E, 0x03, 0x36, 0x7E,
- 0xFF, 0x8F, 0xBB, 0xB3, 0xE1, 0xC5, 0x78, 0x44, 0x24, 0x80, 0x9B, 0x25,
- 0xAF, 0xE4, 0xD2, 0x26, 0x2A, 0x1A, 0x6F, 0xD2, 0xFA, 0xB6, 0x41, 0x05,
- 0xCA, 0x30, 0xA6, 0x74, 0xE0, 0x7F, 0x78, 0x09, 0x85, 0x20, 0x88, 0x63,
- 0x2F, 0xC0, 0x49, 0x23, 0x37, 0x91, 0xAD, 0x4E, 0xDD, 0x08, 0x3A, 0x97,
- 0x8B, 0x88, 0x3E, 0xE6, 0x18, 0xBC, 0x5E, 0x0D, 0xD0, 0x47, 0x41, 0x5F,
- 0x2D, 0x95, 0xE6, 0x83, 0xCF, 0x14, 0x82, 0x6B, 0x5F, 0xBE, 0x10, 0xD3,
- 0xCE, 0x41, 0xC6, 0xC1, 0x20, 0xC7, 0x8A, 0xB2, 0x00, 0x08, 0xC6, 0x98,
- 0xBF, 0x7F, 0x0B, 0xCA, 0xB9, 0xD7, 0xF4, 0x07, 0xBE, 0xD0, 0xF4, 0x3A,
- 0xFB, 0x29, 0x70, 0xF5, 0x7F, 0x8D, 0x12, 0x04, 0x39, 0x63, 0xE6, 0x6D,
- 0xDD, 0x32, 0x0D, 0x59, 0x9A, 0xD9, 0x93, 0x6C, 0x8F, 0x44, 0x13, 0x7C,
- 0x08, 0xB1, 0x80, 0xEC, 0x5E, 0x98, 0x5C, 0xEB, 0xE1, 0x86, 0xF3, 0xD5,
- 0x49, 0x67, 0x7E, 0x80, 0x60, 0x73, 0x31, 0xEE, 0x17, 0xAF, 0x33, 0x80,
- 0xA7, 0x25, 0xB0, 0x78, 0x23, 0x17, 0xD7, 0xDD, 0x43, 0xF5, 0x9D, 0x7A,
- 0xF9, 0x56, 0x8A, 0x9B, 0xB6, 0x3A, 0x84, 0xD3, 0x65, 0xF9, 0x22, 0x44,
- 0xED, 0x12, 0x09, 0x88, 0x21, 0x93, 0x02, 0xF4, 0x29, 0x24, 0xC7, 0xCA,
- 0x90, 0xB8, 0x9D, 0x24, 0xF7, 0x1B, 0x0A, 0xB6, 0x97, 0x82, 0x3D, 0x7D,
- 0xEB, 0x1A, 0xFF, 0x5B, 0x0E, 0x8E, 0x4A, 0x45, 0xD4, 0x9F, 0x7F, 0x53,
- 0x75, 0x7E, 0x19, 0x13
-};
-
-static const unsigned char dhtest_2048_256_Z[] = {
- 0x86, 0xC7, 0x0B, 0xF8, 0xD0, 0xBB, 0x81, 0xBB, 0x01, 0x07, 0x8A, 0x17,
- 0x21, 0x9C, 0xB7, 0xD2, 0x72, 0x03, 0xDB, 0x2A, 0x19, 0xC8, 0x77, 0xF1,
- 0xD1, 0xF1, 0x9F, 0xD7, 0xD7, 0x7E, 0xF2, 0x25, 0x46, 0xA6, 0x8F, 0x00,
- 0x5A, 0xD5, 0x2D, 0xC8, 0x45, 0x53, 0xB7, 0x8F, 0xC6, 0x03, 0x30, 0xBE,
- 0x51, 0xEA, 0x7C, 0x06, 0x72, 0xCA, 0xC1, 0x51, 0x5E, 0x4B, 0x35, 0xC0,
- 0x47, 0xB9, 0xA5, 0x51, 0xB8, 0x8F, 0x39, 0xDC, 0x26, 0xDA, 0x14, 0xA0,
- 0x9E, 0xF7, 0x47, 0x74, 0xD4, 0x7C, 0x76, 0x2D, 0xD1, 0x77, 0xF9, 0xED,
- 0x5B, 0xC2, 0xF1, 0x1E, 0x52, 0xC8, 0x79, 0xBD, 0x95, 0x09, 0x85, 0x04,
- 0xCD, 0x9E, 0xEC, 0xD8, 0xA8, 0xF9, 0xB3, 0xEF, 0xBD, 0x1F, 0x00, 0x8A,
- 0xC5, 0x85, 0x30, 0x97, 0xD9, 0xD1, 0x83, 0x7F, 0x2B, 0x18, 0xF7, 0x7C,
- 0xD7, 0xBE, 0x01, 0xAF, 0x80, 0xA7, 0xC7, 0xB5, 0xEA, 0x3C, 0xA5, 0x4C,
- 0xC0, 0x2D, 0x0C, 0x11, 0x6F, 0xEE, 0x3F, 0x95, 0xBB, 0x87, 0x39, 0x93,
- 0x85, 0x87, 0x5D, 0x7E, 0x86, 0x74, 0x7E, 0x67, 0x6E, 0x72, 0x89, 0x38,
- 0xAC, 0xBF, 0xF7, 0x09, 0x8E, 0x05, 0xBE, 0x4D, 0xCF, 0xB2, 0x40, 0x52,
- 0xB8, 0x3A, 0xEF, 0xFB, 0x14, 0x78, 0x3F, 0x02, 0x9A, 0xDB, 0xDE, 0x7F,
- 0x53, 0xFA, 0xE9, 0x20, 0x84, 0x22, 0x40, 0x90, 0xE0, 0x07, 0xCE, 0xE9,
- 0x4D, 0x4B, 0xF2, 0xBA, 0xCE, 0x9F, 0xFD, 0x4B, 0x57, 0xD2, 0xAF, 0x7C,
- 0x72, 0x4D, 0x0C, 0xAA, 0x19, 0xBF, 0x05, 0x01, 0xF6, 0xF1, 0x7B, 0x4A,
- 0xA1, 0x0F, 0x42, 0x5E, 0x3E, 0xA7, 0x60, 0x80, 0xB4, 0xB9, 0xD6, 0xB3,
- 0xCE, 0xFE, 0xA1, 0x15, 0xB2, 0xCE, 0xB8, 0x78, 0x9B, 0xB8, 0xA3, 0xB0,
- 0xEA, 0x87, 0xFE, 0xBE, 0x63, 0xB6, 0xC8, 0xF8, 0x46, 0xEC, 0x6D, 0xB0,
- 0xC2, 0x6C, 0x5D, 0x7C
-};
-
-typedef struct {
- DH *(*get_param) (void);
- const unsigned char *xA;
- size_t xA_len;
- const unsigned char *yA;
- size_t yA_len;
- const unsigned char *xB;
- size_t xB_len;
- const unsigned char *yB;
- size_t yB_len;
- const unsigned char *Z;
- size_t Z_len;
-} rfc5114_td;
-
-# define make_rfc5114_td(pre) { \
- DH_get_##pre, \
- dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \
- dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \
- dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \
- dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \
- dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \
- }
-
-static const rfc5114_td rfctd[] = {
- make_rfc5114_td(1024_160),
- make_rfc5114_td(2048_224),
- make_rfc5114_td(2048_256)
-};
-
-static int run_rfc5114_tests(void)
-{
- int i;
- for (i = 0; i < (int)(sizeof(rfctd) / sizeof(rfc5114_td)); i++) {
- DH *dhA, *dhB;
- unsigned char *Z1 = NULL, *Z2 = NULL;
- const rfc5114_td *td = rfctd + i;
- /* Set up DH structures setting key components */
- dhA = td->get_param();
- dhB = td->get_param();
- if (!dhA || !dhB)
- goto bad_err;
-
- dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
- dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
-
- dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
- dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
-
- if (!dhA->priv_key || !dhA->pub_key
- || !dhB->priv_key || !dhB->pub_key)
- goto bad_err;
-
- if ((td->Z_len != (size_t)DH_size(dhA))
- || (td->Z_len != (size_t)DH_size(dhB)))
- goto err;
-
- Z1 = OPENSSL_malloc(DH_size(dhA));
- Z2 = OPENSSL_malloc(DH_size(dhB));
- /*
- * Work out shared secrets using both sides and compare with expected
- * values.
- */
- if (!DH_compute_key(Z1, dhB->pub_key, dhA))
- goto bad_err;
- if (!DH_compute_key(Z2, dhA->pub_key, dhB))
- goto bad_err;
-
- if (memcmp(Z1, td->Z, td->Z_len))
- goto err;
- if (memcmp(Z2, td->Z, td->Z_len))
- goto err;
-
- printf("RFC5114 parameter test %d OK\n", i + 1);
-
- DH_free(dhA);
- DH_free(dhB);
- OPENSSL_free(Z1);
- OPENSSL_free(Z2);
-
- }
- return 1;
- bad_err:
- fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1);
- ERR_print_errors_fp(stderr);
- return 0;
- err:
- fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
- return 0;
-}
-
-#endif
+++ /dev/null
-/* crypto/dsa/dsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * The DSS routines are based on patches supplied by
- * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
- * work and I have just tweaked them a little to fit into my
- * stylistic vision for SSLeay :-) */
-
-#ifndef HEADER_DSA_H
-# define HEADER_DSA_H
-
-# include <openssl/e_os2.h>
-
-# ifdef OPENSSL_NO_DSA
-# error DSA is disabled.
-# endif
-
-# include <openssl/bio.h>
-# include <openssl/crypto.h>
-# include <openssl/ossl_typ.h>
-
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-# endif
-# endif
-
-# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
-# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
-# endif
-
-# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
-
-# define DSA_FLAG_CACHE_MONT_P 0x01
-/*
- * new with 0.9.7h; the built-in DSA implementation now uses constant time
- * modular exponentiation for secret exponents by default. This flag causes
- * the faster variable sliding window method to be used for all exponents.
- */
-# define DSA_FLAG_NO_EXP_CONSTTIME 0x02
-
-/*
- * If this flag is set the DSA method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its reposibility to ensure the
- * result is compliant.
- */
-
-# define DSA_FLAG_FIPS_METHOD 0x0400
-
-/*
- * If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
-# define DSA_FLAG_FIPS_CHECKED 0x0800
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dsa_st DSA; */
-/* typedef struct dsa_method DSA_METHOD; */
-
-typedef struct DSA_SIG_st {
- BIGNUM *r;
- BIGNUM *s;
-} DSA_SIG;
-
-struct dsa_method {
- const char *name;
- DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
- int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
- int (*dsa_do_verify) (const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
- int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
- /* Can be null */
- int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
- int (*init) (DSA *dsa);
- int (*finish) (DSA *dsa);
- int flags;
- char *app_data;
- /* If this is non-NULL, it is used to generate DSA parameters */
- int (*dsa_paramgen) (DSA *dsa, int bits,
- const unsigned char *seed, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- BN_GENCB *cb);
- /* If this is non-NULL, it is used to generate DSA keys */
- int (*dsa_keygen) (DSA *dsa);
-};
-
-struct dsa_st {
- /*
- * This first variable is used to pick up errors where a DSA is passed
- * instead of of a EVP_PKEY
- */
- int pad;
- long version;
- BIGNUM *p;
- BIGNUM *q; /* == 20 */
- BIGNUM *g;
- BIGNUM *pub_key; /* y public key */
- BIGNUM *priv_key; /* x private key */
- BIGNUM *kinv; /* Signing pre-calc */
- BIGNUM *r; /* Signing pre-calc */
- int flags;
- /* Normally used to cache montgomery values */
- BN_MONT_CTX *method_mont_p;
- int references;
- CRYPTO_EX_DATA ex_data;
- const DSA_METHOD *meth;
- /* functional reference if 'meth' is ENGINE-provided */
- ENGINE *engine;
-};
-
-# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
- (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
-# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
- (unsigned char *)(x))
-# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
-# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
-
-DSA *DSAparams_dup(DSA *x);
-DSA_SIG *DSA_SIG_new(void);
-void DSA_SIG_free(DSA_SIG *a);
-int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
-
-DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-int DSA_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-
-const DSA_METHOD *DSA_OpenSSL(void);
-
-void DSA_set_default_method(const DSA_METHOD *);
-const DSA_METHOD *DSA_get_default_method(void);
-int DSA_set_method(DSA *dsa, const DSA_METHOD *);
-
-DSA *DSA_new(void);
-DSA *DSA_new_method(ENGINE *engine);
-void DSA_free(DSA *r);
-/* "up" the DSA object's reference count */
-int DSA_up_ref(DSA *r);
-int DSA_size(const DSA *);
-int DSA_security_bits(const DSA *d);
- /* next 4 return -1 on error */
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
-int DSA_sign(int type, const unsigned char *dgst, int dlen,
- unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
- const unsigned char *sigbuf, int siglen, DSA *dsa);
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DSA_set_ex_data(DSA *d, int idx, void *arg);
-void *DSA_get_ex_data(DSA *d, int idx);
-
-DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
-
-/* Deprecated version */
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(DSA *DSA_generate_parameters(int bits,
- unsigned char *seed,
- int seed_len,
- int *counter_ret,
- unsigned long *h_ret, void
- (*callback) (int, int,
- void *),
- void *cb_arg));
-# endif /* defined(OPENSSL_USE_DEPRECATED) */
-
-/* New version */
-int DSA_generate_parameters_ex(DSA *dsa, int bits,
- const unsigned char *seed, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- BN_GENCB *cb);
-
-int DSA_generate_key(DSA *a);
-int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-int i2d_DSAparams(const DSA *a, unsigned char **pp);
-
-int DSAparams_print(BIO *bp, const DSA *x);
-int DSA_print(BIO *bp, const DSA *x, int off);
-# ifndef OPENSSL_NO_STDIO
-int DSAparams_print_fp(FILE *fp, const DSA *x);
-int DSA_print_fp(FILE *bp, const DSA *x, int off);
-# endif
-
-# define DSS_prime_checks 50
-/*
- * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
- * Rabin-Miller
- */
-# define DSA_is_prime(n, callback, cb_arg) \
- BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-
-# ifndef OPENSSL_NO_DH
-/*
- * Convert DSA structure (key or just parameters) into DH structure (be
- * careful to avoid small subgroup attacks when using this!)
- */
-DH *DSA_dup_DH(const DSA *r);
-# endif
-
-# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
- EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
-
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSA_strings(void);
-
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-# define DSA_F_D2I_DSA_SIG 110
-# define DSA_F_DO_DSA_PRINT 104
-# define DSA_F_DSAPARAMS_PRINT 100
-# define DSA_F_DSAPARAMS_PRINT_FP 101
-# define DSA_F_DSA_BUILTIN_KEYGEN 124
-# define DSA_F_DSA_BUILTIN_PARAMGEN 125
-# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
-# define DSA_F_DSA_DO_SIGN 112
-# define DSA_F_DSA_DO_VERIFY 113
-# define DSA_F_DSA_NEW_METHOD 103
-# define DSA_F_DSA_PARAM_DECODE 119
-# define DSA_F_DSA_PRINT_FP 105
-# define DSA_F_DSA_PRIV_DECODE 115
-# define DSA_F_DSA_PRIV_ENCODE 116
-# define DSA_F_DSA_PUB_DECODE 117
-# define DSA_F_DSA_PUB_ENCODE 118
-# define DSA_F_DSA_SIGN 106
-# define DSA_F_DSA_SIGN_SETUP 107
-# define DSA_F_DSA_SIG_NEW 109
-# define DSA_F_DSA_SIG_PRINT 123
-# define DSA_F_DSA_VERIFY 108
-# define DSA_F_I2D_DSA_SIG 111
-# define DSA_F_OLD_DSA_PRIV_DECODE 122
-# define DSA_F_PKEY_DSA_CTRL 120
-# define DSA_F_PKEY_DSA_KEYGEN 121
-# define DSA_F_SIG_CB 114
-
-/* Reason codes. */
-# define DSA_R_BAD_Q_VALUE 102
-# define DSA_R_BN_DECODE_ERROR 108
-# define DSA_R_BN_ERROR 109
-# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
-# define DSA_R_DECODE_ERROR 104
-# define DSA_R_INVALID_DIGEST_TYPE 106
-# define DSA_R_INVALID_PARAMETERS 112
-# define DSA_R_KEY_SIZE_TOO_SMALL 111
-# define DSA_R_MISSING_PARAMETERS 101
-# define DSA_R_MODULUS_TOO_LARGE 103
-# define DSA_R_NEED_NEW_SETUP_VALUES 110
-# define DSA_R_NO_PARAMETERS_SET 107
-# define DSA_R_PARAMETER_ENCODING_ERROR 105
-# define DSA_R_Q_NOT_PRIME 113
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/dsa/dsatest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#include "../e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-#ifdef OPENSSL_NO_DSA
-int main(int argc, char *argv[])
-{
- printf("No DSA support\n");
- return (0);
-}
-#else
-# include <openssl/dsa.h>
-
-static int dsa_cb(int p, int n, BN_GENCB *arg);
-
-/*
- * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS
- * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1
- */
-static unsigned char seed[20] = {
- 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40,
- 0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3,
-};
-
-static unsigned char out_p[] = {
- 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa,
- 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb,
- 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7,
- 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5,
- 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf,
- 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac,
- 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2,
- 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91,
-};
-
-static unsigned char out_q[] = {
- 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee,
- 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e,
- 0xda, 0xce, 0x91, 0x5f,
-};
-
-static unsigned char out_g[] = {
- 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13,
- 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00,
- 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb,
- 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e,
- 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf,
- 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c,
- 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c,
- 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02,
-};
-
-static const unsigned char str1[] = "12345678901234567890";
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-static BIO *bio_err = NULL;
-
-int main(int argc, char **argv)
-{
- BN_GENCB *cb;
- DSA *dsa = NULL;
- int counter, ret = 0, i, j;
- unsigned char buf[256];
- unsigned long h;
- unsigned char sig[256];
- unsigned int siglen;
-
- if (bio_err == NULL)
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- CRYPTO_malloc_debug_init();
- CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- ERR_load_crypto_strings();
- RAND_seed(rnd_seed, sizeof rnd_seed);
-
- BIO_printf(bio_err, "test generation of DSA parameters\n");
-
- cb = BN_GENCB_new();
- if (!cb)
- goto end;
-
- BN_GENCB_set(cb, dsa_cb, bio_err);
- if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
- seed, 20,
- &counter,
- &h, cb))
- goto end;
-
- BIO_printf(bio_err, "seed\n");
- for (i = 0; i < 20; i += 4) {
- BIO_printf(bio_err, "%02X%02X%02X%02X ",
- seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
- }
- BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
-
- DSA_print(bio_err, dsa, 0);
- if (counter != 105) {
- BIO_printf(bio_err, "counter should be 105\n");
- goto end;
- }
- if (h != 2) {
- BIO_printf(bio_err, "h should be 2\n");
- goto end;
- }
-
- i = BN_bn2bin(dsa->q, buf);
- j = sizeof(out_q);
- if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
- BIO_printf(bio_err, "q value is wrong\n");
- goto end;
- }
-
- i = BN_bn2bin(dsa->p, buf);
- j = sizeof(out_p);
- if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
- BIO_printf(bio_err, "p value is wrong\n");
- goto end;
- }
-
- i = BN_bn2bin(dsa->g, buf);
- j = sizeof(out_g);
- if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
- BIO_printf(bio_err, "g value is wrong\n");
- goto end;
- }
-
- dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
- DSA_generate_key(dsa);
- DSA_sign(0, str1, 20, sig, &siglen, dsa);
- if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
- ret = 1;
-
- dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
- DSA_generate_key(dsa);
- DSA_sign(0, str1, 20, sig, &siglen, dsa);
- if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
- ret = 1;
-
- end:
- if (!ret)
- ERR_print_errors(bio_err);
- DSA_free(dsa);
- if (cb != NULL)
- BN_GENCB_free(cb);
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- ERR_free_strings();
- CRYPTO_mem_leaks(bio_err);
- BIO_free(bio_err);
- bio_err = NULL;
-# ifdef OPENSSL_SYS_NETWARE
- if (!ret)
- printf("ERROR\n");
-# endif
- EXIT(!ret);
-}
-
-static int dsa_cb(int p, int n, BN_GENCB *arg)
-{
- char c = '*';
- static int ok = 0, num = 0;
-
- if (p == 0) {
- c = '.';
- num++;
- };
- if (p == 1)
- c = '+';
- if (p == 2) {
- c = '*';
- ok++;
- }
- if (p == 3)
- c = '\n';
- BIO_write(BN_GENCB_get_arg(arg), &c, 1);
- (void)BIO_flush(BN_GENCB_get_arg(arg));
-
- if (!ok && (p == 0) && (num > 1)) {
- BIO_printf((BIO *)arg, "error in dsatest\n");
- return 0;
- }
- return 1;
-}
-#endif
+++ /dev/null
-/* dso.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DSO_H
-# define HEADER_DSO_H
-
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These values are used as commands to DSO_ctrl() */
-# define DSO_CTRL_GET_FLAGS 1
-# define DSO_CTRL_SET_FLAGS 2
-# define DSO_CTRL_OR_FLAGS 3
-
-/*
- * By default, DSO_load() will translate the provided filename into a form
- * typical for the platform (more specifically the DSO_METHOD) using the
- * dso_name_converter function of the method. Eg. win32 will transform "blah"
- * into "blah.dll", and dlfcn will transform it into "libblah.so". The
- * behaviour can be overriden by setting the name_converter callback in the
- * DSO object (using DSO_set_name_converter()). This callback could even
- * utilise the DSO_METHOD's converter too if it only wants to override
- * behaviour for one or two possible DSO methods. However, the following flag
- * can be set in a DSO to prevent *any* native name-translation at all - eg.
- * if the caller has prompted the user for a path to a driver library so the
- * filename should be interpreted as-is.
- */
-# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
-/*
- * An extra flag to give if only the extension should be added as
- * translation. This is obviously only of importance on Unix and other
- * operating systems where the translation also may prefix the name with
- * something, like 'lib', and ignored everywhere else. This flag is also
- * ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
- */
-# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
-
-/*
- * The following flag controls the translation of symbol names to upper case.
- * This is currently only being implemented for OpenVMS.
- */
-# define DSO_FLAG_UPCASE_SYMBOL 0x10
-
-/*
- * This flag loads the library with public symbols. Meaning: The exported
- * symbols of this library are public to all libraries loaded after this
- * library. At the moment only implemented in unix.
- */
-# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
-
-typedef void (*DSO_FUNC_TYPE) (void);
-
-typedef struct dso_st DSO;
-
-/*
- * The function prototype used for method functions (or caller-provided
- * callbacks) that transform filenames. They are passed a DSO structure
- * pointer (or NULL if they are to be used independently of a DSO object) and
- * a filename to transform. They should either return NULL (if there is an
- * error condition) or a newly allocated string containing the transformed
- * form that the caller will need to free with OPENSSL_free() when done.
- */
-typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
-/*
- * The function prototype used for method functions (or caller-provided
- * callbacks) that merge two file specifications. They are passed a DSO
- * structure pointer (or NULL if they are to be used independently of a DSO
- * object) and two file specifications to merge. They should either return
- * NULL (if there is an error condition) or a newly allocated string
- * containing the result of merging that the caller will need to free with
- * OPENSSL_free() when done. Here, merging means that bits and pieces are
- * taken from each of the file specifications and added together in whatever
- * fashion that is sensible for the DSO method in question. The only rule
- * that really applies is that if the two specification contain pieces of the
- * same type, the copy from the first string takes priority. One could see
- * it as the first specification is the one given by the user and the second
- * being a bunch of defaults to add on if they're missing in the first.
- */
-typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
-
-typedef struct dso_meth_st {
- const char *name;
- /*
- * Loads a shared library, NB: new DSO_METHODs must ensure that a
- * successful load populates the loaded_filename field, and likewise a
- * successful unload OPENSSL_frees and NULLs it out.
- */
- int (*dso_load) (DSO *dso);
- /* Unloads a shared library */
- int (*dso_unload) (DSO *dso);
- /* Binds a variable */
- void *(*dso_bind_var) (DSO *dso, const char *symname);
- /*
- * Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
- * be cast to the real function prototype by the caller. Platforms that
- * don't have compatible representations for different prototypes (this
- * is possible within ANSI C) are highly unlikely to have shared
- * libraries at all, let alone a DSO_METHOD implemented for them.
- */
- DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
- /*
- * The generic (yuck) "ctrl()" function. NB: Negative return values
- * (rather than zero) indicate errors.
- */
- long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
- /*
- * The default DSO_METHOD-specific function for converting filenames to a
- * canonical native form.
- */
- DSO_NAME_CONVERTER_FUNC dso_name_converter;
- /*
- * The default DSO_METHOD-specific function for converting filenames to a
- * canonical native form.
- */
- DSO_MERGER_FUNC dso_merger;
- /* [De]Initialisation handlers. */
- int (*init) (DSO *dso);
- int (*finish) (DSO *dso);
- /* Return pathname of the module containing location */
- int (*pathbyaddr) (void *addr, char *path, int sz);
- /* Perform global symbol lookup, i.e. among *all* modules */
- void *(*globallookup) (const char *symname);
-} DSO_METHOD;
-
-/**********************************************************************/
-/* The low-level handle type used to refer to a loaded shared library */
-
-struct dso_st {
- DSO_METHOD *meth;
- /*
- * Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
- * anything but will need to cache the filename for use in the dso_bind
- * handler. All in all, let each method control its own destiny.
- * "Handles" and such go in a STACK.
- */
- STACK_OF(void) *meth_data;
- int references;
- int flags;
- /*
- * For use by applications etc ... use this for your bits'n'pieces, don't
- * touch meth_data!
- */
- CRYPTO_EX_DATA ex_data;
- /*
- * If this callback function pointer is set to non-NULL, then it will be
- * used in DSO_load() in place of meth->dso_name_converter. NB: This
- * should normally set using DSO_set_name_converter().
- */
- DSO_NAME_CONVERTER_FUNC name_converter;
- /*
- * If this callback function pointer is set to non-NULL, then it will be
- * used in DSO_load() in place of meth->dso_merger. NB: This should
- * normally set using DSO_set_merger().
- */
- DSO_MERGER_FUNC merger;
- /*
- * This is populated with (a copy of) the platform-independent filename
- * used for this DSO.
- */
- char *filename;
- /*
- * This is populated with (a copy of) the translated filename by which
- * the DSO was actually loaded. It is NULL iff the DSO is not currently
- * loaded. NB: This is here because the filename translation process may
- * involve a callback being invoked more than once not only to convert to
- * a platform-specific form, but also to try different filenames in the
- * process of trying to perform a load. As such, this variable can be
- * used to indicate (a) whether this DSO structure corresponds to a
- * loaded library or not, and (b) the filename with which it was actually
- * loaded.
- */
- char *loaded_filename;
-};
-
-DSO *DSO_new(void);
-DSO *DSO_new_method(DSO_METHOD *method);
-int DSO_free(DSO *dso);
-int DSO_flags(DSO *dso);
-int DSO_up_ref(DSO *dso);
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-/*
- * This function sets the DSO's name_converter callback. If it is non-NULL,
- * then it will be used instead of the associated DSO_METHOD's function. If
- * oldcb is non-NULL then it is set to the function pointer value being
- * replaced. Return value is non-zero for success.
- */
-int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
- DSO_NAME_CONVERTER_FUNC *oldcb);
-/*
- * These functions can be used to get/set the platform-independent filename
- * used for a DSO. NB: set will fail if the DSO is already loaded.
- */
-const char *DSO_get_filename(DSO *dso);
-int DSO_set_filename(DSO *dso, const char *filename);
-/*
- * This function will invoke the DSO's name_converter callback to translate a
- * filename, or if the callback isn't set it will instead use the DSO_METHOD's
- * converter. If "filename" is NULL, the "filename" in the DSO itself will be
- * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
- * simply duplicated. NB: This function is usually called from within a
- * DSO_METHOD during the processing of a DSO_load() call, and is exposed so
- * that caller-created DSO_METHODs can do the same thing. A non-NULL return
- * value will need to be OPENSSL_free()'d.
- */
-char *DSO_convert_filename(DSO *dso, const char *filename);
-/*
- * This function will invoke the DSO's merger callback to merge two file
- * specifications, or if the callback isn't set it will instead use the
- * DSO_METHOD's merger. A non-NULL return value will need to be
- * OPENSSL_free()'d.
- */
-char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
-/*
- * If the DSO is currently loaded, this returns the filename that it was
- * loaded under, otherwise it returns NULL. So it is also useful as a test as
- * to whether the DSO is currently loaded. NB: This will not necessarily
- * return the same value as DSO_convert_filename(dso, dso->filename), because
- * the DSO_METHOD's load function may have tried a variety of filenames (with
- * and/or without the aid of the converters) before settling on the one it
- * actually loaded.
- */
-const char *DSO_get_loaded_filename(DSO *dso);
-
-void DSO_set_default_method(DSO_METHOD *meth);
-DSO_METHOD *DSO_get_default_method(void);
-DSO_METHOD *DSO_get_method(DSO *dso);
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-
-/*
- * The all-singing all-dancing load function, you normally pass NULL for the
- * first and third parameters. Use DSO_up and DSO_free for subsequent
- * reference count handling. Any flags passed in will be set in the
- * constructed DSO after its init() function but before the load operation.
- * If 'dso' is non-NULL, 'flags' is ignored.
- */
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
-
-/* This function binds to a variable inside a shared library. */
-void *DSO_bind_var(DSO *dso, const char *symname);
-
-/* This function binds to a function inside a shared library. */
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-
-/*
- * This method is the default, but will beg, borrow, or steal whatever method
- * should be the default on any particular platform (including
- * DSO_METH_null() if necessary).
- */
-DSO_METHOD *DSO_METHOD_openssl(void);
-
-/*
- * This method is defined for all platforms - if a platform has no DSO
- * support then this will be the only method!
- */
-DSO_METHOD *DSO_METHOD_null(void);
-
-/*
- * If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
- * dlclose, dlsym, etc) will be used and incorporated into this method. If
- * not, this method will return NULL.
- */
-DSO_METHOD *DSO_METHOD_dlfcn(void);
-
-/*
- * If DSO_DL is defined, the standard dl.h-style functions (shl_load,
- * shl_unload, shl_findsym, etc) will be used and incorporated into this
- * method. If not, this method will return NULL.
- */
-DSO_METHOD *DSO_METHOD_dl(void);
-
-/* If WIN32 is defined, use DLLs. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_win32(void);
-
-/* If VMS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_vms(void);
-
-/*
- * This function writes null-terminated pathname of DSO module containing
- * 'addr' into 'sz' large caller-provided 'path' and returns the number of
- * characters [including trailing zero] written to it. If 'sz' is 0 or
- * negative, 'path' is ignored and required amount of charachers [including
- * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
- * pathname of cryptolib itself is returned. Negative or zero return value
- * denotes error.
- */
-int DSO_pathbyaddr(void *addr, char *path, int sz);
-
-/*
- * This function should be used with caution! It looks up symbols in *all*
- * loaded modules and if module gets unloaded by somebody else attempt to
- * dereference the pointer is doomed to have fatal consequences. Primary
- * usage for this function is to probe *core* system functionality, e.g.
- * check if getnameinfo(3) is available at run-time without bothering about
- * OS-specific details such as libc.so.versioning or where does it actually
- * reside: in libc itself or libsocket.
- */
-void *DSO_global_lookup(const char *name);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSO_strings(void);
-
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-# define DSO_F_BEOS_BIND_FUNC 144
-# define DSO_F_BEOS_BIND_VAR 145
-# define DSO_F_BEOS_LOAD 146
-# define DSO_F_BEOS_NAME_CONVERTER 147
-# define DSO_F_BEOS_UNLOAD 148
-# define DSO_F_DLFCN_BIND_FUNC 100
-# define DSO_F_DLFCN_BIND_VAR 101
-# define DSO_F_DLFCN_LOAD 102
-# define DSO_F_DLFCN_MERGER 130
-# define DSO_F_DLFCN_NAME_CONVERTER 123
-# define DSO_F_DLFCN_UNLOAD 103
-# define DSO_F_DL_BIND_FUNC 104
-# define DSO_F_DL_BIND_VAR 105
-# define DSO_F_DL_LOAD 106
-# define DSO_F_DL_MERGER 131
-# define DSO_F_DL_NAME_CONVERTER 124
-# define DSO_F_DL_UNLOAD 107
-# define DSO_F_DSO_BIND_FUNC 108
-# define DSO_F_DSO_BIND_VAR 109
-# define DSO_F_DSO_CONVERT_FILENAME 126
-# define DSO_F_DSO_CTRL 110
-# define DSO_F_DSO_FREE 111
-# define DSO_F_DSO_GET_FILENAME 127
-# define DSO_F_DSO_GET_LOADED_FILENAME 128
-# define DSO_F_DSO_GLOBAL_LOOKUP 139
-# define DSO_F_DSO_LOAD 112
-# define DSO_F_DSO_MERGE 132
-# define DSO_F_DSO_NEW_METHOD 113
-# define DSO_F_DSO_PATHBYADDR 140
-# define DSO_F_DSO_SET_FILENAME 129
-# define DSO_F_DSO_SET_NAME_CONVERTER 122
-# define DSO_F_DSO_UP_REF 114
-# define DSO_F_GLOBAL_LOOKUP_FUNC 138
-# define DSO_F_PATHBYADDR 137
-# define DSO_F_VMS_BIND_SYM 115
-# define DSO_F_VMS_LOAD 116
-# define DSO_F_VMS_MERGER 133
-# define DSO_F_VMS_UNLOAD 117
-# define DSO_F_WIN32_BIND_FUNC 118
-# define DSO_F_WIN32_BIND_VAR 119
-# define DSO_F_WIN32_GLOBALLOOKUP 142
-# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
-# define DSO_F_WIN32_JOINER 135
-# define DSO_F_WIN32_LOAD 120
-# define DSO_F_WIN32_MERGER 134
-# define DSO_F_WIN32_NAME_CONVERTER 125
-# define DSO_F_WIN32_PATHBYADDR 141
-# define DSO_F_WIN32_SPLITTER 136
-# define DSO_F_WIN32_UNLOAD 121
-
-/* Reason codes. */
-# define DSO_R_CTRL_FAILED 100
-# define DSO_R_DSO_ALREADY_LOADED 110
-# define DSO_R_EMPTY_FILE_STRUCTURE 113
-# define DSO_R_FAILURE 114
-# define DSO_R_FILENAME_TOO_BIG 101
-# define DSO_R_FINISH_FAILED 102
-# define DSO_R_INCORRECT_FILE_SYNTAX 115
-# define DSO_R_LOAD_FAILED 103
-# define DSO_R_NAME_TRANSLATION_FAILED 109
-# define DSO_R_NO_FILENAME 111
-# define DSO_R_NO_FILE_SPECIFICATION 116
-# define DSO_R_NULL_HANDLE 104
-# define DSO_R_SET_FILENAME_FAILED 112
-# define DSO_R_STACK_ERROR 105
-# define DSO_R_SYM_FAILURE 106
-# define DSO_R_UNLOAD_FAILED 107
-# define DSO_R_UNSUPPORTED 108
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/ebcdic.h */
-
-#ifndef HEADER_EBCDIC_H
-# define HEADER_EBCDIC_H
-
-# include <sys/types.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Avoid name clashes with other applications */
-# define os_toascii _openssl_os_toascii
-# define os_toebcdic _openssl_os_toebcdic
-# define ebcdic2ascii _openssl_ebcdic2ascii
-# define ascii2ebcdic _openssl_ascii2ebcdic
-
-extern const unsigned char os_toascii[256];
-extern const unsigned char os_toebcdic[256];
-void *ebcdic2ascii(void *dest, const void *srce, size_t count);
-void *ascii2ebcdic(void *dest, const void *srce, size_t count);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/ec/ec.h */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/**
- * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
- * \author Originally written by Bodo Moeller for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_EC_H
-# define HEADER_EC_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_EC
-# error EC is disabled.
-# endif
-
-# include <openssl/asn1.h>
-# include <openssl/symhacks.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# endif
-
-# ifdef __cplusplus
-extern "C" {
-# elif defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-# endif
-# endif
-
-# ifndef OPENSSL_ECC_MAX_FIELD_BITS
-# define OPENSSL_ECC_MAX_FIELD_BITS 661
-# endif
-
-/** Enum for the point conversion form as defined in X9.62 (ECDSA)
- * for the encoding of a elliptic curve point (x,y) */
-typedef enum {
- /** the point is encoded as z||x, where the octet z specifies
- * which solution of the quadratic equation y is */
- POINT_CONVERSION_COMPRESSED = 2,
- /** the point is encoded as z||x||y, where z is the octet 0x02 */
- POINT_CONVERSION_UNCOMPRESSED = 4,
- /** the point is encoded as z||x||y, where the octet z specifies
- * which solution of the quadratic equation y is */
- POINT_CONVERSION_HYBRID = 6
-} point_conversion_form_t;
-
-typedef struct ec_method_st EC_METHOD;
-
-typedef struct ec_group_st
- /*-
- EC_METHOD *meth;
- -- field definition
- -- curve coefficients
- -- optional generator with associated information (order, cofactor)
- -- optional extra data (precomputed table for fast computation of multiples of generator)
- -- ASN1 stuff
- */
- EC_GROUP;
-
-typedef struct ec_point_st EC_POINT;
-
-/********************************************************************/
-/* EC_METHODs for curves over GF(p) */
-/********************************************************************/
-
-/** Returns the basic GFp ec methods which provides the basis for the
- * optimized methods.
- * \return EC_METHOD object
- */
-const EC_METHOD *EC_GFp_simple_method(void);
-
-/** Returns GFp methods using montgomery multiplication.
- * \return EC_METHOD object
- */
-const EC_METHOD *EC_GFp_mont_method(void);
-
-/** Returns GFp methods using optimized methods for NIST recommended curves
- * \return EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nist_method(void);
-
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-# ifndef OPENSSL_SYS_WIN32
-/** Returns 64-bit optimized methods for nistp224
- * \return EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp224_method(void);
-
-/** Returns 64-bit optimized methods for nistp256
- * \return EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp256_method(void);
-
-/** Returns 64-bit optimized methods for nistp521
- * \return EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp521_method(void);
-# endif
-# endif
-
-# ifndef OPENSSL_NO_EC2M
-/********************************************************************/
-/* EC_METHOD for curves over GF(2^m) */
-/********************************************************************/
-
-/** Returns the basic GF2m ec method
- * \return EC_METHOD object
- */
-const EC_METHOD *EC_GF2m_simple_method(void);
-
-# endif
-
-/********************************************************************/
-/* EC_GROUP functions */
-/********************************************************************/
-
-/** Creates a new EC_GROUP object
- * \param meth EC_METHOD to use
- * \return newly created EC_GROUP object or NULL in case of an error.
- */
-EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
-
-/** Frees a EC_GROUP object
- * \param group EC_GROUP object to be freed.
- */
-void EC_GROUP_free(EC_GROUP *group);
-
-/** Clears and frees a EC_GROUP object
- * \param group EC_GROUP object to be cleared and freed.
- */
-void EC_GROUP_clear_free(EC_GROUP *group);
-
-/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
- * \param dst destination EC_GROUP object
- * \param src source EC_GROUP object
- * \return 1 on success and 0 if an error occurred.
- */
-int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
-
-/** Creates a new EC_GROUP object and copies the copies the content
- * form src to the newly created EC_KEY object
- * \param src source EC_GROUP object
- * \return newly created EC_GROUP object or NULL in case of an error.
- */
-EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
-
-/** Returns the EC_METHOD of the EC_GROUP object.
- * \param group EC_GROUP object
- * \return EC_METHOD used in this EC_GROUP object.
- */
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
-
-/** Returns the field type of the EC_METHOD.
- * \param meth EC_METHOD object
- * \return NID of the underlying field type OID.
- */
-int EC_METHOD_get_field_type(const EC_METHOD *meth);
-
-/** Sets the generator and it's order/cofactor of a EC_GROUP object.
- * \param group EC_GROUP object
- * \param generator EC_POINT object with the generator.
- * \param order the order of the group generated by the generator.
- * \param cofactor the index of the sub-group generated by the generator
- * in the group of all points on the elliptic curve.
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
- const BIGNUM *order, const BIGNUM *cofactor);
-
-/** Returns the generator of a EC_GROUP object.
- * \param group EC_GROUP object
- * \return the currently used generator (possibly NULL).
- */
-const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
-
-/** Returns the montgomery data for order(Generator)
- * \param group EC_GROUP object
- * \return the currently used generator (possibly NULL).
-*/
-BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group);
-
-/** Gets the order of a EC_GROUP
- * \param group EC_GROUP object
- * \param order BIGNUM to which the order is copied
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
-
-/** Gets the cofactor of a EC_GROUP
- * \param group EC_GROUP object
- * \param cofactor BIGNUM to which the cofactor is copied
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
- BN_CTX *ctx);
-
-/** Sets the name of a EC_GROUP object
- * \param group EC_GROUP object
- * \param nid NID of the curve name OID
- */
-void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
-
-/** Returns the curve name of a EC_GROUP object
- * \param group EC_GROUP object
- * \return NID of the curve name OID or 0 if not set.
- */
-int EC_GROUP_get_curve_name(const EC_GROUP *group);
-
-void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
-int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
-
-void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
- point_conversion_form_t form);
-point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
-
-unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
-size_t EC_GROUP_get_seed_len(const EC_GROUP *);
-size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
-
-/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
- * \param group EC_GROUP object
- * \param p BIGNUM with the prime number
- * \param a BIGNUM with parameter a of the equation
- * \param b BIGNUM with parameter b of the equation
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *ctx);
-
-/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
- * \param group EC_GROUP object
- * \param p BIGNUM for the prime number
- * \param a BIGNUM for parameter a of the equation
- * \param b BIGNUM for parameter b of the equation
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
- BIGNUM *b, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_EC2M
-/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
- * \param group EC_GROUP object
- * \param p BIGNUM with the polynomial defining the underlying field
- * \param a BIGNUM with parameter a of the equation
- * \param b BIGNUM with parameter b of the equation
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *ctx);
-
-/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
- * \param group EC_GROUP object
- * \param p BIGNUM for the polynomial defining the underlying field
- * \param a BIGNUM for parameter a of the equation
- * \param b BIGNUM for parameter b of the equation
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
- BIGNUM *b, BN_CTX *ctx);
-# endif
-/** Returns the number of bits needed to represent a field element
- * \param group EC_GROUP object
- * \return number of bits needed to represent a field element
- */
-int EC_GROUP_get_degree(const EC_GROUP *group);
-
-/** Checks whether the parameter in the EC_GROUP define a valid ec group
- * \param group EC_GROUP object
- * \param ctx BN_CTX object (optional)
- * \return 1 if group is a valid ec group and 0 otherwise
- */
-int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
-
-/** Checks whether the discriminant of the elliptic curve is zero or not
- * \param group EC_GROUP object
- * \param ctx BN_CTX object (optional)
- * \return 1 if the discriminant is not zero and 0 otherwise
- */
-int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
-
-/** Compares two EC_GROUP objects
- * \param a first EC_GROUP object
- * \param b second EC_GROUP object
- * \param ctx BN_CTX object (optional)
- * \return 0 if both groups are equal and 1 otherwise
- */
-int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
-
-/*
- * EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
- * choosing an appropriate EC_METHOD
- */
-
-/** Creates a new EC_GROUP object with the specified parameters defined
- * over GFp (defined by the equation y^2 = x^3 + a*x + b)
- * \param p BIGNUM with the prime number
- * \param a BIGNUM with the parameter a of the equation
- * \param b BIGNUM with the parameter b of the equation
- * \param ctx BN_CTX object (optional)
- * \return newly created EC_GROUP object with the specified parameters
- */
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *ctx);
-# ifndef OPENSSL_NO_EC2M
-/** Creates a new EC_GROUP object with the specified parameters defined
- * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
- * \param p BIGNUM with the polynomial defining the underlying field
- * \param a BIGNUM with the parameter a of the equation
- * \param b BIGNUM with the parameter b of the equation
- * \param ctx BN_CTX object (optional)
- * \return newly created EC_GROUP object with the specified parameters
- */
-EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *ctx);
-# endif
-/** Creates a EC_GROUP object with a curve specified by a NID
- * \param nid NID of the OID of the curve name
- * \return newly created EC_GROUP object with specified curve or NULL
- * if an error occurred
- */
-EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
-
-/********************************************************************/
-/* handling of internal curves */
-/********************************************************************/
-
-typedef struct {
- int nid;
- const char *comment;
-} EC_builtin_curve;
-
-/*
- * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
- * available curves or zero if a error occurred. In case r ist not zero
- * nitems EC_builtin_curve structures are filled with the data of the first
- * nitems internal groups
- */
-size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
-
-const char *EC_curve_nid2nist(int nid);
-int EC_curve_nist2nid(const char *name);
-
-/********************************************************************/
-/* EC_POINT functions */
-/********************************************************************/
-
-/** Creates a new EC_POINT object for the specified EC_GROUP
- * \param group EC_GROUP the underlying EC_GROUP object
- * \return newly created EC_POINT object or NULL if an error occurred
- */
-EC_POINT *EC_POINT_new(const EC_GROUP *group);
-
-/** Frees a EC_POINT object
- * \param point EC_POINT object to be freed
- */
-void EC_POINT_free(EC_POINT *point);
-
-/** Clears and frees a EC_POINT object
- * \param point EC_POINT object to be cleared and freed
- */
-void EC_POINT_clear_free(EC_POINT *point);
-
-/** Copies EC_POINT object
- * \param dst destination EC_POINT object
- * \param src source EC_POINT object
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
-
-/** Creates a new EC_POINT object and copies the content of the supplied
- * EC_POINT
- * \param src source EC_POINT object
- * \param group underlying the EC_GROUP object
- * \return newly created EC_POINT object or NULL if an error occurred
- */
-EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
-
-/** Returns the EC_METHOD used in EC_POINT object
- * \param point EC_POINT object
- * \return the EC_METHOD used
- */
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
-
-/** Sets a point to infinity (neutral element)
- * \param group underlying EC_GROUP object
- * \param point EC_POINT to set to infinity
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
-
-/** Sets the jacobian projective coordinates of a EC_POINT over GFp
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM with the x-coordinate
- * \param y BIGNUM with the y-coordinate
- * \param z BIGNUM with the z-coordinate
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p, const BIGNUM *x,
- const BIGNUM *y, const BIGNUM *z,
- BN_CTX *ctx);
-
-/** Gets the jacobian projective coordinates of a EC_POINT over GFp
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM for the x-coordinate
- * \param y BIGNUM for the y-coordinate
- * \param z BIGNUM for the z-coordinate
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
- const EC_POINT *p, BIGNUM *x,
- BIGNUM *y, BIGNUM *z,
- BN_CTX *ctx);
-
-/** Sets the affine coordinates of a EC_POINT over GFp
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM with the x-coordinate
- * \param y BIGNUM with the y-coordinate
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
- const BIGNUM *x, const BIGNUM *y,
- BN_CTX *ctx);
-
-/** Gets the affine coordinates of a EC_POINT over GFp
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM for the x-coordinate
- * \param y BIGNUM for the y-coordinate
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
- const EC_POINT *p, BIGNUM *x,
- BIGNUM *y, BN_CTX *ctx);
-
-/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM with x-coordinate
- * \param y_bit integer with the y-Bit (either 0 or 1)
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p, const BIGNUM *x,
- int y_bit, BN_CTX *ctx);
-# ifndef OPENSSL_NO_EC2M
-/** Sets the affine coordinates of a EC_POINT over GF2m
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM with the x-coordinate
- * \param y BIGNUM with the y-coordinate
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
- const BIGNUM *x, const BIGNUM *y,
- BN_CTX *ctx);
-
-/** Gets the affine coordinates of a EC_POINT over GF2m
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM for the x-coordinate
- * \param y BIGNUM for the y-coordinate
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
- const EC_POINT *p, BIGNUM *x,
- BIGNUM *y, BN_CTX *ctx);
-
-/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param x BIGNUM with x-coordinate
- * \param y_bit integer with the y-Bit (either 0 or 1)
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
- EC_POINT *p, const BIGNUM *x,
- int y_bit, BN_CTX *ctx);
-# endif
-/** Encodes a EC_POINT object to a octet string
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param form point conversion form
- * \param buf memory buffer for the result. If NULL the function returns
- * required buffer size.
- * \param len length of the memory buffer
- * \param ctx BN_CTX object (optional)
- * \return the length of the encoded octet string or 0 if an error occurred
- */
-size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
- point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *ctx);
-
-/** Decodes a EC_POINT from a octet string
- * \param group underlying EC_GROUP object
- * \param p EC_POINT object
- * \param buf memory buffer with the encoded ec point
- * \param len length of the encoded ec point
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
- const unsigned char *buf, size_t len, BN_CTX *ctx);
-
-/* other interfaces to point2oct/oct2point: */
-BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
- point_conversion_form_t form, BIGNUM *, BN_CTX *);
-EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
- EC_POINT *, BN_CTX *);
-char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
- point_conversion_form_t form, BN_CTX *);
-EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
- EC_POINT *, BN_CTX *);
-
-/********************************************************************/
-/* functions for doing EC_POINT arithmetic */
-/********************************************************************/
-
-/** Computes the sum of two EC_POINT
- * \param group underlying EC_GROUP object
- * \param r EC_POINT object for the result (r = a + b)
- * \param a EC_POINT object with the first summand
- * \param b EC_POINT object with the second summand
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
- const EC_POINT *b, BN_CTX *ctx);
-
-/** Computes the double of a EC_POINT
- * \param group underlying EC_GROUP object
- * \param r EC_POINT object for the result (r = 2 * a)
- * \param a EC_POINT object
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
- BN_CTX *ctx);
-
-/** Computes the inverse of a EC_POINT
- * \param group underlying EC_GROUP object
- * \param a EC_POINT object to be inverted (it's used for the result as well)
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
-
-/** Checks whether the point is the neutral element of the group
- * \param group the underlying EC_GROUP object
- * \param p EC_POINT object
- * \return 1 if the point is the neutral element and 0 otherwise
- */
-int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
-
-/** Checks whether the point is on the curve
- * \param group underlying EC_GROUP object
- * \param point EC_POINT object to check
- * \param ctx BN_CTX object (optional)
- * \return 1 if point if on the curve and 0 otherwise
- */
-int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
- BN_CTX *ctx);
-
-/** Compares two EC_POINTs
- * \param group underlying EC_GROUP object
- * \param a first EC_POINT object
- * \param b second EC_POINT object
- * \param ctx BN_CTX object (optional)
- * \return 0 if both points are equal and a value != 0 otherwise
- */
-int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
- BN_CTX *ctx);
-
-int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
-int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
- EC_POINT *points[], BN_CTX *ctx);
-
-/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i]
- * \param group underlying EC_GROUP object
- * \param r EC_POINT object for the result
- * \param n BIGNUM with the multiplier for the group generator (optional)
- * \param num number futher summands
- * \param p array of size num of EC_POINT objects
- * \param m array of size num of BIGNUM objects
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
- size_t num, const EC_POINT *p[], const BIGNUM *m[],
- BN_CTX *ctx);
-
-/** Computes r = generator * n + q * m
- * \param group underlying EC_GROUP object
- * \param r EC_POINT object for the result
- * \param n BIGNUM with the multiplier for the group generator (optional)
- * \param q EC_POINT object with the first factor of the second summand
- * \param m BIGNUM with the second factor of the second summand
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
- const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
-
-/** Stores multiples of generator for faster point multiplication
- * \param group EC_GROUP object
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred
- */
-int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-
-/** Reports whether a precomputation has been done
- * \param group EC_GROUP object
- * \return 1 if a pre-computation has been done and 0 otherwise
- */
-int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
-
-/********************************************************************/
-/* ASN1 stuff */
-/********************************************************************/
-
-/*
- * EC_GROUP_get_basis_type() returns the NID of the basis type used to
- * represent the field elements
- */
-int EC_GROUP_get_basis_type(const EC_GROUP *);
-# ifndef OPENSSL_NO_EC2M
-int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
-int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
- unsigned int *k2, unsigned int *k3);
-# endif
-
-# define OPENSSL_EC_EXPLICIT_CURVE 0x000
-# define OPENSSL_EC_NAMED_CURVE 0x001
-
-typedef struct ecpk_parameters_st ECPKPARAMETERS;
-
-EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
-int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
-
-# define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
-# define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
-# define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
- (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
-# define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
- (unsigned char *)(x))
-
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
-# ifndef OPENSSL_NO_STDIO
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-# endif
-
-/********************************************************************/
-/* EC_KEY functions */
-/********************************************************************/
-
-typedef struct ec_key_st EC_KEY;
-
-/* some values for the encoding_flag */
-# define EC_PKEY_NO_PARAMETERS 0x001
-# define EC_PKEY_NO_PUBKEY 0x002
-
-/* some values for the flags field */
-# define EC_FLAG_NON_FIPS_ALLOW 0x1
-# define EC_FLAG_FIPS_CHECKED 0x2
-
-/** Creates a new EC_KEY object.
- * \return EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_new(void);
-
-int EC_KEY_get_flags(const EC_KEY *key);
-
-void EC_KEY_set_flags(EC_KEY *key, int flags);
-
-void EC_KEY_clear_flags(EC_KEY *key, int flags);
-
-/** Creates a new EC_KEY object using a named curve as underlying
- * EC_GROUP object.
- * \param nid NID of the named curve.
- * \return EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_new_by_curve_name(int nid);
-
-/** Frees a EC_KEY object.
- * \param key EC_KEY object to be freed.
- */
-void EC_KEY_free(EC_KEY *key);
-
-/** Copies a EC_KEY object.
- * \param dst destination EC_KEY object
- * \param src src EC_KEY object
- * \return dst or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
-
-/** Creates a new EC_KEY object and copies the content from src to it.
- * \param src the source EC_KEY object
- * \return newly created EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_dup(const EC_KEY *src);
-
-/** Increases the internal reference count of a EC_KEY object.
- * \param key EC_KEY object
- * \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_up_ref(EC_KEY *key);
-
-/** Returns the EC_GROUP object of a EC_KEY object
- * \param key EC_KEY object
- * \return the EC_GROUP object (possibly NULL).
- */
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
-
-/** Sets the EC_GROUP of a EC_KEY object.
- * \param key EC_KEY object
- * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY
- * object will use an own copy of the EC_GROUP).
- * \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
-
-/** Returns the private key of a EC_KEY object.
- * \param key EC_KEY object
- * \return a BIGNUM with the private key (possibly NULL).
- */
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
-
-/** Sets the private key of a EC_KEY object.
- * \param key EC_KEY object
- * \param prv BIGNUM with the private key (note: the EC_KEY object
- * will use an own copy of the BIGNUM).
- * \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
-
-/** Returns the public key of a EC_KEY object.
- * \param key the EC_KEY object
- * \return a EC_POINT object with the public key (possibly NULL)
- */
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
-
-/** Sets the public key of a EC_KEY object.
- * \param key EC_KEY object
- * \param pub EC_POINT object with the public key (note: the EC_KEY object
- * will use an own copy of the EC_POINT object).
- * \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
-
-unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
-void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
-void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
-/* functions to set/get method specific data */
-void *EC_KEY_get_key_method_data(EC_KEY *key,
- void *(*dup_func) (void *),
- void (*free_func) (void *),
- void (*clear_free_func) (void *));
-/** Sets the key method data of an EC_KEY object, if none has yet been set.
- * \param key EC_KEY object
- * \param data opaque data to install.
- * \param dup_func a function that duplicates |data|.
- * \param free_func a function that frees |data|.
- * \param clear_free_func a function that wipes and frees |data|.
- * \return the previously set data pointer, or NULL if |data| was inserted.
- */
-void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
- void *(*dup_func) (void *),
- void (*free_func) (void *),
- void (*clear_free_func) (void *));
-/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
-
-/** Creates a table of pre-computed multiples of the generator to
- * accelerate further EC_KEY operations.
- * \param key EC_KEY object
- * \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
-
-/** Creates a new ec private (and optional a new public) key.
- * \param key EC_KEY object
- * \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_generate_key(EC_KEY *key);
-
-/** Verifies that a private and/or public key is valid.
- * \param key the EC_KEY object
- * \return 1 on success and 0 otherwise.
- */
-int EC_KEY_check_key(const EC_KEY *key);
-
-/** Sets a public key from affine coordindates performing
- * necessary NIST PKV tests.
- * \param key the EC_KEY object
- * \param x public key x coordinate
- * \param y public key y coordinate
- * \return 1 on success and 0 otherwise.
- */
-int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
- BIGNUM *y);
-
-/********************************************************************/
-/* de- and encoding functions for SEC1 ECPrivateKey */
-/********************************************************************/
-
-/** Decodes a private key from a memory buffer.
- * \param key a pointer to a EC_KEY object which should be used (or NULL)
- * \param in pointer to memory with the DER encoded private key
- * \param len length of the DER encoded private key
- * \return the decoded private key or NULL if an error occurred.
- */
-EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes a private key object and stores the result in a buffer.
- * \param key the EC_KEY object to encode
- * \param out the buffer for the result (if NULL the function returns number
- * of bytes needed).
- * \return 1 on success and 0 if an error occurred.
- */
-int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
-
-/********************************************************************/
-/* de- and encoding functions for EC parameters */
-/********************************************************************/
-
-/** Decodes ec parameter from a memory buffer.
- * \param key a pointer to a EC_KEY object which should be used (or NULL)
- * \param in pointer to memory with the DER encoded ec parameters
- * \param len length of the DER encoded ec parameters
- * \return a EC_KEY object with the decoded parameters or NULL if an error
- * occurred.
- */
-EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes ec parameter and stores the result in a buffer.
- * \param key the EC_KEY object with ec parameters to encode
- * \param out the buffer for the result (if NULL the function returns number
- * of bytes needed).
- * \return 1 on success and 0 if an error occurred.
- */
-int i2d_ECParameters(EC_KEY *key, unsigned char **out);
-
-/********************************************************************/
-/* de- and encoding functions for EC public key */
-/* (octet string, not DER -- hence 'o2i' and 'i2o') */
-/********************************************************************/
-
-/** Decodes a ec public key from a octet string.
- * \param key a pointer to a EC_KEY object which should be used
- * \param in memory buffer with the encoded public key
- * \param len length of the encoded public key
- * \return EC_KEY object with decoded public key or NULL if an error
- * occurred.
- */
-EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes a ec public key in an octet string.
- * \param key the EC_KEY object with the public key
- * \param out the buffer for the result (if NULL the function returns number
- * of bytes needed).
- * \return 1 on success and 0 if an error occurred
- */
-int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
-
-/** Prints out the ec parameters on human readable form.
- * \param bp BIO object to which the information is printed
- * \param key EC_KEY object
- * \return 1 on success and 0 if an error occurred
- */
-int ECParameters_print(BIO *bp, const EC_KEY *key);
-
-/** Prints out the contents of a EC_KEY object
- * \param bp BIO object to which the information is printed
- * \param key EC_KEY object
- * \param off line offset
- * \return 1 on success and 0 if an error occurred
- */
-int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
-
-# ifndef OPENSSL_NO_STDIO
-/** Prints out the ec parameters on human readable form.
- * \param fp file descriptor to which the information is printed
- * \param key EC_KEY object
- * \return 1 on success and 0 if an error occurred
- */
-int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
-
-/** Prints out the contents of a EC_KEY object
- * \param fp file descriptor to which the information is printed
- * \param key EC_KEY object
- * \param off line offset
- * \return 1 on success and 0 if an error occurred
- */
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
-
-# endif
-
-# define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
-
-# ifndef __cplusplus
-# if defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-# endif
-# endif
-# endif
-
-# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
- EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
-
-# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
- EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
-
-# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
-
-# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
-
-# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
-
-# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
-
-# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
-
-# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
-
-# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
-
-# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
-
-# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
-
-# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
-# define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
-# define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
-/* KDF types */
-# define EVP_PKEY_ECDH_KDF_NONE 1
-# define EVP_PKEY_ECDH_KDF_X9_62 2
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_EC_strings(void);
-
-/* Error codes for the EC functions. */
-
-/* Function codes. */
-# define EC_F_BN_TO_FELEM 224
-# define EC_F_COMPUTE_WNAF 143
-# define EC_F_D2I_ECPARAMETERS 144
-# define EC_F_D2I_ECPKPARAMETERS 145
-# define EC_F_D2I_ECPRIVATEKEY 146
-# define EC_F_DO_EC_KEY_PRINT 221
-# define EC_F_ECDH_CMS_DECRYPT 238
-# define EC_F_ECDH_CMS_SET_SHARED_INFO 239
-# define EC_F_ECKEY_PARAM2TYPE 223
-# define EC_F_ECKEY_PARAM_DECODE 212
-# define EC_F_ECKEY_PRIV_DECODE 213
-# define EC_F_ECKEY_PRIV_ENCODE 214
-# define EC_F_ECKEY_PUB_DECODE 215
-# define EC_F_ECKEY_PUB_ENCODE 216
-# define EC_F_ECKEY_TYPE2PARAM 220
-# define EC_F_ECPARAMETERS_PRINT 147
-# define EC_F_ECPARAMETERS_PRINT_FP 148
-# define EC_F_ECPKPARAMETERS_PRINT 149
-# define EC_F_ECPKPARAMETERS_PRINT_FP 150
-# define EC_F_ECP_NIST_MOD_192 203
-# define EC_F_ECP_NIST_MOD_224 204
-# define EC_F_ECP_NIST_MOD_256 205
-# define EC_F_ECP_NIST_MOD_521 206
-# define EC_F_EC_ASN1_GROUP2CURVE 153
-# define EC_F_EC_ASN1_GROUP2FIELDID 154
-# define EC_F_EC_ASN1_GROUP2PARAMETERS 155
-# define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156
-# define EC_F_EC_ASN1_PARAMETERS2GROUP 157
-# define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158
-# define EC_F_EC_EX_DATA_SET_DATA 211
-# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
-# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
-# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
-# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160
-# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161
-# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
-# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
-# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164
-# define EC_F_EC_GFP_MONT_FIELD_DECODE 133
-# define EC_F_EC_GFP_MONT_FIELD_ENCODE 134
-# define EC_F_EC_GFP_MONT_FIELD_MUL 131
-# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
-# define EC_F_EC_GFP_MONT_FIELD_SQR 132
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
-# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
-# define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
-# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
-# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
-# define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
-# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
-# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
-# define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
-# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
-# define EC_F_EC_GFP_NIST_FIELD_MUL 200
-# define EC_F_EC_GFP_NIST_FIELD_SQR 201
-# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
-# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101
-# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
-# define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
-# define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
-# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
-# define EC_F_EC_GROUP_CHECK 170
-# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
-# define EC_F_EC_GROUP_COPY 106
-# define EC_F_EC_GROUP_GET0_GENERATOR 139
-# define EC_F_EC_GROUP_GET_COFACTOR 140
-# define EC_F_EC_GROUP_GET_CURVE_GF2M 172
-# define EC_F_EC_GROUP_GET_CURVE_GFP 130
-# define EC_F_EC_GROUP_GET_DEGREE 173
-# define EC_F_EC_GROUP_GET_ORDER 141
-# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
-# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
-# define EC_F_EC_GROUP_NEW 108
-# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174
-# define EC_F_EC_GROUP_NEW_FROM_DATA 175
-# define EC_F_EC_GROUP_PRECOMPUTE_MULT 142
-# define EC_F_EC_GROUP_SET_CURVE_GF2M 176
-# define EC_F_EC_GROUP_SET_CURVE_GFP 109
-# define EC_F_EC_GROUP_SET_EXTRA_DATA 110
-# define EC_F_EC_GROUP_SET_GENERATOR 111
-# define EC_F_EC_KEY_CHECK_KEY 177
-# define EC_F_EC_KEY_COPY 178
-# define EC_F_EC_KEY_GENERATE_KEY 179
-# define EC_F_EC_KEY_NEW 182
-# define EC_F_EC_KEY_PRINT 180
-# define EC_F_EC_KEY_PRINT_FP 181
-# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
-# define EC_F_EC_POINTS_MAKE_AFFINE 136
-# define EC_F_EC_POINT_ADD 112
-# define EC_F_EC_POINT_CMP 113
-# define EC_F_EC_POINT_COPY 114
-# define EC_F_EC_POINT_DBL 115
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116
-# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117
-# define EC_F_EC_POINT_INVERT 210
-# define EC_F_EC_POINT_IS_AT_INFINITY 118
-# define EC_F_EC_POINT_IS_ON_CURVE 119
-# define EC_F_EC_POINT_MAKE_AFFINE 120
-# define EC_F_EC_POINT_MUL 184
-# define EC_F_EC_POINT_NEW 121
-# define EC_F_EC_POINT_OCT2POINT 122
-# define EC_F_EC_POINT_POINT2OCT 123
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
-# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
-# define EC_F_EC_POINT_SET_TO_INFINITY 127
-# define EC_F_EC_PRE_COMP_DUP 207
-# define EC_F_EC_PRE_COMP_NEW 196
-# define EC_F_EC_WNAF_MUL 187
-# define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
-# define EC_F_I2D_ECPARAMETERS 190
-# define EC_F_I2D_ECPKPARAMETERS 191
-# define EC_F_I2D_ECPRIVATEKEY 192
-# define EC_F_I2O_ECPUBLICKEY 151
-# define EC_F_NISTP224_PRE_COMP_NEW 227
-# define EC_F_NISTP256_PRE_COMP_NEW 236
-# define EC_F_NISTP521_PRE_COMP_NEW 237
-# define EC_F_ECP_NISTZ256_GET_AFFINE 240
-# define EC_F_ECP_NISTZ256_POINTS_MUL 241
-# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
-# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
-# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
-# define EC_F_O2I_ECPUBLICKEY 152
-# define EC_F_OLD_EC_PRIV_DECODE 222
-# define EC_F_PKEY_EC_CTRL 197
-# define EC_F_PKEY_EC_CTRL_STR 198
-# define EC_F_PKEY_EC_DERIVE 217
-# define EC_F_PKEY_EC_KEYGEN 199
-# define EC_F_PKEY_EC_PARAMGEN 219
-# define EC_F_PKEY_EC_SIGN 218
-
-/* Reason codes. */
-# define EC_R_ASN1_ERROR 115
-# define EC_R_ASN1_UNKNOWN_FIELD 116
-# define EC_R_BIGNUM_OUT_OF_RANGE 144
-# define EC_R_BUFFER_TOO_SMALL 100
-# define EC_R_COORDINATES_OUT_OF_RANGE 146
-# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
-# define EC_R_DECODE_ERROR 142
-# define EC_R_DISCRIMINANT_IS_ZERO 118
-# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
-# define EC_R_FIELD_TOO_LARGE 143
-# define EC_R_GF2M_NOT_SUPPORTED 147
-# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
-# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
-# define EC_R_INCOMPATIBLE_OBJECTS 101
-# define EC_R_INVALID_ARGUMENT 112
-# define EC_R_INVALID_COMPRESSED_POINT 110
-# define EC_R_INVALID_COMPRESSION_BIT 109
-# define EC_R_INVALID_CURVE 141
-# define EC_R_INVALID_DIGEST 151
-# define EC_R_INVALID_DIGEST_TYPE 138
-# define EC_R_INVALID_ENCODING 102
-# define EC_R_INVALID_FIELD 103
-# define EC_R_INVALID_FORM 104
-# define EC_R_INVALID_GROUP_ORDER 122
-# define EC_R_INVALID_PENTANOMIAL_BASIS 132
-# define EC_R_INVALID_PRIVATE_KEY 123
-# define EC_R_INVALID_TRINOMIAL_BASIS 137
-# define EC_R_KDF_PARAMETER_ERROR 148
-# define EC_R_KEYS_NOT_SET 140
-# define EC_R_MISSING_PARAMETERS 124
-# define EC_R_MISSING_PRIVATE_KEY 125
-# define EC_R_NOT_A_NIST_PRIME 135
-# define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136
-# define EC_R_NOT_IMPLEMENTED 126
-# define EC_R_NOT_INITIALIZED 111
-# define EC_R_NO_FIELD_MOD 133
-# define EC_R_NO_PARAMETERS_SET 139
-# define EC_R_PASSED_NULL_PARAMETER 134
-# define EC_R_PEER_KEY_ERROR 149
-# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
-# define EC_R_POINT_AT_INFINITY 106
-# define EC_R_POINT_IS_NOT_ON_CURVE 107
-# define EC_R_SHARED_INFO_ERROR 150
-# define EC_R_SLOT_FULL 108
-# define EC_R_UNDEFINED_GENERATOR 113
-# define EC_R_UNDEFINED_ORDER 128
-# define EC_R_UNKNOWN_GROUP 129
-# define EC_R_UNKNOWN_ORDER 114
-# define EC_R_UNSUPPORTED_FIELD 131
-# define EC_R_WRONG_CURVE_PARAMETERS 145
-# define EC_R_WRONG_ORDER 130
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/ec/ectest.c */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#ifdef FLAT_INC
-# include "e_os.h"
-#else
-# include "../e_os.h"
-#endif
-#include <string.h>
-#include <time.h>
-
-#ifdef OPENSSL_NO_EC
-int main(int argc, char *argv[])
-{
- puts("Elliptic curves are disabled.");
- return 0;
-}
-#else
-
-# include <openssl/ec.h>
-# ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-# endif
-# include <openssl/err.h>
-# include <openssl/obj_mac.h>
-# include <openssl/objects.h>
-# include <openssl/rand.h>
-# include <openssl/bn.h>
-# include <openssl/opensslconf.h>
-
-# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
-/* suppress "too big too optimize" warning */
-# pragma warning(disable:4959)
-# endif
-
-# define ABORT do { \
- fflush(stdout); \
- fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
- ERR_print_errors_fp(stderr); \
- EXIT(1); \
-} while (0)
-
-# define TIMING_BASE_PT 0
-# define TIMING_RAND_PT 1
-# define TIMING_SIMUL 2
-
-/* test multiplication with group order, long and negative scalars */
-static void group_order_tests(EC_GROUP *group)
-{
- BIGNUM *n1, *n2, *order;
- EC_POINT *P = EC_POINT_new(group);
- EC_POINT *Q = EC_POINT_new(group);
- BN_CTX *ctx = BN_CTX_new();
- int i;
-
- n1 = BN_new();
- n2 = BN_new();
- order = BN_new();
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, order, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
- fprintf(stdout, "long/negative scalar tests ");
- for (i = 1; i <= 2; i++) {
- const BIGNUM *scalars[6];
- const EC_POINT *points[6];
-
- fprintf(stdout, i == 1 ?
- "allowing precomputation ... " :
- "without precomputation ... ");
- if (!BN_set_word(n1, i))
- ABORT;
- /*
- * If i == 1, P will be the predefined generator for which
- * EC_GROUP_precompute_mult has set up precomputation.
- */
- if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx))
- ABORT;
-
- if (!BN_one(n1))
- ABORT;
- /* n1 = 1 - order */
- if (!BN_sub(n1, n1, order))
- ABORT;
- if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, Q, P, ctx))
- ABORT;
-
- /* n2 = 1 + order */
- if (!BN_add(n2, order, BN_value_one()))
- ABORT;
- if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, Q, P, ctx))
- ABORT;
-
- /* n2 = (1 - order) * (1 + order) = 1 - order^2 */
- if (!BN_mul(n2, n1, n2, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, Q, P, ctx))
- ABORT;
-
- /* n2 = order^2 - 1 */
- BN_set_negative(n2, 0);
- if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
- ABORT;
- /* Add P to verify the result. */
- if (!EC_POINT_add(group, Q, Q, P, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
-
- /* Exercise EC_POINTs_mul, including corner cases. */
- if (EC_POINT_is_at_infinity(group, P))
- ABORT;
- scalars[0] = n1;
- points[0] = Q; /* => infinity */
- scalars[1] = n2;
- points[1] = P; /* => -P */
- scalars[2] = n1;
- points[2] = Q; /* => infinity */
- scalars[3] = n2;
- points[3] = Q; /* => infinity */
- scalars[4] = n1;
- points[4] = P; /* => P */
- scalars[5] = n2;
- points[5] = Q; /* => infinity */
- if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
- }
- fprintf(stdout, "ok\n");
-
- EC_POINT_free(P);
- EC_POINT_free(Q);
- BN_free(n1);
- BN_free(n2);
- BN_free(order);
- BN_CTX_free(ctx);
-}
-
-static void prime_field_tests(void)
-{
- BN_CTX *ctx = NULL;
- BIGNUM *p, *a, *b;
- EC_GROUP *group;
- EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 =
- NULL, *P_384 = NULL, *P_521 = NULL;
- EC_POINT *P, *Q, *R;
- BIGNUM *x, *y, *z;
- unsigned char buf[100];
- size_t i, len;
- int k;
-
- ctx = BN_CTX_new();
- if (!ctx)
- ABORT;
-
- p = BN_new();
- a = BN_new();
- b = BN_new();
- if (!p || !a || !b)
- ABORT;
-
- if (!BN_hex2bn(&p, "17"))
- ABORT;
- if (!BN_hex2bn(&a, "1"))
- ABORT;
- if (!BN_hex2bn(&b, "1"))
- ABORT;
-
- group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use
- * EC_GROUP_new_curve_GFp so
- * that the library gets to
- * choose the EC_METHOD */
- if (!group)
- ABORT;
-
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- {
- EC_GROUP *tmp;
- tmp = EC_GROUP_new(EC_GROUP_method_of(group));
- if (!tmp)
- ABORT;
- if (!EC_GROUP_copy(tmp, group))
- ABORT;
- EC_GROUP_free(group);
- group = tmp;
- }
-
- if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- fprintf(stdout,
- "Curve defined by Weierstrass equation\n y^2 = x^3 + a*x + b (mod 0x");
- BN_print_fp(stdout, p);
- fprintf(stdout, ")\n a = 0x");
- BN_print_fp(stdout, a);
- fprintf(stdout, "\n b = 0x");
- BN_print_fp(stdout, b);
- fprintf(stdout, "\n");
-
- P = EC_POINT_new(group);
- Q = EC_POINT_new(group);
- R = EC_POINT_new(group);
- if (!P || !Q || !R)
- ABORT;
-
- if (!EC_POINT_set_to_infinity(group, P))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- buf[0] = 0;
- if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
- ABORT;
-
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- x = BN_new();
- y = BN_new();
- z = BN_new();
- if (!x || !y || !z)
- ABORT;
-
- if (!BN_hex2bn(&x, "D"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, Q, ctx)) {
- if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx))
- ABORT;
- fprintf(stderr, "Point is not on curve: x = 0x");
- BN_print_fp(stderr, x);
- fprintf(stderr, ", y = 0x");
- BN_print_fp(stderr, y);
- fprintf(stderr, "\n");
- ABORT;
- }
-
- fprintf(stdout, "A cyclic subgroup:\n");
- k = 100;
- do {
- if (k-- == 0)
- ABORT;
-
- if (EC_POINT_is_at_infinity(group, P))
- fprintf(stdout, " point at infinity\n");
- else {
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
-
- fprintf(stdout, " x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, ", y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- }
-
- if (!EC_POINT_copy(R, P))
- ABORT;
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
-
- }
- while (!EC_POINT_is_at_infinity(group, P));
-
- if (!EC_POINT_add(group, P, Q, R, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "Generator as octet string, compressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
- ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
- if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx))
- ABORT;
- fprintf(stdout,
- "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n X = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, ", Y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, ", Z = 0x");
- BN_print_fp(stdout, z);
- fprintf(stdout, "\n");
-
- if (!EC_POINT_invert(group, P, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
-
- /*
- * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2,
- * 2000) -- not a NIST curve, but commonly used
- */
-
- if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82"))
- ABORT;
- if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32"))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 160)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_160, group))
- ABORT;
-
- /* Curve P-192 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-192 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 192)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_192, group))
- ABORT;
-
- /* Curve P-224 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn
- (&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn
- (&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"))
- ABORT;
- if (!BN_hex2bn
- (&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn
- (&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!BN_hex2bn
- (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-224 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn
- (&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 224)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_224, group))
- ABORT;
-
- /* Curve P-256 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn
- (&p,
- "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn
- (&a,
- "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"))
- ABORT;
- if (!BN_hex2bn
- (&b,
- "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn
- (&x,
- "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
- "84F3B9CAC2FC632551"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn
- (&z,
- "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 256)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_256, group))
- ABORT;
-
- /* Curve P-384 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
- "120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
- "9859F741E082542A385502F25DBF55296C3A545E3872760AB7"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-384 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
- "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 384)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_384, group))
- ABORT;
-
- /* Curve P-521 (FIPS PUB 186-2, App. 6) */
-
- if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFF"))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFC"))
- ABORT;
- if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"
- "315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"
- "DF883D2C34F1EF451FD46B503F00"))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
- ABORT;
-
- if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
- "B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
- "3C1856A429BF97E7E31C2E5BD66"))
- ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
- "C9B8899C47AEBB6FB71E91386409"))
- ABORT;
- if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
- ABORT;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
- ABORT;
- fprintf(stdout, "\nNIST curve P-521 -- Generator:\n x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, "\n y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- /* G_y value taken from the standard: */
- if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"
- "B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"
- "7086A272C24088BE94769FD16650"))
- ABORT;
- if (0 != BN_cmp(y, z))
- ABORT;
-
- fprintf(stdout, "verify degree ...");
- if (EC_GROUP_get_degree(group) != 521)
- ABORT;
- fprintf(stdout, " ok\n");
-
- group_order_tests(group);
-
- if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))))
- ABORT;
- if (!EC_GROUP_copy(P_521, group))
- ABORT;
-
- /* more tests using the last curve */
-
- if (!EC_POINT_copy(Q, P))
- ABORT;
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- if (!EC_POINT_dbl(group, P, P, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!EC_POINT_invert(group, Q, ctx))
- ABORT; /* P = -2Q */
-
- if (!EC_POINT_add(group, R, P, Q, ctx))
- ABORT;
- if (!EC_POINT_add(group, R, R, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, R))
- ABORT; /* R = P + 2Q */
-
- {
- const EC_POINT *points[4];
- const BIGNUM *scalars[4];
- BIGNUM *scalar3;
-
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- points[0] = Q;
- points[1] = Q;
- points[2] = Q;
- points[3] = Q;
-
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!BN_add(y, z, BN_value_one()))
- ABORT;
- if (BN_is_odd(y))
- ABORT;
- if (!BN_rshift1(y, y))
- ABORT;
- scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
- scalars[1] = y;
-
- fprintf(stdout, "combined multiplication ...");
- fflush(stdout);
-
- /* z is still the group order */
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, R, Q, ctx))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
- ABORT;
- if (!BN_add(z, z, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = y;
- scalars[1] = z; /* z = -(order + y) */
-
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
- ABORT;
- if (!BN_add(z, x, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = x;
- scalars[1] = y;
- scalars[2] = z; /* z = -(x+y) */
-
- scalar3 = BN_new();
- if (!scalar3)
- ABORT;
- BN_zero(scalar3);
- scalars[3] = scalar3;
-
- if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, " ok\n\n");
-
- BN_free(scalar3);
- }
-
- if (ctx)
- BN_CTX_free(ctx);
- BN_free(p);
- BN_free(a);
- BN_free(b);
- EC_GROUP_free(group);
- EC_POINT_free(P);
- EC_POINT_free(Q);
- EC_POINT_free(R);
- BN_free(x);
- BN_free(y);
- BN_free(z);
-
- EC_GROUP_free(P_160);
- EC_GROUP_free(P_192);
- EC_GROUP_free(P_224);
- EC_GROUP_free(P_256);
- EC_GROUP_free(P_384);
- EC_GROUP_free(P_521);
-
-}
-
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
-# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- if (!BN_hex2bn(&x, _x)) ABORT; \
- if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \
- if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
- if (!BN_hex2bn(&z, _order)) ABORT; \
- if (!BN_hex2bn(&cof, _cof)) ABORT; \
- if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
- if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
- fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
- BN_print_fp(stdout, x); \
- fprintf(stdout, "\n y = 0x"); \
- BN_print_fp(stdout, y); \
- fprintf(stdout, "\n"); \
- /* G_y value taken from the standard: */ \
- if (!BN_hex2bn(&z, _y)) ABORT; \
- if (0 != BN_cmp(y, z)) ABORT;
-# else
-# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- if (!BN_hex2bn(&x, _x)) ABORT; \
- if (!BN_hex2bn(&y, _y)) ABORT; \
- if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
- if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
- if (!BN_hex2bn(&z, _order)) ABORT; \
- if (!BN_hex2bn(&cof, _cof)) ABORT; \
- if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
- fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
- BN_print_fp(stdout, x); \
- fprintf(stdout, "\n y = 0x"); \
- BN_print_fp(stdout, y); \
- fprintf(stdout, "\n");
-# endif
-
-# define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- if (!BN_hex2bn(&p, _p)) ABORT; \
- if (!BN_hex2bn(&a, _a)) ABORT; \
- if (!BN_hex2bn(&b, _b)) ABORT; \
- if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \
- CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
- fprintf(stdout, "verify degree ..."); \
- if (EC_GROUP_get_degree(group) != _degree) ABORT; \
- fprintf(stdout, " ok\n"); \
- group_order_tests(group); \
- if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \
- if (!EC_GROUP_copy(_variable, group)) ABORT; \
-
-# ifndef OPENSSL_NO_EC2M
-
-static void char2_field_tests(void)
-{
- BN_CTX *ctx = NULL;
- BIGNUM *p, *a, *b;
- EC_GROUP *group;
- EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 =
- NULL, *C2_K571 = NULL;
- EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 =
- NULL, *C2_B571 = NULL;
- EC_POINT *P, *Q, *R;
- BIGNUM *x, *y, *z, *cof;
- unsigned char buf[100];
- size_t i, len;
- int k;
-
- ctx = BN_CTX_new();
- if (!ctx)
- ABORT;
-
- p = BN_new();
- a = BN_new();
- b = BN_new();
- if (!p || !a || !b)
- ABORT;
-
- if (!BN_hex2bn(&p, "13"))
- ABORT;
- if (!BN_hex2bn(&a, "3"))
- ABORT;
- if (!BN_hex2bn(&b, "1"))
- ABORT;
-
- group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use
- * EC_GROUP_new_curve_GF2m
- * so that the library gets
- * to choose the EC_METHOD */
- if (!group)
- ABORT;
- if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx))
- ABORT;
-
- {
- EC_GROUP *tmp;
- tmp = EC_GROUP_new(EC_GROUP_method_of(group));
- if (!tmp)
- ABORT;
- if (!EC_GROUP_copy(tmp, group))
- ABORT;
- EC_GROUP_free(group);
- group = tmp;
- }
-
- if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx))
- ABORT;
-
- fprintf(stdout,
- "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x");
- BN_print_fp(stdout, p);
- fprintf(stdout, ")\n a = 0x");
- BN_print_fp(stdout, a);
- fprintf(stdout, "\n b = 0x");
- BN_print_fp(stdout, b);
- fprintf(stdout, "\n(0x... means binary polynomial)\n");
-
- P = EC_POINT_new(group);
- Q = EC_POINT_new(group);
- R = EC_POINT_new(group);
- if (!P || !Q || !R)
- ABORT;
-
- if (!EC_POINT_set_to_infinity(group, P))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- buf[0] = 0;
- if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
- ABORT;
-
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- x = BN_new();
- y = BN_new();
- z = BN_new();
- cof = BN_new();
- if (!x || !y || !z || !cof)
- ABORT;
-
- if (!BN_hex2bn(&x, "6"))
- ABORT;
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx))
- ABORT;
-# else
- if (!BN_hex2bn(&y, "8"))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx))
- ABORT;
-# endif
- if (!EC_POINT_is_on_curve(group, Q, ctx)) {
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx))
- ABORT;
-# endif
- fprintf(stderr, "Point is not on curve: x = 0x");
- BN_print_fp(stderr, x);
- fprintf(stderr, ", y = 0x");
- BN_print_fp(stderr, y);
- fprintf(stderr, "\n");
- ABORT;
- }
-
- fprintf(stdout, "A cyclic subgroup:\n");
- k = 100;
- do {
- if (k-- == 0)
- ABORT;
-
- if (EC_POINT_is_at_infinity(group, P))
- fprintf(stdout, " point at infinity\n");
- else {
- if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx))
- ABORT;
-
- fprintf(stdout, " x = 0x");
- BN_print_fp(stdout, x);
- fprintf(stdout, ", y = 0x");
- BN_print_fp(stdout, y);
- fprintf(stdout, "\n");
- }
-
- if (!EC_POINT_copy(R, P))
- ABORT;
- if (!EC_POINT_add(group, P, P, Q, ctx))
- ABORT;
- }
- while (!EC_POINT_is_at_infinity(group, P));
-
- if (!EC_POINT_add(group, P, Q, R, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "Generator as octet string, compressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-# endif
-
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
- sizeof buf, ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-
-/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
- len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
- ctx);
- if (len == 0)
- ABORT;
- if (!EC_POINT_oct2point(group, P, buf, len, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, Q, ctx))
- ABORT;
- fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
- for (i = 0; i < len; i++)
- fprintf(stdout, "%02X", buf[i]);
-# endif
-
- fprintf(stdout, "\n");
-
- if (!EC_POINT_invert(group, P, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
-
- /* Curve K-163 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-163",
- "0800000000000000000000000000000000000000C9",
- "1",
- "1",
- "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
- "0289070FB05D38FF58321F2E800536D538CCDAA3D9",
- 1, "04000000000000000000020108A2E0CC0D99F8A5EF", "2", 163, C2_K163);
-
- /* Curve B-163 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-163",
- "0800000000000000000000000000000000000000C9",
- "1",
- "020A601907B8C953CA1481EB10512F78744A3205FD",
- "03F0EBA16286A2D57EA0991168D4994637E8343E36",
- "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
- 1, "040000000000000000000292FE77E70C12A4234C33", "2", 163, C2_B163);
-
- /* Curve K-233 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-233",
- "020000000000000000000000000000000000000004000000000000000001",
- "0",
- "1",
- "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
- "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
- 0,
- "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
- "4", 233, C2_K233);
-
- /* Curve B-233 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-233",
- "020000000000000000000000000000000000000004000000000000000001",
- "000000000000000000000000000000000000000000000000000000000001",
- "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
- "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
- "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
- 1,
- "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
- "2", 233, C2_B233);
-
- /* Curve K-283 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-283",
- "0800000000000000000000000000000000000000000000000000000000000000000010A1",
- "0",
- "1",
- "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",
- "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
- 0,
- "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
- "4", 283, C2_K283);
-
- /* Curve B-283 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-283",
- "0800000000000000000000000000000000000000000000000000000000000000000010A1",
- "000000000000000000000000000000000000000000000000000000000000000000000001",
- "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
- "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",
- "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
- 1,
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
- "2", 283, C2_B283);
-
- /* Curve K-409 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-409",
- "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
- "0",
- "1",
- "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
- "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
- 1,
- "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
- "4", 409, C2_K409);
-
- /* Curve B-409 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-409",
- "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
- "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
- "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
- "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",
- "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
- 1,
- "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
- "2", 409, C2_B409);
-
- /* Curve K-571 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve K-571",
- "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
- "0",
- "1",
- "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",
- "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
- 0,
- "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
- "4", 571, C2_K571);
-
- /* Curve B-571 (FIPS PUB 186-2, App. 6) */
- CHAR2_CURVE_TEST
- ("NIST curve B-571",
- "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
- "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
- "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
- "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",
- "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
- 1,
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
- "2", 571, C2_B571);
-
- /* more tests using the last curve */
-
- if (!EC_POINT_copy(Q, P))
- ABORT;
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- if (!EC_POINT_dbl(group, P, P, ctx))
- ABORT;
- if (!EC_POINT_is_on_curve(group, P, ctx))
- ABORT;
- if (!EC_POINT_invert(group, Q, ctx))
- ABORT; /* P = -2Q */
-
- if (!EC_POINT_add(group, R, P, Q, ctx))
- ABORT;
- if (!EC_POINT_add(group, R, R, Q, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, R))
- ABORT; /* R = P + 2Q */
-
- {
- const EC_POINT *points[3];
- const BIGNUM *scalars[3];
-
- if (EC_POINT_is_at_infinity(group, Q))
- ABORT;
- points[0] = Q;
- points[1] = Q;
- points[2] = Q;
-
- if (!BN_add(y, z, BN_value_one()))
- ABORT;
- if (BN_is_odd(y))
- ABORT;
- if (!BN_rshift1(y, y))
- ABORT;
- scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
- scalars[1] = y;
-
- fprintf(stdout, "combined multiplication ...");
- fflush(stdout);
-
- /* z is still the group order */
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, P, R, ctx))
- ABORT;
- if (0 != EC_POINT_cmp(group, R, Q, ctx))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
- ABORT;
- if (!BN_add(z, z, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = y;
- scalars[1] = z; /* z = -(order + y) */
-
- if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, ".");
- fflush(stdout);
-
- if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
- ABORT;
- if (!BN_add(z, x, y))
- ABORT;
- BN_set_negative(z, 1);
- scalars[0] = x;
- scalars[1] = y;
- scalars[2] = z; /* z = -(x+y) */
-
- if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, P))
- ABORT;
-
- fprintf(stdout, " ok\n\n");
- }
-
- if (ctx)
- BN_CTX_free(ctx);
- BN_free(p);
- BN_free(a);
- BN_free(b);
- EC_GROUP_free(group);
- EC_POINT_free(P);
- EC_POINT_free(Q);
- EC_POINT_free(R);
- BN_free(x);
- BN_free(y);
- BN_free(z);
- BN_free(cof);
-
- EC_GROUP_free(C2_K163);
- EC_GROUP_free(C2_B163);
- EC_GROUP_free(C2_K233);
- EC_GROUP_free(C2_B233);
- EC_GROUP_free(C2_K283);
- EC_GROUP_free(C2_B283);
- EC_GROUP_free(C2_K409);
- EC_GROUP_free(C2_B409);
- EC_GROUP_free(C2_K571);
- EC_GROUP_free(C2_B571);
-
-}
-# endif
-
-static void internal_curve_test(void)
-{
- EC_builtin_curve *curves = NULL;
- size_t crv_len = 0, n = 0;
- int ok = 1;
-
- crv_len = EC_get_builtin_curves(NULL, 0);
-
- curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
-
- if (curves == NULL)
- return;
-
- if (!EC_get_builtin_curves(curves, crv_len)) {
- OPENSSL_free(curves);
- return;
- }
-
- fprintf(stdout, "testing internal curves: ");
-
- for (n = 0; n < crv_len; n++) {
- EC_GROUP *group = NULL;
- int nid = curves[n].nid;
- if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) {
- ok = 0;
- fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with"
- " curve %s\n", OBJ_nid2sn(nid));
- /* try next curve */
- continue;
- }
- if (!EC_GROUP_check(group, NULL)) {
- ok = 0;
- fprintf(stdout, "\nEC_GROUP_check() failed with"
- " curve %s\n", OBJ_nid2sn(nid));
- EC_GROUP_free(group);
- /* try the next curve */
- continue;
- }
- fprintf(stdout, ".");
- fflush(stdout);
- EC_GROUP_free(group);
- }
- if (ok)
- fprintf(stdout, " ok\n\n");
- else {
- fprintf(stdout, " failed\n\n");
- ABORT;
- }
- OPENSSL_free(curves);
- return;
-}
-
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-/*
- * nistp_test_params contains magic numbers for testing our optimized
- * implementations of several NIST curves with characteristic > 3.
- */
-struct nistp_test_params {
- const EC_METHOD *(*meth) ();
- int degree;
- /*
- * Qx, Qy and D are taken from
- * http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
- * Otherwise, values are standard curve parameters from FIPS 180-3
- */
- const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
-};
-
-static const struct nistp_test_params nistp_tests_params[] = {
- {
- /* P-224 */
- EC_GFp_nistp224_method,
- 224,
- /* p */
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
- /* a */
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
- /* b */
- "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
- /* Qx */
- "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E",
- /* Qy */
- "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555",
- /* Gx */
- "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
- /* Gy */
- "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
- /* order */
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
- /* d */
- "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8",
- },
- {
- /* P-256 */
- EC_GFp_nistp256_method,
- 256,
- /* p */
- "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
- /* a */
- "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
- /* b */
- "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
- /* Qx */
- "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19",
- /* Qy */
- "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09",
- /* Gx */
- "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
- /* Gy */
- "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
- /* order */
- "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
- /* d */
- "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96",
- },
- {
- /* P-521 */
- EC_GFp_nistp521_method,
- 521,
- /* p */
- "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
- /* a */
- "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
- /* b */
- "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
- /* Qx */
- "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4",
- /* Qy */
- "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e",
- /* Gx */
- "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
- /* Gy */
- "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
- /* order */
- "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
- /* d */
- "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722",
- },
-};
-
-static void nistp_single_test(const struct nistp_test_params *test)
-{
- BN_CTX *ctx;
- BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
- EC_GROUP *NISTP;
- EC_POINT *G, *P, *Q, *Q_CHECK;
-
- fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n",
- test->degree);
- ctx = BN_CTX_new();
- p = BN_new();
- a = BN_new();
- b = BN_new();
- x = BN_new();
- y = BN_new();
- m = BN_new();
- n = BN_new();
- order = BN_new();
-
- NISTP = EC_GROUP_new(test->meth());
- if (!NISTP)
- ABORT;
- if (!BN_hex2bn(&p, test->p))
- ABORT;
- if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
- ABORT;
- if (!BN_hex2bn(&a, test->a))
- ABORT;
- if (!BN_hex2bn(&b, test->b))
- ABORT;
- if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx))
- ABORT;
- G = EC_POINT_new(NISTP);
- P = EC_POINT_new(NISTP);
- Q = EC_POINT_new(NISTP);
- Q_CHECK = EC_POINT_new(NISTP);
- if (!BN_hex2bn(&x, test->Qx))
- ABORT;
- if (!BN_hex2bn(&y, test->Qy))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx))
- ABORT;
- if (!BN_hex2bn(&x, test->Gx))
- ABORT;
- if (!BN_hex2bn(&y, test->Gy))
- ABORT;
- if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx))
- ABORT;
- if (!BN_hex2bn(&order, test->order))
- ABORT;
- if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
- ABORT;
-
- fprintf(stdout, "verify degree ... ");
- if (EC_GROUP_get_degree(NISTP) != test->degree)
- ABORT;
- fprintf(stdout, "ok\n");
-
- fprintf(stdout, "NIST test vectors ... ");
- if (!BN_hex2bn(&n, test->d))
- ABORT;
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- /* set generator to P = 2*G, where G is the standard generator */
- if (!EC_POINT_dbl(NISTP, P, G, ctx))
- ABORT;
- if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
- ABORT;
- /* set the scalar to m=n/2, where n is the NIST test scalar */
- if (!BN_rshift(m, n, 1))
- ABORT;
-
- /* test the non-standard generator */
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- /* now repeat all tests with precomputation */
- if (!EC_GROUP_precompute_mult(NISTP, ctx))
- ABORT;
-
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- /* reset generator */
- if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
- ABORT;
- /* fixed point multiplication */
- EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
- /* random point multiplication */
- EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
- if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
- ABORT;
-
- fprintf(stdout, "ok\n");
- group_order_tests(NISTP);
- EC_GROUP_free(NISTP);
- EC_POINT_free(G);
- EC_POINT_free(P);
- EC_POINT_free(Q);
- EC_POINT_free(Q_CHECK);
- BN_free(n);
- BN_free(m);
- BN_free(p);
- BN_free(a);
- BN_free(b);
- BN_free(x);
- BN_free(y);
- BN_free(order);
- BN_CTX_free(ctx);
-}
-
-static void nistp_tests()
-{
- unsigned i;
-
- for (i = 0;
- i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params);
- i++) {
- nistp_single_test(&nistp_tests_params[i]);
- }
-}
-# endif
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-int main(int argc, char *argv[])
-{
-
- /* enable memory leak checking unless explicitly disabled */
- if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
- && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- } else {
- /* OPENSSL_DEBUG_MEMORY=off */
- CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
- }
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- ERR_load_crypto_strings();
-
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
-
- prime_field_tests();
- puts("");
-# ifndef OPENSSL_NO_EC2M
- char2_field_tests();
-# endif
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
- nistp_tests();
-# endif
- /* test the internal curves */
- internal_curve_test();
-
-# ifndef OPENSSL_NO_ENGINE
- ENGINE_cleanup();
-# endif
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
- ERR_remove_thread_state(NULL);
- CRYPTO_mem_leaks_fp(stderr);
-
- return 0;
-}
-#endif
+++ /dev/null
-/* crypto/ecdh/ecdh.h */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDH_H
-# define HEADER_ECDH_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_EC
-# error EC is disabled.
-# endif
-
-# include <openssl/ec.h>
-# include <openssl/ossl_typ.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define EC_FLAG_COFACTOR_ECDH 0x1000
-
-const ECDH_METHOD *ECDH_OpenSSL(void);
-
-void ECDH_set_default_method(const ECDH_METHOD *);
-const ECDH_METHOD *ECDH_get_default_method(void);
-int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
-
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
- EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
- void *out, size_t *outlen));
-
-int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
- *new_func, CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDH_get_ex_data(EC_KEY *d, int idx);
-
-int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- const unsigned char *sinfo, size_t sinfolen,
- const EVP_MD *md);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDH_strings(void);
-
-/* Error codes for the ECDH functions. */
-
-/* Function codes. */
-# define ECDH_F_ECDH_COMPUTE_KEY 100
-# define ECDH_F_ECDH_DATA_NEW_METHOD 101
-
-/* Reason codes. */
-# define ECDH_R_KDF_FAILED 102
-# define ECDH_R_NO_PRIVATE_VALUE 100
-# define ECDH_R_POINT_ARITHMETIC_FAILURE 101
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/ecdh/ecdhtest.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/opensslconf.h> /* for OPENSSL_NO_EC */
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/sha.h>
-#include <openssl/err.h>
-
-#ifdef OPENSSL_NO_EC
-int main(int argc, char *argv[])
-{
- printf("No ECDH support\n");
- return (0);
-}
-#else
-# include <openssl/ec.h>
-# include <openssl/ecdh.h>
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
- size_t *outlen)
-{
- if (*outlen < SHA_DIGEST_LENGTH)
- return NULL;
- *outlen = SHA_DIGEST_LENGTH;
- return SHA1(in, inlen, out);
-}
-
-static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
-{
- EC_KEY *a = NULL;
- EC_KEY *b = NULL;
- BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL;
- char buf[12];
- unsigned char *abuf = NULL, *bbuf = NULL;
- int i, alen, blen, aout, bout, ret = 0;
- const EC_GROUP *group;
-
- a = EC_KEY_new_by_curve_name(nid);
- b = EC_KEY_new_by_curve_name(nid);
- if (a == NULL || b == NULL)
- goto err;
-
- group = EC_KEY_get0_group(a);
-
- if ((x_a = BN_new()) == NULL)
- goto err;
- if ((y_a = BN_new()) == NULL)
- goto err;
- if ((x_b = BN_new()) == NULL)
- goto err;
- if ((y_b = BN_new()) == NULL)
- goto err;
-
- BIO_puts(out, "Testing key generation with ");
- BIO_puts(out, text);
-# ifdef NOISY
- BIO_puts(out, "\n");
-# else
- (void)BIO_flush(out);
-# endif
-
- if (!EC_KEY_generate_key(a))
- goto err;
-
- if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
- NID_X9_62_prime_field) {
- if (!EC_POINT_get_affine_coordinates_GFp
- (group, EC_KEY_get0_public_key(a), x_a, y_a, ctx))
- goto err;
- }
-# ifndef OPENSSL_NO_EC2M
- else {
- if (!EC_POINT_get_affine_coordinates_GF2m(group,
- EC_KEY_get0_public_key(a),
- x_a, y_a, ctx))
- goto err;
- }
-# endif
-# ifdef NOISY
- BIO_puts(out, " pri 1=");
- BN_print(out, a->priv_key);
- BIO_puts(out, "\n pub 1=");
- BN_print(out, x_a);
- BIO_puts(out, ",");
- BN_print(out, y_a);
- BIO_puts(out, "\n");
-# else
- BIO_printf(out, " .");
- (void)BIO_flush(out);
-# endif
-
- if (!EC_KEY_generate_key(b))
- goto err;
-
- if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
- NID_X9_62_prime_field) {
- if (!EC_POINT_get_affine_coordinates_GFp
- (group, EC_KEY_get0_public_key(b), x_b, y_b, ctx))
- goto err;
- }
-# ifndef OPENSSL_NO_EC2M
- else {
- if (!EC_POINT_get_affine_coordinates_GF2m(group,
- EC_KEY_get0_public_key(b),
- x_b, y_b, ctx))
- goto err;
- }
-# endif
-
-# ifdef NOISY
- BIO_puts(out, " pri 2=");
- BN_print(out, b->priv_key);
- BIO_puts(out, "\n pub 2=");
- BN_print(out, x_b);
- BIO_puts(out, ",");
- BN_print(out, y_b);
- BIO_puts(out, "\n");
-# else
- BIO_printf(out, ".");
- (void)BIO_flush(out);
-# endif
-
- alen = KDF1_SHA1_len;
- abuf = (unsigned char *)OPENSSL_malloc(alen);
- aout =
- ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(b), a, KDF1_SHA1);
-
-# ifdef NOISY
- BIO_puts(out, " key1 =");
- for (i = 0; i < aout; i++) {
- sprintf(buf, "%02X", abuf[i]);
- BIO_puts(out, buf);
- }
- BIO_puts(out, "\n");
-# else
- BIO_printf(out, ".");
- (void)BIO_flush(out);
-# endif
-
- blen = KDF1_SHA1_len;
- bbuf = (unsigned char *)OPENSSL_malloc(blen);
- bout =
- ECDH_compute_key(bbuf, blen, EC_KEY_get0_public_key(a), b, KDF1_SHA1);
-
-# ifdef NOISY
- BIO_puts(out, " key2 =");
- for (i = 0; i < bout; i++) {
- sprintf(buf, "%02X", bbuf[i]);
- BIO_puts(out, buf);
- }
- BIO_puts(out, "\n");
-# else
- BIO_printf(out, ".");
- (void)BIO_flush(out);
-# endif
-
- if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
-# ifndef NOISY
- BIO_printf(out, " failed\n\n");
- BIO_printf(out, "key a:\n");
- BIO_printf(out, "private key: ");
- BN_print(out, EC_KEY_get0_private_key(a));
- BIO_printf(out, "\n");
- BIO_printf(out, "public key (x,y): ");
- BN_print(out, x_a);
- BIO_printf(out, ",");
- BN_print(out, y_a);
- BIO_printf(out, "\nkey b:\n");
- BIO_printf(out, "private key: ");
- BN_print(out, EC_KEY_get0_private_key(b));
- BIO_printf(out, "\n");
- BIO_printf(out, "public key (x,y): ");
- BN_print(out, x_b);
- BIO_printf(out, ",");
- BN_print(out, y_b);
- BIO_printf(out, "\n");
- BIO_printf(out, "generated key a: ");
- for (i = 0; i < bout; i++) {
- sprintf(buf, "%02X", bbuf[i]);
- BIO_puts(out, buf);
- }
- BIO_printf(out, "\n");
- BIO_printf(out, "generated key b: ");
- for (i = 0; i < aout; i++) {
- sprintf(buf, "%02X", abuf[i]);
- BIO_puts(out, buf);
- }
- BIO_printf(out, "\n");
-# endif
- fprintf(stderr, "Error in ECDH routines\n");
- ret = 0;
- } else {
-# ifndef NOISY
- BIO_printf(out, " ok\n");
-# endif
- ret = 1;
- }
- err:
- ERR_print_errors_fp(stderr);
-
- if (abuf != NULL)
- OPENSSL_free(abuf);
- if (bbuf != NULL)
- OPENSSL_free(bbuf);
- if (x_a)
- BN_free(x_a);
- if (y_a)
- BN_free(y_a);
- if (x_b)
- BN_free(x_b);
- if (y_b)
- BN_free(y_b);
- EC_KEY_free(b);
- EC_KEY_free(a);
- return (ret);
-}
-
-/* Keys and shared secrets from RFC 7027 */
-
-static const unsigned char bp256_da[] = {
- 0x81, 0xDB, 0x1E, 0xE1, 0x00, 0x15, 0x0F, 0xF2, 0xEA, 0x33, 0x8D, 0x70,
- 0x82, 0x71, 0xBE, 0x38, 0x30, 0x0C, 0xB5, 0x42, 0x41, 0xD7, 0x99, 0x50,
- 0xF7, 0x7B, 0x06, 0x30, 0x39, 0x80, 0x4F, 0x1D
-};
-
-static const unsigned char bp256_db[] = {
- 0x55, 0xE4, 0x0B, 0xC4, 0x1E, 0x37, 0xE3, 0xE2, 0xAD, 0x25, 0xC3, 0xC6,
- 0x65, 0x45, 0x11, 0xFF, 0xA8, 0x47, 0x4A, 0x91, 0xA0, 0x03, 0x20, 0x87,
- 0x59, 0x38, 0x52, 0xD3, 0xE7, 0xD7, 0x6B, 0xD3
-};
-
-static const unsigned char bp256_Z[] = {
- 0x89, 0xAF, 0xC3, 0x9D, 0x41, 0xD3, 0xB3, 0x27, 0x81, 0x4B, 0x80, 0x94,
- 0x0B, 0x04, 0x25, 0x90, 0xF9, 0x65, 0x56, 0xEC, 0x91, 0xE6, 0xAE, 0x79,
- 0x39, 0xBC, 0xE3, 0x1F, 0x3A, 0x18, 0xBF, 0x2B
-};
-
-static const unsigned char bp384_da[] = {
- 0x1E, 0x20, 0xF5, 0xE0, 0x48, 0xA5, 0x88, 0x6F, 0x1F, 0x15, 0x7C, 0x74,
- 0xE9, 0x1B, 0xDE, 0x2B, 0x98, 0xC8, 0xB5, 0x2D, 0x58, 0xE5, 0x00, 0x3D,
- 0x57, 0x05, 0x3F, 0xC4, 0xB0, 0xBD, 0x65, 0xD6, 0xF1, 0x5E, 0xB5, 0xD1,
- 0xEE, 0x16, 0x10, 0xDF, 0x87, 0x07, 0x95, 0x14, 0x36, 0x27, 0xD0, 0x42
-};
-
-static const unsigned char bp384_db[] = {
- 0x03, 0x26, 0x40, 0xBC, 0x60, 0x03, 0xC5, 0x92, 0x60, 0xF7, 0x25, 0x0C,
- 0x3D, 0xB5, 0x8C, 0xE6, 0x47, 0xF9, 0x8E, 0x12, 0x60, 0xAC, 0xCE, 0x4A,
- 0xCD, 0xA3, 0xDD, 0x86, 0x9F, 0x74, 0xE0, 0x1F, 0x8B, 0xA5, 0xE0, 0x32,
- 0x43, 0x09, 0xDB, 0x6A, 0x98, 0x31, 0x49, 0x7A, 0xBA, 0xC9, 0x66, 0x70
-};
-
-static const unsigned char bp384_Z[] = {
- 0x0B, 0xD9, 0xD3, 0xA7, 0xEA, 0x0B, 0x3D, 0x51, 0x9D, 0x09, 0xD8, 0xE4,
- 0x8D, 0x07, 0x85, 0xFB, 0x74, 0x4A, 0x6B, 0x35, 0x5E, 0x63, 0x04, 0xBC,
- 0x51, 0xC2, 0x29, 0xFB, 0xBC, 0xE2, 0x39, 0xBB, 0xAD, 0xF6, 0x40, 0x37,
- 0x15, 0xC3, 0x5D, 0x4F, 0xB2, 0xA5, 0x44, 0x4F, 0x57, 0x5D, 0x4F, 0x42
-};
-
-static const unsigned char bp512_da[] = {
- 0x16, 0x30, 0x2F, 0xF0, 0xDB, 0xBB, 0x5A, 0x8D, 0x73, 0x3D, 0xAB, 0x71,
- 0x41, 0xC1, 0xB4, 0x5A, 0xCB, 0xC8, 0x71, 0x59, 0x39, 0x67, 0x7F, 0x6A,
- 0x56, 0x85, 0x0A, 0x38, 0xBD, 0x87, 0xBD, 0x59, 0xB0, 0x9E, 0x80, 0x27,
- 0x96, 0x09, 0xFF, 0x33, 0x3E, 0xB9, 0xD4, 0xC0, 0x61, 0x23, 0x1F, 0xB2,
- 0x6F, 0x92, 0xEE, 0xB0, 0x49, 0x82, 0xA5, 0xF1, 0xD1, 0x76, 0x4C, 0xAD,
- 0x57, 0x66, 0x54, 0x22
-};
-
-static const unsigned char bp512_db[] = {
- 0x23, 0x0E, 0x18, 0xE1, 0xBC, 0xC8, 0x8A, 0x36, 0x2F, 0xA5, 0x4E, 0x4E,
- 0xA3, 0x90, 0x20, 0x09, 0x29, 0x2F, 0x7F, 0x80, 0x33, 0x62, 0x4F, 0xD4,
- 0x71, 0xB5, 0xD8, 0xAC, 0xE4, 0x9D, 0x12, 0xCF, 0xAB, 0xBC, 0x19, 0x96,
- 0x3D, 0xAB, 0x8E, 0x2F, 0x1E, 0xBA, 0x00, 0xBF, 0xFB, 0x29, 0xE4, 0xD7,
- 0x2D, 0x13, 0xF2, 0x22, 0x45, 0x62, 0xF4, 0x05, 0xCB, 0x80, 0x50, 0x36,
- 0x66, 0xB2, 0x54, 0x29
-};
-
-static const unsigned char bp512_Z[] = {
- 0xA7, 0x92, 0x70, 0x98, 0x65, 0x5F, 0x1F, 0x99, 0x76, 0xFA, 0x50, 0xA9,
- 0xD5, 0x66, 0x86, 0x5D, 0xC5, 0x30, 0x33, 0x18, 0x46, 0x38, 0x1C, 0x87,
- 0x25, 0x6B, 0xAF, 0x32, 0x26, 0x24, 0x4B, 0x76, 0xD3, 0x64, 0x03, 0xC0,
- 0x24, 0xD7, 0xBB, 0xF0, 0xAA, 0x08, 0x03, 0xEA, 0xFF, 0x40, 0x5D, 0x3D,
- 0x24, 0xF1, 0x1A, 0x9B, 0x5C, 0x0B, 0xEF, 0x67, 0x9F, 0xE1, 0x45, 0x4B,
- 0x21, 0xC4, 0xCD, 0x1F
-};
-
-/* Given private value and NID, create EC_KEY structure */
-
-static EC_KEY *mk_eckey(int nid, const unsigned char *p, size_t plen)
-{
- int ok = 0;
- EC_KEY *k = NULL;
- BIGNUM *priv = NULL;
- EC_POINT *pub = NULL;
- const EC_GROUP *grp;
- k = EC_KEY_new_by_curve_name(nid);
- if (!k)
- goto err;
- priv = BN_bin2bn(p, plen, NULL);
- if (!priv)
- goto err;
- if (!EC_KEY_set_private_key(k, priv))
- goto err;
- grp = EC_KEY_get0_group(k);
- pub = EC_POINT_new(grp);
- if (!pub)
- goto err;
- if (!EC_POINT_mul(grp, pub, priv, NULL, NULL, NULL))
- goto err;
- if (!EC_KEY_set_public_key(k, pub))
- goto err;
- ok = 1;
- err:
- if (priv)
- BN_clear_free(priv);
- EC_POINT_free(pub);
- if (ok)
- return k;
- EC_KEY_free(k);
- return NULL;
-}
-
-/*
- * Known answer test: compute shared secret and check it matches expected
- * value.
- */
-
-static int ecdh_kat(BIO *out, const char *cname, int nid,
- const unsigned char *k1, size_t k1_len,
- const unsigned char *k2, size_t k2_len,
- const unsigned char *Z, size_t Zlen)
-{
- int rv = 0;
- EC_KEY *key1 = NULL, *key2 = NULL;
- unsigned char *Ztmp = NULL;
- size_t Ztmplen;
- BIO_puts(out, "Testing ECDH shared secret with ");
- BIO_puts(out, cname);
- key1 = mk_eckey(nid, k1, k1_len);
- key2 = mk_eckey(nid, k2, k2_len);
- if (!key1 || !key2)
- goto err;
- Ztmplen = (EC_GROUP_get_degree(EC_KEY_get0_group(key1)) + 7) / 8;
- if (Ztmplen != Zlen)
- goto err;
- Ztmp = OPENSSL_malloc(Ztmplen);
- if (!ECDH_compute_key(Ztmp, Ztmplen,
- EC_KEY_get0_public_key(key2), key1, 0))
- goto err;
- if (memcmp(Ztmp, Z, Zlen))
- goto err;
- memset(Ztmp, 0, Zlen);
- if (!ECDH_compute_key(Ztmp, Ztmplen,
- EC_KEY_get0_public_key(key1), key2, 0))
- goto err;
- if (memcmp(Ztmp, Z, Zlen))
- goto err;
- rv = 1;
- err:
- EC_KEY_free(key1);
- EC_KEY_free(key2);
- if (Ztmp)
- OPENSSL_free(Ztmp);
- if (rv)
- BIO_puts(out, " ok\n");
- else {
- fprintf(stderr, "Error in ECDH routines\n");
- ERR_print_errors_fp(stderr);
- }
- return rv;
-}
-
-# define test_ecdh_kat(bio, curve, bits) \
- ecdh_kat(bio, curve, NID_brainpoolP##bits##r1, \
- bp##bits##_da, sizeof(bp##bits##_da), \
- bp##bits##_db, sizeof(bp##bits##_db), \
- bp##bits##_Z, sizeof(bp##bits##_Z))
-
-int main(int argc, char *argv[])
-{
- BN_CTX *ctx = NULL;
- int ret = 1;
- BIO *out;
-
- CRYPTO_malloc_debug_init();
- CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-# ifdef OPENSSL_SYS_WIN32
- CRYPTO_malloc_init();
-# endif
-
- RAND_seed(rnd_seed, sizeof rnd_seed);
-
- out = BIO_new(BIO_s_file());
- if (out == NULL)
- EXIT(1);
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-
- if ((ctx = BN_CTX_new()) == NULL)
- goto err;
-
- /* NIST PRIME CURVES TESTS */
- if (!test_ecdh_curve
- (NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out))
- goto err;
- if (!test_ecdh_curve
- (NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out))
- goto err;
-# ifndef OPENSSL_NO_EC2M
- /* NIST BINARY CURVES TESTS */
- if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out))
- goto err;
- if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out))
- goto err;
-# endif
- if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256))
- goto err;
- if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384))
- goto err;
- if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512))
- goto err;
-
- ret = 0;
-
- err:
- ERR_print_errors_fp(stderr);
- if (ctx)
- BN_CTX_free(ctx);
- BIO_free(out);
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- CRYPTO_mem_leaks_fp(stderr);
- EXIT(ret);
-}
-#endif
+++ /dev/null
-/* crypto/ecdsa/ecdsa.h */
-/**
- * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
- * \author Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDSA_H
-# define HEADER_ECDSA_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_EC
-# error EC is disabled.
-# endif
-
-# include <openssl/ec.h>
-# include <openssl/ossl_typ.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct ECDSA_SIG_st {
- BIGNUM *r;
- BIGNUM *s;
-} ECDSA_SIG;
-
-/** Allocates and initialize a ECDSA_SIG structure
- * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_SIG_new(void);
-
-/** frees a ECDSA_SIG structure
- * \param sig pointer to the ECDSA_SIG structure
- */
-void ECDSA_SIG_free(ECDSA_SIG *sig);
-
-/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
- * (*pp += length of the DER encoded signature)).
- * \param sig pointer to the ECDSA_SIG object
- * \param pp pointer to a unsigned char pointer for the output or NULL
- * \return the length of the DER encoded ECDSA_SIG object or 0
- */
-int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
-
-/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
- * (*pp += len)).
- * \param sig pointer to ECDSA_SIG pointer (may be NULL)
- * \param pp memory buffer with the DER encoded signature
- * \param len length of the buffer
- * \return pointer to the decoded ECDSA_SIG structure (or NULL)
- */
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
-
-/** Computes the ECDSA signature of the given hash value using
- * the supplied private key and returns the created signature.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param eckey EC_KEY object containing a private EC key
- * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
- EC_KEY *eckey);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param kinv BIGNUM with a pre-computed inverse k (optional)
- * \param rp BIGNUM with a pre-computed rp value (optioanl),
- * see ECDSA_sign_setup
- * \param eckey EC_KEY object containing a private EC key
- * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
- const BIGNUM *kinv, const BIGNUM *rp,
- EC_KEY *eckey);
-
-/** Verifies that the supplied signature is a valid ECDSA
- * signature of the supplied hash value using the supplied public key.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param sig ECDSA_SIG structure
- * \param eckey EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid
- * and -1 on error
- */
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
- const ECDSA_SIG *sig, EC_KEY *eckey);
-
-const ECDSA_METHOD *ECDSA_OpenSSL(void);
-
-/** Sets the default ECDSA method
- * \param meth new default ECDSA_METHOD
- */
-void ECDSA_set_default_method(const ECDSA_METHOD *meth);
-
-/** Returns the default ECDSA method
- * \return pointer to ECDSA_METHOD structure containing the default method
- */
-const ECDSA_METHOD *ECDSA_get_default_method(void);
-
-/** Sets method to be used for the ECDSA operations
- * \param eckey EC_KEY object
- * \param meth new method
- * \return 1 on success and 0 otherwise
- */
-int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
-
-/** Returns the maximum length of the DER encoded signature
- * \param eckey EC_KEY object
- * \return numbers of bytes required for the DER encoded signature
- */
-int ECDSA_size(const EC_KEY *eckey);
-
-/** Precompute parts of the signing operation
- * \param eckey EC_KEY object containing a private EC key
- * \param ctx BN_CTX object (optional)
- * \param kinv BIGNUM pointer for the inverse of k
- * \param rp BIGNUM pointer for x coordinate of k * generator
- * \return 1 on success and 0 otherwise
- */
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param sig memory for the DER encoded created signature
- * \param siglen pointer to the length of the returned signature
- * \param eckey EC_KEY object containing a private EC key
- * \return 1 on success and 0 otherwise
- */
-int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
- unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param sig buffer to hold the DER encoded signature
- * \param siglen pointer to the length of the returned signature
- * \param kinv BIGNUM with a pre-computed inverse k (optional)
- * \param rp BIGNUM with a pre-computed rp value (optioanl),
- * see ECDSA_sign_setup
- * \param eckey EC_KEY object containing a private EC key
- * \return 1 on success and 0 otherwise
- */
-int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
- unsigned char *sig, unsigned int *siglen,
- const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
-
-/** Verifies that the given signature is valid ECDSA signature
- * of the supplied hash value using the specified public key.
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value
- * \param dgstlen length of the hash value
- * \param sig pointer to the DER encoded signature
- * \param siglen length of the DER encoded signature
- * \param eckey EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid
- * and -1 on error
- */
-int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
- const unsigned char *sig, int siglen, EC_KEY *eckey);
-
-/* the standard ex_data functions */
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
- *new_func, CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDSA_get_ex_data(EC_KEY *d, int idx);
-
-/** Allocates and initialize a ECDSA_METHOD structure
- * \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
- * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
- */
-
-ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
-
-/** frees a ECDSA_METHOD structure
- * \param ecdsa_method pointer to the ECDSA_METHOD structure
- */
-void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
-
-/** Sets application specific data in the ECDSA_METHOD
- * \param ecdsa_method pointer to existing ECDSA_METHOD
- * \param app application specific data to set
- */
-
-void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
-
-/** Returns application specific data from a ECDSA_METHOD structure
- * \param ecdsa_method pointer to ECDSA_METHOD structure
- * \return pointer to application specific data.
- */
-
-void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
-
-/** Set the ECDSA_do_sign function in the ECDSA_METHOD
- * \param ecdsa_method pointer to existing ECDSA_METHOD
- * \param ecdsa_do_sign a funtion of type ECDSA_do_sign
- */
-
-void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
- ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
- *dgst, int dgst_len,
- const BIGNUM *inv,
- const BIGNUM *rp,
- EC_KEY *eckey));
-
-/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
- * \param ecdsa_method pointer to existing ECDSA_METHOD
- * \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
- */
-
-void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
- int (*ecdsa_sign_setup) (EC_KEY *eckey,
- BN_CTX *ctx,
- BIGNUM **kinv,
- BIGNUM **r));
-
-/** Set the ECDSA_do_verify function in the ECDSA_METHOD
- * \param ecdsa_method pointer to existing ECDSA_METHOD
- * \param ecdsa_do_verify a funtion of type ECDSA_do_verify
- */
-
-void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
- int (*ecdsa_do_verify) (const unsigned char
- *dgst, int dgst_len,
- const ECDSA_SIG *sig,
- EC_KEY *eckey));
-
-void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
-
-/** Set the flags field in the ECDSA_METHOD
- * \param ecdsa_method pointer to existing ECDSA_METHOD
- * \param flags flags value to set
- */
-
-void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
-
-/** Set the name field in the ECDSA_METHOD
- * \param ecdsa_method pointer to existing ECDSA_METHOD
- * \param name name to set
- */
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDSA_strings(void);
-
-/* Error codes for the ECDSA functions. */
-
-/* Function codes. */
-# define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
-# define ECDSA_F_ECDSA_DO_SIGN 101
-# define ECDSA_F_ECDSA_DO_VERIFY 102
-# define ECDSA_F_ECDSA_METHOD_NEW 105
-# define ECDSA_F_ECDSA_SIGN_SETUP 103
-
-/* Reason codes. */
-# define ECDSA_R_BAD_SIGNATURE 100
-# define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
-# define ECDSA_R_ERR_EC_LIB 102
-# define ECDSA_R_MISSING_PARAMETERS 103
-# define ECDSA_R_NEED_NEW_SETUP_VALUES 106
-# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
-# define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/ecdsa/ecdsatest.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */
-
-#ifdef OPENSSL_NO_EC
-int main(int argc, char *argv[])
-{
- puts("Elliptic curves are disabled.");
- return 0;
-}
-#else
-
-# include <openssl/crypto.h>
-# include <openssl/bio.h>
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/ecdsa.h>
-# ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-# endif
-# include <openssl/err.h>
-# include <openssl/rand.h>
-
-static const char rnd_seed[] = "string to make the random number generator "
- "think it has entropy";
-
-/* declaration of the test functions */
-int x9_62_tests(BIO *);
-int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s);
-int test_builtin(BIO *);
-
-/* functions to change the RAND_METHOD */
-int change_rand(void);
-int restore_rand(void);
-int fbytes(unsigned char *buf, int num);
-
-RAND_METHOD fake_rand;
-const RAND_METHOD *old_rand;
-
-int change_rand(void)
-{
- /* save old rand method */
- if ((old_rand = RAND_get_rand_method()) == NULL)
- return 0;
-
- fake_rand.seed = old_rand->seed;
- fake_rand.cleanup = old_rand->cleanup;
- fake_rand.add = old_rand->add;
- fake_rand.status = old_rand->status;
- /* use own random function */
- fake_rand.bytes = fbytes;
- fake_rand.pseudorand = old_rand->bytes;
- /* set new RAND_METHOD */
- if (!RAND_set_rand_method(&fake_rand))
- return 0;
- return 1;
-}
-
-int restore_rand(void)
-{
- if (!RAND_set_rand_method(old_rand))
- return 0;
- else
- return 1;
-}
-
-static int fbytes_counter = 0, use_fake = 0;
-static const char *numbers[8] = {
- "651056770906015076056810763456358567190100156695615665659",
- "6140507067065001063065065565667405560006161556565665656654",
- "8763001015071075675010661307616710783570106710677817767166"
- "71676178726717",
- "7000000175690566466555057817571571075705015757757057795755"
- "55657156756655",
- "1275552191113212300012030439187146164646146646466749494799",
- "1542725565216523985789236956265265265235675811949404040041",
- "1456427555219115346513212300075341203043918714616464614664"
- "64667494947990",
- "1712787255652165239672857892369562652652652356758119494040"
- "40041670216363"
-};
-
-int fbytes(unsigned char *buf, int num)
-{
- int ret;
- BIGNUM *tmp = NULL;
-
- if (use_fake == 0)
- return old_rand->bytes(buf, num);
-
- use_fake = 0;
-
- if (fbytes_counter >= 8)
- return 0;
- tmp = BN_new();
- if (!tmp)
- return 0;
- if (!BN_dec2bn(&tmp, numbers[fbytes_counter])) {
- BN_free(tmp);
- return 0;
- }
- fbytes_counter++;
- if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf))
- ret = 0;
- else
- ret = 1;
- BN_free(tmp);
- return ret;
-}
-
-/* some tests from the X9.62 draft */
-int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
-{
- int ret = 0;
- const char message[] = "abc";
- unsigned char digest[20];
- unsigned int dgst_len = 0;
- EVP_MD_CTX md_ctx;
- EC_KEY *key = NULL;
- ECDSA_SIG *signature = NULL;
- BIGNUM *r = NULL, *s = NULL;
- BIGNUM *kinv = NULL, *rp = NULL;
-
- EVP_MD_CTX_init(&md_ctx);
- /* get the message digest */
- if (!EVP_DigestInit(&md_ctx, EVP_ecdsa())
- || !EVP_DigestUpdate(&md_ctx, (const void *)message, 3)
- || !EVP_DigestFinal(&md_ctx, digest, &dgst_len))
- goto x962_int_err;
-
- BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
- /* create the key */
- if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
- goto x962_int_err;
- use_fake = 1;
- if (!EC_KEY_generate_key(key))
- goto x962_int_err;
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* create the signature */
- use_fake = 1;
- /* Use ECDSA_sign_setup to avoid use of ECDSA nonces */
- if (!ECDSA_sign_setup(key, NULL, &kinv, &rp))
- goto x962_int_err;
- signature = ECDSA_do_sign_ex(digest, 20, kinv, rp, key);
- if (signature == NULL)
- goto x962_int_err;
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* compare the created signature with the expected signature */
- if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
- goto x962_int_err;
- if (!BN_dec2bn(&r, r_in) || !BN_dec2bn(&s, s_in))
- goto x962_int_err;
- if (BN_cmp(signature->r, r) || BN_cmp(signature->s, s))
- goto x962_int_err;
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* verify the signature */
- if (ECDSA_do_verify(digest, 20, signature, key) != 1)
- goto x962_int_err;
- BIO_printf(out, ".");
- (void)BIO_flush(out);
-
- BIO_printf(out, " ok\n");
- ret = 1;
- x962_int_err:
- if (!ret)
- BIO_printf(out, " failed\n");
- EC_KEY_free(key);
- if (signature)
- ECDSA_SIG_free(signature);
- if (r)
- BN_free(r);
- if (s)
- BN_free(s);
- EVP_MD_CTX_cleanup(&md_ctx);
- if (kinv)
- BN_clear_free(kinv);
- if (rp)
- BN_clear_free(rp);
- return ret;
-}
-
-int x9_62_tests(BIO *out)
-{
- int ret = 0;
-
- BIO_printf(out, "some tests from X9.62:\n");
-
- /* set own rand method */
- if (!change_rand())
- goto x962_err;
-
- if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
- "3342403536405981729393488334694600415596881826869351677613",
- "5735822328888155254683894997897571951568553642892029982342"))
- goto x962_err;
- if (!x9_62_test_internal(out, NID_X9_62_prime239v1,
- "3086361431751678114926225473006680188549593787585317781474"
- "62058306432176",
- "3238135532097973577080787768312505059318910517550078427819"
- "78505179448783"))
- goto x962_err;
-# ifndef OPENSSL_NO_EC2M
- if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
- "87194383164871543355722284926904419997237591535066528048",
- "308992691965804947361541664549085895292153777025772063598"))
- goto x962_err;
- if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1,
- "2159633321041961198501834003903461262881815148684178964245"
- "5876922391552",
- "1970303740007316867383349976549972270528498040721988191026"
- "49413465737174"))
- goto x962_err;
-# endif
- ret = 1;
- x962_err:
- if (!restore_rand())
- ret = 0;
- return ret;
-}
-
-int test_builtin(BIO *out)
-{
- EC_builtin_curve *curves = NULL;
- size_t crv_len = 0, n = 0;
- EC_KEY *eckey = NULL, *wrong_eckey = NULL;
- EC_GROUP *group;
- ECDSA_SIG *ecdsa_sig = NULL;
- unsigned char digest[20], wrong_digest[20];
- unsigned char *signature = NULL;
- const unsigned char *sig_ptr;
- unsigned char *sig_ptr2;
- unsigned char *raw_buf = NULL;
- unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len;
- int nid, ret = 0;
-
- /* fill digest values with some random data */
- if (RAND_bytes(digest, 20) <= 0 || RAND_bytes(wrong_digest, 20) <= 0) {
- BIO_printf(out, "ERROR: unable to get random data\n");
- goto builtin_err;
- }
-
- /*
- * create and verify a ecdsa signature with every availble curve (with )
- */
- BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() "
- "with some internal curves:\n");
-
- /* get a list of all internal curves */
- crv_len = EC_get_builtin_curves(NULL, 0);
-
- curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
-
- if (curves == NULL) {
- BIO_printf(out, "malloc error\n");
- goto builtin_err;
- }
-
- if (!EC_get_builtin_curves(curves, crv_len)) {
- BIO_printf(out, "unable to get internal curves\n");
- goto builtin_err;
- }
-
- /* now create and verify a signature for every curve */
- for (n = 0; n < crv_len; n++) {
- unsigned char dirt, offset;
-
- nid = curves[n].nid;
- if (nid == NID_ipsec4)
- continue;
- /* create new ecdsa key (== EC_KEY) */
- if ((eckey = EC_KEY_new()) == NULL)
- goto builtin_err;
- group = EC_GROUP_new_by_curve_name(nid);
- if (group == NULL)
- goto builtin_err;
- if (EC_KEY_set_group(eckey, group) == 0)
- goto builtin_err;
- EC_GROUP_free(group);
- degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey));
- if (degree < 160) {
- /* drop the curve */
- EC_KEY_free(eckey);
- eckey = NULL;
- continue;
- }
- BIO_printf(out, "%s: ", OBJ_nid2sn(nid));
- /* create key */
- if (!EC_KEY_generate_key(eckey)) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- /* create second key */
- if ((wrong_eckey = EC_KEY_new()) == NULL)
- goto builtin_err;
- group = EC_GROUP_new_by_curve_name(nid);
- if (group == NULL)
- goto builtin_err;
- if (EC_KEY_set_group(wrong_eckey, group) == 0)
- goto builtin_err;
- EC_GROUP_free(group);
- if (!EC_KEY_generate_key(wrong_eckey)) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
-
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* check key */
- if (!EC_KEY_check_key(eckey)) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* create signature */
- sig_len = ECDSA_size(eckey);
- if ((signature = OPENSSL_malloc(sig_len)) == NULL)
- goto builtin_err;
- if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* verify signature */
- if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* verify signature with the wrong key */
- if (ECDSA_verify(0, digest, 20, signature, sig_len, wrong_eckey) == 1) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* wrong digest */
- if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len, eckey) == 1) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* wrong length */
- if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, eckey) == 1) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- BIO_printf(out, ".");
- (void)BIO_flush(out);
-
- /*
- * Modify a single byte of the signature: to ensure we don't garble
- * the ASN1 structure, we read the raw signature and modify a byte in
- * one of the bignums directly.
- */
- sig_ptr = signature;
- if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
-
- /* Store the two BIGNUMs in raw_buf. */
- r_len = BN_num_bytes(ecdsa_sig->r);
- s_len = BN_num_bytes(ecdsa_sig->s);
- bn_len = (degree + 7) / 8;
- if ((r_len > bn_len) || (s_len > bn_len)) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- buf_len = 2 * bn_len;
- if ((raw_buf = OPENSSL_malloc(buf_len)) == NULL)
- goto builtin_err;
- /* Pad the bignums with leading zeroes. */
- memset(raw_buf, 0, buf_len);
- BN_bn2bin(ecdsa_sig->r, raw_buf + bn_len - r_len);
- BN_bn2bin(ecdsa_sig->s, raw_buf + buf_len - s_len);
-
- /* Modify a single byte in the buffer. */
- offset = raw_buf[10] % buf_len;
- dirt = raw_buf[11] ? raw_buf[11] : 1;
- raw_buf[offset] ^= dirt;
- /* Now read the BIGNUMs back in from raw_buf. */
- if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
- (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
- goto builtin_err;
-
- sig_ptr2 = signature;
- sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
- if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- /*
- * Sanity check: undo the modification and verify signature.
- */
- raw_buf[offset] ^= dirt;
- if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
- (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
- goto builtin_err;
-
- sig_ptr2 = signature;
- sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
- if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
- BIO_printf(out, " failed\n");
- goto builtin_err;
- }
- BIO_printf(out, ".");
- (void)BIO_flush(out);
-
- BIO_printf(out, " ok\n");
- /* cleanup */
- /* clean bogus errors */
- ERR_clear_error();
- OPENSSL_free(signature);
- signature = NULL;
- EC_KEY_free(eckey);
- eckey = NULL;
- EC_KEY_free(wrong_eckey);
- wrong_eckey = NULL;
- ECDSA_SIG_free(ecdsa_sig);
- ecdsa_sig = NULL;
- OPENSSL_free(raw_buf);
- raw_buf = NULL;
- }
-
- ret = 1;
- builtin_err:
- EC_KEY_free(eckey);
- EC_KEY_free(wrong_eckey);
- if (ecdsa_sig)
- ECDSA_SIG_free(ecdsa_sig);
- if (signature)
- OPENSSL_free(signature);
- if (raw_buf)
- OPENSSL_free(raw_buf);
- if (curves)
- OPENSSL_free(curves);
-
- return ret;
-}
-
-int main(void)
-{
- int ret = 1;
- BIO *out;
-
- out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
- /* enable memory leak checking unless explicitly disabled */
- if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) &&
- (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- } else {
- /* OPENSSL_DEBUG_MEMORY=off */
- CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
- }
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- ERR_load_crypto_strings();
-
- /* initialize the prng */
- RAND_seed(rnd_seed, sizeof(rnd_seed));
-
- /* the tests */
- if (!x9_62_tests(out))
- goto err;
- if (!test_builtin(out))
- goto err;
-
- ret = 0;
- err:
- if (ret)
- BIO_printf(out, "\nECDSA test failed\n");
- else
- BIO_printf(out, "\nECDSA test passed\n");
- if (ret)
- ERR_print_errors(out);
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- ERR_free_strings();
- CRYPTO_mem_leaks(out);
- BIO_free(out);
- return ret;
-}
-#endif
+++ /dev/null
-/* openssl/engine.h */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_ENGINE_H
-# define HEADER_ENGINE_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_ENGINE
-# error ENGINE is disabled.
-# endif
-
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# endif
-# ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-# endif
-# ifndef OPENSSL_NO_EC
-# include <openssl/ecdh.h>
-# include <openssl/ecdsa.h>
-# endif
-# include <openssl/rand.h>
-# include <openssl/ui.h>
-# include <openssl/err.h>
-# endif
-
-# include <openssl/ossl_typ.h>
-# include <openssl/symhacks.h>
-
-# include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * These flags are used to control combinations of algorithm (methods) by
- * bitwise "OR"ing.
- */
-# define ENGINE_METHOD_RSA (unsigned int)0x0001
-# define ENGINE_METHOD_DSA (unsigned int)0x0002
-# define ENGINE_METHOD_DH (unsigned int)0x0004
-# define ENGINE_METHOD_RAND (unsigned int)0x0008
-# define ENGINE_METHOD_ECDH (unsigned int)0x0010
-# define ENGINE_METHOD_ECDSA (unsigned int)0x0020
-# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
-# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
-# define ENGINE_METHOD_STORE (unsigned int)0x0100
-# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
-# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
-/* Obvious all-or-nothing cases. */
-# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
-# define ENGINE_METHOD_NONE (unsigned int)0x0000
-
-/*
- * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
- * internally to control registration of ENGINE implementations, and can be
- * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
- * initialise registered ENGINEs if they are not already initialised.
- */
-# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
-
-/* ENGINE flags that can be set by ENGINE_set_flags(). */
-/* Not used */
-/* #define ENGINE_FLAGS_MALLOCED 0x0001 */
-
-/*
- * This flag is for ENGINEs that wish to handle the various 'CMD'-related
- * control commands on their own. Without this flag, ENGINE_ctrl() handles
- * these control commands on behalf of the ENGINE using their "cmd_defns"
- * data.
- */
-# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
-
-/*
- * This flag is for ENGINEs who return new duplicate structures when found
- * via "ENGINE_by_id()". When an ENGINE must store state (eg. if
- * ENGINE_ctrl() commands are called in sequence as part of some stateful
- * process like key-generation setup and execution), it can set this flag -
- * then each attempt to obtain the ENGINE will result in it being copied into
- * a new structure. Normally, ENGINEs don't declare this flag so
- * ENGINE_by_id() just increments the existing ENGINE's structural reference
- * count.
- */
-# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
-
-/*
- * This flag if for an ENGINE that does not want its methods registered as
- * part of ENGINE_register_all_complete() for example if the methods are not
- * usable as default methods.
- */
-
-# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
-
-/*
- * ENGINEs can support their own command types, and these flags are used in
- * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
- * each command expects. Currently only numeric and string input is
- * supported. If a control command supports none of the _NUMERIC, _STRING, or
- * _NO_INPUT options, then it is regarded as an "internal" control command -
- * and not for use in config setting situations. As such, they're not
- * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
- * access. Changes to this list of 'command types' should be reflected
- * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
- */
-
-/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
-# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
-/*
- * accepts string input (cast from 'void*' to 'const char *', 4th parameter
- * to ENGINE_ctrl)
- */
-# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
-/*
- * Indicates that the control command takes *no* input. Ie. the control
- * command is unparameterised.
- */
-# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
-/*
- * Indicates that the control command is internal. This control command won't
- * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
- * function.
- */
-# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
-
-/*
- * NB: These 3 control commands are deprecated and should not be used.
- * ENGINEs relying on these commands should compile conditional support for
- * compatibility (eg. if these symbols are defined) but should also migrate
- * the same functionality to their own ENGINE-specific control functions that
- * can be "discovered" by calling applications. The fact these control
- * commands wouldn't be "executable" (ie. usable by text-based config)
- * doesn't change the fact that application code can find and use them
- * without requiring per-ENGINE hacking.
- */
-
-/*
- * These flags are used to tell the ctrl function what should be done. All
- * command numbers are shared between all engines, even if some don't make
- * sense to some engines. In such a case, they do nothing but return the
- * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
- */
-# define ENGINE_CTRL_SET_LOGSTREAM 1
-# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
-# define ENGINE_CTRL_HUP 3/* Close and reinitialise
- * any handles/connections
- * etc. */
-# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
-# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
- * when calling the password
- * callback and the user
- * interface */
-# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
- * given a string that
- * represents a file name
- * or so */
-# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
- * section in the already
- * loaded configuration */
-
-/*
- * These control commands allow an application to deal with an arbitrary
- * engine in a dynamic way. Warn: Negative return values indicate errors FOR
- * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
- * commands, including ENGINE-specific command types, return zero for an
- * error. An ENGINE can choose to implement these ctrl functions, and can
- * internally manage things however it chooses - it does so by setting the
- * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
- * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
- * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
- * ctrl() handler need only implement its own commands - the above "meta"
- * commands will be taken care of.
- */
-
-/*
- * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
- * then all the remaining control commands will return failure, so it is
- * worth checking this first if the caller is trying to "discover" the
- * engine's capabilities and doesn't want errors generated unnecessarily.
- */
-# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
-/*
- * Returns a positive command number for the first command supported by the
- * engine. Returns zero if no ctrl commands are supported.
- */
-# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
-/*
- * The 'long' argument specifies a command implemented by the engine, and the
- * return value is the next command supported, or zero if there are no more.
- */
-# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
-/*
- * The 'void*' argument is a command name (cast from 'const char *'), and the
- * return value is the command that corresponds to it.
- */
-# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
-/*
- * The next two allow a command to be converted into its corresponding string
- * form. In each case, the 'long' argument supplies the command. In the
- * NAME_LEN case, the return value is the length of the command name (not
- * counting a trailing EOL). In the NAME case, the 'void*' argument must be a
- * string buffer large enough, and it will be populated with the name of the
- * command (WITH a trailing EOL).
- */
-# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
-# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
-/* The next two are similar but give a "short description" of a command. */
-# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
-# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
-/*
- * With this command, the return value is the OR'd combination of
- * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
- * engine-specific ctrl command expects.
- */
-# define ENGINE_CTRL_GET_CMD_FLAGS 18
-
-/*
- * ENGINE implementations should start the numbering of their own control
- * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
- */
-# define ENGINE_CMD_BASE 200
-
-/*
- * NB: These 2 nCipher "chil" control commands are deprecated, and their
- * functionality is now available through ENGINE-specific control commands
- * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
- * commands should be migrated to the more general command handling before
- * these are removed.
- */
-
-/* Flags specific to the nCipher "chil" engine */
-# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
- /*
- * Depending on the value of the (long)i argument, this sets or
- * unsets the SimpleForkCheck flag in the CHIL API to enable or
- * disable checking and workarounds for applications that fork().
- */
-# define ENGINE_CTRL_CHIL_NO_LOCKING 101
- /*
- * This prevents the initialisation function from providing mutex
- * callbacks to the nCipher library.
- */
-
-/*
- * If an ENGINE supports its own specific control commands and wishes the
- * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
- * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
- * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
- * handler that supports the stated commands (ie. the "cmd_num" entries as
- * described by the array). NB: The array must be ordered in increasing order
- * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
- * has cmd_num set to zero and/or cmd_name set to NULL.
- */
-typedef struct ENGINE_CMD_DEFN_st {
- unsigned int cmd_num; /* The command number */
- const char *cmd_name; /* The command name itself */
- const char *cmd_desc; /* A short description of the command */
- unsigned int cmd_flags; /* The input the command expects */
-} ENGINE_CMD_DEFN;
-
-/* Generic function pointer */
-typedef int (*ENGINE_GEN_FUNC_PTR) (void);
-/* Generic function pointer taking no arguments */
-typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
-/* Specific control function pointer */
-typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
- void (*f) (void));
-/* Generic load_key function pointer */
-typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
- UI_METHOD *ui_method,
- void *callback_data);
-typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
- STACK_OF(X509_NAME) *ca_dn,
- X509 **pcert, EVP_PKEY **pkey,
- STACK_OF(X509) **pother,
- UI_METHOD *ui_method,
- void *callback_data);
-/*-
- * These callback types are for an ENGINE's handler for cipher and digest logic.
- * These handlers have these prototypes;
- * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
- * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
- * Looking at how to implement these handlers in the case of cipher support, if
- * the framework wants the EVP_CIPHER for 'nid', it will call;
- * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)
- * If the framework wants a list of supported 'nid's, it will call;
- * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
- */
-/*
- * Returns to a pointer to the array of supported cipher 'nid's. If the
- * second parameter is non-NULL it is set to the size of the returned array.
- */
-typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
- const int **, int);
-typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
- int);
-typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
- const int **, int);
-typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
- const int **, int);
-/*
- * STRUCTURE functions ... all of these functions deal with pointers to
- * ENGINE structures where the pointers have a "structural reference". This
- * means that their reference is to allowed access to the structure but it
- * does not imply that the structure is functional. To simply increment or
- * decrement the structural reference count, use ENGINE_by_id and
- * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
- * as it will automatically decrement the structural reference count of the
- * "current" ENGINE and increment the structural reference count of the
- * ENGINE it returns (unless it is NULL).
- */
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void);
-ENGINE *ENGINE_get_last(void);
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e);
-ENGINE *ENGINE_get_prev(ENGINE *e);
-/* Add another "ENGINE" type into the array. */
-int ENGINE_add(ENGINE *e);
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e);
-/* Retrieve an engine from the list by its unique "id" value. */
-ENGINE *ENGINE_by_id(const char *id);
-/* Add all the built-in engines. */
-void ENGINE_load_openssl(void);
-void ENGINE_load_dynamic(void);
-# ifndef OPENSSL_NO_STATIC_ENGINE
-void ENGINE_load_4758cca(void);
-void ENGINE_load_aep(void);
-void ENGINE_load_atalla(void);
-void ENGINE_load_chil(void);
-void ENGINE_load_cswift(void);
-void ENGINE_load_nuron(void);
-void ENGINE_load_sureware(void);
-void ENGINE_load_ubsec(void);
-void ENGINE_load_padlock(void);
-void ENGINE_load_capi(void);
-# ifndef OPENSSL_NO_GMP
-void ENGINE_load_gmp(void);
-# endif
-# ifndef OPENSSL_NO_GOST
-void ENGINE_load_gost(void);
-# endif
-# endif
-void ENGINE_load_cryptodev(void);
-void ENGINE_load_rdrand(void);
-void ENGINE_load_builtin_engines(void);
-
-/*
- * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
- * "registry" handling.
- */
-unsigned int ENGINE_get_table_flags(void);
-void ENGINE_set_table_flags(unsigned int flags);
-
-/*- Manage registration of ENGINEs per "table". For each type, there are 3
- * functions;
- * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
- * ENGINE_unregister_***(e) - unregister the implementation from 'e'
- * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
- * Cleanup is automatically registered from each table when required, so
- * ENGINE_cleanup() will reverse any "register" operations.
- */
-
-int ENGINE_register_RSA(ENGINE *e);
-void ENGINE_unregister_RSA(ENGINE *e);
-void ENGINE_register_all_RSA(void);
-
-int ENGINE_register_DSA(ENGINE *e);
-void ENGINE_unregister_DSA(ENGINE *e);
-void ENGINE_register_all_DSA(void);
-
-int ENGINE_register_ECDH(ENGINE *e);
-void ENGINE_unregister_ECDH(ENGINE *e);
-void ENGINE_register_all_ECDH(void);
-
-int ENGINE_register_ECDSA(ENGINE *e);
-void ENGINE_unregister_ECDSA(ENGINE *e);
-void ENGINE_register_all_ECDSA(void);
-
-int ENGINE_register_DH(ENGINE *e);
-void ENGINE_unregister_DH(ENGINE *e);
-void ENGINE_register_all_DH(void);
-
-int ENGINE_register_RAND(ENGINE *e);
-void ENGINE_unregister_RAND(ENGINE *e);
-void ENGINE_register_all_RAND(void);
-
-int ENGINE_register_STORE(ENGINE *e);
-void ENGINE_unregister_STORE(ENGINE *e);
-void ENGINE_register_all_STORE(void);
-
-int ENGINE_register_ciphers(ENGINE *e);
-void ENGINE_unregister_ciphers(ENGINE *e);
-void ENGINE_register_all_ciphers(void);
-
-int ENGINE_register_digests(ENGINE *e);
-void ENGINE_unregister_digests(ENGINE *e);
-void ENGINE_register_all_digests(void);
-
-int ENGINE_register_pkey_meths(ENGINE *e);
-void ENGINE_unregister_pkey_meths(ENGINE *e);
-void ENGINE_register_all_pkey_meths(void);
-
-int ENGINE_register_pkey_asn1_meths(ENGINE *e);
-void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
-void ENGINE_register_all_pkey_asn1_meths(void);
-
-/*
- * These functions register all support from the above categories. Note, use
- * of these functions can result in static linkage of code your application
- * may not need. If you only need a subset of functionality, consider using
- * more selective initialisation.
- */
-int ENGINE_register_complete(ENGINE *e);
-int ENGINE_register_all_complete(void);
-
-/*
- * Send parametrised control commands to the engine. The possibilities to
- * send down an integer, a pointer to data or a function pointer are
- * provided. Any of the parameters may or may not be NULL, depending on the
- * command number. In actuality, this function only requires a structural
- * (rather than functional) reference to an engine, but many control commands
- * may require the engine be functional. The caller should be aware of trying
- * commands that require an operational ENGINE, and only use functional
- * references in such situations.
- */
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-/*
- * This function tests if an ENGINE-specific command is usable as a
- * "setting". Eg. in an application's config file that gets processed through
- * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
- * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
- */
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
-
-/*
- * This function works like ENGINE_ctrl() with the exception of taking a
- * command name instead of a command number, and can handle optional
- * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
- * on how to use the cmd_name and cmd_optional.
- */
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
- long i, void *p, void (*f) (void), int cmd_optional);
-
-/*
- * This function passes a command-name and argument to an ENGINE. The
- * cmd_name is converted to a command number and the control command is
- * called using 'arg' as an argument (unless the ENGINE doesn't support such
- * a command, in which case no control command is called). The command is
- * checked for input flags, and if necessary the argument will be converted
- * to a numeric value. If cmd_optional is non-zero, then if the ENGINE
- * doesn't support the given cmd_name the return value will be success
- * anyway. This function is intended for applications to use so that users
- * (or config files) can supply engine-specific config data to the ENGINE at
- * run-time to control behaviour of specific engines. As such, it shouldn't
- * be used for calling ENGINE_ctrl() functions that return data, deal with
- * binary data, or that are otherwise supposed to be used directly through
- * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
- * operation in this function will be lost - the return value is interpreted
- * as failure if the return value is zero, success otherwise, and this
- * function returns a boolean value as a result. In other words, vendors of
- * 'ENGINE'-enabled devices should write ENGINE implementations with
- * parameterisations that work in this scheme, so that compliant ENGINE-based
- * applications can work consistently with the same configuration for the
- * same ENGINE-enabled devices, across applications.
- */
-int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
- int cmd_optional);
-
-/*
- * These functions are useful for manufacturing new ENGINE structures. They
- * don't address reference counting at all - one uses them to populate an
- * ENGINE structure with personalised implementations of things prior to
- * using it directly or adding it to the builtin ENGINE list in OpenSSL.
- * These are also here so that the ENGINE structure doesn't have to be
- * exposed and break binary compatibility!
- */
-ENGINE *ENGINE_new(void);
-int ENGINE_free(ENGINE *e);
-int ENGINE_up_ref(ENGINE *e);
-int ENGINE_set_id(ENGINE *e, const char *id);
-int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
-int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
-int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
-int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
-int ENGINE_set_load_privkey_function(ENGINE *e,
- ENGINE_LOAD_KEY_PTR loadpriv_f);
-int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
-int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
- ENGINE_SSL_CLIENT_CERT_PTR
- loadssl_f);
-int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
-int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
-int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
-int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
-int ENGINE_set_flags(ENGINE *e, int flags);
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
-/* These functions allow control over any per-structure ENGINE data. */
-int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
-void *ENGINE_get_ex_data(const ENGINE *e, int idx);
-
-/*
- * This function cleans up anything that needs it. Eg. the ENGINE_add()
- * function automatically ensures the list cleanup function is registered to
- * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
- * functions ensure ENGINE_cleanup() will clean up after them.
- */
-void ENGINE_cleanup(void);
-
-/*
- * These return values from within the ENGINE structure. These can be useful
- * with functional references as well as structural references - it depends
- * which you obtained. Using the result for functional purposes if you only
- * obtained a structural reference may be problematic!
- */
-const char *ENGINE_get_id(const ENGINE *e);
-const char *ENGINE_get_name(const ENGINE *e);
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
-const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
-const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
-const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
-ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
- *e);
-ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
-ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
-ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
-ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
-const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
-const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
-const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
- const char *str,
- int len);
-const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
- const char *str,
- int len);
-const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-int ENGINE_get_flags(const ENGINE *e);
-
-/*
- * FUNCTIONAL functions. These functions deal with ENGINE structures that
- * have (or will) be initialised for use. Broadly speaking, the structural
- * functions are useful for iterating the list of available engine types,
- * creating new engine types, and other "list" operations. These functions
- * actually deal with ENGINEs that are to be used. As such these functions
- * can fail (if applicable) when particular engines are unavailable - eg. if
- * a hardware accelerator is not attached or not functioning correctly. Each
- * ENGINE has 2 reference counts; structural and functional. Every time a
- * functional reference is obtained or released, a corresponding structural
- * reference is automatically obtained or released too.
- */
-
-/*
- * Initialise a engine type for use (or up its reference count if it's
- * already in use). This will fail if the engine is not currently operational
- * and cannot initialise.
- */
-int ENGINE_init(ENGINE *e);
-/*
- * Free a functional reference to a engine type. This does not require a
- * corresponding call to ENGINE_free as it also releases a structural
- * reference.
- */
-int ENGINE_finish(ENGINE *e);
-
-/*
- * The following functions handle keys that are stored in some secondary
- * location, handled by the engine. The storage may be on a card or
- * whatever.
- */
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
- STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
- EVP_PKEY **ppkey, STACK_OF(X509) **pother,
- UI_METHOD *ui_method, void *callback_data);
-
-/*
- * This returns a pointer for the current ENGINE structure that is (by
- * default) performing any RSA operations. The value returned is an
- * incremented reference, so it should be free'd (ENGINE_finish) before it is
- * discarded.
- */
-ENGINE *ENGINE_get_default_RSA(void);
-/* Same for the other "methods" */
-ENGINE *ENGINE_get_default_DSA(void);
-ENGINE *ENGINE_get_default_ECDH(void);
-ENGINE *ENGINE_get_default_ECDSA(void);
-ENGINE *ENGINE_get_default_DH(void);
-ENGINE *ENGINE_get_default_RAND(void);
-/*
- * These functions can be used to get a functional reference to perform
- * ciphering or digesting corresponding to "nid".
- */
-ENGINE *ENGINE_get_cipher_engine(int nid);
-ENGINE *ENGINE_get_digest_engine(int nid);
-ENGINE *ENGINE_get_pkey_meth_engine(int nid);
-ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
-
-/*
- * This sets a new default ENGINE structure for performing RSA operations. If
- * the result is non-zero (success) then the ENGINE structure will have had
- * its reference count up'd so the caller should still free their own
- * reference 'e'.
- */
-int ENGINE_set_default_RSA(ENGINE *e);
-int ENGINE_set_default_string(ENGINE *e, const char *def_list);
-/* Same for the other "methods" */
-int ENGINE_set_default_DSA(ENGINE *e);
-int ENGINE_set_default_ECDH(ENGINE *e);
-int ENGINE_set_default_ECDSA(ENGINE *e);
-int ENGINE_set_default_DH(ENGINE *e);
-int ENGINE_set_default_RAND(ENGINE *e);
-int ENGINE_set_default_ciphers(ENGINE *e);
-int ENGINE_set_default_digests(ENGINE *e);
-int ENGINE_set_default_pkey_meths(ENGINE *e);
-int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
-
-/*
- * The combination "set" - the flags are bitwise "OR"d from the
- * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
- * function, this function can result in unnecessary static linkage. If your
- * application requires only specific functionality, consider using more
- * selective functions.
- */
-int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
-void ENGINE_add_conf_module(void);
-
-/* Deprecated functions ... */
-/* int ENGINE_clear_defaults(void); */
-
-/**************************/
-/* DYNAMIC ENGINE SUPPORT */
-/**************************/
-
-/* Binary/behaviour compatibility levels */
-# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000
-/*
- * Binary versions older than this are too old for us (whether we're a loader
- * or a loadee)
- */
-# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000
-
-/*
- * When compiling an ENGINE entirely as an external shared library, loadable
- * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
- * structure type provides the calling application's (or library's) error
- * functionality and memory management function pointers to the loaded
- * library. These should be used/set in the loaded library code so that the
- * loading application's 'state' will be used/changed in all operations. The
- * 'static_state' pointer allows the loaded library to know if it shares the
- * same static data as the calling application (or library), and thus whether
- * these callbacks need to be set or not.
- */
-typedef void *(*dyn_MEM_malloc_cb) (size_t);
-typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
-typedef void (*dyn_MEM_free_cb) (void *);
-typedef struct st_dynamic_MEM_fns {
- dyn_MEM_malloc_cb malloc_cb;
- dyn_MEM_realloc_cb realloc_cb;
- dyn_MEM_free_cb free_cb;
-} dynamic_MEM_fns;
-/*
- * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
- * use these types so we (and any other dependant code) can simplify a bit??
- */
-typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
-typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
-typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
- int);
-typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
- const char *, int);
-typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
- const char *, int);
-typedef struct st_dynamic_LOCK_fns {
- dyn_lock_locking_cb lock_locking_cb;
- dyn_lock_add_lock_cb lock_add_lock_cb;
- dyn_dynlock_create_cb dynlock_create_cb;
- dyn_dynlock_lock_cb dynlock_lock_cb;
- dyn_dynlock_destroy_cb dynlock_destroy_cb;
-} dynamic_LOCK_fns;
-/* The top-level structure */
-typedef struct st_dynamic_fns {
- void *static_state;
- const ERR_FNS *err_fns;
- const CRYPTO_EX_DATA_IMPL *ex_data_fns;
- dynamic_MEM_fns mem_fns;
- dynamic_LOCK_fns lock_fns;
-} dynamic_fns;
-
-/*
- * The version checking function should be of this prototype. NB: The
- * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
- * code. If this function returns zero, it indicates a (potential) version
- * incompatibility and the loaded library doesn't believe it can proceed.
- * Otherwise, the returned value is the (latest) version supported by the
- * loading library. The loader may still decide that the loaded code's
- * version is unsatisfactory and could veto the load. The function is
- * expected to be implemented with the symbol name "v_check", and a default
- * implementation can be fully instantiated with
- * IMPLEMENT_DYNAMIC_CHECK_FN().
- */
-typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
-# define IMPLEMENT_DYNAMIC_CHECK_FN() \
- OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
- OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
- if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
- return 0; }
-
-/*
- * This function is passed the ENGINE structure to initialise with its own
- * function and command settings. It should not adjust the structural or
- * functional reference counts. If this function returns zero, (a) the load
- * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
- * the structure, and (c) the shared library will be unloaded. So
- * implementations should do their own internal cleanup in failure
- * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
- * represents the ENGINE id that the loader is looking for. If this is NULL,
- * the shared library can choose to return failure or to initialise a
- * 'default' ENGINE. If non-NULL, the shared library must initialise only an
- * ENGINE matching the passed 'id'. The function is expected to be
- * implemented with the symbol name "bind_engine". A standard implementation
- * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
- * 'fn' is a callback function that populates the ENGINE structure and
- * returns an int value (zero for failure). 'fn' should have prototype;
- * [static] int fn(ENGINE *e, const char *id);
- */
-typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
- const dynamic_fns *fns);
-# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
- OPENSSL_EXPORT \
- int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
- OPENSSL_EXPORT \
- int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
- if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
- if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
- fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
- return 0; \
- CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
- CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
- CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
- CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
- CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
- if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
- return 0; \
- if(!ERR_set_implementation(fns->err_fns)) return 0; \
- skip_cbs: \
- if(!fn(e,id)) return 0; \
- return 1; }
-
-/*
- * If the loading application (or library) and the loaded ENGINE library
- * share the same static data (eg. they're both dynamically linked to the
- * same libcrypto.so) we need a way to avoid trying to set system callbacks -
- * this would fail, and for the same reason that it's unnecessary to try. If
- * the loaded ENGINE has (or gets from through the loader) its own copy of
- * the libcrypto static data, we will need to set the callbacks. The easiest
- * way to detect this is to have a function that returns a pointer to some
- * static data and let the loading application and loaded ENGINE compare
- * their respective values.
- */
-void *ENGINE_get_static_state(void);
-
-# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
-void ENGINE_setup_bsd_cryptodev(void);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ENGINE_strings(void);
-
-/* Error codes for the ENGINE functions. */
-
-/* Function codes. */
-# define ENGINE_F_DYNAMIC_CTRL 180
-# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
-# define ENGINE_F_DYNAMIC_LOAD 182
-# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183
-# define ENGINE_F_ENGINE_ADD 105
-# define ENGINE_F_ENGINE_BY_ID 106
-# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
-# define ENGINE_F_ENGINE_CTRL 142
-# define ENGINE_F_ENGINE_CTRL_CMD 178
-# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
-# define ENGINE_F_ENGINE_FINISH 107
-# define ENGINE_F_ENGINE_FREE_UTIL 108
-# define ENGINE_F_ENGINE_GET_CIPHER 185
-# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
-# define ENGINE_F_ENGINE_GET_DIGEST 186
-# define ENGINE_F_ENGINE_GET_NEXT 115
-# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
-# define ENGINE_F_ENGINE_GET_PKEY_METH 192
-# define ENGINE_F_ENGINE_GET_PREV 116
-# define ENGINE_F_ENGINE_INIT 119
-# define ENGINE_F_ENGINE_LIST_ADD 120
-# define ENGINE_F_ENGINE_LIST_REMOVE 121
-# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
-# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
-# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
-# define ENGINE_F_ENGINE_NEW 122
-# define ENGINE_F_ENGINE_REMOVE 123
-# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
-# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
-# define ENGINE_F_ENGINE_SET_ID 129
-# define ENGINE_F_ENGINE_SET_NAME 130
-# define ENGINE_F_ENGINE_TABLE_REGISTER 184
-# define ENGINE_F_ENGINE_UNLOAD_KEY 152
-# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
-# define ENGINE_F_ENGINE_UP_REF 190
-# define ENGINE_F_INT_CTRL_HELPER 172
-# define ENGINE_F_INT_ENGINE_CONFIGURE 188
-# define ENGINE_F_INT_ENGINE_MODULE_INIT 187
-# define ENGINE_F_LOG_MESSAGE 141
-
-/* Reason codes. */
-# define ENGINE_R_ALREADY_LOADED 100
-# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
-# define ENGINE_R_CMD_NOT_EXECUTABLE 134
-# define ENGINE_R_COMMAND_TAKES_INPUT 135
-# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
-# define ENGINE_R_CONFLICTING_ENGINE_ID 103
-# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
-# define ENGINE_R_DH_NOT_IMPLEMENTED 139
-# define ENGINE_R_DSA_NOT_IMPLEMENTED 140
-# define ENGINE_R_DSO_FAILURE 104
-# define ENGINE_R_DSO_NOT_FOUND 132
-# define ENGINE_R_ENGINES_SECTION_ERROR 148
-# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
-# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
-# define ENGINE_R_ENGINE_SECTION_ERROR 149
-# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
-# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
-# define ENGINE_R_FINISH_FAILED 106
-# define ENGINE_R_GET_HANDLE_FAILED 107
-# define ENGINE_R_ID_OR_NAME_MISSING 108
-# define ENGINE_R_INIT_FAILED 109
-# define ENGINE_R_INTERNAL_LIST_ERROR 110
-# define ENGINE_R_INVALID_ARGUMENT 143
-# define ENGINE_R_INVALID_CMD_NAME 137
-# define ENGINE_R_INVALID_CMD_NUMBER 138
-# define ENGINE_R_INVALID_INIT_VALUE 151
-# define ENGINE_R_INVALID_STRING 150
-# define ENGINE_R_NOT_INITIALISED 117
-# define ENGINE_R_NOT_LOADED 112
-# define ENGINE_R_NO_CONTROL_FUNCTION 120
-# define ENGINE_R_NO_INDEX 144
-# define ENGINE_R_NO_LOAD_FUNCTION 125
-# define ENGINE_R_NO_REFERENCE 130
-# define ENGINE_R_NO_SUCH_ENGINE 116
-# define ENGINE_R_NO_UNLOAD_FUNCTION 126
-# define ENGINE_R_PROVIDE_PARAMETERS 113
-# define ENGINE_R_RSA_NOT_IMPLEMENTED 141
-# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
-# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
-# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
-# define ENGINE_R_VERSION_INCOMPATIBILITY 145
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/engine/enginetest.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/e_os2.h>
-
-#ifdef OPENSSL_NO_ENGINE
-int main(int argc, char *argv[])
-{
- printf("No ENGINE support\n");
- return (0);
-}
-#else
-# include <openssl/buffer.h>
-# include <openssl/crypto.h>
-# include <openssl/engine.h>
-# include <openssl/err.h>
-
-static void display_engine_list(void)
-{
- ENGINE *h;
- int loop;
-
- h = ENGINE_get_first();
- loop = 0;
- printf("listing available engine types\n");
- while (h) {
- printf("engine %i, id = \"%s\", name = \"%s\"\n",
- loop++, ENGINE_get_id(h), ENGINE_get_name(h));
- h = ENGINE_get_next(h);
- }
- printf("end of list\n");
- /*
- * ENGINE_get_first() increases the struct_ref counter, so we must call
- * ENGINE_free() to decrease it again
- */
- ENGINE_free(h);
-}
-
-int main(int argc, char *argv[])
-{
- ENGINE *block[512];
- char buf[256];
- const char *id, *name;
- ENGINE *ptr;
- int loop;
- int to_return = 1;
- ENGINE *new_h1 = NULL;
- ENGINE *new_h2 = NULL;
- ENGINE *new_h3 = NULL;
- ENGINE *new_h4 = NULL;
-
- /* enable memory leak checking unless explicitly disabled */
- if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
- && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- } else {
- /* OPENSSL_DEBUG_MEMORY=off */
- CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
- }
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- ERR_load_crypto_strings();
-
- memset(block, 0, 512 * sizeof(ENGINE *));
- if (((new_h1 = ENGINE_new()) == NULL) ||
- !ENGINE_set_id(new_h1, "test_id0") ||
- !ENGINE_set_name(new_h1, "First test item") ||
- ((new_h2 = ENGINE_new()) == NULL) ||
- !ENGINE_set_id(new_h2, "test_id1") ||
- !ENGINE_set_name(new_h2, "Second test item") ||
- ((new_h3 = ENGINE_new()) == NULL) ||
- !ENGINE_set_id(new_h3, "test_id2") ||
- !ENGINE_set_name(new_h3, "Third test item") ||
- ((new_h4 = ENGINE_new()) == NULL) ||
- !ENGINE_set_id(new_h4, "test_id3") ||
- !ENGINE_set_name(new_h4, "Fourth test item")) {
- printf("Couldn't set up test ENGINE structures\n");
- goto end;
- }
- printf("\nenginetest beginning\n\n");
- display_engine_list();
- if (!ENGINE_add(new_h1)) {
- printf("Add failed!\n");
- goto end;
- }
- display_engine_list();
- ptr = ENGINE_get_first();
- if (!ENGINE_remove(ptr)) {
- printf("Remove failed!\n");
- goto end;
- }
- if (ptr)
- ENGINE_free(ptr);
- display_engine_list();
- if (!ENGINE_add(new_h3) || !ENGINE_add(new_h2)) {
- printf("Add failed!\n");
- goto end;
- }
- display_engine_list();
- if (!ENGINE_remove(new_h2)) {
- printf("Remove failed!\n");
- goto end;
- }
- display_engine_list();
- if (!ENGINE_add(new_h4)) {
- printf("Add failed!\n");
- goto end;
- }
- display_engine_list();
- if (ENGINE_add(new_h3)) {
- printf("Add *should* have failed but didn't!\n");
- goto end;
- } else
- printf("Add that should fail did.\n");
- ERR_clear_error();
- if (ENGINE_remove(new_h2)) {
- printf("Remove *should* have failed but didn't!\n");
- goto end;
- } else
- printf("Remove that should fail did.\n");
- ERR_clear_error();
- if (!ENGINE_remove(new_h3)) {
- printf("Remove failed!\n");
- goto end;
- }
- display_engine_list();
- if (!ENGINE_remove(new_h4)) {
- printf("Remove failed!\n");
- goto end;
- }
- display_engine_list();
- /*
- * Depending on whether there's any hardware support compiled in, this
- * remove may be destined to fail.
- */
- ptr = ENGINE_get_first();
- if (ptr)
- if (!ENGINE_remove(ptr))
- printf("Remove failed!i - probably no hardware "
- "support present.\n");
- if (ptr)
- ENGINE_free(ptr);
- display_engine_list();
- if (!ENGINE_add(new_h1) || !ENGINE_remove(new_h1)) {
- printf("Couldn't add and remove to an empty list!\n");
- goto end;
- } else
- printf("Successfully added and removed to an empty list!\n");
- printf("About to beef up the engine-type list\n");
- for (loop = 0; loop < 512; loop++) {
- sprintf(buf, "id%i", loop);
- id = BUF_strdup(buf);
- sprintf(buf, "Fake engine type %i", loop);
- name = BUF_strdup(buf);
- if (((block[loop] = ENGINE_new()) == NULL) ||
- !ENGINE_set_id(block[loop], id) ||
- !ENGINE_set_name(block[loop], name)) {
- printf("Couldn't create block of ENGINE structures.\n"
- "I'll probably also core-dump now, damn.\n");
- goto end;
- }
- }
- for (loop = 0; loop < 512; loop++) {
- if (!ENGINE_add(block[loop])) {
- printf("\nAdding stopped at %i, (%s,%s)\n",
- loop, ENGINE_get_id(block[loop]),
- ENGINE_get_name(block[loop]));
- goto cleanup_loop;
- } else
- printf(".");
- fflush(stdout);
- }
- cleanup_loop:
- printf("\nAbout to empty the engine-type list\n");
- while ((ptr = ENGINE_get_first()) != NULL) {
- if (!ENGINE_remove(ptr)) {
- printf("\nRemove failed!\n");
- goto end;
- }
- ENGINE_free(ptr);
- printf(".");
- fflush(stdout);
- }
- for (loop = 0; loop < 512; loop++) {
- OPENSSL_free((void *)ENGINE_get_id(block[loop]));
- OPENSSL_free((void *)ENGINE_get_name(block[loop]));
- }
- printf("\nTests completed happily\n");
- to_return = 0;
- end:
- if (to_return)
- ERR_print_errors_fp(stderr);
- if (new_h1)
- ENGINE_free(new_h1);
- if (new_h2)
- ENGINE_free(new_h2);
- if (new_h3)
- ENGINE_free(new_h3);
- if (new_h4)
- ENGINE_free(new_h4);
- for (loop = 0; loop < 512; loop++)
- if (block[loop])
- ENGINE_free(block[loop]);
- ENGINE_cleanup();
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
- ERR_remove_thread_state(NULL);
- CRYPTO_mem_leaks_fp(stderr);
- return to_return;
-}
-#endif
+++ /dev/null
-/* crypto/err/err.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ERR_H
-# define HEADER_ERR_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_STDIO
-# include <stdio.h>
-# include <stdlib.h>
-# endif
-
-# include <openssl/ossl_typ.h>
-# include <openssl/bio.h>
-# include <openssl/lhash.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifndef OPENSSL_NO_ERR
-# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
-# else
-# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
-# endif
-
-# include <errno.h>
-
-# define ERR_TXT_MALLOCED 0x01
-# define ERR_TXT_STRING 0x02
-
-# define ERR_FLAG_MARK 0x01
-
-# define ERR_NUM_ERRORS 16
-typedef struct err_state_st {
- CRYPTO_THREADID tid;
- int err_flags[ERR_NUM_ERRORS];
- unsigned long err_buffer[ERR_NUM_ERRORS];
- char *err_data[ERR_NUM_ERRORS];
- int err_data_flags[ERR_NUM_ERRORS];
- const char *err_file[ERR_NUM_ERRORS];
- int err_line[ERR_NUM_ERRORS];
- int top, bottom;
-} ERR_STATE;
-
-/* library */
-# define ERR_LIB_NONE 1
-# define ERR_LIB_SYS 2
-# define ERR_LIB_BN 3
-# define ERR_LIB_RSA 4
-# define ERR_LIB_DH 5
-# define ERR_LIB_EVP 6
-# define ERR_LIB_BUF 7
-# define ERR_LIB_OBJ 8
-# define ERR_LIB_PEM 9
-# define ERR_LIB_DSA 10
-# define ERR_LIB_X509 11
-/* #define ERR_LIB_METH 12 */
-# define ERR_LIB_ASN1 13
-# define ERR_LIB_CONF 14
-# define ERR_LIB_CRYPTO 15
-# define ERR_LIB_EC 16
-# define ERR_LIB_SSL 20
-/* #define ERR_LIB_SSL23 21 */
-/* #define ERR_LIB_SSL2 22 */
-/* #define ERR_LIB_SSL3 23 */
-/* #define ERR_LIB_RSAREF 30 */
-/* #define ERR_LIB_PROXY 31 */
-# define ERR_LIB_BIO 32
-# define ERR_LIB_PKCS7 33
-# define ERR_LIB_X509V3 34
-# define ERR_LIB_PKCS12 35
-# define ERR_LIB_RAND 36
-# define ERR_LIB_DSO 37
-# define ERR_LIB_ENGINE 38
-# define ERR_LIB_OCSP 39
-# define ERR_LIB_UI 40
-# define ERR_LIB_COMP 41
-# define ERR_LIB_ECDSA 42
-# define ERR_LIB_ECDH 43
-# define ERR_LIB_STORE 44
-# define ERR_LIB_FIPS 45
-# define ERR_LIB_CMS 46
-# define ERR_LIB_TS 47
-# define ERR_LIB_HMAC 48
-# define ERR_LIB_JPAKE 49
-
-# define ERR_LIB_USER 128
-
-# define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
-# define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
-# define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
-# define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
-# define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
-# define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
-# define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
-# define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
-# define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
-# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
-# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
-# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
-# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
-# define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
-# define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
-# define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
-# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
-# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
-# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
-# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
-# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
-# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
-# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
-# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
-# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
-# define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
-# define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
-# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
-# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
-# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
-# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
-# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
-# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
-
-/*
- * Borland C seems too stupid to be able to shift and do longs in the
- * pre-processor :-(
- */
-# define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
- ((((unsigned long)f)&0xfffL)*0x1000)| \
- ((((unsigned long)r)&0xfffL)))
-# define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
-# define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
-# define ERR_GET_REASON(l) (int)((l)&0xfffL)
-# define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
-
-/* OS functions */
-# define SYS_F_FOPEN 1
-# define SYS_F_CONNECT 2
-# define SYS_F_GETSERVBYNAME 3
-# define SYS_F_SOCKET 4
-# define SYS_F_IOCTLSOCKET 5
-# define SYS_F_BIND 6
-# define SYS_F_LISTEN 7
-# define SYS_F_ACCEPT 8
-# define SYS_F_WSASTARTUP 9/* Winsock stuff */
-# define SYS_F_OPENDIR 10
-# define SYS_F_FREAD 11
-
-/* reasons */
-# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */
-# define ERR_R_BN_LIB ERR_LIB_BN/* 3 */
-# define ERR_R_RSA_LIB ERR_LIB_RSA/* 4 */
-# define ERR_R_DH_LIB ERR_LIB_DH/* 5 */
-# define ERR_R_EVP_LIB ERR_LIB_EVP/* 6 */
-# define ERR_R_BUF_LIB ERR_LIB_BUF/* 7 */
-# define ERR_R_OBJ_LIB ERR_LIB_OBJ/* 8 */
-# define ERR_R_PEM_LIB ERR_LIB_PEM/* 9 */
-# define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */
-# define ERR_R_X509_LIB ERR_LIB_X509/* 11 */
-# define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */
-# define ERR_R_CONF_LIB ERR_LIB_CONF/* 14 */
-# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
-# define ERR_R_EC_LIB ERR_LIB_EC/* 16 */
-# define ERR_R_SSL_LIB ERR_LIB_SSL/* 20 */
-# define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */
-# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
-# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
-# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
-# define ERR_R_RAND_LIB ERR_LIB_RAND/* 36 */
-# define ERR_R_DSO_LIB ERR_LIB_DSO/* 37 */
-# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
-# define ERR_R_OCSP_LIB ERR_LIB_OCSP/* 39 */
-# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */
-# define ERR_R_COMP_LIB ERR_LIB_COMP/* 41 */
-# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
-# define ERR_R_ECDH_LIB ERR_LIB_ECDH/* 43 */
-# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
-# define ERR_R_TS_LIB ERR_LIB_TS/* 45 */
-
-# define ERR_R_NESTED_ASN1_ERROR 58
-# define ERR_R_BAD_ASN1_OBJECT_HEADER 59
-# define ERR_R_BAD_GET_ASN1_OBJECT_CALL 60
-# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE 61
-# define ERR_R_ASN1_LENGTH_MISMATCH 62
-# define ERR_R_MISSING_ASN1_EOS 63
-
-/* fatal error */
-# define ERR_R_FATAL 64
-# define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
-# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
-# define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
-# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
-# define ERR_R_DISABLED (5|ERR_R_FATAL)
-
-/*
- * 99 is the maximum possible ERR_R_... code, higher values are reserved for
- * the individual libraries
- */
-
-typedef struct ERR_string_data_st {
- unsigned long error;
- const char *string;
-} ERR_STRING_DATA;
-
-void ERR_put_error(int lib, int func, int reason, const char *file, int line);
-void ERR_set_error_data(char *data, int flags);
-
-unsigned long ERR_get_error(void);
-unsigned long ERR_get_error_line(const char **file, int *line);
-unsigned long ERR_get_error_line_data(const char **file, int *line,
- const char **data, int *flags);
-unsigned long ERR_peek_error(void);
-unsigned long ERR_peek_error_line(const char **file, int *line);
-unsigned long ERR_peek_error_line_data(const char **file, int *line,
- const char **data, int *flags);
-unsigned long ERR_peek_last_error(void);
-unsigned long ERR_peek_last_error_line(const char **file, int *line);
-unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
- const char **data, int *flags);
-void ERR_clear_error(void);
-char *ERR_error_string(unsigned long e, char *buf);
-void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-const char *ERR_lib_error_string(unsigned long e);
-const char *ERR_func_error_string(unsigned long e);
-const char *ERR_reason_error_string(unsigned long e);
-void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
- void *u);
-# ifndef OPENSSL_NO_STDIO
-void ERR_print_errors_fp(FILE *fp);
-# endif
-void ERR_print_errors(BIO *bp);
-void ERR_add_error_data(int num, ...);
-void ERR_add_error_vdata(int num, va_list args);
-void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
-void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
-void ERR_load_ERR_strings(void);
-void ERR_load_crypto_strings(void);
-void ERR_free_strings(void);
-
-void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(void ERR_remove_state(unsigned long pid)); /* if zero we
- * look it up */
-# endif
-ERR_STATE *ERR_get_state(void);
-
-LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
-LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
-void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
-
-int ERR_get_next_error_library(void);
-
-int ERR_set_mark(void);
-int ERR_pop_to_mark(void);
-
-/* Already defined in ossl_typ.h */
-/* typedef struct st_ERR_FNS ERR_FNS; */
-/*
- * An application can use this function and provide the return value to
- * loaded modules that should use the application's ERR state/functionality
- */
-const ERR_FNS *ERR_get_implementation(void);
-/*
- * A loaded module should call this function prior to any ERR operations
- * using the application's "ERR_FNS".
- */
-int ERR_set_implementation(const ERR_FNS *fns);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
# files that may have to be rewritten by util/mkerr.pl
L ERR NONE NONE
-L BN crypto/bn/bn.h crypto/bn/bn_err.c
-L RSA crypto/rsa/rsa.h crypto/rsa/rsa_err.c
-L DH crypto/dh/dh.h crypto/dh/dh_err.c
-L EVP crypto/evp/evp.h crypto/evp/evp_err.c
-L BUF crypto/buffer/buffer.h crypto/buffer/buf_err.c
-L OBJ crypto/objects/objects.h crypto/objects/obj_err.c
-L PEM crypto/pem/pem.h crypto/pem/pem_err.c
-L DSA crypto/dsa/dsa.h crypto/dsa/dsa_err.c
-L X509 crypto/x509/x509.h crypto/x509/x509_err.c
-L ASN1 crypto/asn1/asn1.h crypto/asn1/asn1_err.c
-L CONF crypto/conf/conf.h crypto/conf/conf_err.c
-L CRYPTO crypto/crypto.h crypto/cpt_err.c
-L EC crypto/ec/ec.h crypto/ec/ec_err.c
-L SSL ssl/ssl.h ssl/ssl_err.c
-L BIO crypto/bio/bio.h crypto/bio/bio_err.c
-L PKCS7 crypto/pkcs7/pkcs7.h crypto/pkcs7/pkcs7err.c
-L X509V3 crypto/x509v3/x509v3.h crypto/x509v3/v3err.c
-L PKCS12 crypto/pkcs12/pkcs12.h crypto/pkcs12/pk12err.c
-L RAND crypto/rand/rand.h crypto/rand/rand_err.c
-L DSO crypto/dso/dso.h crypto/dso/dso_err.c
-L ENGINE crypto/engine/engine.h crypto/engine/eng_err.c
-L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c
-L UI crypto/ui/ui.h crypto/ui/ui_err.c
-L COMP crypto/comp/comp.h crypto/comp/comp_err.c
-L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c
-L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c
-L STORE crypto/store/store.h crypto/store/str_err.c
-L TS crypto/ts/ts.h crypto/ts/ts_err.c
-L HMAC crypto/hmac/hmac.h crypto/hmac/hmac_err.c
-L CMS crypto/cms/cms.h crypto/cms/cms_err.c
-L JPAKE crypto/jpake/jpake.h crypto/jpake/jpake_err.c
+L BN include/openssl/bn.h crypto/bn/bn_err.c
+L RSA include/openssl/rsa.h crypto/rsa/rsa_err.c
+L DH include/openssl/dh.h crypto/dh/dh_err.c
+L EVP include/openssl/evp.h crypto/evp/evp_err.c
+L BUF include/openssl/buffer.h crypto/buffer/buf_err.c
+L OBJ include/openssl/objects.h crypto/objects/obj_err.c
+L PEM include/openssl/pem.h crypto/pem/pem_err.c
+L DSA include/openssl/dsa.h crypto/dsa/dsa_err.c
+L X509 include/openssl/x509.h crypto/x509/x509_err.c
+L ASN1 include/openssl/asn1.h crypto/asn1/asn1_err.c
+L CONF include/openssl/conf.h crypto/conf/conf_err.c
+L CRYPTO include/openssl/crypto.h crypto/cpt_err.c
+L EC include/openssl/ec.h crypto/ec/ec_err.c
+L SSL include/openssl/ssl.h ssl/ssl_err.c
+L BIO include/openssl/bio.h crypto/bio/bio_err.c
+L PKCS7 include/openssl/pkcs7.h crypto/pkcs7/pkcs7err.c
+L X509V3 include/openssl/x509v3.h crypto/x509v3/v3err.c
+L PKCS12 include/openssl/pkcs12.h crypto/pkcs12/pk12err.c
+L RAND include/openssl/rand.h crypto/rand/rand_err.c
+L DSO include/openssl/dso.h crypto/dso/dso_err.c
+L ENGINE include/openssl/engine.h crypto/engine/eng_err.c
+L OCSP include/openssl/ocsp.h crypto/ocsp/ocsp_err.c
+L UI include/openssl/ui.h crypto/ui/ui_err.c
+L COMP include/openssl/comp.h crypto/comp/comp_err.c
+L ECDSA include/openssl/ecdsa.h crypto/ecdsa/ecs_err.c
+L ECDH include/openssl/ecdh.h crypto/ecdh/ech_err.c
+L STORE include/openssl/store.h crypto/store/str_err.c
+L TS include/openssl/ts.h crypto/ts/ts_err.c
+L HMAC include/openssl/hmac.h crypto/hmac/hmac_err.c
+L CMS include/openssl/cms.h crypto/cms/cms_err.c
+L JPAKE include/openssl/jpake.h crypto/jpake/jpake_err.c
+L FIPS include/openssl/fips.h crypto/fips_err.h
# additional header files to be scanned for function names
L NONE crypto/x509/x509_vfy.h NONE
+++ /dev/null
-/* crypto/evp/evp.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ENVELOPE_H
-# define HEADER_ENVELOPE_H
-
-# ifdef OPENSSL_ALGORITHM_DEFINES
-# include <openssl/opensslconf.h>
-# else
-# define OPENSSL_ALGORITHM_DEFINES
-# include <openssl/opensslconf.h>
-# undef OPENSSL_ALGORITHM_DEFINES
-# endif
-
-# include <openssl/ossl_typ.h>
-
-# include <openssl/symhacks.h>
-
-# include <openssl/bio.h>
-
-# define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
-# define EVP_MAX_KEY_LENGTH 64
-# define EVP_MAX_IV_LENGTH 16
-# define EVP_MAX_BLOCK_LENGTH 32
-
-# define PKCS5_SALT_LEN 8
-/* Default PKCS#5 iteration count */
-# define PKCS5_DEFAULT_ITER 2048
-
-# include <openssl/objects.h>
-
-# define EVP_PK_RSA 0x0001
-# define EVP_PK_DSA 0x0002
-# define EVP_PK_DH 0x0004
-# define EVP_PK_EC 0x0008
-# define EVP_PKT_SIGN 0x0010
-# define EVP_PKT_ENC 0x0020
-# define EVP_PKT_EXCH 0x0040
-# define EVP_PKS_RSA 0x0100
-# define EVP_PKS_DSA 0x0200
-# define EVP_PKS_EC 0x0400
-# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
-
-# define EVP_PKEY_NONE NID_undef
-# define EVP_PKEY_RSA NID_rsaEncryption
-# define EVP_PKEY_RSA2 NID_rsa
-# define EVP_PKEY_DSA NID_dsa
-# define EVP_PKEY_DSA1 NID_dsa_2
-# define EVP_PKEY_DSA2 NID_dsaWithSHA
-# define EVP_PKEY_DSA3 NID_dsaWithSHA1
-# define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
-# define EVP_PKEY_DH NID_dhKeyAgreement
-# define EVP_PKEY_DHX NID_dhpublicnumber
-# define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
-# define EVP_PKEY_HMAC NID_hmac
-# define EVP_PKEY_CMAC NID_cmac
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Type needs to be a bit field Sub-type needs to be for variations on the
- * method, as in, can it do arbitrary encryption....
- */
-struct evp_pkey_st {
- int type;
- int save_type;
- int references;
- const EVP_PKEY_ASN1_METHOD *ameth;
- ENGINE *engine;
- union {
- char *ptr;
-# ifndef OPENSSL_NO_RSA
- struct rsa_st *rsa; /* RSA */
-# endif
-# ifndef OPENSSL_NO_DSA
- struct dsa_st *dsa; /* DSA */
-# endif
-# ifndef OPENSSL_NO_DH
- struct dh_st *dh; /* DH */
-# endif
-# ifndef OPENSSL_NO_EC
- struct ec_key_st *ec; /* ECC */
-# endif
- } pkey;
- int save_parameters;
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} /* EVP_PKEY */ ;
-
-# define EVP_PKEY_MO_SIGN 0x0001
-# define EVP_PKEY_MO_VERIFY 0x0002
-# define EVP_PKEY_MO_ENCRYPT 0x0004
-# define EVP_PKEY_MO_DECRYPT 0x0008
-
-# ifndef EVP_MD
-struct env_md_st {
- int type;
- int pkey_type;
- int md_size;
- unsigned long flags;
- int (*init) (EVP_MD_CTX *ctx);
- int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
- int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
- int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
- int (*cleanup) (EVP_MD_CTX *ctx);
- /* FIXME: prototype these some day */
- int (*sign) (int type, const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen, void *key);
- int (*verify) (int type, const unsigned char *m, unsigned int m_length,
- const unsigned char *sigbuf, unsigned int siglen,
- void *key);
- int required_pkey_type[5]; /* EVP_PKEY_xxx */
- int block_size;
- int ctx_size; /* how big does the ctx->md_data need to be */
- /* control function */
- int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
-} /* EVP_MD */ ;
-
-typedef int evp_sign_method(int type, const unsigned char *m,
- unsigned int m_length, unsigned char *sigret,
- unsigned int *siglen, void *key);
-typedef int evp_verify_method(int type, const unsigned char *m,
- unsigned int m_length,
- const unsigned char *sigbuf,
- unsigned int siglen, void *key);
-
-/* digest can only handle a single block */
-# define EVP_MD_FLAG_ONESHOT 0x0001
-
-/*
- * digest is a "clone" digest used
- * which is a copy of an existing
- * one for a specific public key type.
- * EVP_dss1() etc
- */
-# define EVP_MD_FLAG_PKEY_DIGEST 0x0002
-
-/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
-
-# define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
-
-/* DigestAlgorithmIdentifier flags... */
-
-# define EVP_MD_FLAG_DIGALGID_MASK 0x0018
-
-/* NULL or absent parameter accepted. Use NULL */
-
-# define EVP_MD_FLAG_DIGALGID_NULL 0x0000
-
-/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
-
-# define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
-
-/* Custom handling via ctrl */
-
-# define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
-
-/* Note if suitable for use in FIPS mode */
-# define EVP_MD_FLAG_FIPS 0x0400
-
-/* Digest ctrls */
-
-# define EVP_MD_CTRL_DIGALGID 0x1
-# define EVP_MD_CTRL_MICALG 0x2
-
-/* Minimum Algorithm specific ctrl value */
-
-# define EVP_MD_CTRL_ALG_CTRL 0x1000
-
-# define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
-
-# ifndef OPENSSL_NO_DSA
-# define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
- (evp_verify_method *)DSA_verify, \
- {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
- EVP_PKEY_DSA4,0}
-# else
-# define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
-# endif
-
-# ifndef OPENSSL_NO_EC
-# define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
- (evp_verify_method *)ECDSA_verify, \
- {EVP_PKEY_EC,0,0,0}
-# else
-# define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
-# endif
-
-# ifndef OPENSSL_NO_RSA
-# define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
- (evp_verify_method *)RSA_verify, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
- (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
- (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-# else
-# define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
-# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-# endif
-
-# endif /* !EVP_MD */
-
-struct env_md_ctx_st {
- const EVP_MD *digest;
- ENGINE *engine; /* functional reference if 'digest' is
- * ENGINE-provided */
- unsigned long flags;
- void *md_data;
- /* Public key context for sign/verify */
- EVP_PKEY_CTX *pctx;
- /* Update function: usually copied from EVP_MD */
- int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
-} /* EVP_MD_CTX */ ;
-
-/* values for EVP_MD_CTX flags */
-
-# define EVP_MD_CTX_FLAG_ONESHOT 0x0001/* digest update will be
- * called once only */
-# define EVP_MD_CTX_FLAG_CLEANED 0x0002/* context has already been
- * cleaned */
-# define EVP_MD_CTX_FLAG_REUSE 0x0004/* Don't free up ctx->md_data
- * in EVP_MD_CTX_cleanup */
-/*
- * FIPS and pad options are ignored in 1.0.0, definitions are here so we
- * don't accidentally reuse the values for other purposes.
- */
-
-# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS
- * digest in FIPS mode */
-
-/*
- * The following PAD options are also currently ignored in 1.0.0, digest
- * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
- * instead.
- */
-# define EVP_MD_CTX_FLAG_PAD_MASK 0xF0/* RSA mode to use */
-# define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00/* PKCS#1 v1.5 mode */
-# define EVP_MD_CTX_FLAG_PAD_X931 0x10/* X9.31 mode */
-# define EVP_MD_CTX_FLAG_PAD_PSS 0x20/* PSS mode */
-
-# define EVP_MD_CTX_FLAG_NO_INIT 0x0100/* Don't initialize md_data */
-/*
- * Some functions such as EVP_DigestSign only finalise copies of internal
- * contexts so additional data can be included after the finalisation call.
- * This is inefficient if this functionality is not required: it is disabled
- * if the following flag is set.
- */
-# define EVP_MD_CTX_FLAG_FINALISE 0x0200
-
-struct evp_cipher_st {
- int nid;
- int block_size;
- /* Default value for variable length ciphers */
- int key_len;
- int iv_len;
- /* Various flags */
- unsigned long flags;
- /* init key */
- int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
- /* encrypt/decrypt data */
- int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl);
- /* cleanup ctx */
- int (*cleanup) (EVP_CIPHER_CTX *);
- /* how big ctx->cipher_data needs to be */
- int ctx_size;
- /* Populate a ASN1_TYPE with parameters */
- int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
- /* Get parameters from a ASN1_TYPE */
- int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
- /* Miscellaneous operations */
- int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
- /* Application data */
- void *app_data;
-} /* EVP_CIPHER */ ;
-
-/* Values for cipher flags */
-
-/* Modes for ciphers */
-
-# define EVP_CIPH_STREAM_CIPHER 0x0
-# define EVP_CIPH_ECB_MODE 0x1
-# define EVP_CIPH_CBC_MODE 0x2
-# define EVP_CIPH_CFB_MODE 0x3
-# define EVP_CIPH_OFB_MODE 0x4
-# define EVP_CIPH_CTR_MODE 0x5
-# define EVP_CIPH_GCM_MODE 0x6
-# define EVP_CIPH_CCM_MODE 0x7
-# define EVP_CIPH_XTS_MODE 0x10001
-# define EVP_CIPH_WRAP_MODE 0x10002
-# define EVP_CIPH_OCB_MODE 0x10003
-# define EVP_CIPH_MODE 0xF0007
-/* Set if variable length cipher */
-# define EVP_CIPH_VARIABLE_LENGTH 0x8
-/* Set if the iv handling should be done by the cipher itself */
-# define EVP_CIPH_CUSTOM_IV 0x10
-/* Set if the cipher's init() function should be called if key is NULL */
-# define EVP_CIPH_ALWAYS_CALL_INIT 0x20
-/* Call ctrl() to init cipher parameters */
-# define EVP_CIPH_CTRL_INIT 0x40
-/* Don't use standard key length function */
-# define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
-/* Don't use standard block padding */
-# define EVP_CIPH_NO_PADDING 0x100
-/* cipher handles random key generation */
-# define EVP_CIPH_RAND_KEY 0x200
-/* cipher has its own additional copying logic */
-# define EVP_CIPH_CUSTOM_COPY 0x400
-/* Allow use default ASN1 get/set iv */
-# define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
-/* Buffer length in bits not bytes: CFB1 mode only */
-# define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
-/* Note if suitable for use in FIPS mode */
-# define EVP_CIPH_FLAG_FIPS 0x4000
-/* Allow non FIPS cipher in FIPS mode */
-# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
-/*
- * Cipher handles any and all padding logic as well as finalisation.
- */
-# define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
-# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000
-
-/*
- * Cipher context flag to indicate we can handle wrap mode: if allowed in
- * older applications it could overflow buffers.
- */
-
-# define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0x1
-
-/* ctrl() values */
-
-# define EVP_CTRL_INIT 0x0
-# define EVP_CTRL_SET_KEY_LENGTH 0x1
-# define EVP_CTRL_GET_RC2_KEY_BITS 0x2
-# define EVP_CTRL_SET_RC2_KEY_BITS 0x3
-# define EVP_CTRL_GET_RC5_ROUNDS 0x4
-# define EVP_CTRL_SET_RC5_ROUNDS 0x5
-# define EVP_CTRL_RAND_KEY 0x6
-# define EVP_CTRL_PBE_PRF_NID 0x7
-# define EVP_CTRL_COPY 0x8
-# define EVP_CTRL_AEAD_SET_IVLEN 0x9
-# define EVP_CTRL_AEAD_GET_TAG 0x10
-# define EVP_CTRL_AEAD_SET_TAG 0x11
-# define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
-# define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
-# define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
-# define EVP_CTRL_GCM_SET_IV_FIXED 0x12
-# define EVP_CTRL_GCM_IV_GEN 0x13
-# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
-# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
-# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
-# define EVP_CTRL_CCM_SET_L 0x14
-# define EVP_CTRL_CCM_SET_MSGLEN 0x15
-/*
- * AEAD cipher deduces payload length and returns number of bytes required to
- * store MAC and eventual padding. Subsequent call to EVP_Cipher even
- * appends/verifies MAC.
- */
-# define EVP_CTRL_AEAD_TLS1_AAD 0x16
-/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
-# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
-/* Set the GCM invocation field, decrypt only */
-# define EVP_CTRL_GCM_SET_IV_INV 0x18
-
-# define EVP_CTRL_TLS1_1_MULTIBLOCK_AAD 0x19
-# define EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT 0x1a
-# define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b
-# define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c
-
-typedef struct {
- unsigned char *out;
- const unsigned char *inp;
- size_t len;
- unsigned int interleave;
-} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
-
-/* GCM TLS constants */
-/* Length of fixed part of IV derived from PRF */
-# define EVP_GCM_TLS_FIXED_IV_LEN 4
-/* Length of explicit part of IV part of TLS records */
-# define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
-/* Length of tag for TLS */
-# define EVP_GCM_TLS_TAG_LEN 16
-
-typedef struct evp_cipher_info_st {
- const EVP_CIPHER *cipher;
- unsigned char iv[EVP_MAX_IV_LENGTH];
-} EVP_CIPHER_INFO;
-
-struct evp_cipher_ctx_st {
- const EVP_CIPHER *cipher;
- ENGINE *engine; /* functional reference if 'cipher' is
- * ENGINE-provided */
- int encrypt; /* encrypt or decrypt */
- int buf_len; /* number we have left */
- unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
- unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
- unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */
- int num; /* used by cfb/ofb/ctr mode */
- void *app_data; /* application stuff */
- int key_len; /* May change for variable length cipher */
- unsigned long flags; /* Various flags */
- void *cipher_data; /* per EVP data */
- int final_used;
- int block_mask;
- unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
-} /* EVP_CIPHER_CTX */ ;
-
-typedef struct evp_Encode_Ctx_st {
- /* number saved in a partial encode/decode */
- int num;
- /*
- * The length is either the output line length (in input bytes) or the
- * shortest input line length that is ok. Once decoding begins, the
- * length is adjusted up each time a longer line is decoded
- */
- int length;
- /* data to encode */
- unsigned char enc_data[80];
- /* number read on current line */
- int line_num;
- int expect_nl;
-} EVP_ENCODE_CTX;
-
-/* Password based encryption function */
-typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
- int passlen, ASN1_TYPE *param,
- const EVP_CIPHER *cipher, const EVP_MD *md,
- int en_de);
-
-# ifndef OPENSSL_NO_RSA
-# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
- (char *)(rsa))
-# endif
-
-# ifndef OPENSSL_NO_DSA
-# define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
- (char *)(dsa))
-# endif
-
-# ifndef OPENSSL_NO_DH
-# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
- (char *)(dh))
-# endif
-
-# ifndef OPENSSL_NO_EC
-# define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
- (char *)(eckey))
-# endif
-
-/* Add some extra combinations */
-# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
-# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
-# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
-/* Macros to reduce FIPS dependencies: do NOT use in applications */
-# define M_EVP_MD_size(e) ((e)->md_size)
-# define M_EVP_MD_block_size(e) ((e)->block_size)
-# define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
-# define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
-# define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
-# define M_EVP_MD_type(e) ((e)->type)
-# define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e))
-# define M_EVP_MD_CTX_md(e) ((e)->digest)
-
-# define M_EVP_CIPHER_nid(e) ((e)->nid)
-# define M_EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
-# define M_EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
-# define M_EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
-# define M_EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
-# define M_EVP_CIPHER_CTX_mode(e) (M_EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
-
-# define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
-
-# define M_EVP_EncryptInit(ctx,ciph,key,iv) \
- (EVP_CipherInit(ctx,ciph,key,iv,1))
-# define M_EVP_EncryptInit_ex(ctx,ciph,impl,key,iv) \
- (EVP_CipherInit_ex(ctx,ciph,impl,key,iv,1))
-# define M_EVP_DecryptInit(ctx,ciph,key,iv) \
- (EVP_CipherInit(ctx,ciph,key,iv,0))
-# define M_EVP_DecryptInit_ex(ctx,ciph,impl,key,iv) \
- (EVP_CipherInit_ex(ctx,ciph,impl,key,iv,0))
-
-int EVP_MD_type(const EVP_MD *md);
-# define EVP_MD_nid(e) EVP_MD_type(e)
-# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
-int EVP_MD_pkey_type(const EVP_MD *md);
-int EVP_MD_size(const EVP_MD *md);
-int EVP_MD_block_size(const EVP_MD *md);
-unsigned long EVP_MD_flags(const EVP_MD *md);
-
-const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
-# define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
-# define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
-# define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
-
-int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
-# define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
-int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
-int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
-int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
-unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
-# define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
-
-const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
-void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
-void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
-# define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
-unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
-# define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
-
-# define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
-# define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
-
-# define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
-# define EVP_SignInit(a,b) EVP_DigestInit(a,b)
-# define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
-# define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
-# define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
-# define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
-# define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
-# define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
-# define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
-# define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
-
-# ifdef CONST_STRICT
-void BIO_set_md(BIO *, const EVP_MD *md);
-# else
-# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
-# endif
-# define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
-# define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
-# define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
-# define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
-# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
-
-/*__owur*/ int EVP_Cipher(EVP_CIPHER_CTX *c,
- unsigned char *out,
- const unsigned char *in, unsigned int inl);
-
-# define EVP_add_cipher_alias(n,alias) \
- OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
-# define EVP_add_digest_alias(n,alias) \
- OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
-# define EVP_delete_cipher_alias(alias) \
- OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
-# define EVP_delete_digest_alias(alias) \
- OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
-
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
-int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
-EVP_MD_CTX *EVP_MD_CTX_create(void);
-void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-/*__owur*/ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
-void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
-void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
-int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
-/*__owur*/ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type,
- ENGINE *impl);
-/*__owur*/ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d,
- size_t cnt);
-/*__owur*/ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
- unsigned int *s);
-/*__owur*/ int EVP_Digest(const void *data, size_t count,
- unsigned char *md, unsigned int *size,
- const EVP_MD *type, ENGINE *impl);
-
-/*__owur*/ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
-/*__owur*/ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-__owur int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
- unsigned int *s);
-
-int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
-int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
- const char *prompt, int verify);
-void EVP_set_pw_prompt(const char *prompt);
-char *EVP_get_pw_prompt(void);
-
-__owur int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
- const unsigned char *salt,
- const unsigned char *data, int datal, int count,
- unsigned char *key, unsigned char *iv);
-
-void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
-void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
-int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
-
-__owur int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- const unsigned char *key, const unsigned char *iv);
-/*__owur*/ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,
- const EVP_CIPHER *cipher, ENGINE *impl,
- const unsigned char *key,
- const unsigned char *iv);
-/*__owur*/ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, const unsigned char *in, int inl);
-/*__owur*/ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl);
-/*__owur*/ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl);
-
-__owur int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- const unsigned char *key, const unsigned char *iv);
-/*__owur*/ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,
- const EVP_CIPHER *cipher, ENGINE *impl,
- const unsigned char *key,
- const unsigned char *iv);
-/*__owur*/ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, const unsigned char *in, int inl);
-__owur int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
- int *outl);
-/*__owur*/ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
- int *outl);
-
-__owur int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- const unsigned char *key, const unsigned char *iv,
- int enc);
-/*__owur*/ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,
- const EVP_CIPHER *cipher, ENGINE *impl,
- const unsigned char *key,
- const unsigned char *iv, int enc);
-__owur int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, const unsigned char *in, int inl);
-__owur int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
- int *outl);
-__owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
- int *outl);
-
-__owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
- EVP_PKEY *pkey);
-
-__owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
- unsigned int siglen, EVP_PKEY *pkey);
-
-/*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const EVP_MD *type, ENGINE *e,
- EVP_PKEY *pkey);
-__owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
- size_t *siglen);
-
-__owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const EVP_MD *type, ENGINE *e,
- EVP_PKEY *pkey);
-__owur int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen);
-
-__owur int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
- const unsigned char *ek, int ekl,
- const unsigned char *iv, EVP_PKEY *priv);
-__owur int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-__owur int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
- unsigned char **ek, int *ekl, unsigned char *iv,
- EVP_PKEY **pubk, int npubk);
-__owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
- const unsigned char *in, int inl);
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
- const unsigned char *in, int inl);
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
- char *out, int *outl);
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
-void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
-int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
-
-BIO_METHOD *BIO_f_md(void);
-BIO_METHOD *BIO_f_base64(void);
-BIO_METHOD *BIO_f_cipher(void);
-BIO_METHOD *BIO_f_reliable(void);
-__owur int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
- const unsigned char *i, int enc);
-
-const EVP_MD *EVP_md_null(void);
-# ifndef OPENSSL_NO_MD2
-const EVP_MD *EVP_md2(void);
-# endif
-# ifndef OPENSSL_NO_MD4
-const EVP_MD *EVP_md4(void);
-# endif
-# ifndef OPENSSL_NO_MD5
-const EVP_MD *EVP_md5(void);
-# endif
-const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss1(void);
-const EVP_MD *EVP_ecdsa(void);
-const EVP_MD *EVP_sha224(void);
-const EVP_MD *EVP_sha256(void);
-const EVP_MD *EVP_sha384(void);
-const EVP_MD *EVP_sha512(void);
-# ifndef OPENSSL_NO_MDC2
-const EVP_MD *EVP_mdc2(void);
-# endif
-# ifndef OPENSSL_NO_RMD160
-const EVP_MD *EVP_ripemd160(void);
-# endif
-# ifndef OPENSSL_NO_WHIRLPOOL
-const EVP_MD *EVP_whirlpool(void);
-# endif
-const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
-# ifndef OPENSSL_NO_DES
-const EVP_CIPHER *EVP_des_ecb(void);
-const EVP_CIPHER *EVP_des_ede(void);
-const EVP_CIPHER *EVP_des_ede3(void);
-const EVP_CIPHER *EVP_des_ede_ecb(void);
-const EVP_CIPHER *EVP_des_ede3_ecb(void);
-const EVP_CIPHER *EVP_des_cfb64(void);
-# define EVP_des_cfb EVP_des_cfb64
-const EVP_CIPHER *EVP_des_cfb1(void);
-const EVP_CIPHER *EVP_des_cfb8(void);
-const EVP_CIPHER *EVP_des_ede_cfb64(void);
-# define EVP_des_ede_cfb EVP_des_ede_cfb64
-const EVP_CIPHER *EVP_des_ede3_cfb64(void);
-# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
-const EVP_CIPHER *EVP_des_ede3_cfb1(void);
-const EVP_CIPHER *EVP_des_ede3_cfb8(void);
-const EVP_CIPHER *EVP_des_ofb(void);
-const EVP_CIPHER *EVP_des_ede_ofb(void);
-const EVP_CIPHER *EVP_des_ede3_ofb(void);
-const EVP_CIPHER *EVP_des_cbc(void);
-const EVP_CIPHER *EVP_des_ede_cbc(void);
-const EVP_CIPHER *EVP_des_ede3_cbc(void);
-const EVP_CIPHER *EVP_desx_cbc(void);
-const EVP_CIPHER *EVP_des_ede3_wrap(void);
-/*
- * This should now be supported through the dev_crypto ENGINE. But also, why
- * are rc4 and md5 declarations made here inside a "NO_DES" precompiler
- * branch?
- */
-# endif
-# ifndef OPENSSL_NO_RC4
-const EVP_CIPHER *EVP_rc4(void);
-const EVP_CIPHER *EVP_rc4_40(void);
-# ifndef OPENSSL_NO_MD5
-const EVP_CIPHER *EVP_rc4_hmac_md5(void);
-# endif
-# endif
-# ifndef OPENSSL_NO_IDEA
-const EVP_CIPHER *EVP_idea_ecb(void);
-const EVP_CIPHER *EVP_idea_cfb64(void);
-# define EVP_idea_cfb EVP_idea_cfb64
-const EVP_CIPHER *EVP_idea_ofb(void);
-const EVP_CIPHER *EVP_idea_cbc(void);
-# endif
-# ifndef OPENSSL_NO_RC2
-const EVP_CIPHER *EVP_rc2_ecb(void);
-const EVP_CIPHER *EVP_rc2_cbc(void);
-const EVP_CIPHER *EVP_rc2_40_cbc(void);
-const EVP_CIPHER *EVP_rc2_64_cbc(void);
-const EVP_CIPHER *EVP_rc2_cfb64(void);
-# define EVP_rc2_cfb EVP_rc2_cfb64
-const EVP_CIPHER *EVP_rc2_ofb(void);
-# endif
-# ifndef OPENSSL_NO_BF
-const EVP_CIPHER *EVP_bf_ecb(void);
-const EVP_CIPHER *EVP_bf_cbc(void);
-const EVP_CIPHER *EVP_bf_cfb64(void);
-# define EVP_bf_cfb EVP_bf_cfb64
-const EVP_CIPHER *EVP_bf_ofb(void);
-# endif
-# ifndef OPENSSL_NO_CAST
-const EVP_CIPHER *EVP_cast5_ecb(void);
-const EVP_CIPHER *EVP_cast5_cbc(void);
-const EVP_CIPHER *EVP_cast5_cfb64(void);
-# define EVP_cast5_cfb EVP_cast5_cfb64
-const EVP_CIPHER *EVP_cast5_ofb(void);
-# endif
-# ifndef OPENSSL_NO_RC5
-const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
-# define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
-const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
-# endif
-# ifndef OPENSSL_NO_AES
-const EVP_CIPHER *EVP_aes_128_ecb(void);
-const EVP_CIPHER *EVP_aes_128_cbc(void);
-const EVP_CIPHER *EVP_aes_128_cfb1(void);
-const EVP_CIPHER *EVP_aes_128_cfb8(void);
-const EVP_CIPHER *EVP_aes_128_cfb128(void);
-# define EVP_aes_128_cfb EVP_aes_128_cfb128
-const EVP_CIPHER *EVP_aes_128_ofb(void);
-const EVP_CIPHER *EVP_aes_128_ctr(void);
-const EVP_CIPHER *EVP_aes_128_ccm(void);
-const EVP_CIPHER *EVP_aes_128_gcm(void);
-const EVP_CIPHER *EVP_aes_128_xts(void);
-const EVP_CIPHER *EVP_aes_128_wrap(void);
-const EVP_CIPHER *EVP_aes_128_wrap_pad(void);
-# ifndef OPENSSL_NO_OCB
-const EVP_CIPHER *EVP_aes_128_ocb(void);
-# endif
-const EVP_CIPHER *EVP_aes_192_ecb(void);
-const EVP_CIPHER *EVP_aes_192_cbc(void);
-const EVP_CIPHER *EVP_aes_192_cfb1(void);
-const EVP_CIPHER *EVP_aes_192_cfb8(void);
-const EVP_CIPHER *EVP_aes_192_cfb128(void);
-# define EVP_aes_192_cfb EVP_aes_192_cfb128
-const EVP_CIPHER *EVP_aes_192_ofb(void);
-const EVP_CIPHER *EVP_aes_192_ctr(void);
-const EVP_CIPHER *EVP_aes_192_ccm(void);
-const EVP_CIPHER *EVP_aes_192_gcm(void);
-const EVP_CIPHER *EVP_aes_192_wrap(void);
-const EVP_CIPHER *EVP_aes_192_wrap_pad(void);
-# ifndef OPENSSL_NO_OCB
-const EVP_CIPHER *EVP_aes_192_ocb(void);
-# endif
-const EVP_CIPHER *EVP_aes_256_ecb(void);
-const EVP_CIPHER *EVP_aes_256_cbc(void);
-const EVP_CIPHER *EVP_aes_256_cfb1(void);
-const EVP_CIPHER *EVP_aes_256_cfb8(void);
-const EVP_CIPHER *EVP_aes_256_cfb128(void);
-# define EVP_aes_256_cfb EVP_aes_256_cfb128
-const EVP_CIPHER *EVP_aes_256_ofb(void);
-const EVP_CIPHER *EVP_aes_256_ctr(void);
-const EVP_CIPHER *EVP_aes_256_ccm(void);
-const EVP_CIPHER *EVP_aes_256_gcm(void);
-const EVP_CIPHER *EVP_aes_256_xts(void);
-const EVP_CIPHER *EVP_aes_256_wrap(void);
-const EVP_CIPHER *EVP_aes_256_wrap_pad(void);
-# ifndef OPENSSL_NO_OCB
-const EVP_CIPHER *EVP_aes_256_ocb(void);
-# endif
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
-const EVP_CIPHER *EVP_camellia_128_ecb(void);
-const EVP_CIPHER *EVP_camellia_128_cbc(void);
-const EVP_CIPHER *EVP_camellia_128_cfb1(void);
-const EVP_CIPHER *EVP_camellia_128_cfb8(void);
-const EVP_CIPHER *EVP_camellia_128_cfb128(void);
-# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
-const EVP_CIPHER *EVP_camellia_128_ofb(void);
-const EVP_CIPHER *EVP_camellia_128_ctr(void);
-const EVP_CIPHER *EVP_camellia_192_ecb(void);
-const EVP_CIPHER *EVP_camellia_192_cbc(void);
-const EVP_CIPHER *EVP_camellia_192_cfb1(void);
-const EVP_CIPHER *EVP_camellia_192_cfb8(void);
-const EVP_CIPHER *EVP_camellia_192_cfb128(void);
-# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
-const EVP_CIPHER *EVP_camellia_192_ofb(void);
-const EVP_CIPHER *EVP_camellia_192_ctr(void);
-const EVP_CIPHER *EVP_camellia_256_ecb(void);
-const EVP_CIPHER *EVP_camellia_256_cbc(void);
-const EVP_CIPHER *EVP_camellia_256_cfb1(void);
-const EVP_CIPHER *EVP_camellia_256_cfb8(void);
-const EVP_CIPHER *EVP_camellia_256_cfb128(void);
-# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
-const EVP_CIPHER *EVP_camellia_256_ofb(void);
-const EVP_CIPHER *EVP_camellia_256_ctr(void);
-# endif
-
-# ifndef OPENSSL_NO_SEED
-const EVP_CIPHER *EVP_seed_ecb(void);
-const EVP_CIPHER *EVP_seed_cbc(void);
-const EVP_CIPHER *EVP_seed_cfb128(void);
-# define EVP_seed_cfb EVP_seed_cfb128
-const EVP_CIPHER *EVP_seed_ofb(void);
-# endif
-
-void OPENSSL_add_all_algorithms_noconf(void);
-void OPENSSL_add_all_algorithms_conf(void);
-
-# ifdef OPENSSL_LOAD_CONF
-# define OpenSSL_add_all_algorithms() \
- OPENSSL_add_all_algorithms_conf()
-# else
-# define OpenSSL_add_all_algorithms() \
- OPENSSL_add_all_algorithms_noconf()
-# endif
-
-void OpenSSL_add_all_ciphers(void);
-void OpenSSL_add_all_digests(void);
-# define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
-# define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
-# define SSLeay_add_all_digests() OpenSSL_add_all_digests()
-
-int EVP_add_cipher(const EVP_CIPHER *cipher);
-int EVP_add_digest(const EVP_MD *digest);
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
-const EVP_MD *EVP_get_digestbyname(const char *name);
-void EVP_cleanup(void);
-
-void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
- const char *from, const char *to, void *x),
- void *arg);
-void EVP_CIPHER_do_all_sorted(void (*fn)
- (const EVP_CIPHER *ciph, const char *from,
- const char *to, void *x), void *arg);
-
-void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
- const char *from, const char *to, void *x),
- void *arg);
-void EVP_MD_do_all_sorted(void (*fn)
- (const EVP_MD *ciph, const char *from,
- const char *to, void *x), void *arg);
-
-int EVP_PKEY_decrypt_old(unsigned char *dec_key,
- const unsigned char *enc_key, int enc_key_len,
- EVP_PKEY *private_key);
-int EVP_PKEY_encrypt_old(unsigned char *enc_key,
- const unsigned char *key, int key_len,
- EVP_PKEY *pub_key);
-int EVP_PKEY_type(int type);
-int EVP_PKEY_id(const EVP_PKEY *pkey);
-int EVP_PKEY_base_id(const EVP_PKEY *pkey);
-int EVP_PKEY_bits(EVP_PKEY *pkey);
-int EVP_PKEY_security_bits(const EVP_PKEY *pkey);
-int EVP_PKEY_size(EVP_PKEY *pkey);
-int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
-int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
-void *EVP_PKEY_get0(EVP_PKEY *pkey);
-
-# ifndef OPENSSL_NO_RSA
-struct rsa_st;
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
-struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_DSA
-struct dsa_st;
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
-struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_DH
-struct dh_st;
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
-struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_EC
-struct ec_key_st;
-int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
-struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
-# endif
-
-EVP_PKEY *EVP_PKEY_new(void);
-void EVP_PKEY_free(EVP_PKEY *pkey);
-
-EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
- long length);
-int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
-
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
- long length);
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
- long length);
-int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
-int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
-int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
-
-int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
-
-int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
- int indent, ASN1_PCTX *pctx);
-int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
- int indent, ASN1_PCTX *pctx);
-int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
- int indent, ASN1_PCTX *pctx);
-
-int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
-
-int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
-/* calls methods */
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* These are used by EVP_CIPHER methods */
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* PKCS5 password based encryption */
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, const EVP_CIPHER *cipher,
- const EVP_MD *md, int en_de);
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
- const unsigned char *salt, int saltlen, int iter,
- int keylen, unsigned char *out);
-int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
- const unsigned char *salt, int saltlen, int iter,
- const EVP_MD *digest, int keylen, unsigned char *out);
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, const EVP_CIPHER *cipher,
- const EVP_MD *md, int en_de);
-
-void PKCS5_PBE_add(void);
-
-int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
-
-/* PBE type */
-
-/* Can appear as the outermost AlgorithmIdentifier */
-# define EVP_PBE_TYPE_OUTER 0x0
-/* Is an PRF type OID */
-# define EVP_PBE_TYPE_PRF 0x1
-/* Is a PKCS#5 v2.0 KDF */
-# define EVP_PBE_TYPE_KDF 0x2
-
-int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
- int md_nid, EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
- EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
- EVP_PBE_KEYGEN **pkeygen);
-void EVP_PBE_cleanup(void);
-
-# define ASN1_PKEY_ALIAS 0x1
-# define ASN1_PKEY_DYNAMIC 0x2
-# define ASN1_PKEY_SIGPARAM_NULL 0x4
-
-# define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
-# define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
-# define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
-# define ASN1_PKEY_CTRL_CMS_SIGN 0x5
-# define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
-# define ASN1_PKEY_CTRL_CMS_RI_TYPE 0x8
-
-int EVP_PKEY_asn1_get_count(void);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
- const char *str, int len);
-int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
-int EVP_PKEY_asn1_add_alias(int to, int from);
-int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
- int *ppkey_flags, const char **pinfo,
- const char **ppem_str,
- const EVP_PKEY_ASN1_METHOD *ameth);
-
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
-EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
- const char *pem_str,
- const char *info);
-void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
- const EVP_PKEY_ASN1_METHOD *src);
-void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
-void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
- int (*pub_decode) (EVP_PKEY *pk,
- X509_PUBKEY *pub),
- int (*pub_encode) (X509_PUBKEY *pub,
- const EVP_PKEY *pk),
- int (*pub_cmp) (const EVP_PKEY *a,
- const EVP_PKEY *b),
- int (*pub_print) (BIO *out,
- const EVP_PKEY *pkey,
- int indent, ASN1_PCTX *pctx),
- int (*pkey_size) (const EVP_PKEY *pk),
- int (*pkey_bits) (const EVP_PKEY *pk));
-void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
- int (*priv_decode) (EVP_PKEY *pk,
- PKCS8_PRIV_KEY_INFO
- *p8inf),
- int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
- const EVP_PKEY *pk),
- int (*priv_print) (BIO *out,
- const EVP_PKEY *pkey,
- int indent,
- ASN1_PCTX *pctx));
-void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
- int (*param_decode) (EVP_PKEY *pkey,
- const unsigned char **pder,
- int derlen),
- int (*param_encode) (const EVP_PKEY *pkey,
- unsigned char **pder),
- int (*param_missing) (const EVP_PKEY *pk),
- int (*param_copy) (EVP_PKEY *to,
- const EVP_PKEY *from),
- int (*param_cmp) (const EVP_PKEY *a,
- const EVP_PKEY *b),
- int (*param_print) (BIO *out,
- const EVP_PKEY *pkey,
- int indent,
- ASN1_PCTX *pctx));
-
-void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
- void (*pkey_free) (EVP_PKEY *pkey));
-void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
- int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
- long arg1, void *arg2));
-
-void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
- int (*pkey_security_bits) (const EVP_PKEY
- *pk));
-
-# define EVP_PKEY_OP_UNDEFINED 0
-# define EVP_PKEY_OP_PARAMGEN (1<<1)
-# define EVP_PKEY_OP_KEYGEN (1<<2)
-# define EVP_PKEY_OP_SIGN (1<<3)
-# define EVP_PKEY_OP_VERIFY (1<<4)
-# define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
-# define EVP_PKEY_OP_SIGNCTX (1<<6)
-# define EVP_PKEY_OP_VERIFYCTX (1<<7)
-# define EVP_PKEY_OP_ENCRYPT (1<<8)
-# define EVP_PKEY_OP_DECRYPT (1<<9)
-# define EVP_PKEY_OP_DERIVE (1<<10)
-
-# define EVP_PKEY_OP_TYPE_SIG \
- (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
- | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
-
-# define EVP_PKEY_OP_TYPE_CRYPT \
- (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
-
-# define EVP_PKEY_OP_TYPE_NOGEN \
- (EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_DERIVE)
-
-# define EVP_PKEY_OP_TYPE_GEN \
- (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
-
-# define EVP_PKEY_CTX_set_signature_md(ctx, md) \
- EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
- EVP_PKEY_CTRL_MD, 0, (void *)md)
-
-# define EVP_PKEY_CTX_get_signature_md(ctx, pmd) \
- EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
- EVP_PKEY_CTRL_GET_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTX_set_mac_key(ctx, key, len) \
- EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, \
- EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)key)
-
-# define EVP_PKEY_CTRL_MD 1
-# define EVP_PKEY_CTRL_PEER_KEY 2
-
-# define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
-# define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
-
-# define EVP_PKEY_CTRL_PKCS7_SIGN 5
-
-# define EVP_PKEY_CTRL_SET_MAC_KEY 6
-
-# define EVP_PKEY_CTRL_DIGESTINIT 7
-
-/* Used by GOST key encryption in TLS */
-# define EVP_PKEY_CTRL_SET_IV 8
-
-# define EVP_PKEY_CTRL_CMS_ENCRYPT 9
-# define EVP_PKEY_CTRL_CMS_DECRYPT 10
-# define EVP_PKEY_CTRL_CMS_SIGN 11
-
-# define EVP_PKEY_CTRL_CIPHER 12
-
-# define EVP_PKEY_CTRL_GET_MD 13
-
-# define EVP_PKEY_ALG_CTRL 0x1000
-
-# define EVP_PKEY_FLAG_AUTOARGLEN 2
-/*
- * Method handles all operations: don't assume any digest related defaults.
- */
-# define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
-
-const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
-EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
-void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
- const EVP_PKEY_METHOD *meth);
-void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
-void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
-int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
-
-EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
-void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
- int cmd, int p1, void *p2);
-int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
- const char *value);
-
-int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
-void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
-
-EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
- const unsigned char *key, int keylen);
-
-void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
-void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
-EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
-
-EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
-
-void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
-void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
-int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
- const unsigned char *sig, size_t siglen,
- const unsigned char *tbs, size_t tbslen);
-int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
- unsigned char *rout, size_t *routlen,
- const unsigned char *sig, size_t siglen);
-int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
- unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen);
-int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
- unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen);
-
-int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-
-typedef int EVP_PKEY_gen_cb (EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-
-void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
-EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
-
-void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
- int (*init) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
- int (*copy) (EVP_PKEY_CTX *dst,
- EVP_PKEY_CTX *src));
-
-void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
- void (*cleanup) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
- int (*paramgen_init) (EVP_PKEY_CTX *ctx),
- int (*paramgen) (EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
- int (*keygen_init) (EVP_PKEY_CTX *ctx),
- int (*keygen) (EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
- int (*sign_init) (EVP_PKEY_CTX *ctx),
- int (*sign) (EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
- int (*verify_init) (EVP_PKEY_CTX *ctx),
- int (*verify) (EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- size_t siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
- int (*verify_recover_init) (EVP_PKEY_CTX
- *ctx),
- int (*verify_recover) (EVP_PKEY_CTX
- *ctx,
- unsigned char
- *sig,
- size_t *siglen,
- const unsigned
- char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
- int (*signctx_init) (EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (*signctx) (EVP_PKEY_CTX *ctx,
- unsigned char *sig,
- size_t *siglen,
- EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
- int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (*verifyctx) (EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- int siglen,
- EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
- int (*encrypt_init) (EVP_PKEY_CTX *ctx),
- int (*encryptfn) (EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen));
-
-void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
- int (*decrypt_init) (EVP_PKEY_CTX *ctx),
- int (*decrypt) (EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen));
-
-void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
- int (*derive_init) (EVP_PKEY_CTX *ctx),
- int (*derive) (EVP_PKEY_CTX *ctx,
- unsigned char *key,
- size_t *keylen));
-
-void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
- int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
- void *p2),
- int (*ctrl_str) (EVP_PKEY_CTX *ctx,
- const char *type,
- const char *value));
-
-void EVP_add_alg_module(void);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_EVP_strings(void);
-
-/* Error codes for the EVP functions. */
-
-/* Function codes. */
-# define EVP_F_AESNI_INIT_KEY 165
-# define EVP_F_AESNI_XTS_CIPHER 176
-# define EVP_F_AES_INIT_KEY 133
-# define EVP_F_AES_T4_INIT_KEY 178
-# define EVP_F_AES_XTS 172
-# define EVP_F_AES_XTS_CIPHER 175
-# define EVP_F_ALG_MODULE_INIT 177
-# define EVP_F_CAMELLIA_INIT_KEY 159
-# define EVP_F_CMAC_INIT 173
-# define EVP_F_CMLL_T4_INIT_KEY 179
-# define EVP_F_D2I_PKEY 100
-# define EVP_F_DO_SIGVER_INIT 161
-# define EVP_F_DSAPKEY2PKCS8 134
-# define EVP_F_DSA_PKEY2PKCS8 135
-# define EVP_F_ECDSA_PKEY2PKCS8 129
-# define EVP_F_ECKEY_PKEY2PKCS8 132
-# define EVP_F_EVP_CIPHERINIT_EX 123
-# define EVP_F_EVP_CIPHER_CTX_COPY 163
-# define EVP_F_EVP_CIPHER_CTX_CTRL 124
-# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
-# define EVP_F_EVP_DECRYPTFINAL_EX 101
-# define EVP_F_EVP_DIGESTINIT_EX 128
-# define EVP_F_EVP_ENCRYPTFINAL_EX 127
-# define EVP_F_EVP_MD_CTX_COPY_EX 110
-# define EVP_F_EVP_MD_SIZE 162
-# define EVP_F_EVP_OPENINIT 102
-# define EVP_F_EVP_PBE_ALG_ADD 115
-# define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
-# define EVP_F_EVP_PBE_CIPHERINIT 116
-# define EVP_F_EVP_PKCS82PKEY 111
-# define EVP_F_EVP_PKCS82PKEY_BROKEN 136
-# define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
-# define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
-# define EVP_F_EVP_PKEY_CTX_CTRL 137
-# define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
-# define EVP_F_EVP_PKEY_CTX_DUP 156
-# define EVP_F_EVP_PKEY_DECRYPT 104
-# define EVP_F_EVP_PKEY_DECRYPT_INIT 138
-# define EVP_F_EVP_PKEY_DECRYPT_OLD 151
-# define EVP_F_EVP_PKEY_DERIVE 153
-# define EVP_F_EVP_PKEY_DERIVE_INIT 154
-# define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
-# define EVP_F_EVP_PKEY_ENCRYPT 105
-# define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
-# define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
-# define EVP_F_EVP_PKEY_GET1_DH 119
-# define EVP_F_EVP_PKEY_GET1_DSA 120
-# define EVP_F_EVP_PKEY_GET1_ECDSA 130
-# define EVP_F_EVP_PKEY_GET1_EC_KEY 131
-# define EVP_F_EVP_PKEY_GET1_RSA 121
-# define EVP_F_EVP_PKEY_KEYGEN 146
-# define EVP_F_EVP_PKEY_KEYGEN_INIT 147
-# define EVP_F_EVP_PKEY_NEW 106
-# define EVP_F_EVP_PKEY_PARAMGEN 148
-# define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
-# define EVP_F_EVP_PKEY_SIGN 140
-# define EVP_F_EVP_PKEY_SIGN_INIT 141
-# define EVP_F_EVP_PKEY_VERIFY 142
-# define EVP_F_EVP_PKEY_VERIFY_INIT 143
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
-# define EVP_F_EVP_RIJNDAEL 126
-# define EVP_F_EVP_SIGNFINAL 107
-# define EVP_F_EVP_VERIFYFINAL 108
-# define EVP_F_FIPS_CIPHERINIT 166
-# define EVP_F_FIPS_CIPHER_CTX_COPY 170
-# define EVP_F_FIPS_CIPHER_CTX_CTRL 167
-# define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
-# define EVP_F_FIPS_DIGESTINIT 168
-# define EVP_F_FIPS_MD_CTX_COPY 169
-# define EVP_F_HMAC_INIT_EX 174
-# define EVP_F_INT_CTX_NEW 157
-# define EVP_F_PKCS5_PBE_KEYIVGEN 117
-# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
-# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
-# define EVP_F_PKCS8_SET_BROKEN 112
-# define EVP_F_PKEY_SET_TYPE 158
-# define EVP_F_RC2_MAGIC_TO_METH 109
-# define EVP_F_RC5_CTRL 125
-
-/* Reason codes. */
-# define EVP_R_AES_IV_SETUP_FAILED 162
-# define EVP_R_AES_KEY_SETUP_FAILED 143
-# define EVP_R_ASN1_LIB 140
-# define EVP_R_BAD_BLOCK_LENGTH 136
-# define EVP_R_BAD_DECRYPT 100
-# define EVP_R_BAD_KEY_LENGTH 137
-# define EVP_R_BN_DECODE_ERROR 112
-# define EVP_R_BN_PUBKEY_ERROR 113
-# define EVP_R_BUFFER_TOO_SMALL 155
-# define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
-# define EVP_R_CIPHER_PARAMETER_ERROR 122
-# define EVP_R_COMMAND_NOT_SUPPORTED 147
-# define EVP_R_CTRL_NOT_IMPLEMENTED 132
-# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
-# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
-# define EVP_R_DECODE_ERROR 114
-# define EVP_R_DIFFERENT_KEY_TYPES 101
-# define EVP_R_DIFFERENT_PARAMETERS 153
-# define EVP_R_DISABLED_FOR_FIPS 163
-# define EVP_R_ENCODE_ERROR 115
-# define EVP_R_ERROR_LOADING_SECTION 165
-# define EVP_R_ERROR_SETTING_FIPS_MODE 166
-# define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
-# define EVP_R_EXPECTING_AN_RSA_KEY 127
-# define EVP_R_EXPECTING_A_DH_KEY 128
-# define EVP_R_EXPECTING_A_DSA_KEY 129
-# define EVP_R_EXPECTING_A_ECDSA_KEY 141
-# define EVP_R_EXPECTING_A_EC_KEY 142
-# define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
-# define EVP_R_INITIALIZATION_ERROR 134
-# define EVP_R_INPUT_NOT_INITIALIZED 111
-# define EVP_R_INVALID_DIGEST 152
-# define EVP_R_INVALID_FIPS_MODE 168
-# define EVP_R_INVALID_KEY_LENGTH 130
-# define EVP_R_INVALID_OPERATION 148
-# define EVP_R_IV_TOO_LARGE 102
-# define EVP_R_KEYGEN_FAILURE 120
-# define EVP_R_MESSAGE_DIGEST_IS_NULL 159
-# define EVP_R_METHOD_NOT_SUPPORTED 144
-# define EVP_R_MISSING_PARAMETERS 103
-# define EVP_R_NO_CIPHER_SET 131
-# define EVP_R_NO_DEFAULT_DIGEST 158
-# define EVP_R_NO_DIGEST_SET 139
-# define EVP_R_NO_DSA_PARAMETERS 116
-# define EVP_R_NO_KEY_SET 154
-# define EVP_R_NO_OPERATION_SET 149
-# define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
-# define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
-# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
-# define EVP_R_OPERATON_NOT_INITIALIZED 151
-# define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
-# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
-# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
-# define EVP_R_PUBLIC_KEY_NOT_RSA 106
-# define EVP_R_TOO_LARGE 164
-# define EVP_R_UNKNOWN_CIPHER 160
-# define EVP_R_UNKNOWN_DIGEST 161
-# define EVP_R_UNKNOWN_OPTION 169
-# define EVP_R_UNKNOWN_PBE_ALGORITHM 121
-# define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
-# define EVP_R_UNSUPPORTED_ALGORITHM 156
-# define EVP_R_UNSUPPORTED_CIPHER 107
-# define EVP_R_UNSUPPORTED_KEYLENGTH 123
-# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
-# define EVP_R_UNSUPPORTED_KEY_SIZE 108
-# define EVP_R_UNSUPPORTED_PRF 125
-# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
-# define EVP_R_UNSUPPORTED_SALT_TYPE 126
-# define EVP_R_WRAP_MODE_NOT_ALLOWED 170
-# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
-# define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-/* ====================================================================
- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-/*
- * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
- * should never use this key anywhere but in an example.
- */
-static const unsigned char kExampleRSAKeyDER[] = {
- 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
- 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
- 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
- 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
- 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
- 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
- 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
- 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
- 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
- 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
- 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
- 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
- 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
- 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
- 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
- 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
- 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
- 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
- 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
- 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
- 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
- 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
- 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
- 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
- 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
- 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
- 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
- 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
- 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
- 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
- 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
- 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
- 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
- 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
- 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
- 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
- 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
- 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
- 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
- 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
- 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
- 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
- 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
- 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
- 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
- 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
- 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
- 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
- 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
- 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
-};
-
-static const unsigned char kMsg[] = { 1, 2, 3, 4 };
-
-static const unsigned char kSignature[] = {
- 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
- 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
- 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
- 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
- 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
- 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
- 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
- 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
- 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
- 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
- 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
-};
-
-/*
- * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
- * PrivateKeyInfo.
- */
-static const unsigned char kExampleRSAKeyPKCS8[] = {
- 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
- 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
- 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
- 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
- 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
- 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
- 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
- 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
- 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
- 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
- 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
- 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
- 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
- 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
- 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
- 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
- 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
- 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
- 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
- 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
- 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
- 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
- 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
- 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
- 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
- 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
- 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
- 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
- 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
- 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
- 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
- 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
- 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
- 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
- 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
- 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
- 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
- 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
- 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
- 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
- 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
- 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
- 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
- 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
- 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
- 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
- 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
- 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
- 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
- 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
- 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
- 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
- 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
-};
-
-#ifndef OPENSSL_NO_EC
-/*
- * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
- * structure.
- */
-static const unsigned char kExampleECKeyDER[] = {
- 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
- 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
- 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
- 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
- 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
- 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
- 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
- 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
- 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
- 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
- 0xc1,
-};
-
-/*
- * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
- * structure. The private key is equal to the order and will fail to import
- */
-static const unsigned char kExampleBadECKeyDER[] = {
- 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
- 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
- 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
- 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
- 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
- 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
- 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
-};
-#endif
-
-static EVP_PKEY *load_example_rsa_key(void)
-{
- EVP_PKEY *ret = NULL;
- const unsigned char *derp = kExampleRSAKeyDER;
- EVP_PKEY *pkey = NULL;
- RSA *rsa = NULL;
-
- if (!d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))) {
- return NULL;
- }
-
- pkey = EVP_PKEY_new();
- if (pkey == NULL || !EVP_PKEY_set1_RSA(pkey, rsa)) {
- goto out;
- }
-
- ret = pkey;
- pkey = NULL;
-
- out:
- EVP_PKEY_free(pkey);
- RSA_free(rsa);
-
- return ret;
-}
-
-static int test_EVP_DigestSignInit(void)
-{
- int ret = 0;
- EVP_PKEY *pkey = NULL;
- unsigned char *sig = NULL;
- size_t sig_len = 0;
- EVP_MD_CTX md_ctx, md_ctx_verify;
-
- EVP_MD_CTX_init(&md_ctx);
- EVP_MD_CTX_init(&md_ctx_verify);
-
- pkey = load_example_rsa_key();
- if (pkey == NULL ||
- !EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
- !EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg))) {
- goto out;
- }
- /* Determine the size of the signature. */
- if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) {
- goto out;
- }
- /* Sanity check for testing. */
- if (sig_len != (size_t)EVP_PKEY_size(pkey)) {
- fprintf(stderr, "sig_len mismatch\n");
- goto out;
- }
-
- sig = OPENSSL_malloc(sig_len);
- if (sig == NULL || !EVP_DigestSignFinal(&md_ctx, sig, &sig_len)) {
- goto out;
- }
-
- /* Ensure that the signature round-trips. */
- if (!EVP_DigestVerifyInit(&md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
- || !EVP_DigestVerifyUpdate(&md_ctx_verify, kMsg, sizeof(kMsg))
- || !EVP_DigestVerifyFinal(&md_ctx_verify, sig, sig_len)) {
- goto out;
- }
-
- ret = 1;
-
- out:
- if (!ret) {
- ERR_print_errors_fp(stderr);
- }
-
- EVP_MD_CTX_cleanup(&md_ctx);
- EVP_MD_CTX_cleanup(&md_ctx_verify);
- EVP_PKEY_free(pkey);
- if (sig) {
- OPENSSL_free(sig);
- }
-
- return ret;
-}
-
-static int test_EVP_DigestVerifyInit(void)
-{
- int ret = 0;
- EVP_PKEY *pkey = NULL;
- EVP_MD_CTX md_ctx;
-
- EVP_MD_CTX_init(&md_ctx);
-
- pkey = load_example_rsa_key();
- if (pkey == NULL ||
- !EVP_DigestVerifyInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
- !EVP_DigestVerifyUpdate(&md_ctx, kMsg, sizeof(kMsg)) ||
- !EVP_DigestVerifyFinal(&md_ctx, kSignature, sizeof(kSignature))) {
- goto out;
- }
- ret = 1;
-
- out:
- if (!ret) {
- ERR_print_errors_fp(stderr);
- }
-
- EVP_MD_CTX_cleanup(&md_ctx);
- EVP_PKEY_free(pkey);
-
- return ret;
-}
-
-static int test_d2i_AutoPrivateKey(const unsigned char *input,
- size_t input_len, int expected_id)
-{
- int ret = 0;
- const unsigned char *p;
- EVP_PKEY *pkey = NULL;
-
- p = input;
- pkey = d2i_AutoPrivateKey(NULL, &p, input_len);
- if (pkey == NULL || p != input + input_len) {
- fprintf(stderr, "d2i_AutoPrivateKey failed\n");
- goto done;
- }
-
- if (EVP_PKEY_id(pkey) != expected_id) {
- fprintf(stderr, "Did not decode expected type\n");
- goto done;
- }
-
- ret = 1;
-
- done:
- if (!ret) {
- ERR_print_errors_fp(stderr);
- }
-
- EVP_PKEY_free(pkey);
- return ret;
-}
-
-#ifndef OPENSSL_NO_EC
-/* Tests loading a bad key in PKCS8 format */
-static int test_EVP_PKCS82PKEY(void)
-{
- int ret = 0;
- const unsigned char *derp = kExampleBadECKeyDER;
- PKCS8_PRIV_KEY_INFO *p8inf = NULL;
- EVP_PKEY *pkey = NULL;
-
- p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, sizeof(kExampleBadECKeyDER));
-
- if (!p8inf || derp != kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)) {
- fprintf(stderr, "Failed to parse key\n");
- goto done;
- }
-
- pkey = EVP_PKCS82PKEY(p8inf);
- if (pkey) {
- fprintf(stderr, "Imported invalid EC key\n");
- goto done;
- }
-
- ret = 1;
-
- done:
- if (p8inf != NULL) {
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- }
-
- EVP_PKEY_free(pkey);
-
- return ret;
-}
-#endif
-
-int main(void)
-{
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- ERR_load_crypto_strings();
- /* Load up the software EVP_CIPHER and EVP_MD definitions */
- OpenSSL_add_all_ciphers();
- OpenSSL_add_all_digests();
-
- if (!test_EVP_DigestSignInit()) {
- fprintf(stderr, "EVP_DigestSignInit failed\n");
- return 1;
- }
-
- if (!test_EVP_DigestVerifyInit()) {
- fprintf(stderr, "EVP_DigestVerifyInit failed\n");
- return 1;
- }
-
- if (!test_d2i_AutoPrivateKey(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER),
- EVP_PKEY_RSA)) {
- fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyDER) failed\n");
- return 1;
- }
-
- if (!test_d2i_AutoPrivateKey
- (kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA)) {
- fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyPKCS8) failed\n");
- return 1;
- }
-
-#ifndef OPENSSL_NO_EC
- if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER),
- EVP_PKEY_EC)) {
- fprintf(stderr, "d2i_AutoPrivateKey(kExampleECKeyDER) failed\n");
- return 1;
- }
-
- if (!test_EVP_PKCS82PKEY()) {
- fprintf(stderr, "test_EVP_PKCS82PKEY failed\n");
- return 1;
- }
-#endif
-
- EVP_cleanup();
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- ERR_free_strings();
- CRYPTO_mem_leaks_fp(stderr);
-
- printf("PASS\n");
- return 0;
-}
+++ /dev/null
-/* evp_test.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-/* Remove spaces from beginning and end of a string */
-
-static void remove_space(char **pval)
-{
- unsigned char *p = (unsigned char *)*pval;
-
- while (isspace(*p))
- p++;
-
- *pval = (char *)p;
-
- p = p + strlen(*pval) - 1;
-
- /* Remove trailing space */
- while (isspace(*p))
- *p-- = 0;
-}
-
-/*
- * Given a line of the form:
- * name = value # comment
- * extract name and value. NB: modifies passed buffer.
- */
-
-static int parse_line(char **pkw, char **pval, char *linebuf)
-{
- char *p;
-
- p = linebuf + strlen(linebuf) - 1;
-
- if (*p != '\n') {
- fprintf(stderr, "FATAL: missing EOL\n");
- exit(1);
- }
-
- /* Look for # */
-
- p = strchr(linebuf, '#');
-
- if (p)
- *p = '\0';
-
- /* Look for = sign */
- p = strchr(linebuf, '=');
-
- /* If no '=' exit */
- if (!p)
- return 0;
-
- *p++ = '\0';
-
- *pkw = linebuf;
- *pval = p;
-
- /* Remove spaces from keyword and value */
- remove_space(pkw);
- remove_space(pval);
-
- return 1;
-}
-
-/* For a hex string "value" convert to a binary allocated buffer */
-static int test_bin(const char *value, unsigned char **buf, size_t *buflen)
-{
- long len;
- if (!*value) {
- /* Don't return NULL for zero length buffer */
- *buf = OPENSSL_malloc(1);
- if (!*buf)
- return 0;
- **buf = 0;
- *buflen = 0;
- return 1;
- }
- /* Check for string literal */
- if (value[0] == '"') {
- size_t vlen;
- value++;
- vlen = strlen(value);
- if (value[vlen - 1] != '"')
- return 0;
- vlen--;
- *buf = BUF_memdup(value, vlen);
- *buflen = vlen;
- return 1;
- }
- *buf = string_to_hex(value, &len);
- if (!*buf) {
- fprintf(stderr, "Value=%s\n", value);
- ERR_print_errors_fp(stderr);
- return -1;
- }
- /* Size of input buffer means we'll never overflow */
- *buflen = len;
- return 1;
-}
-
-/* Structure holding test information */
-struct evp_test {
- /* file being read */
- FILE *in;
- /* List of public and private keys */
- struct key_list *private;
- struct key_list *public;
- /* method for this test */
- const struct evp_test_method *meth;
- /* current line being processed */
- unsigned int line;
- /* start line of current test */
- unsigned int start_line;
- /* Error string for test */
- const char *err;
- /* Expected error value of test */
- char *expected_err;
- /* Number of tests */
- int ntests;
- /* Error count */
- int errors;
- /* Number of tests skipped */
- int nskip;
- /* If output mismatch expected and got value */
- unsigned char *out_got;
- unsigned char *out_expected;
- size_t out_len;
- /* test specific data */
- void *data;
- /* Current test should be skipped */
- int skip;
-};
-
-struct key_list {
- char *name;
- EVP_PKEY *key;
- struct key_list *next;
-};
-
-/* Test method structure */
-struct evp_test_method {
- /* Name of test as it appears in file */
- const char *name;
- /* Initialise test for "alg" */
- int (*init) (struct evp_test * t, const char *alg);
- /* Clean up method */
- void (*cleanup) (struct evp_test * t);
- /* Test specific name value pair processing */
- int (*parse) (struct evp_test * t, const char *name, const char *value);
- /* Run the test itself */
- int (*run_test) (struct evp_test * t);
-};
-
-static const struct evp_test_method digest_test_method, cipher_test_method;
-static const struct evp_test_method mac_test_method;
-static const struct evp_test_method psign_test_method, pverify_test_method;
-static const struct evp_test_method pdecrypt_test_method;
-static const struct evp_test_method pverify_recover_test_method;
-
-static const struct evp_test_method *evp_test_list[] = {
- &digest_test_method,
- &cipher_test_method,
- &mac_test_method,
- &psign_test_method,
- &pverify_test_method,
- &pdecrypt_test_method,
- &pverify_recover_test_method,
- NULL
-};
-
-static const struct evp_test_method *evp_find_test(const char *name)
-{
- const struct evp_test_method **tt;
- for (tt = evp_test_list; *tt; tt++) {
- if (!strcmp(name, (*tt)->name))
- return *tt;
- }
- return NULL;
-}
-
-static void hex_print(const char *name, const unsigned char *buf, size_t len)
-{
- size_t i;
- fprintf(stderr, "%s ", name);
- for (i = 0; i < len; i++)
- fprintf(stderr, "%02X", buf[i]);
- fputs("\n", stderr);
-}
-
-static void free_expected(struct evp_test *t)
-{
- if (t->expected_err) {
- OPENSSL_free(t->expected_err);
- t->expected_err = NULL;
- }
- if (t->out_expected) {
- OPENSSL_free(t->out_expected);
- OPENSSL_free(t->out_got);
- t->out_expected = NULL;
- t->out_got = NULL;
- }
-}
-
-static void print_expected(struct evp_test *t)
-{
- if (t->out_expected == NULL)
- return;
- hex_print("Expected:", t->out_expected, t->out_len);
- hex_print("Got: ", t->out_got, t->out_len);
- free_expected(t);
-}
-
-static int check_test_error(struct evp_test *t)
-{
- if (!t->err && !t->expected_err)
- return 1;
- if (t->err && !t->expected_err) {
- fprintf(stderr, "Test line %d: unexpected error %s\n",
- t->start_line, t->err);
- print_expected(t);
- return 0;
- }
- if (!t->err && t->expected_err) {
- fprintf(stderr, "Test line %d: succeeded expecting %s\n",
- t->start_line, t->expected_err);
- return 0;
- }
- if (!strcmp(t->err, t->expected_err))
- return 1;
-
- fprintf(stderr, "Test line %d: expecting %s got %s\n",
- t->start_line, t->expected_err, t->err);
- return 0;
-}
-
-/* Setup a new test, run any existing test */
-
-static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth)
-{
- /* If we already have a test set up run it */
- if (t->meth) {
- t->ntests++;
- if (t->skip) {
- t->meth = tmeth;
- t->nskip++;
- return 1;
- }
- t->err = NULL;
- if (t->meth->run_test(t) != 1) {
- fprintf(stderr, "%s test error line %d\n",
- t->meth->name, t->start_line);
- return 0;
- }
- if (!check_test_error(t)) {
- if (t->err)
- ERR_print_errors_fp(stderr);
- t->errors++;
- }
- ERR_clear_error();
- t->meth->cleanup(t);
- OPENSSL_free(t->data);
- t->data = NULL;
- if (t->expected_err) {
- OPENSSL_free(t->expected_err);
- t->expected_err = NULL;
- }
- free_expected(t);
- }
- t->meth = tmeth;
- return 1;
-}
-
-static int find_key(EVP_PKEY **ppk, const char *name, struct key_list *lst)
-{
- for (; lst; lst = lst->next) {
- if (!strcmp(lst->name, name)) {
- if (ppk)
- *ppk = lst->key;
- return 1;
- }
- }
- return 0;
-}
-
-static void free_key_list(struct key_list *lst)
-{
- while (lst != NULL) {
- struct key_list *ltmp;
- EVP_PKEY_free(lst->key);
- OPENSSL_free(lst->name);
- ltmp = lst->next;
- OPENSSL_free(lst);
- lst = ltmp;
- }
-}
-
-static int check_unsupported()
-{
- long err = ERR_peek_error();
- if (ERR_GET_LIB(err) == ERR_LIB_EVP
- && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
- ERR_clear_error();
- return 1;
- }
- return 0;
-}
-
-static int process_test(struct evp_test *t, char *buf, int verbose)
-{
- char *keyword, *value;
- int rv = 0, add_key = 0;
- long save_pos;
- struct key_list **lst, *key;
- EVP_PKEY *pk = NULL;
- const struct evp_test_method *tmeth;
- if (verbose)
- fputs(buf, stdout);
- if (!parse_line(&keyword, &value, buf))
- return 1;
- if (!strcmp(keyword, "PrivateKey")) {
- save_pos = ftell(t->in);
- pk = PEM_read_PrivateKey(t->in, NULL, 0, NULL);
- if (pk == NULL && !check_unsupported()) {
- fprintf(stderr, "Error reading private key %s\n", value);
- ERR_print_errors_fp(stderr);
- return 0;
- }
- lst = &t->private;
- add_key = 1;
- }
- if (!strcmp(keyword, "PublicKey")) {
- save_pos = ftell(t->in);
- pk = PEM_read_PUBKEY(t->in, NULL, 0, NULL);
- if (pk == NULL && !check_unsupported()) {
- fprintf(stderr, "Error reading public key %s\n", value);
- ERR_print_errors_fp(stderr);
- return 0;
- }
- lst = &t->public;
- add_key = 1;
- }
- /* If we have a key add to list */
- if (add_key) {
- char tmpbuf[80];
- if (find_key(NULL, value, *lst)) {
- fprintf(stderr, "Duplicate key %s\n", value);
- return 0;
- }
- key = OPENSSL_malloc(sizeof(struct key_list));
- if (!key)
- return 0;
- key->name = BUF_strdup(value);
- key->key = pk;
- key->next = *lst;
- *lst = key;
- /* Rewind input, read to end and update line numbers */
- fseek(t->in, save_pos, SEEK_SET);
- while (fgets(tmpbuf, sizeof(tmpbuf), t->in)) {
- t->line++;
- if (!strncmp(tmpbuf, "-----END", 8))
- return 1;
- }
- fprintf(stderr, "Can't find key end\n");
- return 0;
- }
-
- /* See if keyword corresponds to a test start */
- tmeth = evp_find_test(keyword);
- if (tmeth) {
- if (!setup_test(t, tmeth))
- return 0;
- t->start_line = t->line;
- t->skip = 0;
- if (!tmeth->init(t, value)) {
- fprintf(stderr, "Unknown %s: %s\n", keyword, value);
- return 0;
- }
- return 1;
- } else if (t->skip) {
- return 1;
- } else if (!strcmp(keyword, "Result")) {
- if (t->expected_err) {
- fprintf(stderr, "Line %d: multiple result lines\n", t->line);
- return 0;
- }
- t->expected_err = BUF_strdup(value);
- if (!t->expected_err)
- return 0;
- } else {
- /* Must be test specific line: try to parse it */
- if (t->meth)
- rv = t->meth->parse(t, keyword, value);
-
- if (rv == 0)
- fprintf(stderr, "line %d: unexpected keyword %s\n",
- t->line, keyword);
-
- if (rv < 0)
- fprintf(stderr, "line %d: error processing keyword %s\n",
- t->line, keyword);
- if (rv <= 0)
- return 0;
- }
- return 1;
-}
-
-static int check_output(struct evp_test *t, const unsigned char *expected,
- const unsigned char *got, size_t len)
-{
- if (!memcmp(expected, got, len))
- return 0;
- t->out_expected = BUF_memdup(expected, len);
- t->out_got = BUF_memdup(got, len);
- t->out_len = len;
- if (t->out_expected == NULL || t->out_got == NULL) {
- fprintf(stderr, "Memory allocation error!\n");
- exit(1);
- }
- return 1;
-}
-
-int main(int argc, char **argv)
-{
- FILE *in = NULL;
- char buf[10240];
- struct evp_test t;
-
- if (argc != 2) {
- fprintf(stderr, "usage: evp_test testfile.txt\n");
- return 1;
- }
-
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- ERR_load_crypto_strings();
- OpenSSL_add_all_algorithms();
-
- memset(&t, 0, sizeof(t));
- t.meth = NULL;
- t.public = NULL;
- t.private = NULL;
- t.err = NULL;
- t.line = 0;
- t.start_line = -1;
- t.errors = 0;
- t.ntests = 0;
- t.out_expected = NULL;
- t.out_got = NULL;
- t.out_len = 0;
- in = fopen(argv[1], "r");
- t.in = in;
- while (fgets(buf, sizeof(buf), in)) {
- t.line++;
- if (!process_test(&t, buf, 0))
- exit(1);
- }
- /* Run any final test we have */
- if (!setup_test(&t, NULL))
- exit(1);
- fprintf(stderr, "%d tests completed with %d errors, %d skipped\n",
- t.ntests, t.errors, t.nskip);
- free_key_list(t.public);
- free_key_list(t.private);
- fclose(in);
- EVP_cleanup();
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- ERR_free_strings();
- CRYPTO_mem_leaks_fp(stderr);
- if (t.errors)
- return 1;
- return 0;
-}
-
-static void test_free(void *d)
-{
- if (d)
- OPENSSL_free(d);
-}
-
-/* Message digest tests */
-
-struct digest_data {
- /* Digest this test is for */
- const EVP_MD *digest;
- /* Input to digest */
- unsigned char *input;
- size_t input_len;
- /* Repeat count for input */
- size_t nrpt;
- /* Expected output */
- unsigned char *output;
- size_t output_len;
-};
-
-static int digest_test_init(struct evp_test *t, const char *alg)
-{
- const EVP_MD *digest;
- struct digest_data *mdat = t->data;
- digest = EVP_get_digestbyname(alg);
- if (!digest) {
- /* If alg has an OID assume disabled algorithm */
- if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
- t->skip = 1;
- return 1;
- }
- return 0;
- }
- mdat = OPENSSL_malloc(sizeof(struct digest_data));
- mdat->digest = digest;
- mdat->input = NULL;
- mdat->output = NULL;
- mdat->nrpt = 1;
- t->data = mdat;
- return 1;
-}
-
-static void digest_test_cleanup(struct evp_test *t)
-{
- struct digest_data *mdat = t->data;
- test_free(mdat->input);
- test_free(mdat->output);
-}
-
-static int digest_test_parse(struct evp_test *t,
- const char *keyword, const char *value)
-{
- struct digest_data *mdata = t->data;
- if (!strcmp(keyword, "Input"))
- return test_bin(value, &mdata->input, &mdata->input_len);
- if (!strcmp(keyword, "Output"))
- return test_bin(value, &mdata->output, &mdata->output_len);
- if (!strcmp(keyword, "Count")) {
- long nrpt = atoi(value);
- if (nrpt <= 0)
- return 0;
- mdata->nrpt = (size_t)nrpt;
- return 1;
- }
- return 0;
-}
-
-static int digest_test_run(struct evp_test *t)
-{
- struct digest_data *mdata = t->data;
- size_t i;
- const char *err = "INTERNAL_ERROR";
- EVP_MD_CTX *mctx;
- unsigned char md[EVP_MAX_MD_SIZE];
- unsigned int md_len;
- mctx = EVP_MD_CTX_create();
- if (!mctx)
- goto err;
- err = "DIGESTINIT_ERROR";
- if (!EVP_DigestInit_ex(mctx, mdata->digest, NULL))
- goto err;
- err = "DIGESTUPDATE_ERROR";
- for (i = 0; i < mdata->nrpt; i++) {
- if (!EVP_DigestUpdate(mctx, mdata->input, mdata->input_len))
- goto err;
- }
- err = "DIGESTFINAL_ERROR";
- if (!EVP_DigestFinal(mctx, md, &md_len))
- goto err;
- err = "DIGEST_LENGTH_MISMATCH";
- if (md_len != mdata->output_len)
- goto err;
- err = "DIGEST_MISMATCH";
- if (check_output(t, mdata->output, md, md_len))
- goto err;
- err = NULL;
- err:
- if (mctx)
- EVP_MD_CTX_destroy(mctx);
- t->err = err;
- return 1;
-}
-
-static const struct evp_test_method digest_test_method = {
- "Digest",
- digest_test_init,
- digest_test_cleanup,
- digest_test_parse,
- digest_test_run
-};
-
-/* Cipher tests */
-struct cipher_data {
- const EVP_CIPHER *cipher;
- int enc;
- /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
- int aead;
- unsigned char *key;
- size_t key_len;
- unsigned char *iv;
- size_t iv_len;
- unsigned char *plaintext;
- size_t plaintext_len;
- unsigned char *ciphertext;
- size_t ciphertext_len;
- /* GCM, CCM only */
- unsigned char *aad;
- size_t aad_len;
- unsigned char *tag;
- size_t tag_len;
-};
-
-static int cipher_test_init(struct evp_test *t, const char *alg)
-{
- const EVP_CIPHER *cipher;
- struct cipher_data *cdat = t->data;
- cipher = EVP_get_cipherbyname(alg);
- if (!cipher) {
- /* If alg has an OID assume disabled algorithm */
- if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
- t->skip = 1;
- return 1;
- }
- return 0;
- }
- cdat = OPENSSL_malloc(sizeof(struct cipher_data));
- cdat->cipher = cipher;
- cdat->enc = -1;
- cdat->key = NULL;
- cdat->iv = NULL;
- cdat->ciphertext = NULL;
- cdat->plaintext = NULL;
- cdat->aad = NULL;
- cdat->tag = NULL;
- t->data = cdat;
- if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE
- || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE
- || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE)
- cdat->aead = EVP_CIPHER_mode(cipher);
- else
- cdat->aead = 0;
-
- return 1;
-}
-
-static void cipher_test_cleanup(struct evp_test *t)
-{
- struct cipher_data *cdat = t->data;
- test_free(cdat->key);
- test_free(cdat->iv);
- test_free(cdat->ciphertext);
- test_free(cdat->plaintext);
- test_free(cdat->aad);
- test_free(cdat->tag);
-}
-
-static int cipher_test_parse(struct evp_test *t, const char *keyword,
- const char *value)
-{
- struct cipher_data *cdat = t->data;
- if (!strcmp(keyword, "Key"))
- return test_bin(value, &cdat->key, &cdat->key_len);
- if (!strcmp(keyword, "IV"))
- return test_bin(value, &cdat->iv, &cdat->iv_len);
- if (!strcmp(keyword, "Plaintext"))
- return test_bin(value, &cdat->plaintext, &cdat->plaintext_len);
- if (!strcmp(keyword, "Ciphertext"))
- return test_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
- if (cdat->aead) {
- if (!strcmp(keyword, "AAD"))
- return test_bin(value, &cdat->aad, &cdat->aad_len);
- if (!strcmp(keyword, "Tag"))
- return test_bin(value, &cdat->tag, &cdat->tag_len);
- }
-
- if (!strcmp(keyword, "Operation")) {
- if (!strcmp(value, "ENCRYPT"))
- cdat->enc = 1;
- else if (!strcmp(value, "DECRYPT"))
- cdat->enc = 0;
- else
- return 0;
- return 1;
- }
- return 0;
-}
-
-static int cipher_test_enc(struct evp_test *t, int enc)
-{
- struct cipher_data *cdat = t->data;
- unsigned char *in, *out, *tmp = NULL;
- size_t in_len, out_len;
- int tmplen, tmpflen;
- EVP_CIPHER_CTX *ctx = NULL;
- const char *err;
- err = "INTERNAL_ERROR";
- ctx = EVP_CIPHER_CTX_new();
- if (!ctx)
- goto err;
- EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
- if (enc) {
- in = cdat->plaintext;
- in_len = cdat->plaintext_len;
- out = cdat->ciphertext;
- out_len = cdat->ciphertext_len;
- } else {
- in = cdat->ciphertext;
- in_len = cdat->ciphertext_len;
- out = cdat->plaintext;
- out_len = cdat->plaintext_len;
- }
- tmp = OPENSSL_malloc(in_len + 2 * EVP_MAX_BLOCK_LENGTH);
- if (!tmp)
- goto err;
- err = "CIPHERINIT_ERROR";
- if (!EVP_CipherInit_ex(ctx, cdat->cipher, NULL, NULL, NULL, enc))
- goto err;
- err = "INVALID_IV_LENGTH";
- if (cdat->iv) {
- if (cdat->aead) {
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
- cdat->iv_len, 0))
- goto err;
- } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
- goto err;
- }
- if (cdat->aead) {
- unsigned char *tag;
- /*
- * If encrypting or OCB just set tag length initially, otherwise
- * set tag length and value.
- */
- if (enc || cdat->aead == EVP_CIPH_OCB_MODE) {
- err = "TAG_LENGTH_SET_ERROR";
- tag = NULL;
- } else {
- err = "TAG_SET_ERROR";
- tag = cdat->tag;
- }
- if (tag || cdat->aead != EVP_CIPH_GCM_MODE) {
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
- cdat->tag_len, tag))
- goto err;
- }
- }
-
- err = "INVALID_KEY_LENGTH";
- if (!EVP_CIPHER_CTX_set_key_length(ctx, cdat->key_len))
- goto err;
- err = "KEY_SET_ERROR";
- if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1))
- goto err;
-
- if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) {
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
- cdat->tag_len, cdat->tag)) {
- err = "TAG_SET_ERROR";
- goto err;
- }
- }
-
- if (cdat->aead == EVP_CIPH_CCM_MODE) {
- if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
- err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
- goto err;
- }
- }
- if (cdat->aad) {
- if (!EVP_CipherUpdate(ctx, NULL, &tmplen, cdat->aad, cdat->aad_len)) {
- err = "AAD_SET_ERROR";
- goto err;
- }
- }
- EVP_CIPHER_CTX_set_padding(ctx, 0);
- err = "CIPHERUPDATE_ERROR";
- if (!EVP_CipherUpdate(ctx, tmp, &tmplen, in, in_len))
- goto err;
- if (cdat->aead == EVP_CIPH_CCM_MODE)
- tmpflen = 0;
- else {
- err = "CIPHERFINAL_ERROR";
- if (!EVP_CipherFinal_ex(ctx, tmp + tmplen, &tmpflen))
- goto err;
- }
- err = "LENGTH_MISMATCH";
- if (out_len != (size_t)(tmplen + tmpflen))
- goto err;
- err = "VALUE_MISMATCH";
- if (check_output(t, out, tmp, out_len))
- goto err;
- if (enc && cdat->aead) {
- unsigned char rtag[16];
- if (cdat->tag_len > sizeof(rtag)) {
- err = "TAG_LENGTH_INTERNAL_ERROR";
- goto err;
- }
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
- cdat->tag_len, rtag)) {
- err = "TAG_RETRIEVE_ERROR";
- goto err;
- }
- if (check_output(t, cdat->tag, rtag, cdat->tag_len)) {
- err = "TAG_VALUE_MISMATCH";
- goto err;
- }
- }
- err = NULL;
- err:
- if (tmp)
- OPENSSL_free(tmp);
- EVP_CIPHER_CTX_free(ctx);
- t->err = err;
- return err ? 0 : 1;
-}
-
-static int cipher_test_run(struct evp_test *t)
-{
- struct cipher_data *cdat = t->data;
- int rv;
- if (!cdat->key) {
- t->err = "NO_KEY";
- return 0;
- }
- if (!cdat->iv && EVP_CIPHER_iv_length(cdat->cipher)) {
- /* IV is optional and usually omitted in wrap mode */
- if (EVP_CIPHER_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) {
- t->err = "NO_IV";
- return 0;
- }
- }
- if (cdat->aead && !cdat->tag) {
- t->err = "NO_TAG";
- return 0;
- }
- if (cdat->enc) {
- rv = cipher_test_enc(t, 1);
- /* Not fatal errors: return */
- if (rv != 1) {
- if (rv < 0)
- return 0;
- return 1;
- }
- }
- if (cdat->enc != 1) {
- rv = cipher_test_enc(t, 0);
- /* Not fatal errors: return */
- if (rv != 1) {
- if (rv < 0)
- return 0;
- return 1;
- }
- }
- return 1;
-}
-
-static const struct evp_test_method cipher_test_method = {
- "Cipher",
- cipher_test_init,
- cipher_test_cleanup,
- cipher_test_parse,
- cipher_test_run
-};
-
-struct mac_data {
- /* MAC type */
- int type;
- /* Algorithm string for this MAC */
- char *alg;
- /* MAC key */
- unsigned char *key;
- size_t key_len;
- /* Input to MAC */
- unsigned char *input;
- size_t input_len;
- /* Expected output */
- unsigned char *output;
- size_t output_len;
-};
-
-static int mac_test_init(struct evp_test *t, const char *alg)
-{
- int type;
- struct mac_data *mdat;
- if (!strcmp(alg, "HMAC"))
- type = EVP_PKEY_HMAC;
- else if (!strcmp(alg, "CMAC"))
- type = EVP_PKEY_CMAC;
- else
- return 0;
-
- mdat = OPENSSL_malloc(sizeof(struct mac_data));
- mdat->type = type;
- mdat->alg = NULL;
- mdat->key = NULL;
- mdat->input = NULL;
- mdat->output = NULL;
- t->data = mdat;
- return 1;
-}
-
-static void mac_test_cleanup(struct evp_test *t)
-{
- struct mac_data *mdat = t->data;
- test_free(mdat->alg);
- test_free(mdat->key);
- test_free(mdat->input);
- test_free(mdat->output);
-}
-
-static int mac_test_parse(struct evp_test *t,
- const char *keyword, const char *value)
-{
- struct mac_data *mdata = t->data;
- if (!strcmp(keyword, "Key"))
- return test_bin(value, &mdata->key, &mdata->key_len);
- if (!strcmp(keyword, "Algorithm")) {
- mdata->alg = BUF_strdup(value);
- if (!mdata->alg)
- return 0;
- return 1;
- }
- if (!strcmp(keyword, "Input"))
- return test_bin(value, &mdata->input, &mdata->input_len);
- if (!strcmp(keyword, "Output"))
- return test_bin(value, &mdata->output, &mdata->output_len);
- return 0;
-}
-
-static int mac_test_run(struct evp_test *t)
-{
- struct mac_data *mdata = t->data;
- const char *err = "INTERNAL_ERROR";
- EVP_MD_CTX *mctx = NULL;
- EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
- EVP_PKEY *key = NULL;
- const EVP_MD *md = NULL;
- unsigned char *mac = NULL;
- size_t mac_len;
-
- err = "MAC_PKEY_CTX_ERROR";
- genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL);
- if (!genctx)
- goto err;
-
- err = "MAC_KEYGEN_INIT_ERROR";
- if (EVP_PKEY_keygen_init(genctx) <= 0)
- goto err;
- if (mdata->type == EVP_PKEY_CMAC) {
- err = "MAC_ALGORITHM_SET_ERROR";
- if (EVP_PKEY_CTX_ctrl_str(genctx, "cipher", mdata->alg) <= 0)
- goto err;
- }
-
- err = "MAC_KEY_SET_ERROR";
- if (EVP_PKEY_CTX_set_mac_key(genctx, mdata->key, mdata->key_len) <= 0)
- goto err;
-
- err = "MAC_KEY_GENERATE_ERROR";
- if (EVP_PKEY_keygen(genctx, &key) <= 0)
- goto err;
- if (mdata->type == EVP_PKEY_HMAC) {
- err = "MAC_ALGORITHM_SET_ERROR";
- md = EVP_get_digestbyname(mdata->alg);
- if (!md)
- goto err;
- }
- mctx = EVP_MD_CTX_create();
- if (!mctx)
- goto err;
- err = "DIGESTSIGNINIT_ERROR";
- if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key))
- goto err;
-
- err = "DIGESTSIGNUPDATE_ERROR";
- if (!EVP_DigestSignUpdate(mctx, mdata->input, mdata->input_len))
- goto err;
- err = "DIGESTSIGNFINAL_LENGTH_ERROR";
- if (!EVP_DigestSignFinal(mctx, NULL, &mac_len))
- goto err;
- mac = OPENSSL_malloc(mac_len);
- if (!mac) {
- fprintf(stderr, "Error allocating mac buffer!\n");
- exit(1);
- }
- if (!EVP_DigestSignFinal(mctx, mac, &mac_len))
- goto err;
- err = "MAC_LENGTH_MISMATCH";
- if (mac_len != mdata->output_len)
- goto err;
- err = "MAC_MISMATCH";
- if (check_output(t, mdata->output, mac, mac_len))
- goto err;
- err = NULL;
- err:
- if (mctx)
- EVP_MD_CTX_destroy(mctx);
- if (mac)
- OPENSSL_free(mac);
- EVP_PKEY_CTX_free(genctx);
- EVP_PKEY_free(key);
- t->err = err;
- return 1;
-}
-
-static const struct evp_test_method mac_test_method = {
- "MAC",
- mac_test_init,
- mac_test_cleanup,
- mac_test_parse,
- mac_test_run
-};
-
-/*
- * Public key operations. These are all very similar and can share
- * a lot of common code.
- */
-
-struct pkey_data {
- /* Context for this operation */
- EVP_PKEY_CTX *ctx;
- /* Key operation to perform */
- int (*keyop) (EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
- /* Input to MAC */
- unsigned char *input;
- size_t input_len;
- /* Expected output */
- unsigned char *output;
- size_t output_len;
-};
-
-/*
- * Perform public key operation setup: lookup key, allocated ctx and call
- * the appropriate initialisation function
- */
-static int pkey_test_init(struct evp_test *t, const char *name,
- int use_public,
- int (*keyopinit) (EVP_PKEY_CTX *ctx),
- int (*keyop) (EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen)
- )
-{
- struct pkey_data *kdata;
- EVP_PKEY *pkey = NULL;
- int rv = 0;
- if (use_public)
- rv = find_key(&pkey, name, t->public);
- if (!rv)
- rv = find_key(&pkey, name, t->private);
- if (!rv)
- return 0;
- if (!pkey) {
- t->skip = 1;
- return 1;
- }
-
- kdata = OPENSSL_malloc(sizeof(struct pkey_data));
- if (!kdata) {
- EVP_PKEY_free(pkey);
- return 0;
- }
- kdata->ctx = NULL;
- kdata->input = NULL;
- kdata->output = NULL;
- kdata->keyop = keyop;
- t->data = kdata;
- kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (!kdata->ctx)
- return 0;
- if (keyopinit(kdata->ctx) <= 0)
- return 0;
- return 1;
-}
-
-static void pkey_test_cleanup(struct evp_test *t)
-{
- struct pkey_data *kdata = t->data;
- if (kdata->input)
- OPENSSL_free(kdata->input);
- if (kdata->output)
- OPENSSL_free(kdata->output);
- EVP_PKEY_CTX_free(kdata->ctx);
-}
-
-static int pkey_test_parse(struct evp_test *t,
- const char *keyword, const char *value)
-{
- struct pkey_data *kdata = t->data;
- if (!strcmp(keyword, "Input"))
- return test_bin(value, &kdata->input, &kdata->input_len);
- if (!strcmp(keyword, "Output"))
- return test_bin(value, &kdata->output, &kdata->output_len);
- if (!strcmp(keyword, "Ctrl")) {
- char *p = strchr(value, ':');
- if (p)
- *p++ = 0;
- if (EVP_PKEY_CTX_ctrl_str(kdata->ctx, value, p) <= 0)
- return 0;
- return 1;
- }
- return 0;
-}
-
-static int pkey_test_run(struct evp_test *t)
-{
- struct pkey_data *kdata = t->data;
- unsigned char *out = NULL;
- size_t out_len;
- const char *err = "KEYOP_LENGTH_ERROR";
- if (kdata->keyop(kdata->ctx, NULL, &out_len, kdata->input,
- kdata->input_len) <= 0)
- goto err;
- out = OPENSSL_malloc(out_len);
- if (!out) {
- fprintf(stderr, "Error allocating output buffer!\n");
- exit(1);
- }
- err = "KEYOP_ERROR";
- if (kdata->keyop
- (kdata->ctx, out, &out_len, kdata->input, kdata->input_len) <= 0)
- goto err;
- err = "KEYOP_LENGTH_MISMATCH";
- if (out_len != kdata->output_len)
- goto err;
- err = "KEYOP_MISMATCH";
- if (check_output(t, kdata->output, out, out_len))
- goto err;
- err = NULL;
- err:
- if (out)
- OPENSSL_free(out);
- t->err = err;
- return 1;
-}
-
-static int sign_test_init(struct evp_test *t, const char *name)
-{
- return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign);
-}
-
-static const struct evp_test_method psign_test_method = {
- "Sign",
- sign_test_init,
- pkey_test_cleanup,
- pkey_test_parse,
- pkey_test_run
-};
-
-static int verify_recover_test_init(struct evp_test *t, const char *name)
-{
- return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init,
- EVP_PKEY_verify_recover);
-}
-
-static const struct evp_test_method pverify_recover_test_method = {
- "VerifyRecover",
- verify_recover_test_init,
- pkey_test_cleanup,
- pkey_test_parse,
- pkey_test_run
-};
-
-static int decrypt_test_init(struct evp_test *t, const char *name)
-{
- return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init,
- EVP_PKEY_decrypt);
-}
-
-static const struct evp_test_method pdecrypt_test_method = {
- "Decrypt",
- decrypt_test_init,
- pkey_test_cleanup,
- pkey_test_parse,
- pkey_test_run
-};
-
-static int verify_test_init(struct evp_test *t, const char *name)
-{
- return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0);
-}
-
-static int verify_test_run(struct evp_test *t)
-{
- struct pkey_data *kdata = t->data;
- if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len,
- kdata->input, kdata->input_len) <= 0)
- t->err = "VERIFY_ERROR";
- return 1;
-}
-
-static const struct evp_test_method pverify_test_method = {
- "Verify",
- verify_test_init,
- pkey_test_cleanup,
- pkey_test_parse,
- verify_test_run
-};
+++ /dev/null
-#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt)
-#aadcipher:key:iv:plaintext:ciphertext:aad:tag:0/1(decrypt/encrypt)
-#digest:::input:output
-
-# SHA(1) tests (from shatest.c)
-Digest = SHA1
-Input = 616263
-Output = a9993e364706816aba3e25717850c26c9cd0d89d
-
-
-# MD5 tests (from md5test.c)
-Digest = MD5
-Input =
-Output = d41d8cd98f00b204e9800998ecf8427e
-
-Digest = MD5
-Input = 61
-Output = 0cc175b9c0f1b6a831c399e269772661
-
-Digest = MD5
-Input = 616263
-Output = 900150983cd24fb0d6963f7d28e17f72
-
-Digest = MD5
-Input = 6d65737361676520646967657374
-Output = f96b697d7cb7938d525a2f31aaf161d0
-
-Digest = MD5
-Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
-Output = c3fcd3d76192e4007dfb496cca67e13b
-
-Digest = MD5
-Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
-Output = d174ab98d277d9f5a5611c2c9f419d9f
-
-Digest = MD5
-Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
-Output = 57edf4a22be3c955ac49da2e2107b67a
-
-# MD4 tests from md4test.c
-Digest = MD4
-Input = ""
-Output = 31d6cfe0d16ae931b73c59d7e0c089c0
-Digest = MD4
-Input = "a"
-Output = bde52cb31de33e46245e05fbdbd6fb24
-Digest = MD4
-Input = "abc"
-Output = a448017aaf21d8525fc10ae87aa6729d
-Digest = MD4
-Input = "message digest"
-Output = d9130a8164549fe818874806e1c7014b
-Digest = MD4
-Input = "abcdefghijklmnopqrstuvwxyz"
-Output = d79e1c308aa5bbcdeea8ed63df412da9
-Digest = MD4
-Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-Output = 043f8582f241db351ce627e153e7f0e4
-Digest = MD4
-Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-Output = e33b4ddc9c38f2199c3e7b164fcc0536
-
-# RIPEMD160 tests from rmdtest.c
-Digest = RIPEMD160
-Input = ""
-Output = 9c1185a5c5e9fc54612808977ee8f548b2258d31
-Digest = RIPEMD160
-Input = "a"
-Output = 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
-Digest = RIPEMD160
-Input = "abc"
-Output = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
-Digest = RIPEMD160
-Input = "message digest"
-Output = 5d0689ef49d2fae572b881b123a85ffa21595f36
-Digest = RIPEMD160
-Input = "abcdefghijklmnopqrstuvwxyz"
-Output = f71c27109c692c1b56bbdceb5b9d2865b3708dbc
-Digest = RIPEMD160
-Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-Output = 12a053384a9c0c88e405a06c27dcf49ada62eb2b
-Digest = RIPEMD160
-Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-Output = b0e20b6e3116640286ed3a87a5713079b21f5189
-Digest = RIPEMD160
-Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-Output = 9b752e45573d4b39f4dbd3323cab82bf63326bfb
-
-# whirlpool tests from wp_test.c
-Digest = whirlpool
-Input = ""
-Output = 19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3
-Digest = whirlpool
-Input = "a"
-Output = 8ACA2602792AEC6F11A67206531FB7D7F0DFF59413145E6973C45001D0087B42D11BC645413AEFF63A42391A39145A591A92200D560195E53B478584FDAE231A
-Digest = whirlpool
-Input = "abc"
-Output = 4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5
-Digest = whirlpool
-Input = "message digest"
-Output = 378C84A4126E2DC6E56DCC7458377AAC838D00032230F53CE1F5700C0FFB4D3B8421557659EF55C106B4B52AC5A4AAA692ED920052838F3362E86DBD37A8903E
-Digest = whirlpool
-Input = "abcdefghijklmnopqrstuvwxyz"
-Output = F1D754662636FFE92C82EBB9212A484A8D38631EAD4238F5442EE13B8054E41B08BF2A9251C30B6A0B8AAE86177AB4A6F68F673E7207865D5D9819A3DBA4EB3B
-Digest = whirlpool
-Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-Output = DC37E008CF9EE69BF11F00ED9ABA26901DD7C28CDEC066CC6AF42E40F82F3A1E08EBA26629129D8FB7CB57211B9281A65517CC879D7B962142C65F5A7AF01467
-Digest = whirlpool
-Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-Output = 466EF18BABB0154D25B9D38A6414F5C08784372BCCB204D6549C4AFADB6014294D5BD8DF2A6C44E538CD047B2681A51A2C60481E88C5A20B2C2A80CF3A9A083B
-Digest = whirlpool
-Input = "abcdbcdecdefdefgefghfghighijhijk"
-Output = 2A987EA40F917061F5D6F0A0E4644F488A7A5A52DEEE656207C562F988E95C6916BDC8031BC5BE1B7B947639FE050B56939BAAA0ADFF9AE6745B7B181C3BE3FD
-Digest = whirlpool
-Input = "aaaaaaaaaa"
-Count = 100000
-Output = 0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01
-
-# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
-
-Cipher = AES-128-ECB
-Key = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 69C4E0D86A7B0430D8CDB78070B4C55A
-
-# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
-
-Cipher = AES-192-ECB
-Key = 000102030405060708090A0B0C0D0E0F1011121314151617
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = DDA97CA4864CDFE06EAF70A0EC0D7191
-
-
-# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
-
-Cipher = AES-256-ECB
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 8EA2B7CA516745BFEAFC49904B496089
-
-
-# AES 128 ECB tests (from NIST test vectors, encrypt)
-
-#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1
-
-# AES 128 ECB tests (from NIST test vectors, decrypt)
-
-#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0
-
-# AES 192 ECB tests (from NIST test vectors, decrypt)
-
-#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0
-
-# AES 256 ECB tests (from NIST test vectors, decrypt)
-
-#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0
-
-# AES 128 CBC tests (from NIST test vectors, encrypt)
-
-#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1
-
-# AES 192 CBC tests (from NIST test vectors, encrypt)
-
-#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1
-
-# AES 256 CBC tests (from NIST test vectors, encrypt)
-
-#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1
-
-# AES 128 CBC tests (from NIST test vectors, decrypt)
-
-#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0
-
-# AES tests from NIST document SP800-38A
-# For all ECB encrypts and decrypts, the transformed sequence is
-# AES-bits-ECB:key::plaintext:ciphertext:encdec
-# ECB-AES128.Encrypt and ECB-AES128.Decrypt
-Cipher = AES-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 3AD77BB40D7A3660A89ECAF32466EF97
-
-Cipher = AES-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = F5D3D58503B9699DE785895A96FDBAAF
-
-Cipher = AES-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 43B1CD7F598ECE23881B00E3ED030688
-
-Cipher = AES-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 7B0C785E27E8AD3F8223207104725DD4
-
-# ECB-AES192.Encrypt and ECB-AES192.Decrypt
-Cipher = AES-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = BD334F1D6E45F25FF712A214571FA5CC
-
-Cipher = AES-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 974104846D0AD3AD7734ECB3ECEE4EEF
-
-Cipher = AES-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = EF7AFD2270E2E60ADCE0BA2FACE6444E
-
-Cipher = AES-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 9A4B41BA738D6C72FB16691603C18E0E
-
-# ECB-AES256.Encrypt and ECB-AES256.Decrypt
-Cipher = AES-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = F3EED1BDB5D2A03C064B5A7E3DB181F8
-
-Cipher = AES-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 591CCB10D410ED26DC5BA74A31362870
-
-Cipher = AES-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = B6ED21B99CA6F4F9F153E7B1BEAFED1D
-
-Cipher = AES-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 23304B7A39F9F3FF067D8D8F9E24ECC7
-
-# For all CBC encrypts and decrypts, the transformed sequence is
-# AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CBC-AES128.Encrypt and CBC-AES128.Decrypt
-Cipher = AES-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 7649ABAC8119B246CEE98E9B12E9197D
-
-Cipher = AES-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 7649ABAC8119B246CEE98E9B12E9197D
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 5086CB9B507219EE95DB113A917678B2
-
-Cipher = AES-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 5086CB9B507219EE95DB113A917678B2
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 73BED6B8E3C1743B7116E69E22229516
-
-Cipher = AES-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 73BED6B8E3C1743B7116E69E22229516
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 3FF1CAA1681FAC09120ECA307586E1A7
-
-# CBC-AES192.Encrypt and CBC-AES192.Decrypt
-Cipher = AES-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 4F021DB243BC633D7178183A9FA071E8
-
-Cipher = AES-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 4F021DB243BC633D7178183A9FA071E8
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = B4D9ADA9AD7DEDF4E5E738763F69145A
-
-Cipher = AES-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = B4D9ADA9AD7DEDF4E5E738763F69145A
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 571B242012FB7AE07FA9BAAC3DF102E0
-
-Cipher = AES-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 571B242012FB7AE07FA9BAAC3DF102E0
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 08B0E27988598881D920A9E64F5615CD
-
-# CBC-AES256.Encrypt and CBC-AES256.Decrypt
-Cipher = AES-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = F58C4C04D6E5F1BA779EABFB5F7BFBD6
-
-Cipher = AES-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = F58C4C04D6E5F1BA779EABFB5F7BFBD6
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 9CFC4E967EDB808D679F777BC6702C7D
-
-Cipher = AES-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 9CFC4E967EDB808D679F777BC6702C7D
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 39F23369A9D9BACFA530E26304231461
-
-Cipher = AES-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 39F23369A9D9BACFA530E26304231461
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = B2EB05E2C39BE9FCDA6C19078C6A9D1B
-
-# We don't support CFB{1,8}-AESxxx.{En,De}crypt
-# For all CFB128 encrypts and decrypts, the transformed sequence is
-# AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CFB128-AES128.Encrypt
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
-
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 3B3FD92EB72DAD20333449F8E83CFB4A
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = C8A64537A0B3A93FCDE3CDAD9F1CE58B
-
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = C8A64537A0B3A93FCDE3CDAD9F1CE58B
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 26751F67A3CBB140B1808CF187A4F4DF
-
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 26751F67A3CBB140B1808CF187A4F4DF
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = C04B05357C5D1C0EEAC4C66F9FF7F2E6
-
-# CFB128-AES128.Decrypt
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
-
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 3B3FD92EB72DAD20333449F8E83CFB4A
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = C8A64537A0B3A93FCDE3CDAD9F1CE58B
-
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = C8A64537A0B3A93FCDE3CDAD9F1CE58B
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 26751F67A3CBB140B1808CF187A4F4DF
-
-Cipher = AES-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 26751F67A3CBB140B1808CF187A4F4DF
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = C04B05357C5D1C0EEAC4C66F9FF7F2E6
-
-# CFB128-AES192.Encrypt
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
-
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = CDC80D6FDDF18CAB34C25909C99A4174
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 67CE7F7F81173621961A2B70171D3D7A
-
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 67CE7F7F81173621961A2B70171D3D7A
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
-
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = C05F9F9CA9834FA042AE8FBA584B09FF
-
-# CFB128-AES192.Decrypt
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
-
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = CDC80D6FDDF18CAB34C25909C99A4174
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 67CE7F7F81173621961A2B70171D3D7A
-
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 67CE7F7F81173621961A2B70171D3D7A
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
-
-Cipher = AES-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = C05F9F9CA9834FA042AE8FBA584B09FF
-
-# CFB128-AES256.Encrypt
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
-
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = DC7E84BFDA79164B7ECD8486985D3860
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 39FFED143B28B1C832113C6331E5407B
-
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 39FFED143B28B1C832113C6331E5407B
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = DF10132415E54B92A13ED0A8267AE2F9
-
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = DF10132415E54B92A13ED0A8267AE2F9
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 75A385741AB9CEF82031623D55B1E471
-
-# CFB128-AES256.Decrypt
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
-
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = DC7E84BFDA79164B7ECD8486985D3860
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 39FFED143B28B1C832113C6331E5407B
-
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 39FFED143B28B1C832113C6331E5407B
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = DF10132415E54B92A13ED0A8267AE2F9
-
-Cipher = AES-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = DF10132415E54B92A13ED0A8267AE2F9
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 75A385741AB9CEF82031623D55B1E471
-
-# For all OFB encrypts and decrypts, the transformed sequence is
-# AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec
-# OFB-AES128.Encrypt
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
-
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 50FE67CC996D32B6DA0937E99BAFEC60
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 7789508D16918F03F53C52DAC54ED825
-
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = D9A4DADA0892239F6B8B3D7680E15674
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 9740051E9C5FECF64344F7A82260EDCC
-
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A78819583F0308E7A6BF36B1386ABF23
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 304C6528F659C77866A510D9C1D6AE5E
-
-# OFB-AES128.Decrypt
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
-
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 50FE67CC996D32B6DA0937E99BAFEC60
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 7789508D16918F03F53C52DAC54ED825
-
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = D9A4DADA0892239F6B8B3D7680E15674
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 9740051E9C5FECF64344F7A82260EDCC
-
-Cipher = AES-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A78819583F0308E7A6BF36B1386ABF23
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 304C6528F659C77866A510D9C1D6AE5E
-
-# OFB-AES192.Encrypt
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
-
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = A609B38DF3B1133DDDFF2718BA09565E
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = FCC28B8D4C63837C09E81700C1100401
-
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 52EF01DA52602FE0975F78AC84BF8A50
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 8D9A9AEAC0F6596F559C6D4DAF59A5F2
-
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = BD5286AC63AABD7EB067AC54B553F71D
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 6D9F200857CA6C3E9CAC524BD9ACC92A
-
-# OFB-AES192.Decrypt
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
-
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = A609B38DF3B1133DDDFF2718BA09565E
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = FCC28B8D4C63837C09E81700C1100401
-
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 52EF01DA52602FE0975F78AC84BF8A50
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 8D9A9AEAC0F6596F559C6D4DAF59A5F2
-
-Cipher = AES-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = BD5286AC63AABD7EB067AC54B553F71D
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 6D9F200857CA6C3E9CAC524BD9ACC92A
-
-# OFB-AES256.Encrypt
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
-
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 4FEBDC6740D20B3AC88F6AD82A4FB08D
-
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E1C656305ED1A7A6563805746FE03EDC
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 71AB47A086E86EEDF39D1C5BBA97C408
-
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 41635BE625B48AFC1666DD42A09D96E7
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 0126141D67F37BE8538F5A8BE740E484
-
-# OFB-AES256.Decrypt
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
-
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 4FEBDC6740D20B3AC88F6AD82A4FB08D
-
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E1C656305ED1A7A6563805746FE03EDC
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 71AB47A086E86EEDF39D1C5BBA97C408
-
-Cipher = AES-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 41635BE625B48AFC1666DD42A09D96E7
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 0126141D67F37BE8538F5A8BE740E484
-
-
-# AES Counter test vectors from RFC3686
-Cipher = aes-128-ctr
-Key = AE6852F8121067CC4BF7A5765577F39E
-IV = 00000030000000000000000000000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = E4095D4FB7A7B3792D6175A3261311B8
-
-Cipher = aes-128-ctr
-Key = 7E24067817FAE0D743D6CE1F32539163
-IV = 006CB6DBC0543B59DA48D90B00000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = 5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28
-
-Cipher = aes-128-ctr
-Key = 7691BE035E5020A8AC6E618529F9A0DC
-IV = 00E0017B27777F3F4A1786F000000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F
-
-
-Cipher = aes-192-ctr
-Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515
-IV = 0000004836733C147D6D93CB00000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = 4B55384FE259C9C84E7935A003CBE928
-
-Cipher = aes-192-ctr
-Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A
-IV = 0096B03B020C6EADC2CB500D00000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = 453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00
-
-Cipher = aes-192-ctr
-Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE
-IV = 0007BDFD5CBD60278DCC091200000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = 96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935
-
-
-Cipher = aes-256-ctr
-Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104
-IV = 00000060DB5672C97AA8F0B200000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = 145AD01DBF824EC7560863DC71E3E0C0
-
-Cipher = aes-256-ctr
-Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884
-IV = 00FAAC24C1585EF15A43D87500000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C
-
-Cipher = aes-256-ctr
-Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D
-IV = 001CC5B751A51D70A1C1114800000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8
-
-
-# DES ECB tests (from destest)
-
-Cipher = DES-ECB
-Key = 0000000000000000
-Plaintext = 0000000000000000
-Ciphertext = 8CA64DE9C1B123A7
-
-Cipher = DES-ECB
-Key = FFFFFFFFFFFFFFFF
-Plaintext = FFFFFFFFFFFFFFFF
-Ciphertext = 7359B2163E4EDC58
-
-Cipher = DES-ECB
-Key = 3000000000000000
-Plaintext = 1000000000000001
-Ciphertext = 958E6E627A05557B
-
-Cipher = DES-ECB
-Key = 1111111111111111
-Plaintext = 1111111111111111
-Ciphertext = F40379AB9E0EC533
-
-Cipher = DES-ECB
-Key = 0123456789ABCDEF
-Plaintext = 1111111111111111
-Ciphertext = 17668DFC7292532D
-
-Cipher = DES-ECB
-Key = 1111111111111111
-Plaintext = 0123456789ABCDEF
-Ciphertext = 8A5AE1F81AB8F2DD
-
-Cipher = DES-ECB
-Key = FEDCBA9876543210
-Plaintext = 0123456789ABCDEF
-Ciphertext = ED39D950FA74BCC4
-
-
-# DESX-CBC tests (from destest)
-Cipher = DESX-CBC
-Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
-IV = fedcba9876543210
-Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
-Ciphertext = 846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
-
-
-# DES EDE3 CBC tests (from destest)
-Cipher = DES-EDE3-CBC
-Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
-IV = fedcba9876543210
-Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
-Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
-
-
-# RC4 tests (from rc4test)
-Cipher = RC4
-Key = 0123456789abcdef0123456789abcdef
-Plaintext = 0123456789abcdef
-Ciphertext = 75b7878099e0c596
-
-Cipher = RC4
-Key = 0123456789abcdef0123456789abcdef
-Plaintext = 0000000000000000
-Ciphertext = 7494c2e7104b0879
-
-Cipher = RC4
-Key = 00000000000000000000000000000000
-Plaintext = 0000000000000000
-Ciphertext = de188941a3375d3a
-
-Cipher = RC4
-Key = ef012345ef012345ef012345ef012345
-Plaintext = 0000000000000000000000000000000000000000
-Ciphertext = d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
-
-Cipher = RC4
-Key = 0123456789abcdef0123456789abcdef
-Plaintext = 123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678
-Ciphertext = 66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
-
-Cipher = RC4
-Key = ef012345ef012345ef012345ef012345
-Plaintext = 00000000000000000000
-Ciphertext = d6a141a7ec3c38dfbd61
-
-
-
-# Camellia tests from RFC3713
-# For all ECB encrypts and decrypts, the transformed sequence is
-# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
-Cipher = CAMELLIA-128-ECB
-Key = 0123456789abcdeffedcba9876543210
-Plaintext = 0123456789abcdeffedcba9876543210
-Ciphertext = 67673138549669730857065648eabe43
-
-Cipher = CAMELLIA-192-ECB
-Key = 0123456789abcdeffedcba98765432100011223344556677
-Plaintext = 0123456789abcdeffedcba9876543210
-Ciphertext = b4993401b3e996f84ee5cee7d79b09b9
-
-Cipher = CAMELLIA-256-ECB
-Key = 0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff
-Plaintext = 0123456789abcdeffedcba9876543210
-Ciphertext = 9acc237dff16d76c20ef7c919e3a7509
-
-
-# ECB-CAMELLIA128.Encrypt
-Cipher = CAMELLIA-128-ECB
-Key = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 77CF412067AF8270613529149919546F
-
-Cipher = CAMELLIA-192-ECB
-Key = 000102030405060708090A0B0C0D0E0F1011121314151617
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = B22F3C36B72D31329EEE8ADDC2906C68
-
-Cipher = CAMELLIA-256-ECB
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 2EDF1F3418D53B88841FC8985FB1ECF2
-
-
-# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 432FC5DCD628115B7C388D770B270C96
-
-Cipher = CAMELLIA-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 0BE1F14023782A22E8384C5ABB7FAB2B
-
-Cipher = CAMELLIA-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = A0A1ABCD1893AB6FE0FE5B65DF5F8636
-
-Cipher = CAMELLIA-128-ECB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = E61925E0D5DFAA9BB29F815B3076E51A
-
-
-# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CCCC6C4E138B45848514D48D0D3439D3
-
-Cipher = CAMELLIA-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 5713C62C14B2EC0F8393B6AFD6F5785A
-
-Cipher = CAMELLIA-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = B40ED2B60EB54D09D030CF511FEEF366
-
-Cipher = CAMELLIA-192-ECB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 909DBD95799096748CB27357E73E1D26
-
-
-# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = BEFD219B112FA00098919CD101C9CCFA
-
-Cipher = CAMELLIA-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = C91D3A8F1AEA08A9386CF4B66C0169EA
-
-Cipher = CAMELLIA-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = A623D711DC5F25A51BB8A80D56397D28
-
-Cipher = CAMELLIA-256-ECB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 7960109FB6DC42947FCFE59EA3C5EB6B
-
-
-# For all CBC encrypts and decrypts, the transformed sequence is
-# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 1607CF494B36BBF00DAEB0B503C831AB
-
-Cipher = CAMELLIA-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 1607CF494B36BBF00DAEB0B503C831AB
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = A2F2CF671629EF7840C5A5DFB5074887
-
-Cipher = CAMELLIA-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A2F2CF671629EF7840C5A5DFB5074887
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 0F06165008CF8B8B5A63586362543E54
-
-Cipher = CAMELLIA-128-CBC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 36A84CDAFD5F9A85ADA0F0A993D6D577
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 74C64268CDB8B8FAF5B34E8AF3732980
-
-
-# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 2A4830AB5AC4A1A2405955FD2195CF93
-
-Cipher = CAMELLIA-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 2A4830AB5AC4A1A2405955FD2195CF93
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 5D5A869BD14CE54264F892A6DD2EC3D5
-
-Cipher = CAMELLIA-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 5D5A869BD14CE54264F892A6DD2EC3D5
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 37D359C3349836D884E310ADDF68C449
-
-Cipher = CAMELLIA-192-CBC
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 37D359C3349836D884E310ADDF68C449
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 01FAAA930B4AB9916E9668E1428C6B08
-
-
-# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = E6CFA35FC02B134A4D2C0B6737AC3EDA
-
-Cipher = CAMELLIA-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E6CFA35FC02B134A4D2C0B6737AC3EDA
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 36CBEB73BD504B4070B1B7DE2B21EB50
-
-Cipher = CAMELLIA-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 36CBEB73BD504B4070B1B7DE2B21EB50
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = E31A6055297D96CA3330CDF1B1860A83
-
-Cipher = CAMELLIA-256-CBC
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E31A6055297D96CA3330CDF1B1860A83
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 5D563F6D1CCCF236051C0C5C1C58F28F
-
-
-# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
-# For all CFB128 encrypts and decrypts, the transformed sequence is
-# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CFB128-CAMELLIA128.Encrypt
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
-
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 14F7646187817EB586599146B82BD719
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = A53D28BB82DF741103EA4F921A44880B
-
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A53D28BB82DF741103EA4F921A44880B
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
-
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 9C2157A664626D1DEF9EA420FDE69B96
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
-
-
-# CFB128-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
-
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 14F7646187817EB586599146B82BD719
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = A53D28BB82DF741103EA4F921A44880B
-
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A53D28BB82DF741103EA4F921A44880B
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
-
-Cipher = CAMELLIA-128-CFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 9C2157A664626D1DEF9EA420FDE69B96
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
-
-
-# CFB128-CAMELLIA192.Encrypt
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = C832BB9780677DAA82D9B6860DCD565E
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 86F8491627906D780C7A6D46EA331F98
-
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 86F8491627906D780C7A6D46EA331F98
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 69511CCE594CF710CB98BB63D7221F01
-
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 69511CCE594CF710CB98BB63D7221F01
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D5B5378A3ABED55803F25565D8907B84
-
-
-# CFB128-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = C832BB9780677DAA82D9B6860DCD565E
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 86F8491627906D780C7A6D46EA331F98
-
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 86F8491627906D780C7A6D46EA331F98
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 69511CCE594CF710CB98BB63D7221F01
-
-Cipher = CAMELLIA-192-CFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 69511CCE594CF710CB98BB63D7221F01
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D5B5378A3ABED55803F25565D8907B84
-
-
-# CFB128-CAMELLIA256.Encrypt
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
-
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
-
-
-# CFB128-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
-
-Cipher = CAMELLIA-256-CFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
-
-
-# For all OFB encrypts and decrypts, the transformed sequence is
-# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
-# OFB-CAMELLIA128.Encrypt
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
-
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 50FE67CC996D32B6DA0937E99BAFEC60
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 25623DB569CA51E01482649977E28D84
-
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = D9A4DADA0892239F6B8B3D7680E15674
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = C776634A60729DC657D12B9FCA801E98
-
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A78819583F0308E7A6BF36B1386ABF23
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D776379BE0E50825E681DA1A4C980E8E
-
-
-# OFB-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
-
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 50FE67CC996D32B6DA0937E99BAFEC60
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 25623DB569CA51E01482649977E28D84
-
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = D9A4DADA0892239F6B8B3D7680E15674
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = C776634A60729DC657D12B9FCA801E98
-
-Cipher = CAMELLIA-128-OFB
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A78819583F0308E7A6BF36B1386ABF23
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D776379BE0E50825E681DA1A4C980E8E
-
-
-# OFB-CAMELLIA192.Encrypt
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = A609B38DF3B1133DDDFF2718BA09565E
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
-
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 52EF01DA52602FE0975F78AC84BF8A50
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = BDD62DBBB9700846C53B507F544696F0
-
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = BD5286AC63AABD7EB067AC54B553F71D
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = E28014E046B802F385C4C2E13EAD4A72
-
-
-# OFB-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = A609B38DF3B1133DDDFF2718BA09565E
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
-
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 52EF01DA52602FE0975F78AC84BF8A50
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = BDD62DBBB9700846C53B507F544696F0
-
-Cipher = CAMELLIA-192-OFB
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = BD5286AC63AABD7EB067AC54B553F71D
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = E28014E046B802F385C4C2E13EAD4A72
-
-
-# OFB-CAMELLIA256.Encrypt
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 127AD97E8E3994E4820027D7BA109368
-
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E1C656305ED1A7A6563805746FE03EDC
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
-
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 41635BE625B48AFC1666DD42A09D96E7
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
-
-
-# OFB-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 127AD97E8E3994E4820027D7BA109368
-
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E1C656305ED1A7A6563805746FE03EDC
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
-
-Cipher = CAMELLIA-256-OFB
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 41635BE625B48AFC1666DD42A09D96E7
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
-
-
-# Camellia test vectors from RFC5528
-Cipher = CAMELLIA-128-CTR
-Key = AE6852F8121067CC4BF7A5765577F39E
-IV = 00000030000000000000000000000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = D09DC29A8214619A20877C76DB1F0B3F
-
-Cipher = CAMELLIA-128-CTR
-Key = 7E24067817FAE0D743D6CE1F32539163
-IV = 006CB6DBC0543B59DA48D90B00000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = DBF3C78DC08396D4DA7C907765BBCB442B8E8E0F31F0DCA72C7417E35360E048
-
-Cipher = CAMELLIA-128-CTR
-Key = 7691BE035E5020A8AC6E618529F9A0DC
-IV = 00E0017B27777F3F4A1786F000000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = B19D1FCDCB75EB882F849CE24D85CF739CE64B2B5C9D73F14F2D5D9DCE9889CDDF508696
-
-Cipher = CAMELLIA-192-CTR
-Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515
-IV = 0000004836733C147D6D93CB00000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = 2379399E8A8D2B2B16702FC78B9E9696
-
-Cipher = CAMELLIA-192-CTR
-Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A
-IV = 0096B03B020C6EADC2CB500D00000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = 7DEF34F7A5D0E415674B7FFCAE67C75DD018B86FF23051E056392A99F35A4CED
-
-Cipher = CAMELLIA-192-CTR
-Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE
-IV = 0007BDFD5CBD60278DCC091200000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = 5710E556E1487A20B5AC0E73F19E4E7876F37FDC91B1EF4D4DADE8E666A64D0ED557AB57
-
-Cipher = CAMELLIA-256-CTR
-Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104
-IV = 00000060DB5672C97AA8F0B200000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = 3401F9C8247EFFCEBD6994714C1BBB11
-
-Cipher = CAMELLIA-256-CTR
-Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884
-IV = 00FAAC24C1585EF15A43D87500000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = D6C30392246F7808A83C2B22A8839E45E51CD48A1CDF406EBC9CC2D3AB834108
-
-Cipher = CAMELLIA-256-CTR
-Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D
-IV = 001CC5B751A51D70A1C1114800000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = A4DA23FCE6A5FFAA6D64AE9A0652A42CD161A34B65F9679F75C01F101F71276F15EF0D8D
-
-# SEED test vectors from RFC4269
-Cipher = SEED-ECB
-Key = 00000000000000000000000000000000
-Operation = DECRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F
-Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB
-
-Cipher = SEED-ECB
-Key = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 00000000000000000000000000000000
-Ciphertext = C11F22F20140505084483597E4370F43
-
-Cipher = SEED-ECB
-Key = 4706480851E61BE85D74BFB3FD956185
-Operation = DECRYPT
-Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D
-Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A
-
-Cipher = SEED-ECB
-Key = 28DBC3BC49FFD87DCFA509B11D422BE7
-Operation = DECRYPT
-Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7
-Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122
-
-Cipher = SEED-ECB
-Key = 00000000000000000000000000000000
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F
-Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB
-
-Cipher = SEED-ECB
-Key = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 00000000000000000000000000000000
-Ciphertext = C11F22F20140505084483597E4370F43
-
-Cipher = SEED-ECB
-Key = 4706480851E61BE85D74BFB3FD956185
-Operation = ENCRYPT
-Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D
-Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A
-
-Cipher = SEED-ECB
-Key = 28DBC3BC49FFD87DCFA509B11D422BE7
-Operation = ENCRYPT
-Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7
-Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122
-
-
-# AES CCM 256 bit key
-Cipher = aes-256-ccm
-Key = 1bde3251d41a8b5ea013c195ae128b218b3e0306376357077ef1c1c78548b92e
-IV = 5b8e40746f6b98e00f1d13ff41
-AAD = c17a32514eb6103f3249e076d4c871dc97e04b286699e54491dc18f6d734d4c0
-Tag = 2024931d73bca480c24a24ece6b6c2bf
-Plaintext = 53bd72a97089e312422bf72e242377b3c6ee3e2075389b999c4ef7f28bd2b80a
-Ciphertext = 9a5fcccdb4cf04e7293d2775cc76a488f042382d949b43b7d6bb2b9864786726
-
-
-# AES GCM test vectors from http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = 58e2fccefa7e3061367f1d57a4e7455a
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = ab6e47d42cec13bdf53a67b21257bddf
-Plaintext = 00000000000000000000000000000000
-Ciphertext = 0388dace60b6a392f328c2b971b2fe78
-
-Cipher = aes-128-gcm
-Key = feffe9928665731c6d6a8f9467308308
-IV = cafebabefacedbaddecaf888
-AAD =
-Tag = 4d5c2af327cd64a62cf35abd2ba6fab4
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
-Ciphertext = 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985
-
-Cipher = aes-128-gcm
-Key = feffe9928665731c6d6a8f9467308308
-IV = cafebabefacedbaddecaf888
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = 5bc94fbc3221a5db94fae95ae7121a47
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091
-
-Cipher = aes-128-gcm
-Key = feffe9928665731c6d6a8f9467308308
-IV = cafebabefacedbad
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = 3612d2e79e3b0785561be14aaca2fccb
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = 61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598
-
-Cipher = aes-128-gcm
-Key = feffe9928665731c6d6a8f9467308308
-IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = 619cc5aefffe0bfa462af43c1699d050
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = 8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5
-
-Cipher = aes-192-gcm
-Key = 000000000000000000000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = cd33b28ac773f74ba00ed1f312572435
-Plaintext =
-Ciphertext =
-
-Cipher = aes-192-gcm
-Key = 000000000000000000000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = 2ff58d80033927ab8ef4d4587514f0fb
-Plaintext = 00000000000000000000000000000000
-Ciphertext = 98e7247c07f0fe411c267e4384b0f600
-
-Cipher = aes-192-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
-IV = cafebabefacedbaddecaf888
-AAD =
-Tag = 9924a7c8587336bfb118024db8674a14
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
-Ciphertext = 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256
-
-Cipher = aes-192-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
-IV = cafebabefacedbaddecaf888
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = 2519498e80f1478f37ba55bd6d27618c
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710
-
-Cipher = aes-192-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
-IV = cafebabefacedbad
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = 65dcc57fcf623a24094fcca40d3533f8
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = 0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7
-
-Cipher = aes-192-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
-IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = dcf566ff291c25bbb8568fc3d376a6d9
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b
-
-Cipher = aes-256-gcm
-Key = 0000000000000000000000000000000000000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = 530f8afbc74536b9a963b4f1c4cb738b
-Plaintext =
-Ciphertext =
-
-Cipher = aes-256-gcm
-Key = 0000000000000000000000000000000000000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = d0d1c8a799996bf0265b98b5d48ab919
-Plaintext = 00000000000000000000000000000000
-Ciphertext = cea7403d4d606b6e074ec5d3baf39d18
-
-Cipher = aes-256-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
-IV = cafebabefacedbaddecaf888
-AAD =
-Tag = b094dac5d93471bdec1a502270e3cc6c
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
-Ciphertext = 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad
-
-Cipher = aes-256-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
-IV = cafebabefacedbaddecaf888
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = 76fc6ece0f4e1768cddf8853bb2d551b
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662
-
-Cipher = aes-256-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
-IV = cafebabefacedbad
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = 3a337dbf46a792c45e454913fe2ea8f2
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f
-
-Cipher = aes-256-gcm
-Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
-IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b
-AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
-Tag = a44a8266ee1c8eb0c8b5d4cf5ae9f19a
-Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
-Ciphertext = 5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f
-
-# local add-ons, primarily streaming ghash tests
-# 128 bytes aad
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = 000000000000000000000000
-AAD = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad
-Tag = 5fea793a2d6f974d37e68e0cb8ff9492
-Plaintext =
-Ciphertext =
-
-# 48 bytes plaintext
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = 9dd0a376b08e40eb00c35f29f9ea61a4
-Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0
-
-# 80 bytes plaintext
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = 98885a3a22bd4742fe7b72172193b163
-Plaintext = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d5270291
-
-# 128 bytes plaintext
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = cac45f60e31efd3b5a43b98a22ce1aa1
-Plaintext = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d527029195b84d1b96c690ff2f2de30bf2ec89e00253786e126504f0dab90c48a30321de3345e6b0461e7c9e6c6b7afedde83f40
-
-# 192 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-AAD =
-Tag = 566f8ef683078bfdeeffa869d751a017
-Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ciphertext = 56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606
-
-# 288 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF
-Cipher = aes-128-gcm
-Key = 00000000000000000000000000000000
-IV = ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-AAD =
-Tag = 8b307f6b33286d0ab026a9ed3fe1e85f
-Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ciphertext = 56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606872ca10dee15b3249b1a1b958f23134c4bccb7d03200bce420a2f8eb66dcf3644d1423c1b5699003c13ecef4bf38a3b60eedc34033bac1902783dc6d89e2e774188a439c7ebcc0672dbda4ddcfb2794613b0be41315ef778708a70ee7d75165c
-
-# 80 bytes plaintext, submitted by Intel
-Cipher = aes-128-gcm
-Key = 843ffcf5d2b72694d19ed01d01249412
-IV = dbcca32ebf9b804617c3aa9e
-AAD = 00000000000000000000000000000000101112131415161718191a1b1c1d1e1f
-Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
-Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5
-
-#AES OCB Test vectors
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 197B9C3C441D3C83EAFB2BEF633B9182
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 0001020304050607
-Tag = 16DC76A46D47E1EAD537209E8A96D14E
-Plaintext = 0001020304050607
-Ciphertext = 92B657130A74B85A
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 0001020304050607
-Tag = 98B91552C8C009185044E30A6EB2FE21
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 971EFFCAE19AD4716F88E87B871FBEED
-Plaintext = 0001020304050607
-Ciphertext = 92B657130A74B85A
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F
-Tag = 776C9924D6723A1FC4524532AC3E5BEB
-Plaintext = 000102030405060708090A0B0C0D0E0F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F
-Tag = 7DDB8E6CEA6814866212509619B19CC6
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 13CC8B747807121A4CBB3E4BD6B456AF
-Plaintext = 000102030405060708090A0B0C0D0E0F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
-Tag = 5FA94FC3F38820F1DC3F3D1FD4E55E1C
-Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
-Tag = 282026DA3068BC9FA118681D559F10F6
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 6EF2F52587FDA0ED97DC7EEDE241DF68
-Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Tag = B2A040DD3BD5164372D76D7BB6824240
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Tag = E1E072633BADE51A60E85951D9C42A1B
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 4A3BAE824465CFDAF8C41FC50C7DF9D9
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 659C623211DEEA0DE30D2C381879F4C8
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 7AEB7A69A1687DD082CA27B0D9A37096
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 060C8467F4ABAB5E8B3C2067A2E115DC
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
-
-#AES OCB Non standard test vectors - generated from reference implementation
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 1b6c44f34e3abb3cbf8976e7
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = 09a4fd29de949d9a9aa9924248422097ad4883b4713e6c214ff6567ada08a96766fc4e2ee3e3a5a1
-
-Cipher = aes-128-ocb
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B0C0D0E
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 1ad62009901f40cba7cd7156f94a7324
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = 5e2fa7367ffbdb3938845cfd415fcc71ec79634eb31451609d27505f5e2978f43c44213d8fa441ee
-
-# AES XTS test vectors from IEEE Std 1619-2007
-Cipher = aes-128-xts
-Key = 0000000000000000000000000000000000000000000000000000000000000000
-IV = 00000000000000000000000000000000
-Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
-Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
-
-Cipher = aes-128-xts
-Key = 1111111111111111111111111111111122222222222222222222222222222222
-IV = 33333333330000000000000000000000
-Plaintext = 4444444444444444444444444444444444444444444444444444444444444444
-Ciphertext = c454185e6a16936e39334038acef838bfb186fff7480adc4289382ecd6d394f0
-
-Cipher = aes-128-xts
-Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f022222222222222222222222222222222
-IV = 33333333330000000000000000000000
-Plaintext = 4444444444444444444444444444444444444444444444444444444444444444
-Ciphertext = af85336b597afc1a900b2eb21ec949d292df4c047e0b21532186a5971a227a89
-
-Cipher = aes-128-xts
-Key = 2718281828459045235360287471352631415926535897932384626433832795
-IV = 00000000000000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Ciphertext = 27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568
-
-Cipher = aes-128-xts
-Key = 2718281828459045235360287471352631415926535897932384626433832795
-IV = 01000000000000000000000000000000
-Plaintext = 27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568
-Ciphertext = 264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd
-
-Cipher = aes-128-xts
-Key = 2718281828459045235360287471352631415926535897932384626433832795
-IV = 02000000000000000000000000000000
-Plaintext = 264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd
-Ciphertext = fa762a3680b76007928ed4a4f49a9456031b704782e65e16cecb54ed7d017b5e18abd67b338e81078f21edb7868d901ebe9c731a7c18b5e6dec1d6a72e078ac9a4262f860beefa14f4e821018272e411a951502b6e79066e84252c3346f3aa62344351a291d4bedc7a07618bdea2af63145cc7a4b8d4070691ae890cd65733e7946e9021a1dffc4c59f159425ee6d50ca9b135fa6162cea18a939838dc000fb386fad086acce5ac07cb2ece7fd580b00cfa5e98589631dc25e8e2a3daf2ffdec26531659912c9d8f7a15e5865ea8fb5816d6207052bd7128cd743c12c8118791a4736811935eb982a532349e31dd401e0b660a568cb1a4711f552f55ded59f1f15bf7196b3ca12a91e488ef59d64f3a02bf45239499ac6176ae321c4a211ec545365971c5d3f4f09d4eb139bfdf2073d33180b21002b65cc9865e76cb24cd92c874c24c18350399a936ab3637079295d76c417776b94efce3a0ef7206b15110519655c956cbd8b2489405ee2b09a6b6eebe0c53790a12a8998378b33a5b71159625f4ba49d2a2fdba59fbf0897bc7aabd8d707dc140a80f0f309f835d3da54ab584e501dfa0ee977fec543f74186a802b9a37adb3e8291eca04d66520d229e60401e7282bef486ae059aa70696e0e305d777140a7a883ecdcb69b9ff938e8a4231864c69ca2c2043bed007ff3e605e014bcf518138dc3a25c5e236171a2d01d6
-
-Cipher = aes-128-xts
-Key = 2718281828459045235360287471352631415926535897932384626433832795
-IV = fd000000000000000000000000000000
-Plaintext = 8e41b78c390b5af9d758bb214a67e9f6bf7727b09ac6124084c37611398fa45daad94868600ed391fb1acd4857a95b466e62ef9f4b377244d1c152e7b30d731aad30c716d214b707aed99eb5b5e580b3e887cf7497465651d4b60e6042051da3693c3b78c14489543be8b6ad0ba629565bba202313ba7b0d0c94a3252b676f46cc02ce0f8a7d34c0ed229129673c1f61aed579d08a9203a25aac3a77e9db60267996db38df637356d9dcd1632e369939f2a29d89345c66e05066f1a3677aef18dea4113faeb629e46721a66d0a7e785d3e29af2594eb67dfa982affe0aac058f6e15864269b135418261fc3afb089472cf68c45dd7f231c6249ba0255e1e033833fc4d00a3fe02132d7bc3873614b8aee34273581ea0325c81f0270affa13641d052d36f0757d484014354d02d6883ca15c24d8c3956b1bd027bcf41f151fd8023c5340e5606f37e90fdb87c86fb4fa634b3718a30bace06a66eaf8f63c4aa3b637826a87fe8cfa44282e92cb1615af3a28e53bc74c7cba1a0977be9065d0c1a5dec6c54ae38d37f37aa35283e048e5530a85c4e7a29d7b92ec0c3169cdf2a805c7604bce60049b9fb7b8eaac10f51ae23794ceba68bb58112e293b9b692ca721b37c662f8574ed4dba6f88e170881c82cddc1034a0ca7e284bf0962b6b26292d836fa9f73c1ac770eef0f2d3a1eaf61d3e03555fd424eedd67e18a18094f888
-Ciphertext = d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637
-
-Cipher = aes-128-xts
-Key = 2718281828459045235360287471352631415926535897932384626433832795
-IV = fe000000000000000000000000000000
-Plaintext = d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637
-Ciphertext = 72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a
-
-Cipher = aes-128-xts
-Key = 2718281828459045235360287471352631415926535897932384626433832795
-IV = ff000000000000000000000000000000
-Plaintext = 72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a
-Ciphertext = 3260ae8dad1f4a32c5cafe3ab0eb95549d461a67ceb9e5aa2d3afb62dece0553193ba50c75be251e08d1d08f1088576c7efdfaaf3f459559571e12511753b07af073f35da06af0ce0bbf6b8f5ccc5cea500ec1b211bd51f63b606bf6528796ca12173ba39b8935ee44ccce646f90a45bf9ccc567f0ace13dc2d53ebeedc81f58b2e41179dddf0d5a5c42f5d8506c1a5d2f8f59f3ea873cbcd0eec19acbf325423bd3dcb8c2b1bf1d1eaed0eba7f0698e4314fbeb2f1566d1b9253008cbccf45a2b0d9c5c9c21474f4076e02be26050b99dee4fd68a4cf890e496e4fcae7b70f94ea5a9062da0daeba1993d2ccd1dd3c244b8428801495a58b216547e7e847c46d1d756377b6242d2e5fb83bf752b54e0df71e889f3a2bb0f4c10805bf3c590376e3c24e22ff57f7fa965577375325cea5d920db94b9c336b455f6e894c01866fe9fbb8c8d3f70a2957285f6dfb5dcd8cbf54782f8fe7766d4723819913ac773421e3a31095866bad22c86a6036b2518b2059b4229d18c8c2ccbdf906c6cc6e82464ee57bddb0bebcb1dc645325bfb3e665ef7251082c88ebb1cf203bd779fdd38675713c8daadd17e1cabee432b09787b6ddf3304e38b731b45df5df51b78fcfb3d32466028d0ba36555e7e11ab0ee0666061d1645d962444bc47a38188930a84b4d561395c73c087021927ca638b7afc8a8679ccb84c26555440ec7f10445cd
-
-
-Cipher = aes-256-xts
-Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
-IV = ff000000000000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Ciphertext = 1c3b3a102f770386e4836c99e370cf9bea00803f5e482357a4ae12d414a3e63b5d31e276f8fe4a8d66b317f9ac683f44680a86ac35adfc3345befecb4bb188fd5776926c49a3095eb108fd1098baec70aaa66999a72a82f27d848b21d4a741b0c5cd4d5fff9dac89aeba122961d03a757123e9870f8acf1000020887891429ca2a3e7a7d7df7b10355165c8b9a6d0a7de8b062c4500dc4cd120c0f7418dae3d0b5781c34803fa75421c790dfe1de1834f280d7667b327f6c8cd7557e12ac3a0f93ec05c52e0493ef31a12d3d9260f79a289d6a379bc70c50841473d1a8cc81ec583e9645e07b8d9670655ba5bbcfecc6dc3966380ad8fecb17b6ba02469a020a84e18e8f84252070c13e9f1f289be54fbc481457778f616015e1327a02b140f1505eb309326d68378f8374595c849d84f4c333ec4423885143cb47bd71c5edae9be69a2ffeceb1bec9de244fbe15992b11b77c040f12bd8f6a975a44a0f90c29a9abc3d4d893927284c58754cce294529f8614dcd2aba991925fedc4ae74ffac6e333b93eb4aff0479da9a410e4450e0dd7ae4c6e2910900575da401fc07059f645e8b7e9bfdef33943054ff84011493c27b3429eaedb4ed5376441a77ed43851ad77f16f541dfd269d50d6a5f14fb0aab1cbb4c1550be97f7ab4066193c4caa773dad38014bd2092fa755c824bb5e54c4f36ffda9fcea70b9c6e693e148c151
-
-Cipher = aes-256-xts
-Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
-IV = ffff0000000000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Ciphertext = 77a31251618a15e6b92d1d66dffe7b50b50bad552305ba0217a610688eff7e11e1d0225438e093242d6db274fde801d4cae06f2092c728b2478559df58e837c2469ee4a4fa794e4bbc7f39bc026e3cb72c33b0888f25b4acf56a2a9804f1ce6d3d6e1dc6ca181d4b546179d55544aa7760c40d06741539c7e3cd9d2f6650b2013fd0eeb8c2b8e3d8d240ccae2d4c98320a7442e1c8d75a42d6e6cfa4c2eca1798d158c7aecdf82490f24bb9b38e108bcda12c3faf9a21141c3613b58367f922aaa26cd22f23d708dae699ad7cb40a8ad0b6e2784973dcb605684c08b8d6998c69aac049921871ebb65301a4619ca80ecb485a31d744223ce8ddc2394828d6a80470c092f5ba413c3378fa6054255c6f9df4495862bbb3287681f931b687c888abf844dfc8fc28331e579928cd12bd2390ae123cf03818d14dedde5c0c24c8ab018bfca75ca096f2d531f3d1619e785f1ada437cab92e980558b3dce1474afb75bfedbf8ff54cb2618e0244c9ac0d3c66fb51598cd2db11f9be39791abe447c63094f7c453b7ff87cb5bb36b7c79efb0872d17058b83b15ab0866ad8a58656c5a7e20dbdf308b2461d97c0ec0024a2715055249cf3b478ddd4740de654f75ca686e0d7345c69ed50cdc2a8b332b1f8824108ac937eb050585608ee734097fc09054fbff89eeaeea791f4a7ab1f9868294a4f9e27b42af8100cb9d59cef9645803
-
-Cipher = aes-256-xts
-Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
-IV = ffffff00000000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Ciphertext = e387aaa58ba483afa7e8eb469778317ecf4cf573aa9d4eac23f2cdf914e4e200a8b490e42ee646802dc6ee2b471b278195d60918ececb44bf79966f83faba0499298ebc699c0c8634715a320bb4f075d622e74c8c932004f25b41e361025b5a87815391f6108fc4afa6a05d9303c6ba68a128a55705d415985832fdeaae6c8e19110e84d1b1f199a2692119edc96132658f09da7c623efcec712537a3d94c0bf5d7e352ec94ae5797fdb377dc1551150721adf15bd26a8efc2fcaad56881fa9e62462c28f30ae1ceaca93c345cf243b73f542e2074a705bd2643bb9f7cc79bb6e7091ea6e232df0f9ad0d6cf502327876d82207abf2115cdacf6d5a48f6c1879a65b115f0f8b3cb3c59d15dd8c769bc014795a1837f3901b5845eb491adfefe097b1fa30a12fc1f65ba22905031539971a10f2f36c321bb51331cdefb39e3964c7ef079994f5b69b2edd83a71ef549971ee93f44eac3938fcdd61d01fa71799da3a8091c4c48aa9ed263ff0749df95d44fef6a0bb578ec69456aa5408ae32c7af08ad7ba8921287e3bbee31b767be06a0e705c864a769137df28292283ea81a2480241b44d9921cdbec1bc28dc1fda114bd8e5217ac9d8ebafa720e9da4f9ace231cc949e5b96fe76ffc21063fddc83a6b8679c00d35e09576a875305bed5f36ed242c8900dd1fa965bc950dfce09b132263a1eef52dd6888c309f5a7d712826
-
-Cipher = aes-256-xts
-Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
-IV = ffffffff000000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Ciphertext = bf53d2dade78e822a4d949a9bc6766b01b06a8ef70d26748c6a7fc36d80ae4c5520f7c4ab0ac8544424fa405162fef5a6b7f229498063618d39f0003cb5fb8d1c86b643497da1ff945c8d3bedeca4f479702a7a735f043ddb1d6aaade3c4a0ac7ca7f3fa5279bef56f82cd7a2f38672e824814e10700300a055e1630b8f1cb0e919f5e942010a416e2bf48cb46993d3cb6a51c19bacf864785a00bc2ecff15d350875b246ed53e68be6f55bd7e05cfc2b2ed6432198a6444b6d8c247fab941f569768b5c429366f1d3f00f0345b96123d56204c01c63b22ce78baf116e525ed90fdea39fa469494d3866c31e05f295ff21fea8d4e6e13d67e47ce722e9698a1c1048d68ebcde76b86fcf976eab8aa9790268b7068e017a8b9b749409514f1053027fd16c3786ea1bac5f15cb79711ee2abe82f5cf8b13ae73030ef5b9e4457e75d1304f988d62dd6fc4b94ed38ba831da4b7634971b6cd8ec325d9c61c00f1df73627ed3745a5e8489f3a95c69639c32cd6e1d537a85f75cc844726e8a72fc0077ad22000f1d5078f6b866318c668f1ad03d5a5fced5219f2eabbd0aa5c0f460d183f04404a0d6f469558e81fab24a167905ab4c7878502ad3e38fdbe62a41556cec37325759533ce8f25f367c87bb5578d667ae93f9e2fd99bcbc5f2fbba88cf6516139420fcff3b7361d86322c4bd84c82f335abb152c4a93411373aaa8220
-
-Cipher = aes-256-xts
-Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
-IV = ffffffffff0000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Ciphertext = 64497e5a831e4a932c09be3e5393376daa599548b816031d224bbf50a818ed2350eae7e96087c8a0db51ad290bd00c1ac1620857635bf246c176ab463be30b808da548081ac847b158e1264be25bb0910bbc92647108089415d45fab1b3d2604e8a8eff1ae4020cfa39936b66827b23f371b92200be90251e6d73c5f86de5fd4a950781933d79a28272b782a2ec313efdfcc0628f43d744c2dc2ff3dcb66999b50c7ca895b0c64791eeaa5f29499fb1c026f84ce5b5c72ba1083cddb5ce45434631665c333b60b11593fb253c5179a2c8db813782a004856a1653011e93fb6d876c18366dd8683f53412c0c180f9c848592d593f8609ca736317d356e13e2bff3a9f59cd9aeb19cd482593d8c46128bb32423b37a9adfb482b99453fbe25a41bf6feb4aa0bef5ed24bf73c762978025482c13115e4015aac992e5613a3b5c2f685b84795cb6e9b2656d8c88157e52c42f978d8634c43d06fea928f2822e465aa6576e9bf419384506cc3ce3c54ac1a6f67dc66f3b30191e698380bc999b05abce19dc0c6dcc2dd001ec535ba18deb2df1a101023108318c75dc98611a09dc48a0acdec676fabdf222f07e026f059b672b56e5cbc8e1d21bbd867dd927212054681d70ea737134cdfce93b6f82ae22423274e58a0821cc5502e2d0ab4585e94de6975be5e0b4efce51cd3e70c25a1fbbbd609d273ad5b0d59631c531f6a0a57b9
-
-
-Cipher = aes-128-xts
-Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
-IV = 9a785634120000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f10
-Ciphertext = 6c1625db4671522d3d7599601de7ca09ed
-
-Cipher = aes-128-xts
-Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
-IV = 9a785634120000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f1011
-Ciphertext = d069444b7a7e0cab09e24447d24deb1fedbf
-
-Cipher = aes-128-xts
-Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
-IV = 9a785634120000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112
-Ciphertext = e5df1351c0544ba1350b3363cd8ef4beedbf9d
-
-Cipher = aes-128-xts
-Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
-IV = 9a785634120000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f10111213
-Ciphertext = 9d84c813f719aa2c7be3f66171c7c5c2edbf9dac
-
-Cipher = aes-128-xts
-Key = e0e1e2e3e4e5e6e7e8e9eaebecedeeefc0c1c2c3c4c5c6c7c8c9cacbcccdcecf
-IV = 21436587a90000000000000000000000
-Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Ciphertext = 38b45812ef43a05bd957e545907e223b954ab4aaf088303ad910eadf14b42be68b2461149d8c8ba85f992be970bc621f1b06573f63e867bf5875acafa04e42ccbd7bd3c2a0fb1fff791ec5ec36c66ae4ac1e806d81fbf709dbe29e471fad38549c8e66f5345d7c1eb94f405d1ec785cc6f6a68f6254dd8339f9d84057e01a17741990482999516b5611a38f41bb6478e6f173f320805dd71b1932fc333cb9ee39936beea9ad96fa10fb4112b901734ddad40bc1878995f8e11aee7d141a2f5d48b7a4e1e7f0b2c04830e69a4fd1378411c2f287edf48c6c4e5c247a19680f7fe41cefbd49b582106e3616cbbe4dfb2344b2ae9519391f3e0fb4922254b1d6d2d19c6d4d537b3a26f3bcc51588b32f3eca0829b6a5ac72578fb814fb43cf80d64a233e3f997a3f02683342f2b33d25b492536b93becb2f5e1a8b82f5b883342729e8ae09d16938841a21a97fb543eea3bbff59f13c1a18449e398701c1ad51648346cbc04c27bb2da3b93a1372ccae548fb53bee476f9e9c91773b1bb19828394d55d3e1a20ed69113a860b6829ffa847224604435070221b257e8dff783615d2cae4803a93aa4334ab482a0afac9c0aeda70b45a481df5dec5df8cc0f423c77a5fd46cd312021d4b438862419a791be03bb4d97c0e59578542531ba466a83baf92cefc151b5cc1611a167893819b63fb8a6b18e86de60290fa72b797b0ce59f3
-
-# AES wrap tests from RFC3394
-Cipher = id-aes128-wrap
-Key = 000102030405060708090A0B0C0D0E0F
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5
-
-Cipher = id-aes192-wrap
-Key = 000102030405060708090A0B0C0D0E0F1011121314151617
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D
-
-Cipher = id-aes256-wrap
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7
-
-Cipher = id-aes192-wrap
-Key = 000102030405060708090A0B0C0D0E0F1011121314151617
-Plaintext = 00112233445566778899AABBCCDDEEFF0001020304050607
-Ciphertext = 031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2
-
-Cipher = id-aes256-wrap
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Plaintext = 00112233445566778899AABBCCDDEEFF0001020304050607
-Ciphertext = A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1
-
-Cipher = id-aes256-wrap
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F
-Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
-
-# Same as previous example but with invalid unwrap key: should be rejected
-# without returning any plaintext
-Cipher = id-aes256-wrap
-Operation = DECRYPT
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E00
-Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F
-Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
-Result = CIPHERUPDATE_ERROR
-
-# AES wrap tests from RFC5649
-Cipher = id-aes192-wrap-pad
-Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8
-Plaintext = c37b7e6492584340bed12207808941155068f738
-Ciphertext = 138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a
-
-Cipher = id-aes192-wrap-pad
-Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8
-Plaintext = 466f7250617369
-Ciphertext = afbeb0f07dfbf5419200f2ccb50bb24f
-
-# HMAC tests from RFC2104
-MAC = HMAC
-Algorithm = MD5
-Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Input = "Hi There"
-Output = 9294727a3638bb1c13f48ef8158bfc9d
-
-MAC = HMAC
-Algorithm = MD5
-Key = "Jefe"
-Input = "what do ya want for nothing?"
-Output = 750c783e6ab0b503eaa86e310a5db738
-
-MAC = HMAC
-Algorithm = MD5
-Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-Input = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
-Output = 56be34521d144c88dbb8c733f0e8b3f6
-
-# HMAC tests from NIST test data
-
-MAC = HMAC
-Algorithm = SHA1
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
-MAC = HMAC
-Algorithm = SHA1
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F10111213
-Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
-MAC = HMAC
-Algorithm = SHA1
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
-Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
-MAC = HMAC
-Algorithm = SHA224
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
-MAC = HMAC
-Algorithm = SHA224
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
-Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
-MAC = HMAC
-Algorithm = SHA224
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
-Output = 91C52509E5AF8531601AE6230099D90BEF88AAEFB961F4080ABC014D
-MAC = HMAC
-Algorithm = SHA256
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
-MAC = HMAC
-Algorithm = SHA256
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
-MAC = HMAC
-Algorithm = SHA256
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
-Output = BDCCB6C72DDEADB500AE768386CB38CC41C63DBB0878DDB9C7A38A431B78378D
-MAC = HMAC
-Algorithm = SHA384
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
-Output = 63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
-MAC = HMAC
-Algorithm = SHA384
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
-Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
-MAC = HMAC
-Algorithm = SHA384
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Output = 5B664436DF69B0CA22551231A3F0A3D5B4F97991713CFA84BFF4D0792EFF96C27DCCBBB6F79B65D548B40E8564CEF594
-MAC = HMAC
-Algorithm = SHA512
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
-Output = FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
-MAC = HMAC
-Algorithm = SHA512
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
-MAC = HMAC
-Algorithm = SHA512
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3
-
-# CMAC tests from FIPS module
-
-MAC = CMAC
-Algorithm = AES-128-CBC
-Key = 77A77FAF290C1FA30C683DF16BA7A77B
-Input = 020683E1F0392F4CAC54318B6029259E9C553DBC4B6AD998E64D58E4E7DC2E13
-Output = FBFEA41BF9740CB501F1292C21CEBB40
-
-MAC = CMAC
-Algorithm = AES-192-CBC
-Key = 7B32391369AA4CA97558095BE3C3EC862BD057CEF1E32D62
-Input =
-Output = E4D9340B03E67DEFD4969CC1ED3735E6
-
-MAC = CMAC
-Algorithm = AES-256-CBC
-Key = 0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1
-Input = 498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F
-Output = F62C46329B41085625669BAF51DEA66A
-
-MAC = CMAC
-Algorithm = DES-EDE3-CBC
-Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
-Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
-Output = 8F49A1B7D6AA2258
-
-# Public key algorithm tests
-
-# Private keys used for PKEY operations.
-
-# RSA 2048 bit key.
-
-PrivateKey = RSA-2048
-
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV
-n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW
-B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP
-6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr
-LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7
-yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt
-A95H4cRPAgMBAAECggEAYCl6x5kbFnoG1rJHWLjL4gi+ubLZ7Jc4vYD5Ci41AF3X
-ziktnim6iFvTFv7x8gkTvArJDWsICLJBTYIQREHYYkozzgIzyPeApIs3Wv8C12cS
-IopwJITbP56+zM+77hcJ26GCgA2Unp5CFuC/81WDiPi9kNo3Oh2CdD7D+90UJ/0W
-glplejFpEuhpU2URfKL4RckJQF/KxV+JX8FdIDhsJu54yemQdQKaF4psHkzwwgDo
-qc+yfp0Vb4bmwq3CKxqEoc1cpbJ5CHXXlAfISzUjlcuBzD/tW7BDtp7eDAcgRVAC
-XO6MX0QBcLYSC7SOD3R7zY9SIRCFDfBDxCjf0YcFMQKBgQD2+WG0fLwDXTrt68fe
-hQqVa2Xs25z2B2QGPxWqSFU8WNly/mZ1BW413f3De/O58vYi7icTNyVoScm+8hdv
-6PfD+LuRujdN1TuvPeyBTSvewQwf3IjN0Wh28mse36PwlBl+301C/x+ylxEDuJjK
-hZxCcocIaoQqtBC7ac8tNa9r4wKBgQDUfnJKf/QQSLJwwlJKQQGHi3MVm7c9PbwY
-eyIOY1s1NPluJDoYTZP4YLa/u2txwe2aHh9FhYMCPDAelqaSwaCLU9DsnKkQEA2A
-RR47fcagG6xK7O+N95iEa8I1oIy7os9MBoBMwRIZ6VYIxxTj8UMNSR+tu6MqV1Gg
-T5d0WDTJpQKBgCHyRSu5uV39AoyRS/eZ8cp36JqV1Q08FtOE+EVfi9evnrPfo9WR
-2YQt7yNfdjCo5IwIj/ZkLhAXlFNakz4el2+oUJ/HKLLaDEoaCNf883q6rh/zABrK
-HcG7sF2d/7qhoJ9/se7zgjfZ68zHIrkzhDbd5xGREnmMJoCcGo3sQyBhAoGAH3UQ
-qmLC2N5KPFMoJ4H0HgLQ6LQCrnhDLkScSBEBYaEUA/AtAYgKjcyTgVLXlyGkcRpg
-esRHHr+WSBD5W+R6ReYEmeKfTJdzyDdzQE9gZjdyjC0DUbsDwybIu3OnIef6VEDq
-IXK7oUZfzDDcsNn4mTDoFaoff5cpqFfgDgM43VkCgYBNHw11b+d+AQmaZS9QqIt7
-aF3FvwCYHV0jdv0Mb+Kc1bY4c0R5MFpzrTwVmdOerjuuA1+9b+0Hwo3nBZM4eaBu
-SOamA2hu2OJWCl9q8fLCT69KqWDjghhvFe7c6aJJGucwaA3Uz3eLcPqoaCarMiNH
-fMkTd7GabVourqIZdgvu1Q==
------END PRIVATE KEY-----
-
-# EC P-256 key
-
-PrivateKey=P-256
-
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw
-+RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH
-+JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ
------END PRIVATE KEY-----
-
-# RSA tests
-
-Sign = RSA-2048
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-
-Verify = RSA-2048
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-
-# Digest too long
-Sign = RSA-2048
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF12345"
-Output = 00
-Result = KEYOP_ERROR
-
-# Digest too short
-Sign = RSA-2048
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF12345"
-Output = 00
-Result = KEYOP_ERROR
-
-# Mismatched digest
-Verify = RSA-2048
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1233"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-Result = VERIFY_ERROR
-
-# Corrupted signature
-Verify = RSA-2048
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1233"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ae
-Result = VERIFY_ERROR
-
-# parameter is not NULL: should verify OK
-Verify = RSA-2048
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = 3ec3fc29eb6e122bd7aa361cd09fe1bcbe85311096a7b9e4799cedfb2351ce0ab7fe4e75b4f6b37f67edd9c60c800f9ab941c0c157d7d880ca9de40c951d60fd293ae220d4bc510b1572d6e85a1bbbd8605b52e05f1c64fafdae59a1c2fbed214b7844d0134619de62851d5a0522e32e556e5950f3f97b8150e3f0dffee612c924201c27cd9bc8b423a71533380c276d3d59fcba35a2e80a1a192ec266a6c2255012cd86a349fe90a542b355fa3355b04da6cdf1df77f0e7bd44a90e880e1760266d233e465226f5db1c68857847d82072861ee266ddfc2e596845b77e1803274a579835ab5e4975d81d20b7df9cec7795489e4a2bdb8c1cf6a6b359945ac92c
-
-# embedded digest too long
-Verify = RSA-2048
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
-Result = VERIFY_ERROR
-
-# embedded digest too short
-Verify = RSA-2048
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
-Result = VERIFY_ERROR
-
-# Garbage after DigestInfo
-Verify = RSA-2048
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
-Result = VERIFY_ERROR
-
-# invalid tag for parameter
-Verify = RSA-2048
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
-Result = VERIFY_ERROR
-
-# EC tests
-
-Verify = P-256
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-
-# Digest too long
-Verify = P-256
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF12345"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-Result = VERIFY_ERROR
-
-# Digest too short
-Verify = P-256
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF123"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-Result = VERIFY_ERROR
-
-# Digest invalid
-Verify = P-256
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1235"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-Result = VERIFY_ERROR
-
-# Invalid signature
-Verify = P-256
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7
-Result = VERIFY_ERROR
-
-# Garbage after signature
-Verify = P-256
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800
-Result = VERIFY_ERROR
-
-# BER signature
-Verify = P-256
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000
-Result = VERIFY_ERROR
+++ /dev/null
-/* Written by Christian Heimes, 2013 */
-/*
- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/opensslconf.h>
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/conf.h>
-
-typedef struct {
- const char *pass;
- int passlen;
- const char *salt;
- int saltlen;
- int iter;
-} testdata;
-
-static testdata test_cases[] = {
- {"password", 8, "salt", 4, 1},
- {"password", 8, "salt", 4, 2},
- {"password", 8, "salt", 4, 4096},
- {"passwordPASSWORDpassword", 24,
- "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36, 4096},
- {"pass\0word", 9, "sa\0lt", 5, 4096},
- {NULL},
-};
-
-static const char *sha1_results[] = {
- "0c60c80f961f0e71f3a9b524af6012062fe037a6",
- "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957",
- "4b007901b765489abead49d926f721d065a429c1",
- "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038",
- "56fa6aa75548099dcc37d7f03425e0c3",
-};
-
-static const char *sha256_results[] = {
- "120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b",
- "ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43",
- "c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a",
- "348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c63551"
- "8c7dac47e9",
- "89b69d0516f829893c696226650a8687",
-};
-
-static const char *sha512_results[] = {
- "867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d47"
- "0a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce",
- "e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab"
- "2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e",
- "d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30"
- "602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5",
- "8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59"
- "f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8",
- "9d9e9c4cd21fe4be24d5b8244c759665",
-};
-
-static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
-{
- int i;
- fprintf(f, "%s", title);
- for (i = 0; i < l; i++) {
- fprintf(f, "%02x", s[i]);
- }
- fprintf(f, "\n");
-}
-
-static void convert(unsigned char *dst, const unsigned char *src, int len)
-{
- int i;
- for (i = 0; i < len; i++, dst++, src += 2) {
- unsigned int n;
- sscanf((char *)src, "%2x", &n);
- *dst = (unsigned char)n;
- }
- *dst = 0;
-}
-
-static void
-test_p5_pbkdf2(int i, char *digestname, testdata *test, const char *hex)
-{
- const EVP_MD *digest;
- unsigned char *out;
- unsigned char *expected;
- int keylen, r;
-
- digest = EVP_get_digestbyname(digestname);
- if (digest == NULL) {
- fprintf(stderr, "unknown digest %s\n", digestname);
- EXIT(5);
- }
-
- if ((strlen(hex) % 2) != 0) {
- fprintf(stderr, "odd hex digest %s %i\n", digestname, i);
- EXIT(5);
- }
- keylen = strlen(hex) / 2;
- expected = OPENSSL_malloc(keylen + 1);
- out = OPENSSL_malloc(keylen + 1);
- if ((expected == NULL) || (out == NULL)) {
- fprintf(stderr, "malloc() failed\n");
- EXIT(5);
- }
- convert(expected, (const unsigned char *)hex, keylen);
-
- r = PKCS5_PBKDF2_HMAC(test->pass, test->passlen,
- (const unsigned char *)test->salt, test->saltlen,
- test->iter, digest, keylen, out);
-
- if (r == 0) {
- fprintf(stderr, "PKCS5_PBKDF2_HMAC(%s) failure test %i\n",
- digestname, i);
- EXIT(3);
- }
- if (memcmp(expected, out, keylen) != 0) {
- fprintf(stderr, "Wrong result for PKCS5_PBKDF2_HMAC(%s) test %i\n",
- digestname, i);
- hexdump(stderr, "expected: ", expected, keylen);
- hexdump(stderr, "result: ", out, keylen);
- EXIT(2);
- }
- OPENSSL_free(expected);
- OPENSSL_free(out);
-}
-
-int main(int argc, char **argv)
-{
- int i;
- testdata *test = test_cases;
-
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- OpenSSL_add_all_digests();
-# ifndef OPENSSL_NO_ENGINE
- ENGINE_load_builtin_engines();
- ENGINE_register_all_digests();
-# endif
-
- printf("PKCS5_PBKDF2_HMAC() tests ");
- for (i = 0; test->pass != NULL; i++, test++) {
- test_p5_pbkdf2(i, "sha1", test, sha1_results[i]);
- test_p5_pbkdf2(i, "sha256", test, sha256_results[i]);
- test_p5_pbkdf2(i, "sha512", test, sha512_results[i]);
- printf(".");
- }
- printf(" done\n");
-
-# ifndef OPENSSL_NO_ENGINE
- ENGINE_cleanup();
-# endif
- EVP_cleanup();
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- ERR_free_strings();
- CRYPTO_mem_leaks_fp(stderr);
- return 0;
-}
+++ /dev/null
-/* crypto/hmac/hmac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_HMAC_H
-# define HEADER_HMAC_H
-
-# include <openssl/opensslconf.h>
-
-# include <openssl/evp.h>
-
-# define HMAC_MAX_MD_CBLOCK 128/* largest known is SHA512 */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct hmac_ctx_st {
- const EVP_MD *md;
- EVP_MD_CTX md_ctx;
- EVP_MD_CTX i_ctx;
- EVP_MD_CTX o_ctx;
- unsigned int key_length;
- unsigned char key[HMAC_MAX_MD_CBLOCK];
- int key_init;
-} HMAC_CTX;
-
-# define HMAC_size(e) (EVP_MD_size((e)->md))
-
-void HMAC_CTX_init(HMAC_CTX *ctx);
-void HMAC_CTX_cleanup(HMAC_CTX *ctx);
-
-#ifdef OPENSSL_USE_DEPRECATED
-/* deprecated */
-# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
-
-/* deprecated */
-DECLARE_DEPRECATED(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md));
-
-#endif
-/*__owur*/ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md, ENGINE *impl);
-/*__owur*/ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
- size_t len);
-/*__owur*/ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md,
- unsigned int *len);
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
- const unsigned char *d, size_t n, unsigned char *md,
- unsigned int *md_len);
-__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
-
-void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/hmac/hmactest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-# include <openssl/hmac.h>
-# ifndef OPENSSL_NO_MD5
-# include <openssl/md5.h>
-# endif
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-# ifndef OPENSSL_NO_MD5
-static struct test_st {
- unsigned char key[16];
- int key_len;
- unsigned char data[64];
- int data_len;
- unsigned char *digest;
-} test[8] = {
- {
- "", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
- (unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
- },
- {
- {
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- }, 16, "Hi There", 8,
- (unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",
- },
- {
- "Jefe", 4, "what do ya want for nothing?", 28,
- (unsigned char *)"750c783e6ab0b503eaa86e310a5db738",
- },
- {
- {
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- }, 16, {
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd
- }, 50, (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
- },
- {
- "", 0, "My test data", 12,
- (unsigned char *)"61afdecb95429ef494d61fdee15990cabf0826fc"
- },
- {
- "", 0, "My test data", 12,
- (unsigned char *)"2274b195d90ce8e03406f4b526a47e0787a88a65479938f1a5baa3ce0f079776"
- },
- {
- "123456", 6, "My test data", 12,
- (unsigned char *)"bab53058ae861a7f191abe2d0145cbb123776a6369ee3f9d79ce455667e411dd"
- },
- {
- "12345", 5, "My test data again", 12,
- (unsigned char *)"7dbe8c764c068e3bcd6e6b0fbcd5e6fc197b15bb"
- }
-};
-# endif
-
-static char *pt(unsigned char *md, unsigned int len);
-
-int main(int argc, char *argv[])
-{
-# ifndef OPENSSL_NO_MD5
- int i;
- char *p;
-# endif
- int err = 0;
- HMAC_CTX ctx, ctx2;
- unsigned char buf[EVP_MAX_MD_SIZE];
- unsigned int len;
-
-# ifdef OPENSSL_NO_MD5
- printf("test skipped: MD5 disabled\n");
-# else
-
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(test[0].data, test[0].data, test[0].data_len);
- ebcdic2ascii(test[1].data, test[1].data, test[1].data_len);
- ebcdic2ascii(test[2].key, test[2].key, test[2].key_len);
- ebcdic2ascii(test[2].data, test[2].data, test[2].data_len);
-# endif
-
- for (i = 0; i < 4; i++) {
- p = pt(HMAC(EVP_md5(),
- test[i].key, test[i].key_len,
- test[i].data, test[i].data_len, NULL, NULL),
- MD5_DIGEST_LENGTH);
-
- if (strcmp(p, (char *)test[i].digest) != 0) {
- printf("Error calculating HMAC on %d entry'\n", i);
- printf("got %s instead of %s\n", p, test[i].digest);
- err++;
- } else
- printf("test %d ok\n", i);
- }
-# endif /* OPENSSL_NO_MD5 */
-
-/* test4 */
- HMAC_CTX_init(&ctx);
- if(HMAC_Init_ex(&ctx, NULL, 0, NULL, NULL)) {
- printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
- err++;
- goto test5;
- }
- if(HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
- printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
- err++;
- goto test5;
- }
- if(HMAC_Init_ex(&ctx, NULL, 0, EVP_sha1(), NULL)) {
- printf("Should fail to initialise HMAC with empty key (test 4)\n");
- err++;
- goto test5;
- }
- if(HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
- printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
- err++;
- goto test5;
- }
- printf("test 4 ok\n");
-test5:
- HMAC_CTX_init(&ctx);
- if(HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, NULL, NULL)) {
- printf("Should fail to initialise HMAC with empty MD (test 5)\n");
- err++;
- goto test6;
- }
- if(HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
- printf("Should fail HMAC_Update with ctx not set up (test 5)\n");
- err++;
- goto test6;
- }
- if(HMAC_Init_ex(&ctx, test[4].key, -1, EVP_sha1(), NULL)) {
- printf("Should fail to initialise HMAC with invalid key len(test 5)\n");
- err++;
- goto test6;
- }
- if(!HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL)) {
- printf("Failed to initialise HMAC (test 5)\n");
- err++;
- goto test6;
- }
- if(!HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
- printf("Error updating HMAC with data (test 5)\n");
- err++;
- goto test6;
- }
- if(!HMAC_Final(&ctx, buf, &len)) {
- printf("Error finalising data (test 5)\n");
- err++;
- goto test6;
- }
- p = pt(buf, len);
- if (strcmp(p, (char *)test[4].digest) != 0) {
- printf("Error calculating interim HMAC on test 5\n");
- printf("got %s instead of %s\n", p, test[4].digest);
- err++;
- goto test6;
- }
- if(!HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) {
- printf("Failed to reinitialise HMAC (test 5)\n");
- err++;
- goto test6;
- }
- if(!HMAC_Update(&ctx, test[5].data, test[5].data_len)) {
- printf("Error updating HMAC with data (sha256) (test 5)\n");
- err++;
- goto test6;
- }
- if(!HMAC_Final(&ctx, buf, &len)) {
- printf("Error finalising data (sha256) (test 5)\n");
- err++;
- goto test6;
- }
- p = pt(buf, len);
- if (strcmp(p, (char *)test[5].digest) != 0) {
- printf("Error calculating 2nd interim HMAC on test 5\n");
- printf("got %s instead of %s\n", p, test[5].digest);
- err++;
- goto test6;
- }
- if(!HMAC_Init_ex(&ctx, test[6].key, test[6].key_len, NULL, NULL)) {
- printf("Failed to reinitialise HMAC with key (test 5)\n");
- err++;
- goto test6;
- }
- if(!HMAC_Update(&ctx, test[6].data, test[6].data_len)) {
- printf("Error updating HMAC with data (new key) (test 5)\n");
- err++;
- goto test6;
- }
- if(!HMAC_Final(&ctx, buf, &len)) {
- printf("Error finalising data (new key) (test 5)\n");
- err++;
- goto test6;
- }
- p = pt(buf, len);
- if (strcmp(p, (char *)test[6].digest) != 0) {
- printf("error calculating HMAC on test 5\n");
- printf("got %s instead of %s\n", p, test[6].digest);
- err++;
- } else {
- printf("test 5 ok\n");
- }
-test6:
- HMAC_CTX_init(&ctx);
- if(!HMAC_Init_ex(&ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL)) {
- printf("Failed to initialise HMAC (test 6)\n");
- err++;
- goto end;
- }
- if(!HMAC_Update(&ctx, test[7].data, test[7].data_len)) {
- printf("Error updating HMAC with data (test 6)\n");
- err++;
- goto end;
- }
- if(!HMAC_CTX_copy(&ctx2, &ctx)) {
- printf("Failed to copy HMAC_CTX (test 6)\n");
- err++;
- goto end;
- }
- if(!HMAC_Final(&ctx2, buf, &len)) {
- printf("Error finalising data (test 6)\n");
- err++;
- goto end;
- }
- p = pt(buf, len);
- if (strcmp(p, (char *)test[7].digest) != 0) {
- printf("Error calculating HMAC on test 6\n");
- printf("got %s instead of %s\n", p, test[7].digest);
- err++;
- } else {
- printf("test 6 ok\n");
- }
-end:
- EXIT(err);
-}
-
-# ifndef OPENSSL_NO_MD5
-static char *pt(unsigned char *md, unsigned int len)
-{
- unsigned int i;
- static char buf[80];
-
- for (i = 0; i < len; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
-# endif
+++ /dev/null
-/* crypto/idea/idea.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_IDEA_H
-# define HEADER_IDEA_H
-
-# include <openssl/opensslconf.h>/* IDEA_INT, OPENSSL_NO_IDEA */
-
-# ifdef OPENSSL_NO_IDEA
-# error IDEA is disabled.
-# endif
-
-# define IDEA_ENCRYPT 1
-# define IDEA_DECRYPT 0
-
-# define IDEA_BLOCK 8
-# define IDEA_KEY_LENGTH 16
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct idea_key_st {
- IDEA_INT data[9][6];
-} IDEA_KEY_SCHEDULE;
-
-const char *idea_options(void);
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
- IDEA_KEY_SCHEDULE *ks);
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
- long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
- int enc);
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
- int *num, int enc);
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
- int *num);
-void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/idea/ideatest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_IDEA
-int main(int argc, char *argv[])
-{
- printf("No IDEA support\n");
- return (0);
-}
-#else
-# include <openssl/idea.h>
-
-unsigned char k[16] = {
- 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
- 0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08
-};
-
-unsigned char in[8] = { 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03 };
-unsigned char c[8] = { 0x11, 0xFB, 0xED, 0x2B, 0x01, 0x98, 0x6D, 0xE5 };
-
-unsigned char out[80];
-
-char *text = "Hello to all people out there";
-
-static unsigned char cfb_key[16] = {
- 0xe1, 0xf0, 0xc3, 0xd2, 0xa5, 0xb4, 0x87, 0x96,
- 0x69, 0x78, 0x4b, 0x5a, 0x2d, 0x3c, 0x0f, 0x1e,
-};
-static unsigned char cfb_iv[80] =
- { 0x34, 0x12, 0x78, 0x56, 0xab, 0x90, 0xef, 0xcd };
-static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
-# define CFB_TEST_SIZE 24
-static unsigned char plain[CFB_TEST_SIZE] = {
- 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
- 0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
- 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
- 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
-};
-
-static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
- 0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
- 0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
- 0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
-/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
- 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
- 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
-};
-
-static int cfb64_test(unsigned char *cfb_cipher);
-static char *pt(unsigned char *p);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- IDEA_KEY_SCHEDULE key, dkey;
- unsigned char iv[8];
-
- idea_set_encrypt_key(k, &key);
- idea_ecb_encrypt(in, out, &key);
- if (memcmp(out, c, 8) != 0) {
- printf("ecb idea error encrypting\n");
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", out[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", c[i]);
- err = 20;
- printf("\n");
- }
-
- idea_set_decrypt_key(&key, &dkey);
- idea_ecb_encrypt(c, out, &dkey);
- if (memcmp(out, in, 8) != 0) {
- printf("ecb idea error decrypting\n");
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", out[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", in[i]);
- printf("\n");
- err = 3;
- }
-
- if (err == 0)
- printf("ecb idea ok\n");
-
- memcpy(iv, k, 8);
- idea_cbc_encrypt((unsigned char *)text, out, strlen(text) + 1, &key, iv,
- 1);
- memcpy(iv, k, 8);
- idea_cbc_encrypt(out, out, 8, &dkey, iv, 0);
- idea_cbc_encrypt(&(out[8]), &(out[8]), strlen(text) + 1 - 8, &dkey, iv,
- 0);
- if (memcmp(text, out, strlen(text) + 1) != 0) {
- printf("cbc idea bad\n");
- err = 4;
- } else
- printf("cbc idea ok\n");
-
- printf("cfb64 idea ");
- if (cfb64_test(cfb_cipher64)) {
- printf("bad\n");
- err = 5;
- } else
- printf("ok\n");
-
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- EXIT(err);
-}
-
-static int cfb64_test(unsigned char *cfb_cipher)
-{
- IDEA_KEY_SCHEDULE eks, dks;
- int err = 0, i, n;
-
- idea_set_encrypt_key(cfb_key, &eks);
- idea_set_decrypt_key(&eks, &dks);
- memcpy(cfb_tmp, cfb_iv, 8);
- n = 0;
- idea_cfb64_encrypt(plain, cfb_buf1, (long)12, &eks,
- cfb_tmp, &n, IDEA_ENCRYPT);
- idea_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
- (long)CFB_TEST_SIZE - 12, &eks,
- cfb_tmp, &n, IDEA_ENCRYPT);
- if (memcmp(cfb_cipher, cfb_buf1, CFB_TEST_SIZE) != 0) {
- err = 1;
- printf("idea_cfb64_encrypt encrypt error\n");
- for (i = 0; i < CFB_TEST_SIZE; i += 8)
- printf("%s\n", pt(&(cfb_buf1[i])));
- }
- memcpy(cfb_tmp, cfb_iv, 8);
- n = 0;
- idea_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)13, &eks,
- cfb_tmp, &n, IDEA_DECRYPT);
- idea_cfb64_encrypt(&(cfb_buf1[13]), &(cfb_buf2[13]),
- (long)CFB_TEST_SIZE - 13, &eks,
- cfb_tmp, &n, IDEA_DECRYPT);
- if (memcmp(plain, cfb_buf2, CFB_TEST_SIZE) != 0) {
- err = 1;
- printf("idea_cfb_encrypt decrypt error\n");
- for (i = 0; i < 24; i += 8)
- printf("%s\n", pt(&(cfb_buf2[i])));
- }
- return (err);
-}
-
-static char *pt(unsigned char *p)
-{
- static char bufs[10][20];
- static int bnum = 0;
- char *ret;
- int i;
- static char *f = "0123456789ABCDEF";
-
- ret = &(bufs[bnum++][0]);
- bnum %= 10;
- for (i = 0; i < 8; i++) {
- ret[i * 2] = f[(p[i] >> 4) & 0xf];
- ret[i * 2 + 1] = f[p[i] & 0xf];
- }
- ret[16] = '\0';
- return (ret);
-}
-#endif
+++ /dev/null
-/*
- * Implement J-PAKE, as described in
- * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf
- *
- * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java.
- */
-
-#ifndef HEADER_JPAKE_H
-# define HEADER_JPAKE_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_JPAKE
-# error JPAKE is disabled.
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/bn.h>
-# include <openssl/sha.h>
-
-typedef struct JPAKE_CTX JPAKE_CTX;
-
-/* Note that "g" in the ZKPs is not necessarily the J-PAKE g. */
-typedef struct {
- BIGNUM *gr; /* g^r (r random) */
- BIGNUM *b; /* b = r - x*h, h=hash(g, g^r, g^x, name) */
-} JPAKE_ZKP;
-
-typedef struct {
- BIGNUM *gx; /* g^x in step 1, g^(xa + xc + xd) * xb * s
- * in step 2 */
- JPAKE_ZKP zkpx; /* ZKP(x) or ZKP(xb * s) */
-} JPAKE_STEP_PART;
-
-typedef struct {
- JPAKE_STEP_PART p1; /* g^x3, ZKP(x3) or g^x1, ZKP(x1) */
- JPAKE_STEP_PART p2; /* g^x4, ZKP(x4) or g^x2, ZKP(x2) */
-} JPAKE_STEP1;
-
-typedef JPAKE_STEP_PART JPAKE_STEP2;
-
-typedef struct {
- unsigned char hhk[SHA_DIGEST_LENGTH];
-} JPAKE_STEP3A;
-
-typedef struct {
- unsigned char hk[SHA_DIGEST_LENGTH];
-} JPAKE_STEP3B;
-
-/* Parameters are copied */
-JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
- const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
- const BIGNUM *secret);
-void JPAKE_CTX_free(JPAKE_CTX *ctx);
-
-/*
- * Note that JPAKE_STEP1 can be used multiple times before release
- * without another init.
- */
-void JPAKE_STEP1_init(JPAKE_STEP1 *s1);
-int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx);
-int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received);
-void JPAKE_STEP1_release(JPAKE_STEP1 *s1);
-
-/*
- * Note that JPAKE_STEP2 can be used multiple times before release
- * without another init.
- */
-void JPAKE_STEP2_init(JPAKE_STEP2 *s2);
-int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx);
-int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received);
-void JPAKE_STEP2_release(JPAKE_STEP2 *s2);
-
-/*
- * Optionally verify the shared key. If the shared secrets do not
- * match, the two ends will disagree about the shared key, but
- * otherwise the protocol will succeed.
- */
-void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a);
-int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx);
-int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received);
-void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a);
-
-void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b);
-int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx);
-int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received);
-void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b);
-
-/*
- * the return value belongs to the library and will be released when
- * ctx is released, and will change when a new handshake is performed.
- */
-const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_JPAKE_strings(void);
-
-/* Error codes for the JPAKE functions. */
-
-/* Function codes. */
-# define JPAKE_F_JPAKE_STEP1_PROCESS 101
-# define JPAKE_F_JPAKE_STEP2_PROCESS 102
-# define JPAKE_F_JPAKE_STEP3A_PROCESS 103
-# define JPAKE_F_JPAKE_STEP3B_PROCESS 104
-# define JPAKE_F_VERIFY_ZKP 100
-
-/* Reason codes. */
-# define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108
-# define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109
-# define JPAKE_R_G_TO_THE_X4_IS_ONE 105
-# define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106
-# define JPAKE_R_HASH_OF_KEY_MISMATCH 107
-# define JPAKE_R_VERIFY_B_FAILED 102
-# define JPAKE_R_VERIFY_X3_FAILED 103
-# define JPAKE_R_VERIFY_X4_FAILED 104
-# define JPAKE_R_ZKP_VERIFY_FAILED 100
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_JPAKE
-
-# include <stdio.h>
-
-int main(int argc, char *argv[])
-{
- printf("No J-PAKE support\n");
- return (0);
-}
-
-#else
-
-# include <openssl/jpake.h>
-# include <openssl/err.h>
-
-static void showbn(const char *name, const BIGNUM *bn)
-{
- fputs(name, stdout);
- fputs(" = ", stdout);
- BN_print_fp(stdout, bn);
- putc('\n', stdout);
-}
-
-static int run_jpake(JPAKE_CTX *alice, JPAKE_CTX *bob)
-{
- JPAKE_STEP1 alice_s1;
- JPAKE_STEP1 bob_s1;
- JPAKE_STEP2 alice_s2;
- JPAKE_STEP2 bob_s2;
- JPAKE_STEP3A alice_s3a;
- JPAKE_STEP3B bob_s3b;
-
- /* Alice -> Bob: step 1 */
- puts("A->B s1");
- JPAKE_STEP1_init(&alice_s1);
- JPAKE_STEP1_generate(&alice_s1, alice);
- if (!JPAKE_STEP1_process(bob, &alice_s1)) {
- printf("Bob fails to process Alice's step 1\n");
- ERR_print_errors_fp(stdout);
- return 1;
- }
- JPAKE_STEP1_release(&alice_s1);
-
- /* Bob -> Alice: step 1 */
- puts("B->A s1");
- JPAKE_STEP1_init(&bob_s1);
- JPAKE_STEP1_generate(&bob_s1, bob);
- if (!JPAKE_STEP1_process(alice, &bob_s1)) {
- printf("Alice fails to process Bob's step 1\n");
- ERR_print_errors_fp(stdout);
- return 2;
- }
- JPAKE_STEP1_release(&bob_s1);
-
- /* Alice -> Bob: step 2 */
- puts("A->B s2");
- JPAKE_STEP2_init(&alice_s2);
- JPAKE_STEP2_generate(&alice_s2, alice);
- if (!JPAKE_STEP2_process(bob, &alice_s2)) {
- printf("Bob fails to process Alice's step 2\n");
- ERR_print_errors_fp(stdout);
- return 3;
- }
- JPAKE_STEP2_release(&alice_s2);
-
- /* Bob -> Alice: step 2 */
- puts("B->A s2");
- JPAKE_STEP2_init(&bob_s2);
- JPAKE_STEP2_generate(&bob_s2, bob);
- if (!JPAKE_STEP2_process(alice, &bob_s2)) {
- printf("Alice fails to process Bob's step 2\n");
- ERR_print_errors_fp(stdout);
- return 4;
- }
- JPAKE_STEP2_release(&bob_s2);
-
- showbn("Alice's key", JPAKE_get_shared_key(alice));
- showbn("Bob's key ", JPAKE_get_shared_key(bob));
-
- /* Alice -> Bob: step 3a */
- puts("A->B s3a");
- JPAKE_STEP3A_init(&alice_s3a);
- JPAKE_STEP3A_generate(&alice_s3a, alice);
- if (!JPAKE_STEP3A_process(bob, &alice_s3a)) {
- printf("Bob fails to process Alice's step 3a\n");
- ERR_print_errors_fp(stdout);
- return 5;
- }
- JPAKE_STEP3A_release(&alice_s3a);
-
- /* Bob -> Alice: step 3b */
- puts("B->A s3b");
- JPAKE_STEP3B_init(&bob_s3b);
- JPAKE_STEP3B_generate(&bob_s3b, bob);
- if (!JPAKE_STEP3B_process(alice, &bob_s3b)) {
- printf("Alice fails to process Bob's step 3b\n");
- ERR_print_errors_fp(stdout);
- return 6;
- }
- JPAKE_STEP3B_release(&bob_s3b);
-
- return 0;
-}
-
-int main(int argc, char **argv)
-{
- JPAKE_CTX *alice;
- JPAKE_CTX *bob;
- BIGNUM *p = NULL;
- BIGNUM *g = NULL;
- BIGNUM *q = NULL;
- BIGNUM *secret = BN_new();
- BIO *bio_err;
-
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- CRYPTO_malloc_debug_init();
- CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- ERR_load_crypto_strings();
-
- /*-
- BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
- BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
- BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
- */
- /*-
- p = BN_new();
- BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
- */
- /* Use a safe prime for p (that we found earlier) */
- BN_hex2bn(&p,
- "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
- showbn("p", p);
- g = BN_new();
- BN_set_word(g, 2);
- showbn("g", g);
- q = BN_new();
- BN_rshift1(q, p);
- showbn("q", q);
-
- BN_rand(secret, 32, -1, 0);
-
- /* A normal run, expect this to work... */
- alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
- bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
-
- if (run_jpake(alice, bob) != 0) {
- fprintf(stderr, "Plain JPAKE run failed\n");
- return 1;
- }
-
- JPAKE_CTX_free(bob);
- JPAKE_CTX_free(alice);
-
- /* Now give Alice and Bob different secrets */
- alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
- BN_add_word(secret, 1);
- bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
-
- if (run_jpake(alice, bob) != 5) {
- fprintf(stderr, "Mismatched secret JPAKE run failed\n");
- return 1;
- }
-
- JPAKE_CTX_free(bob);
- JPAKE_CTX_free(alice);
-
- BN_free(secret);
- BN_free(q);
- BN_free(g);
- BN_free(p);
-
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- ERR_free_strings();
- CRYPTO_mem_leaks(bio_err);
-
- return 0;
-}
-
-#endif
+++ /dev/null
-/* krb5_asn.h */
-/*
- * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
- * using ocsp/{*.h,*asn*.c} as a starting point
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_KRB5_ASN_H
-# define HEADER_KRB5_ASN_H
-
-/*
- * #include <krb5.h>
- */
-# include <openssl/safestack.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * ASN.1 from Kerberos RFC 1510
- */
-
-/*- EncryptedData ::= SEQUENCE {
- * etype[0] INTEGER, -- EncryptionType
- * kvno[1] INTEGER OPTIONAL,
- * cipher[2] OCTET STRING -- ciphertext
- * }
- */
-typedef struct krb5_encdata_st {
- ASN1_INTEGER *etype;
- ASN1_INTEGER *kvno;
- ASN1_OCTET_STRING *cipher;
-} KRB5_ENCDATA;
-
-DECLARE_STACK_OF(KRB5_ENCDATA)
-
-/*- PrincipalName ::= SEQUENCE {
- * name-type[0] INTEGER,
- * name-string[1] SEQUENCE OF GeneralString
- * }
- */
-typedef struct krb5_princname_st {
- ASN1_INTEGER *nametype;
- STACK_OF(ASN1_GENERALSTRING) *namestring;
-} KRB5_PRINCNAME;
-
-DECLARE_STACK_OF(KRB5_PRINCNAME)
-
-/*- Ticket ::= [APPLICATION 1] SEQUENCE {
- * tkt-vno[0] INTEGER,
- * realm[1] Realm,
- * sname[2] PrincipalName,
- * enc-part[3] EncryptedData
- * }
- */
-typedef struct krb5_tktbody_st {
- ASN1_INTEGER *tktvno;
- ASN1_GENERALSTRING *realm;
- KRB5_PRINCNAME *sname;
- KRB5_ENCDATA *encdata;
-} KRB5_TKTBODY;
-
-typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
-DECLARE_STACK_OF(KRB5_TKTBODY)
-
-/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
- * pvno[0] INTEGER,
- * msg-type[1] INTEGER,
- * ap-options[2] APOptions,
- * ticket[3] Ticket,
- * authenticator[4] EncryptedData
- * }
- *
- * APOptions ::= BIT STRING {
- * reserved(0), use-session-key(1), mutual-required(2) }
- */
-typedef struct krb5_ap_req_st {
- ASN1_INTEGER *pvno;
- ASN1_INTEGER *msgtype;
- ASN1_BIT_STRING *apoptions;
- KRB5_TICKET *ticket;
- KRB5_ENCDATA *authenticator;
-} KRB5_APREQBODY;
-
-typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
-DECLARE_STACK_OF(KRB5_APREQBODY)
-
-/* Authenticator Stuff */
-
-/*- Checksum ::= SEQUENCE {
- * cksumtype[0] INTEGER,
- * checksum[1] OCTET STRING
- * }
- */
-typedef struct krb5_checksum_st {
- ASN1_INTEGER *ctype;
- ASN1_OCTET_STRING *checksum;
-} KRB5_CHECKSUM;
-
-DECLARE_STACK_OF(KRB5_CHECKSUM)
-
-/*- EncryptionKey ::= SEQUENCE {
- * keytype[0] INTEGER,
- * keyvalue[1] OCTET STRING
- * }
- */
-typedef struct krb5_encryptionkey_st {
- ASN1_INTEGER *ktype;
- ASN1_OCTET_STRING *keyvalue;
-} KRB5_ENCKEY;
-
-DECLARE_STACK_OF(KRB5_ENCKEY)
-
-/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
- * ad-type[0] INTEGER,
- * ad-data[1] OCTET STRING
- * }
- */
-typedef struct krb5_authorization_st {
- ASN1_INTEGER *adtype;
- ASN1_OCTET_STRING *addata;
-} KRB5_AUTHDATA;
-
-DECLARE_STACK_OF(KRB5_AUTHDATA)
-
-/*- -- Unencrypted authenticator
- * Authenticator ::= [APPLICATION 2] SEQUENCE {
- * authenticator-vno[0] INTEGER,
- * crealm[1] Realm,
- * cname[2] PrincipalName,
- * cksum[3] Checksum OPTIONAL,
- * cusec[4] INTEGER,
- * ctime[5] KerberosTime,
- * subkey[6] EncryptionKey OPTIONAL,
- * seq-number[7] INTEGER OPTIONAL,
- * authorization-data[8] AuthorizationData OPTIONAL
- * }
- */
-typedef struct krb5_authenticator_st {
- ASN1_INTEGER *avno;
- ASN1_GENERALSTRING *crealm;
- KRB5_PRINCNAME *cname;
- KRB5_CHECKSUM *cksum;
- ASN1_INTEGER *cusec;
- ASN1_GENERALIZEDTIME *ctime;
- KRB5_ENCKEY *subkey;
- ASN1_INTEGER *seqnum;
- KRB5_AUTHDATA *authorization;
-} KRB5_AUTHENTBODY;
-
-typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
-DECLARE_STACK_OF(KRB5_AUTHENTBODY)
-
-/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
- * type *name##_new(void);
- * void name##_free(type *a);
- * DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
- * DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
- * type *d2i_##name(type **a, const unsigned char **in, long len);
- * int i2d_##name(type *a, unsigned char **out);
- * DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
- */
-
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
-DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
-
-DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/lhash/lhash.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Header for dynamic hash table routines Author - Eric Young
- */
-
-#ifndef HEADER_LHASH_H
-# define HEADER_LHASH_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_STDIO
-# include <stdio.h>
-# endif
-
-# include <openssl/bio.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct lhash_node_st {
- void *data;
- struct lhash_node_st *next;
- unsigned long hash;
-} LHASH_NODE;
-
-typedef int (*LHASH_COMP_FN_TYPE) (const void *, const void *);
-typedef unsigned long (*LHASH_HASH_FN_TYPE) (const void *);
-typedef void (*LHASH_DOALL_FN_TYPE) (void *);
-typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
-
-/*
- * Macros for declaring and implementing type-safe wrappers for LHASH
- * callbacks. This way, callbacks can be provided to LHASH structures without
- * function pointer casting and the macro-defined callbacks provide
- * per-variable casting before deferring to the underlying type-specific
- * callbacks. NB: It is possible to place a "static" in front of both the
- * DECLARE and IMPLEMENT macros if the functions are strictly internal.
- */
-
-/* First: "hash" functions */
-# define DECLARE_LHASH_HASH_FN(name, o_type) \
- unsigned long name##_LHASH_HASH(const void *);
-# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
- unsigned long name##_LHASH_HASH(const void *arg) { \
- const o_type *a = arg; \
- return name##_hash(a); }
-# define LHASH_HASH_FN(name) name##_LHASH_HASH
-
-/* Second: "compare" functions */
-# define DECLARE_LHASH_COMP_FN(name, o_type) \
- int name##_LHASH_COMP(const void *, const void *);
-# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
- int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
- const o_type *a = arg1; \
- const o_type *b = arg2; \
- return name##_cmp(a,b); }
-# define LHASH_COMP_FN(name) name##_LHASH_COMP
-
-/* Third: "doall" functions */
-# define DECLARE_LHASH_DOALL_FN(name, o_type) \
- void name##_LHASH_DOALL(void *);
-# define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
- void name##_LHASH_DOALL(void *arg) { \
- o_type *a = arg; \
- name##_doall(a); }
-# define LHASH_DOALL_FN(name) name##_LHASH_DOALL
-
-/* Fourth: "doall_arg" functions */
-# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
- void name##_LHASH_DOALL_ARG(void *, void *);
-# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
- void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
- o_type *a = arg1; \
- a_type *b = arg2; \
- name##_doall_arg(a, b); }
-# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
-
-typedef struct lhash_st {
- LHASH_NODE **b;
- LHASH_COMP_FN_TYPE comp;
- LHASH_HASH_FN_TYPE hash;
- unsigned int num_nodes;
- unsigned int num_alloc_nodes;
- unsigned int p;
- unsigned int pmax;
- unsigned long up_load; /* load times 256 */
- unsigned long down_load; /* load times 256 */
- unsigned long num_items;
- unsigned long num_expands;
- unsigned long num_expand_reallocs;
- unsigned long num_contracts;
- unsigned long num_contract_reallocs;
- unsigned long num_hash_calls;
- unsigned long num_comp_calls;
- unsigned long num_insert;
- unsigned long num_replace;
- unsigned long num_delete;
- unsigned long num_no_delete;
- unsigned long num_retrieve;
- unsigned long num_retrieve_miss;
- unsigned long num_hash_comps;
- int error;
-} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
- * and friends */
-
-# define LH_LOAD_MULT 256
-
-/*
- * Indicates a malloc() error in the last call, this is only bad in
- * lh_insert().
- */
-# define lh_error(lh) ((lh)->error)
-
-_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
-void lh_free(_LHASH *lh);
-void *lh_insert(_LHASH *lh, void *data);
-void *lh_delete(_LHASH *lh, const void *data);
-void *lh_retrieve(_LHASH *lh, const void *data);
-void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
-void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
-unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(const _LHASH *lh);
-
-# ifndef OPENSSL_NO_STDIO
-void lh_stats(const _LHASH *lh, FILE *fp);
-void lh_node_stats(const _LHASH *lh, FILE *fp);
-void lh_node_usage_stats(const _LHASH *lh, FILE *fp);
-# endif
-void lh_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
-
-/* Type checking... */
-
-# define LHASH_OF(type) struct lhash_st_##type
-
-# define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
-
-# define CHECKED_LHASH_OF(type,lh) \
- ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
-
-/* Define wrapper functions. */
-# define LHM_lh_new(type, name) \
- ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
-# define LHM_lh_error(type, lh) \
- lh_error(CHECKED_LHASH_OF(type,lh))
-# define LHM_lh_insert(type, lh, inst) \
- ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
- CHECKED_PTR_OF(type, inst)))
-# define LHM_lh_retrieve(type, lh, inst) \
- ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
- CHECKED_PTR_OF(type, inst)))
-# define LHM_lh_delete(type, lh, inst) \
- ((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \
- CHECKED_PTR_OF(type, inst)))
-# define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
-# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
- lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
-# define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
-# define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
-# define LHM_lh_node_stats_bio(type, lh, out) \
- lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-# define LHM_lh_node_usage_stats_bio(type, lh, out) \
- lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-# define LHM_lh_stats_bio(type, lh, out) \
- lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-# define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
-
-DECLARE_LHASH_OF(OPENSSL_STRING);
-DECLARE_LHASH_OF(OPENSSL_CSTRING);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/md/md2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD2_H
-# define HEADER_MD2_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_MD2, MD2_INT */
-# ifdef OPENSSL_NO_MD2
-# error MD2 is disabled.
-# endif
-# include <stddef.h>
-
-# define MD2_DIGEST_LENGTH 16
-# define MD2_BLOCK 16
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct MD2state_st {
- unsigned int num;
- unsigned char data[MD2_BLOCK];
- MD2_INT cksm[MD2_BLOCK];
- MD2_INT state[MD2_BLOCK];
-} MD2_CTX;
-
-const char *MD2_options(void);
-int MD2_Init(MD2_CTX *c);
-int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len);
-int MD2_Final(unsigned char *md, MD2_CTX *c);
-unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/md2/md2test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_MD2
-int main(int argc, char *argv[])
-{
- printf("No MD2 support\n");
- return (0);
-}
-#else
-# include <openssl/evp.h>
-# include <openssl/md2.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-static char *test[] = {
- "",
- "a",
- "abc",
- "message digest",
- "abcdefghijklmnopqrstuvwxyz",
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- NULL,
-};
-
-static char *ret[] = {
- "8350e5a3e24c153df2275c9f80692773",
- "32ec01ec4a6dac72c0ab96fb34c0b5d1",
- "da853b0d3f88d99b30283a69e6ded6bb",
- "ab4f496bfb2a530b219ff33031fe06b0",
- "4e8ddff3650292ab5a4108c3aa47940b",
- "da33def2a42df13975352846c30338cd",
- "d5976f79d83d3a0dc9806c3c66f3efd8",
-};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- char **P, **R;
- char *p;
- unsigned char md[MD2_DIGEST_LENGTH];
-
- P = test;
- R = ret;
- i = 1;
- while (*P != NULL) {
- EVP_Digest((unsigned char *)*P, strlen(*P), md, NULL, EVP_md2(),
- NULL);
- p = pt(md);
- if (strcmp(p, *R) != 0) {
- printf("error calculating MD2 on '%s'\n", *P);
- printf("got %s instead of %s\n", p, *R);
- err++;
- } else
- printf("test %d ok\n", i);
- i++;
- R++;
- P++;
- }
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- EXIT(err);
- return err;
-}
-
-static char *pt(unsigned char *md)
-{
- int i;
- static char buf[80];
-
- for (i = 0; i < MD2_DIGEST_LENGTH; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
-#endif
+++ /dev/null
-/* crypto/md4/md4.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD4_H
-# define HEADER_MD4_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_MD4
-# error MD4 is disabled.
-# endif
-
-/*-
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD4_LONG has to be at least 32 bits wide. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-# define MD4_LONG unsigned int
-
-# define MD4_CBLOCK 64
-# define MD4_LBLOCK (MD4_CBLOCK/4)
-# define MD4_DIGEST_LENGTH 16
-
-typedef struct MD4state_st {
- MD4_LONG A, B, C, D;
- MD4_LONG Nl, Nh;
- MD4_LONG data[MD4_LBLOCK];
- unsigned int num;
-} MD4_CTX;
-
-int MD4_Init(MD4_CTX *c);
-int MD4_Update(MD4_CTX *c, const void *data, size_t len);
-int MD4_Final(unsigned char *md, MD4_CTX *c);
-unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
-void MD4_Transform(MD4_CTX *c, const unsigned char *b);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/md4/md4test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_MD4
-int main(int argc, char *argv[])
-{
- printf("No MD4 support\n");
- return (0);
-}
-#else
-# include <openssl/evp.h>
-# include <openssl/md4.h>
-
-static char *test[] = {
- "",
- "a",
- "abc",
- "message digest",
- "abcdefghijklmnopqrstuvwxyz",
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- NULL,
-};
-
-static char *ret[] = {
- "31d6cfe0d16ae931b73c59d7e0c089c0",
- "bde52cb31de33e46245e05fbdbd6fb24",
- "a448017aaf21d8525fc10ae87aa6729d",
- "d9130a8164549fe818874806e1c7014b",
- "d79e1c308aa5bbcdeea8ed63df412da9",
- "043f8582f241db351ce627e153e7f0e4",
- "e33b4ddc9c38f2199c3e7b164fcc0536",
-};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- char **P, **R;
- char *p;
- unsigned char md[MD4_DIGEST_LENGTH];
-
- P = test;
- R = ret;
- i = 1;
- while (*P != NULL) {
- EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md4(), NULL);
- p = pt(md);
- if (strcmp(p, (char *)*R) != 0) {
- printf("error calculating MD4 on '%s'\n", *P);
- printf("got %s instead of %s\n", p, *R);
- err++;
- } else
- printf("test %d ok\n", i);
- i++;
- R++;
- P++;
- }
- EXIT(err);
-}
-
-static char *pt(unsigned char *md)
-{
- int i;
- static char buf[80];
-
- for (i = 0; i < MD4_DIGEST_LENGTH; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
-#endif
+++ /dev/null
-/* crypto/md5/md5.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD5_H
-# define HEADER_MD5_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_MD5
-# error MD5 is disabled.
-# endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD5_LONG has to be at least 32 bits wide. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-# define MD5_LONG unsigned int
-
-# define MD5_CBLOCK 64
-# define MD5_LBLOCK (MD5_CBLOCK/4)
-# define MD5_DIGEST_LENGTH 16
-
-typedef struct MD5state_st {
- MD5_LONG A, B, C, D;
- MD5_LONG Nl, Nh;
- MD5_LONG data[MD5_LBLOCK];
- unsigned int num;
-} MD5_CTX;
-
-int MD5_Init(MD5_CTX *c);
-int MD5_Update(MD5_CTX *c, const void *data, size_t len);
-int MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
-void MD5_Transform(MD5_CTX *c, const unsigned char *b);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/md5/md5test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_MD5
-int main(int argc, char *argv[])
-{
- printf("No MD5 support\n");
- return (0);
-}
-#else
-# include <openssl/evp.h>
-# include <openssl/md5.h>
-
-static char *test[] = {
- "",
- "a",
- "abc",
- "message digest",
- "abcdefghijklmnopqrstuvwxyz",
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- NULL,
-};
-
-static char *ret[] = {
- "d41d8cd98f00b204e9800998ecf8427e",
- "0cc175b9c0f1b6a831c399e269772661",
- "900150983cd24fb0d6963f7d28e17f72",
- "f96b697d7cb7938d525a2f31aaf161d0",
- "c3fcd3d76192e4007dfb496cca67e13b",
- "d174ab98d277d9f5a5611c2c9f419d9f",
- "57edf4a22be3c955ac49da2e2107b67a",
-};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- char **P, **R;
- char *p;
- unsigned char md[MD5_DIGEST_LENGTH];
-
- P = test;
- R = ret;
- i = 1;
- while (*P != NULL) {
- EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md5(), NULL);
- p = pt(md);
- if (strcmp(p, (char *)*R) != 0) {
- printf("error calculating MD5 on '%s'\n", *P);
- printf("got %s instead of %s\n", p, *R);
- err++;
- } else
- printf("test %d ok\n", i);
- i++;
- R++;
- P++;
- }
-
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- EXIT(err);
-}
-
-static char *pt(unsigned char *md)
-{
- int i;
- static char buf[80];
-
- for (i = 0; i < MD5_DIGEST_LENGTH; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
-#endif
+++ /dev/null
-/* crypto/mdc2/mdc2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MDC2_H
-# define HEADER_MDC2_H
-
-# include <openssl/des.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_MDC2
-# error MDC2 is disabled.
-# endif
-
-# define MDC2_BLOCK 8
-# define MDC2_DIGEST_LENGTH 16
-
-typedef struct mdc2_ctx_st {
- unsigned int num;
- unsigned char data[MDC2_BLOCK];
- DES_cblock h, hh;
- int pad_type; /* either 1 or 2, default 1 */
-} MDC2_CTX;
-
-int MDC2_Init(MDC2_CTX *c);
-int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
-int MDC2_Final(unsigned char *md, MDC2_CTX *c);
-unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/mdc2/mdc2test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#if defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_MDC2)
-# define OPENSSL_NO_MDC2
-#endif
-
-#ifdef OPENSSL_NO_MDC2
-int main(int argc, char *argv[])
-{
- printf("No MDC2 support\n");
- return (0);
-}
-#else
-# include <openssl/evp.h>
-# include <openssl/mdc2.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-static unsigned char pad1[16] = {
- 0x42, 0xE5, 0x0C, 0xD2, 0x24, 0xBA, 0xCE, 0xBA,
- 0x76, 0x0B, 0xDD, 0x2B, 0xD4, 0x09, 0x28, 0x1A
-};
-
-static unsigned char pad2[16] = {
- 0x2E, 0x46, 0x79, 0xB5, 0xAD, 0xD9, 0xCA, 0x75,
- 0x35, 0xD8, 0x7A, 0xFE, 0xAB, 0x33, 0xBE, 0xE2
-};
-
-int main(int argc, char *argv[])
-{
- int ret = 0;
- unsigned char md[MDC2_DIGEST_LENGTH];
- int i;
- EVP_MD_CTX c;
- static char *text = "Now is the time for all ";
-
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(text, text, strlen(text));
-# endif
-
- EVP_MD_CTX_init(&c);
- EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
- EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
- EVP_DigestFinal_ex(&c, &(md[0]), NULL);
-
- if (memcmp(md, pad1, MDC2_DIGEST_LENGTH) != 0) {
- for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
- printf("%02X", md[i]);
- printf(" <- generated\n");
- for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
- printf("%02X", pad1[i]);
- printf(" <- correct\n");
- ret = 1;
- } else
- printf("pad1 - ok\n");
-
- EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
- /* FIXME: use a ctl function? */
- ((MDC2_CTX *)c.md_data)->pad_type = 2;
- EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
- EVP_DigestFinal_ex(&c, &(md[0]), NULL);
-
- if (memcmp(md, pad2, MDC2_DIGEST_LENGTH) != 0) {
- for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
- printf("%02X", md[i]);
- printf(" <- generated\n");
- for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
- printf("%02X", pad2[i]);
- printf(" <- correct\n");
- ret = 1;
- } else
- printf("pad2 - ok\n");
-
- EVP_MD_CTX_cleanup(&c);
-# ifdef OPENSSL_SYS_NETWARE
- if (ret)
- printf("ERROR: %d\n", ret);
-# endif
- EXIT(ret);
-}
-#endif
+++ /dev/null
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Rights for redistribution and usage in source and binary
- * forms are granted according to the OpenSSL license.
- */
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-typedef void (*block128_f) (const unsigned char in[16],
- unsigned char out[16], const void *key);
-
-typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], int enc);
-
-typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
- size_t blocks, const void *key,
- const unsigned char ivec[16]);
-
-typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
- size_t blocks, const void *key,
- const unsigned char ivec[16],
- unsigned char cmac[16]);
-
-void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block);
-void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block);
-
-void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16],
- unsigned char ecount_buf[16], unsigned int *num,
- block128_f block);
-
-void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16],
- unsigned char ecount_buf[16],
- unsigned int *num, ctr128_f ctr);
-
-void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], int *num,
- block128_f block);
-
-void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], int *num,
- int enc, block128_f block);
-void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const void *key,
- unsigned char ivec[16], int *num,
- int enc, block128_f block);
-void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
- size_t bits, const void *key,
- unsigned char ivec[16], int *num,
- int enc, block128_f block);
-
-size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
- unsigned char *out, size_t len,
- const void *key, unsigned char ivec[16],
- block128_f block);
-size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
- unsigned char *out, size_t len,
- const void *key, unsigned char ivec[16],
- block128_f block);
-size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-
-size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
- unsigned char *out, size_t len,
- const void *key,
- unsigned char ivec[16],
- block128_f block);
-size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
- unsigned char *out, size_t len,
- const void *key,
- unsigned char ivec[16],
- block128_f block);
-size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-
-typedef struct gcm128_context GCM128_CONTEXT;
-
-GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
-void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
-void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
- size_t len);
-int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
- size_t len);
-int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
- const unsigned char *in, unsigned char *out,
- size_t len);
-int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
- const unsigned char *in, unsigned char *out,
- size_t len);
-int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
- const unsigned char *in, unsigned char *out,
- size_t len, ctr128_f stream);
-int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
- const unsigned char *in, unsigned char *out,
- size_t len, ctr128_f stream);
-int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
- size_t len);
-void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
-void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
-
-typedef struct ccm128_context CCM128_CONTEXT;
-
-void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
- unsigned int M, unsigned int L, void *key,
- block128_f block);
-int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
- size_t nlen, size_t mlen);
-void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
- size_t alen);
-int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
- unsigned char *out, size_t len);
-int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
- unsigned char *out, size_t len);
-int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
- unsigned char *out, size_t len,
- ccm128_f stream);
-int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
- unsigned char *out, size_t len,
- ccm128_f stream);
-size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
-
-typedef struct xts128_context XTS128_CONTEXT;
-
-int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
- const unsigned char iv[16],
- const unsigned char *inp, unsigned char *out,
- size_t len, int enc);
-
-size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, size_t inlen,
- block128_f block);
-
-size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, size_t inlen,
- block128_f block);
-size_t CRYPTO_128_wrap_pad(void *key, const unsigned char *icv,
- unsigned char *out, const unsigned char *in,
- size_t inlen, block128_f block);
-size_t CRYPTO_128_unwrap_pad(void *key, const unsigned char *icv,
- unsigned char *out, const unsigned char *in,
- size_t inlen, block128_f block);
-
-#ifndef OPENSSL_NO_OCB
-typedef struct ocb128_context OCB128_CONTEXT;
-
-OCB128_CONTEXT *CRYPTO_ocb128_new(void *keyenc, void *keydec,
- block128_f encrypt, block128_f decrypt);
-int CRYPTO_ocb128_init(OCB128_CONTEXT *ctx, void *keyenc, void *keydec,
- block128_f encrypt, block128_f decrypt);
-int CRYPTO_ocb128_copy_ctx(OCB128_CONTEXT *dest, OCB128_CONTEXT *src,
- void *keyenc, void *keydec);
-int CRYPTO_ocb128_setiv(OCB128_CONTEXT *ctx, const unsigned char *iv,
- size_t len, size_t taglen);
-int CRYPTO_ocb128_aad(OCB128_CONTEXT *ctx, const unsigned char *aad,
- size_t len);
-int CRYPTO_ocb128_encrypt(OCB128_CONTEXT *ctx, const unsigned char *in,
- unsigned char *out, size_t len);
-int CRYPTO_ocb128_decrypt(OCB128_CONTEXT *ctx, const unsigned char *in,
- unsigned char *out, size_t len);
-int CRYPTO_ocb128_finish(OCB128_CONTEXT *ctx, const unsigned char *tag,
- size_t len);
-int CRYPTO_ocb128_tag(OCB128_CONTEXT *ctx, unsigned char *tag, size_t len);
-void CRYPTO_ocb128_cleanup(OCB128_CONTEXT *ctx);
-#endif /* OPENSSL_NO_OCB */
-
-#ifdef __cplusplus
-}
-#endif
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-obj_dat.h: obj_dat.pl obj_mac.h
- $(PERL) obj_dat.pl obj_mac.h obj_dat.h
+obj_dat.h: obj_dat.pl ../../include/openssl/obj_mac.h
+ $(PERL) obj_dat.pl ../../include/openssl/obj_mac.h obj_dat.h
# objects.pl both reads and writes obj_mac.num
-obj_mac.h: objects.pl objects.txt obj_mac.num
- $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
- @sleep 1; touch obj_mac.h; sleep 1
+../../include/openssl/obj_mac.h: objects.pl objects.txt obj_mac.num
+ $(PERL) objects.pl objects.txt obj_mac.num ../../include/openssl/obj_mac.h
+ @sleep 1; touch ../../include/openssl/obj_mac.h; sleep 1
obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
+++ /dev/null
-/* crypto/objects/obj_mac.h */
-
-/*
- * THIS FILE IS GENERATED FROM objects.txt by objects.pl via the following
- * command: perl objects.pl objects.txt obj_mac.num obj_mac.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define SN_undef "UNDEF"
-#define LN_undef "undefined"
-#define NID_undef 0
-#define OBJ_undef 0L
-
-#define SN_itu_t "ITU-T"
-#define LN_itu_t "itu-t"
-#define NID_itu_t 645
-#define OBJ_itu_t 0L
-
-#define NID_ccitt 404
-#define OBJ_ccitt OBJ_itu_t
-
-#define SN_iso "ISO"
-#define LN_iso "iso"
-#define NID_iso 181
-#define OBJ_iso 1L
-
-#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T"
-#define LN_joint_iso_itu_t "joint-iso-itu-t"
-#define NID_joint_iso_itu_t 646
-#define OBJ_joint_iso_itu_t 2L
-
-#define NID_joint_iso_ccitt 393
-#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t
-
-#define SN_member_body "member-body"
-#define LN_member_body "ISO Member Body"
-#define NID_member_body 182
-#define OBJ_member_body OBJ_iso,2L
-
-#define SN_identified_organization "identified-organization"
-#define NID_identified_organization 676
-#define OBJ_identified_organization OBJ_iso,3L
-
-#define SN_hmac_md5 "HMAC-MD5"
-#define LN_hmac_md5 "hmac-md5"
-#define NID_hmac_md5 780
-#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L
-
-#define SN_hmac_sha1 "HMAC-SHA1"
-#define LN_hmac_sha1 "hmac-sha1"
-#define NID_hmac_sha1 781
-#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L
-
-#define SN_certicom_arc "certicom-arc"
-#define NID_certicom_arc 677
-#define OBJ_certicom_arc OBJ_identified_organization,132L
-
-#define SN_international_organizations "international-organizations"
-#define LN_international_organizations "International Organizations"
-#define NID_international_organizations 647
-#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L
-
-#define SN_wap "wap"
-#define NID_wap 678
-#define OBJ_wap OBJ_international_organizations,43L
-
-#define SN_wap_wsg "wap-wsg"
-#define NID_wap_wsg 679
-#define OBJ_wap_wsg OBJ_wap,1L
-
-#define SN_selected_attribute_types "selected-attribute-types"
-#define LN_selected_attribute_types "Selected Attribute Types"
-#define NID_selected_attribute_types 394
-#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L
-
-#define SN_clearance "clearance"
-#define NID_clearance 395
-#define OBJ_clearance OBJ_selected_attribute_types,55L
-
-#define SN_ISO_US "ISO-US"
-#define LN_ISO_US "ISO US Member Body"
-#define NID_ISO_US 183
-#define OBJ_ISO_US OBJ_member_body,840L
-
-#define SN_X9_57 "X9-57"
-#define LN_X9_57 "X9.57"
-#define NID_X9_57 184
-#define OBJ_X9_57 OBJ_ISO_US,10040L
-
-#define SN_X9cm "X9cm"
-#define LN_X9cm "X9.57 CM ?"
-#define NID_X9cm 185
-#define OBJ_X9cm OBJ_X9_57,4L
-
-#define SN_dsa "DSA"
-#define LN_dsa "dsaEncryption"
-#define NID_dsa 116
-#define OBJ_dsa OBJ_X9cm,1L
-
-#define SN_dsaWithSHA1 "DSA-SHA1"
-#define LN_dsaWithSHA1 "dsaWithSHA1"
-#define NID_dsaWithSHA1 113
-#define OBJ_dsaWithSHA1 OBJ_X9cm,3L
-
-#define SN_ansi_X9_62 "ansi-X9-62"
-#define LN_ansi_X9_62 "ANSI X9.62"
-#define NID_ansi_X9_62 405
-#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L
-
-#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L
-
-#define SN_X9_62_prime_field "prime-field"
-#define NID_X9_62_prime_field 406
-#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L
-
-#define SN_X9_62_characteristic_two_field "characteristic-two-field"
-#define NID_X9_62_characteristic_two_field 407
-#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L
-
-#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis"
-#define NID_X9_62_id_characteristic_two_basis 680
-#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L
-
-#define SN_X9_62_onBasis "onBasis"
-#define NID_X9_62_onBasis 681
-#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L
-
-#define SN_X9_62_tpBasis "tpBasis"
-#define NID_X9_62_tpBasis 682
-#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L
-
-#define SN_X9_62_ppBasis "ppBasis"
-#define NID_X9_62_ppBasis 683
-#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L
-
-#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L
-
-#define SN_X9_62_id_ecPublicKey "id-ecPublicKey"
-#define NID_X9_62_id_ecPublicKey 408
-#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L
-
-#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L
-
-#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L
-
-#define SN_X9_62_c2pnb163v1 "c2pnb163v1"
-#define NID_X9_62_c2pnb163v1 684
-#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L
-
-#define SN_X9_62_c2pnb163v2 "c2pnb163v2"
-#define NID_X9_62_c2pnb163v2 685
-#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L
-
-#define SN_X9_62_c2pnb163v3 "c2pnb163v3"
-#define NID_X9_62_c2pnb163v3 686
-#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L
-
-#define SN_X9_62_c2pnb176v1 "c2pnb176v1"
-#define NID_X9_62_c2pnb176v1 687
-#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L
-
-#define SN_X9_62_c2tnb191v1 "c2tnb191v1"
-#define NID_X9_62_c2tnb191v1 688
-#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L
-
-#define SN_X9_62_c2tnb191v2 "c2tnb191v2"
-#define NID_X9_62_c2tnb191v2 689
-#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L
-
-#define SN_X9_62_c2tnb191v3 "c2tnb191v3"
-#define NID_X9_62_c2tnb191v3 690
-#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L
-
-#define SN_X9_62_c2onb191v4 "c2onb191v4"
-#define NID_X9_62_c2onb191v4 691
-#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L
-
-#define SN_X9_62_c2onb191v5 "c2onb191v5"
-#define NID_X9_62_c2onb191v5 692
-#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L
-
-#define SN_X9_62_c2pnb208w1 "c2pnb208w1"
-#define NID_X9_62_c2pnb208w1 693
-#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L
-
-#define SN_X9_62_c2tnb239v1 "c2tnb239v1"
-#define NID_X9_62_c2tnb239v1 694
-#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L
-
-#define SN_X9_62_c2tnb239v2 "c2tnb239v2"
-#define NID_X9_62_c2tnb239v2 695
-#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L
-
-#define SN_X9_62_c2tnb239v3 "c2tnb239v3"
-#define NID_X9_62_c2tnb239v3 696
-#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L
-
-#define SN_X9_62_c2onb239v4 "c2onb239v4"
-#define NID_X9_62_c2onb239v4 697
-#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L
-
-#define SN_X9_62_c2onb239v5 "c2onb239v5"
-#define NID_X9_62_c2onb239v5 698
-#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L
-
-#define SN_X9_62_c2pnb272w1 "c2pnb272w1"
-#define NID_X9_62_c2pnb272w1 699
-#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L
-
-#define SN_X9_62_c2pnb304w1 "c2pnb304w1"
-#define NID_X9_62_c2pnb304w1 700
-#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L
-
-#define SN_X9_62_c2tnb359v1 "c2tnb359v1"
-#define NID_X9_62_c2tnb359v1 701
-#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L
-
-#define SN_X9_62_c2pnb368w1 "c2pnb368w1"
-#define NID_X9_62_c2pnb368w1 702
-#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L
-
-#define SN_X9_62_c2tnb431r1 "c2tnb431r1"
-#define NID_X9_62_c2tnb431r1 703
-#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L
-
-#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L
-
-#define SN_X9_62_prime192v1 "prime192v1"
-#define NID_X9_62_prime192v1 409
-#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L
-
-#define SN_X9_62_prime192v2 "prime192v2"
-#define NID_X9_62_prime192v2 410
-#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L
-
-#define SN_X9_62_prime192v3 "prime192v3"
-#define NID_X9_62_prime192v3 411
-#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L
-
-#define SN_X9_62_prime239v1 "prime239v1"
-#define NID_X9_62_prime239v1 412
-#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L
-
-#define SN_X9_62_prime239v2 "prime239v2"
-#define NID_X9_62_prime239v2 413
-#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L
-
-#define SN_X9_62_prime239v3 "prime239v3"
-#define NID_X9_62_prime239v3 414
-#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L
-
-#define SN_X9_62_prime256v1 "prime256v1"
-#define NID_X9_62_prime256v1 415
-#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L
-
-#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L
-
-#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1"
-#define NID_ecdsa_with_SHA1 416
-#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L
-
-#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended"
-#define NID_ecdsa_with_Recommended 791
-#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L
-
-#define SN_ecdsa_with_Specified "ecdsa-with-Specified"
-#define NID_ecdsa_with_Specified 792
-#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L
-
-#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224"
-#define NID_ecdsa_with_SHA224 793
-#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L
-
-#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256"
-#define NID_ecdsa_with_SHA256 794
-#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L
-
-#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384"
-#define NID_ecdsa_with_SHA384 795
-#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L
-
-#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512"
-#define NID_ecdsa_with_SHA512 796
-#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L
-
-#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L
-
-#define SN_secp112r1 "secp112r1"
-#define NID_secp112r1 704
-#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L
-
-#define SN_secp112r2 "secp112r2"
-#define NID_secp112r2 705
-#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L
-
-#define SN_secp128r1 "secp128r1"
-#define NID_secp128r1 706
-#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L
-
-#define SN_secp128r2 "secp128r2"
-#define NID_secp128r2 707
-#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L
-
-#define SN_secp160k1 "secp160k1"
-#define NID_secp160k1 708
-#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L
-
-#define SN_secp160r1 "secp160r1"
-#define NID_secp160r1 709
-#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L
-
-#define SN_secp160r2 "secp160r2"
-#define NID_secp160r2 710
-#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L
-
-#define SN_secp192k1 "secp192k1"
-#define NID_secp192k1 711
-#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L
-
-#define SN_secp224k1 "secp224k1"
-#define NID_secp224k1 712
-#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L
-
-#define SN_secp224r1 "secp224r1"
-#define NID_secp224r1 713
-#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L
-
-#define SN_secp256k1 "secp256k1"
-#define NID_secp256k1 714
-#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L
-
-#define SN_secp384r1 "secp384r1"
-#define NID_secp384r1 715
-#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L
-
-#define SN_secp521r1 "secp521r1"
-#define NID_secp521r1 716
-#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L
-
-#define SN_sect113r1 "sect113r1"
-#define NID_sect113r1 717
-#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L
-
-#define SN_sect113r2 "sect113r2"
-#define NID_sect113r2 718
-#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L
-
-#define SN_sect131r1 "sect131r1"
-#define NID_sect131r1 719
-#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L
-
-#define SN_sect131r2 "sect131r2"
-#define NID_sect131r2 720
-#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L
-
-#define SN_sect163k1 "sect163k1"
-#define NID_sect163k1 721
-#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L
-
-#define SN_sect163r1 "sect163r1"
-#define NID_sect163r1 722
-#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L
-
-#define SN_sect163r2 "sect163r2"
-#define NID_sect163r2 723
-#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L
-
-#define SN_sect193r1 "sect193r1"
-#define NID_sect193r1 724
-#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L
-
-#define SN_sect193r2 "sect193r2"
-#define NID_sect193r2 725
-#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L
-
-#define SN_sect233k1 "sect233k1"
-#define NID_sect233k1 726
-#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L
-
-#define SN_sect233r1 "sect233r1"
-#define NID_sect233r1 727
-#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L
-
-#define SN_sect239k1 "sect239k1"
-#define NID_sect239k1 728
-#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L
-
-#define SN_sect283k1 "sect283k1"
-#define NID_sect283k1 729
-#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L
-
-#define SN_sect283r1 "sect283r1"
-#define NID_sect283r1 730
-#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L
-
-#define SN_sect409k1 "sect409k1"
-#define NID_sect409k1 731
-#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L
-
-#define SN_sect409r1 "sect409r1"
-#define NID_sect409r1 732
-#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L
-
-#define SN_sect571k1 "sect571k1"
-#define NID_sect571k1 733
-#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L
-
-#define SN_sect571r1 "sect571r1"
-#define NID_sect571r1 734
-#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L
-
-#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L
-
-#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1"
-#define NID_wap_wsg_idm_ecid_wtls1 735
-#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L
-
-#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3"
-#define NID_wap_wsg_idm_ecid_wtls3 736
-#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L
-
-#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4"
-#define NID_wap_wsg_idm_ecid_wtls4 737
-#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L
-
-#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5"
-#define NID_wap_wsg_idm_ecid_wtls5 738
-#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L
-
-#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6"
-#define NID_wap_wsg_idm_ecid_wtls6 739
-#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L
-
-#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7"
-#define NID_wap_wsg_idm_ecid_wtls7 740
-#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L
-
-#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8"
-#define NID_wap_wsg_idm_ecid_wtls8 741
-#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L
-
-#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9"
-#define NID_wap_wsg_idm_ecid_wtls9 742
-#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L
-
-#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10"
-#define NID_wap_wsg_idm_ecid_wtls10 743
-#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L
-
-#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11"
-#define NID_wap_wsg_idm_ecid_wtls11 744
-#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L
-
-#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12"
-#define NID_wap_wsg_idm_ecid_wtls12 745
-#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L
-
-#define SN_cast5_cbc "CAST5-CBC"
-#define LN_cast5_cbc "cast5-cbc"
-#define NID_cast5_cbc 108
-#define OBJ_cast5_cbc OBJ_ISO_US,113533L,7L,66L,10L
-
-#define SN_cast5_ecb "CAST5-ECB"
-#define LN_cast5_ecb "cast5-ecb"
-#define NID_cast5_ecb 109
-
-#define SN_cast5_cfb64 "CAST5-CFB"
-#define LN_cast5_cfb64 "cast5-cfb"
-#define NID_cast5_cfb64 110
-
-#define SN_cast5_ofb64 "CAST5-OFB"
-#define LN_cast5_ofb64 "cast5-ofb"
-#define NID_cast5_ofb64 111
-
-#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC 112
-#define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L
-
-#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC"
-#define LN_id_PasswordBasedMAC "password based MAC"
-#define NID_id_PasswordBasedMAC 782
-#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L
-
-#define SN_id_DHBasedMac "id-DHBasedMac"
-#define LN_id_DHBasedMac "Diffie-Hellman based MAC"
-#define NID_id_DHBasedMac 783
-#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L
-
-#define SN_rsadsi "rsadsi"
-#define LN_rsadsi "RSA Data Security, Inc."
-#define NID_rsadsi 1
-#define OBJ_rsadsi OBJ_ISO_US,113549L
-
-#define SN_pkcs "pkcs"
-#define LN_pkcs "RSA Data Security, Inc. PKCS"
-#define NID_pkcs 2
-#define OBJ_pkcs OBJ_rsadsi,1L
-
-#define SN_pkcs1 "pkcs1"
-#define NID_pkcs1 186
-#define OBJ_pkcs1 OBJ_pkcs,1L
-
-#define LN_rsaEncryption "rsaEncryption"
-#define NID_rsaEncryption 6
-#define OBJ_rsaEncryption OBJ_pkcs1,1L
-
-#define SN_md2WithRSAEncryption "RSA-MD2"
-#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption 7
-#define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L
-
-#define SN_md4WithRSAEncryption "RSA-MD4"
-#define LN_md4WithRSAEncryption "md4WithRSAEncryption"
-#define NID_md4WithRSAEncryption 396
-#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L
-
-#define SN_md5WithRSAEncryption "RSA-MD5"
-#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption 8
-#define OBJ_md5WithRSAEncryption OBJ_pkcs1,4L
-
-#define SN_sha1WithRSAEncryption "RSA-SHA1"
-#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption 65
-#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
-
-#define SN_rsaesOaep "RSAES-OAEP"
-#define LN_rsaesOaep "rsaesOaep"
-#define NID_rsaesOaep 919
-#define OBJ_rsaesOaep OBJ_pkcs1,7L
-
-#define SN_mgf1 "MGF1"
-#define LN_mgf1 "mgf1"
-#define NID_mgf1 911
-#define OBJ_mgf1 OBJ_pkcs1,8L
-
-#define SN_pSpecified "PSPECIFIED"
-#define LN_pSpecified "pSpecified"
-#define NID_pSpecified 935
-#define OBJ_pSpecified OBJ_pkcs1,9L
-
-#define SN_rsassaPss "RSASSA-PSS"
-#define LN_rsassaPss "rsassaPss"
-#define NID_rsassaPss 912
-#define OBJ_rsassaPss OBJ_pkcs1,10L
-
-#define SN_sha256WithRSAEncryption "RSA-SHA256"
-#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
-#define NID_sha256WithRSAEncryption 668
-#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L
-
-#define SN_sha384WithRSAEncryption "RSA-SHA384"
-#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
-#define NID_sha384WithRSAEncryption 669
-#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L
-
-#define SN_sha512WithRSAEncryption "RSA-SHA512"
-#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
-#define NID_sha512WithRSAEncryption 670
-#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L
-
-#define SN_sha224WithRSAEncryption "RSA-SHA224"
-#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
-#define NID_sha224WithRSAEncryption 671
-#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
-
-#define SN_pkcs3 "pkcs3"
-#define NID_pkcs3 27
-#define OBJ_pkcs3 OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement "dhKeyAgreement"
-#define NID_dhKeyAgreement 28
-#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
-
-#define SN_pkcs5 "pkcs5"
-#define NID_pkcs5 187
-#define OBJ_pkcs5 OBJ_pkcs,5L
-
-#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC 9
-#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs5,1L
-
-#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC 10
-#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs5,3L
-
-#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC 168
-#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs5,4L
-
-#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC 169
-#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs5,6L
-
-#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC 170
-#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs5,10L
-
-#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC 68
-#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs5,11L
-
-#define LN_id_pbkdf2 "PBKDF2"
-#define NID_id_pbkdf2 69
-#define OBJ_id_pbkdf2 OBJ_pkcs5,12L
-
-#define LN_pbes2 "PBES2"
-#define NID_pbes2 161
-#define OBJ_pbes2 OBJ_pkcs5,13L
-
-#define LN_pbmac1 "PBMAC1"
-#define NID_pbmac1 162
-#define OBJ_pbmac1 OBJ_pkcs5,14L
-
-#define SN_pkcs7 "pkcs7"
-#define NID_pkcs7 20
-#define OBJ_pkcs7 OBJ_pkcs,7L
-
-#define LN_pkcs7_data "pkcs7-data"
-#define NID_pkcs7_data 21
-#define OBJ_pkcs7_data OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed "pkcs7-signedData"
-#define NID_pkcs7_signed 22
-#define OBJ_pkcs7_signed OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped "pkcs7-envelopedData"
-#define NID_pkcs7_enveloped 23
-#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped 24
-#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest "pkcs7-digestData"
-#define NID_pkcs7_digest 25
-#define OBJ_pkcs7_digest OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted "pkcs7-encryptedData"
-#define NID_pkcs7_encrypted 26
-#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
-
-#define SN_pkcs9 "pkcs9"
-#define NID_pkcs9 47
-#define OBJ_pkcs9 OBJ_pkcs,9L
-
-#define LN_pkcs9_emailAddress "emailAddress"
-#define NID_pkcs9_emailAddress 48
-#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName "unstructuredName"
-#define NID_pkcs9_unstructuredName 49
-#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType "contentType"
-#define NID_pkcs9_contentType 50
-#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest "messageDigest"
-#define NID_pkcs9_messageDigest 51
-#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime "signingTime"
-#define NID_pkcs9_signingTime 52
-#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature "countersignature"
-#define NID_pkcs9_countersignature 53
-#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword "challengePassword"
-#define NID_pkcs9_challengePassword 54
-#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress 55
-#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes 56
-#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
-
-#define SN_ext_req "extReq"
-#define LN_ext_req "Extension Request"
-#define NID_ext_req 172
-#define OBJ_ext_req OBJ_pkcs9,14L
-
-#define SN_SMIMECapabilities "SMIME-CAPS"
-#define LN_SMIMECapabilities "S/MIME Capabilities"
-#define NID_SMIMECapabilities 167
-#define OBJ_SMIMECapabilities OBJ_pkcs9,15L
-
-#define SN_SMIME "SMIME"
-#define LN_SMIME "S/MIME"
-#define NID_SMIME 188
-#define OBJ_SMIME OBJ_pkcs9,16L
-
-#define SN_id_smime_mod "id-smime-mod"
-#define NID_id_smime_mod 189
-#define OBJ_id_smime_mod OBJ_SMIME,0L
-
-#define SN_id_smime_ct "id-smime-ct"
-#define NID_id_smime_ct 190
-#define OBJ_id_smime_ct OBJ_SMIME,1L
-
-#define SN_id_smime_aa "id-smime-aa"
-#define NID_id_smime_aa 191
-#define OBJ_id_smime_aa OBJ_SMIME,2L
-
-#define SN_id_smime_alg "id-smime-alg"
-#define NID_id_smime_alg 192
-#define OBJ_id_smime_alg OBJ_SMIME,3L
-
-#define SN_id_smime_cd "id-smime-cd"
-#define NID_id_smime_cd 193
-#define OBJ_id_smime_cd OBJ_SMIME,4L
-
-#define SN_id_smime_spq "id-smime-spq"
-#define NID_id_smime_spq 194
-#define OBJ_id_smime_spq OBJ_SMIME,5L
-
-#define SN_id_smime_cti "id-smime-cti"
-#define NID_id_smime_cti 195
-#define OBJ_id_smime_cti OBJ_SMIME,6L
-
-#define SN_id_smime_mod_cms "id-smime-mod-cms"
-#define NID_id_smime_mod_cms 196
-#define OBJ_id_smime_mod_cms OBJ_id_smime_mod,1L
-
-#define SN_id_smime_mod_ess "id-smime-mod-ess"
-#define NID_id_smime_mod_ess 197
-#define OBJ_id_smime_mod_ess OBJ_id_smime_mod,2L
-
-#define SN_id_smime_mod_oid "id-smime-mod-oid"
-#define NID_id_smime_mod_oid 198
-#define OBJ_id_smime_mod_oid OBJ_id_smime_mod,3L
-
-#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3"
-#define NID_id_smime_mod_msg_v3 199
-#define OBJ_id_smime_mod_msg_v3 OBJ_id_smime_mod,4L
-
-#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88"
-#define NID_id_smime_mod_ets_eSignature_88 200
-#define OBJ_id_smime_mod_ets_eSignature_88 OBJ_id_smime_mod,5L
-
-#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97"
-#define NID_id_smime_mod_ets_eSignature_97 201
-#define OBJ_id_smime_mod_ets_eSignature_97 OBJ_id_smime_mod,6L
-
-#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88"
-#define NID_id_smime_mod_ets_eSigPolicy_88 202
-#define OBJ_id_smime_mod_ets_eSigPolicy_88 OBJ_id_smime_mod,7L
-
-#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97"
-#define NID_id_smime_mod_ets_eSigPolicy_97 203
-#define OBJ_id_smime_mod_ets_eSigPolicy_97 OBJ_id_smime_mod,8L
-
-#define SN_id_smime_ct_receipt "id-smime-ct-receipt"
-#define NID_id_smime_ct_receipt 204
-#define OBJ_id_smime_ct_receipt OBJ_id_smime_ct,1L
-
-#define SN_id_smime_ct_authData "id-smime-ct-authData"
-#define NID_id_smime_ct_authData 205
-#define OBJ_id_smime_ct_authData OBJ_id_smime_ct,2L
-
-#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert"
-#define NID_id_smime_ct_publishCert 206
-#define OBJ_id_smime_ct_publishCert OBJ_id_smime_ct,3L
-
-#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo"
-#define NID_id_smime_ct_TSTInfo 207
-#define OBJ_id_smime_ct_TSTInfo OBJ_id_smime_ct,4L
-
-#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo"
-#define NID_id_smime_ct_TDTInfo 208
-#define OBJ_id_smime_ct_TDTInfo OBJ_id_smime_ct,5L
-
-#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo"
-#define NID_id_smime_ct_contentInfo 209
-#define OBJ_id_smime_ct_contentInfo OBJ_id_smime_ct,6L
-
-#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData"
-#define NID_id_smime_ct_DVCSRequestData 210
-#define OBJ_id_smime_ct_DVCSRequestData OBJ_id_smime_ct,7L
-
-#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData"
-#define NID_id_smime_ct_DVCSResponseData 211
-#define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L
-
-#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData"
-#define NID_id_smime_ct_compressedData 786
-#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L
-
-#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF"
-#define NID_id_ct_asciiTextWithCRLF 787
-#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L
-
-#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
-#define NID_id_smime_aa_receiptRequest 212
-#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L
-
-#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel"
-#define NID_id_smime_aa_securityLabel 213
-#define OBJ_id_smime_aa_securityLabel OBJ_id_smime_aa,2L
-
-#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory"
-#define NID_id_smime_aa_mlExpandHistory 214
-#define OBJ_id_smime_aa_mlExpandHistory OBJ_id_smime_aa,3L
-
-#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint"
-#define NID_id_smime_aa_contentHint 215
-#define OBJ_id_smime_aa_contentHint OBJ_id_smime_aa,4L
-
-#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest"
-#define NID_id_smime_aa_msgSigDigest 216
-#define OBJ_id_smime_aa_msgSigDigest OBJ_id_smime_aa,5L
-
-#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType"
-#define NID_id_smime_aa_encapContentType 217
-#define OBJ_id_smime_aa_encapContentType OBJ_id_smime_aa,6L
-
-#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier"
-#define NID_id_smime_aa_contentIdentifier 218
-#define OBJ_id_smime_aa_contentIdentifier OBJ_id_smime_aa,7L
-
-#define SN_id_smime_aa_macValue "id-smime-aa-macValue"
-#define NID_id_smime_aa_macValue 219
-#define OBJ_id_smime_aa_macValue OBJ_id_smime_aa,8L
-
-#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels"
-#define NID_id_smime_aa_equivalentLabels 220
-#define OBJ_id_smime_aa_equivalentLabels OBJ_id_smime_aa,9L
-
-#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference"
-#define NID_id_smime_aa_contentReference 221
-#define OBJ_id_smime_aa_contentReference OBJ_id_smime_aa,10L
-
-#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref"
-#define NID_id_smime_aa_encrypKeyPref 222
-#define OBJ_id_smime_aa_encrypKeyPref OBJ_id_smime_aa,11L
-
-#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate"
-#define NID_id_smime_aa_signingCertificate 223
-#define OBJ_id_smime_aa_signingCertificate OBJ_id_smime_aa,12L
-
-#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts"
-#define NID_id_smime_aa_smimeEncryptCerts 224
-#define OBJ_id_smime_aa_smimeEncryptCerts OBJ_id_smime_aa,13L
-
-#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken"
-#define NID_id_smime_aa_timeStampToken 225
-#define OBJ_id_smime_aa_timeStampToken OBJ_id_smime_aa,14L
-
-#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId"
-#define NID_id_smime_aa_ets_sigPolicyId 226
-#define OBJ_id_smime_aa_ets_sigPolicyId OBJ_id_smime_aa,15L
-
-#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType"
-#define NID_id_smime_aa_ets_commitmentType 227
-#define OBJ_id_smime_aa_ets_commitmentType OBJ_id_smime_aa,16L
-
-#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation"
-#define NID_id_smime_aa_ets_signerLocation 228
-#define OBJ_id_smime_aa_ets_signerLocation OBJ_id_smime_aa,17L
-
-#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr"
-#define NID_id_smime_aa_ets_signerAttr 229
-#define OBJ_id_smime_aa_ets_signerAttr OBJ_id_smime_aa,18L
-
-#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert"
-#define NID_id_smime_aa_ets_otherSigCert 230
-#define OBJ_id_smime_aa_ets_otherSigCert OBJ_id_smime_aa,19L
-
-#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp"
-#define NID_id_smime_aa_ets_contentTimestamp 231
-#define OBJ_id_smime_aa_ets_contentTimestamp OBJ_id_smime_aa,20L
-
-#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs"
-#define NID_id_smime_aa_ets_CertificateRefs 232
-#define OBJ_id_smime_aa_ets_CertificateRefs OBJ_id_smime_aa,21L
-
-#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs"
-#define NID_id_smime_aa_ets_RevocationRefs 233
-#define OBJ_id_smime_aa_ets_RevocationRefs OBJ_id_smime_aa,22L
-
-#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues"
-#define NID_id_smime_aa_ets_certValues 234
-#define OBJ_id_smime_aa_ets_certValues OBJ_id_smime_aa,23L
-
-#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues"
-#define NID_id_smime_aa_ets_revocationValues 235
-#define OBJ_id_smime_aa_ets_revocationValues OBJ_id_smime_aa,24L
-
-#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp"
-#define NID_id_smime_aa_ets_escTimeStamp 236
-#define OBJ_id_smime_aa_ets_escTimeStamp OBJ_id_smime_aa,25L
-
-#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp"
-#define NID_id_smime_aa_ets_certCRLTimestamp 237
-#define OBJ_id_smime_aa_ets_certCRLTimestamp OBJ_id_smime_aa,26L
-
-#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp"
-#define NID_id_smime_aa_ets_archiveTimeStamp 238
-#define OBJ_id_smime_aa_ets_archiveTimeStamp OBJ_id_smime_aa,27L
-
-#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType"
-#define NID_id_smime_aa_signatureType 239
-#define OBJ_id_smime_aa_signatureType OBJ_id_smime_aa,28L
-
-#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc"
-#define NID_id_smime_aa_dvcs_dvc 240
-#define OBJ_id_smime_aa_dvcs_dvc OBJ_id_smime_aa,29L
-
-#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES"
-#define NID_id_smime_alg_ESDHwith3DES 241
-#define OBJ_id_smime_alg_ESDHwith3DES OBJ_id_smime_alg,1L
-
-#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2"
-#define NID_id_smime_alg_ESDHwithRC2 242
-#define OBJ_id_smime_alg_ESDHwithRC2 OBJ_id_smime_alg,2L
-
-#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap"
-#define NID_id_smime_alg_3DESwrap 243
-#define OBJ_id_smime_alg_3DESwrap OBJ_id_smime_alg,3L
-
-#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap"
-#define NID_id_smime_alg_RC2wrap 244
-#define OBJ_id_smime_alg_RC2wrap OBJ_id_smime_alg,4L
-
-#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH"
-#define NID_id_smime_alg_ESDH 245
-#define OBJ_id_smime_alg_ESDH OBJ_id_smime_alg,5L
-
-#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap"
-#define NID_id_smime_alg_CMS3DESwrap 246
-#define OBJ_id_smime_alg_CMS3DESwrap OBJ_id_smime_alg,6L
-
-#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap"
-#define NID_id_smime_alg_CMSRC2wrap 247
-#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
-
-#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
-#define NID_id_alg_PWRI_KEK 893
-#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
-
-#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
-#define NID_id_smime_cd_ldap 248
-#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
-
-#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri"
-#define NID_id_smime_spq_ets_sqt_uri 249
-#define OBJ_id_smime_spq_ets_sqt_uri OBJ_id_smime_spq,1L
-
-#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice"
-#define NID_id_smime_spq_ets_sqt_unotice 250
-#define OBJ_id_smime_spq_ets_sqt_unotice OBJ_id_smime_spq,2L
-
-#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin"
-#define NID_id_smime_cti_ets_proofOfOrigin 251
-#define OBJ_id_smime_cti_ets_proofOfOrigin OBJ_id_smime_cti,1L
-
-#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt"
-#define NID_id_smime_cti_ets_proofOfReceipt 252
-#define OBJ_id_smime_cti_ets_proofOfReceipt OBJ_id_smime_cti,2L
-
-#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery"
-#define NID_id_smime_cti_ets_proofOfDelivery 253
-#define OBJ_id_smime_cti_ets_proofOfDelivery OBJ_id_smime_cti,3L
-
-#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender"
-#define NID_id_smime_cti_ets_proofOfSender 254
-#define OBJ_id_smime_cti_ets_proofOfSender OBJ_id_smime_cti,4L
-
-#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval"
-#define NID_id_smime_cti_ets_proofOfApproval 255
-#define OBJ_id_smime_cti_ets_proofOfApproval OBJ_id_smime_cti,5L
-
-#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation"
-#define NID_id_smime_cti_ets_proofOfCreation 256
-#define OBJ_id_smime_cti_ets_proofOfCreation OBJ_id_smime_cti,6L
-
-#define LN_friendlyName "friendlyName"
-#define NID_friendlyName 156
-#define OBJ_friendlyName OBJ_pkcs9,20L
-
-#define LN_localKeyID "localKeyID"
-#define NID_localKeyID 157
-#define OBJ_localKeyID OBJ_pkcs9,21L
-
-#define SN_ms_csp_name "CSPName"
-#define LN_ms_csp_name "Microsoft CSP Name"
-#define NID_ms_csp_name 417
-#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L
-
-#define SN_LocalKeySet "LocalKeySet"
-#define LN_LocalKeySet "Microsoft Local Key set"
-#define NID_LocalKeySet 856
-#define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L
-
-#define OBJ_certTypes OBJ_pkcs9,22L
-
-#define LN_x509Certificate "x509Certificate"
-#define NID_x509Certificate 158
-#define OBJ_x509Certificate OBJ_certTypes,1L
-
-#define LN_sdsiCertificate "sdsiCertificate"
-#define NID_sdsiCertificate 159
-#define OBJ_sdsiCertificate OBJ_certTypes,2L
-
-#define OBJ_crlTypes OBJ_pkcs9,23L
-
-#define LN_x509Crl "x509Crl"
-#define NID_x509Crl 160
-#define OBJ_x509Crl OBJ_crlTypes,1L
-
-#define OBJ_pkcs12 OBJ_pkcs,12L
-
-#define OBJ_pkcs12_pbeids OBJ_pkcs12,1L
-
-#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4 144
-#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids,1L
-
-#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4 145
-#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids,2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids,3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids,4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC 148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids,5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC 149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L
-
-#define OBJ_pkcs12_Version1 OBJ_pkcs12,10L
-
-#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L
-
-#define LN_keyBag "keyBag"
-#define NID_keyBag 150
-#define OBJ_keyBag OBJ_pkcs12_BagIds,1L
-
-#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag 151
-#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds,2L
-
-#define LN_certBag "certBag"
-#define NID_certBag 152
-#define OBJ_certBag OBJ_pkcs12_BagIds,3L
-
-#define LN_crlBag "crlBag"
-#define NID_crlBag 153
-#define OBJ_crlBag OBJ_pkcs12_BagIds,4L
-
-#define LN_secretBag "secretBag"
-#define NID_secretBag 154
-#define OBJ_secretBag OBJ_pkcs12_BagIds,5L
-
-#define LN_safeContentsBag "safeContentsBag"
-#define NID_safeContentsBag 155
-#define OBJ_safeContentsBag OBJ_pkcs12_BagIds,6L
-
-#define SN_md2 "MD2"
-#define LN_md2 "md2"
-#define NID_md2 3
-#define OBJ_md2 OBJ_rsadsi,2L,2L
-
-#define SN_md4 "MD4"
-#define LN_md4 "md4"
-#define NID_md4 257
-#define OBJ_md4 OBJ_rsadsi,2L,4L
-
-#define SN_md5 "MD5"
-#define LN_md5 "md5"
-#define NID_md5 4
-#define OBJ_md5 OBJ_rsadsi,2L,5L
-
-#define SN_md5_sha1 "MD5-SHA1"
-#define LN_md5_sha1 "md5-sha1"
-#define NID_md5_sha1 114
-
-#define LN_hmacWithMD5 "hmacWithMD5"
-#define NID_hmacWithMD5 797
-#define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L
-
-#define LN_hmacWithSHA1 "hmacWithSHA1"
-#define NID_hmacWithSHA1 163
-#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
-
-#define LN_hmacWithSHA224 "hmacWithSHA224"
-#define NID_hmacWithSHA224 798
-#define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L
-
-#define LN_hmacWithSHA256 "hmacWithSHA256"
-#define NID_hmacWithSHA256 799
-#define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L
-
-#define LN_hmacWithSHA384 "hmacWithSHA384"
-#define NID_hmacWithSHA384 800
-#define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L
-
-#define LN_hmacWithSHA512 "hmacWithSHA512"
-#define NID_hmacWithSHA512 801
-#define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L
-
-#define SN_rc2_cbc "RC2-CBC"
-#define LN_rc2_cbc "rc2-cbc"
-#define NID_rc2_cbc 37
-#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
-
-#define SN_rc2_ecb "RC2-ECB"
-#define LN_rc2_ecb "rc2-ecb"
-#define NID_rc2_ecb 38
-
-#define SN_rc2_cfb64 "RC2-CFB"
-#define LN_rc2_cfb64 "rc2-cfb"
-#define NID_rc2_cfb64 39
-
-#define SN_rc2_ofb64 "RC2-OFB"
-#define LN_rc2_ofb64 "rc2-ofb"
-#define NID_rc2_ofb64 40
-
-#define SN_rc2_40_cbc "RC2-40-CBC"
-#define LN_rc2_40_cbc "rc2-40-cbc"
-#define NID_rc2_40_cbc 98
-
-#define SN_rc2_64_cbc "RC2-64-CBC"
-#define LN_rc2_64_cbc "rc2-64-cbc"
-#define NID_rc2_64_cbc 166
-
-#define SN_rc4 "RC4"
-#define LN_rc4 "rc4"
-#define NID_rc4 5
-#define OBJ_rc4 OBJ_rsadsi,3L,4L
-
-#define SN_rc4_40 "RC4-40"
-#define LN_rc4_40 "rc4-40"
-#define NID_rc4_40 97
-
-#define SN_des_ede3_cbc "DES-EDE3-CBC"
-#define LN_des_ede3_cbc "des-ede3-cbc"
-#define NID_des_ede3_cbc 44
-#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
-
-#define SN_rc5_cbc "RC5-CBC"
-#define LN_rc5_cbc "rc5-cbc"
-#define NID_rc5_cbc 120
-#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb "RC5-ECB"
-#define LN_rc5_ecb "rc5-ecb"
-#define NID_rc5_ecb 121
-
-#define SN_rc5_cfb64 "RC5-CFB"
-#define LN_rc5_cfb64 "rc5-cfb"
-#define NID_rc5_cfb64 122
-
-#define SN_rc5_ofb64 "RC5-OFB"
-#define LN_rc5_ofb64 "rc5-ofb"
-#define NID_rc5_ofb64 123
-
-#define SN_ms_ext_req "msExtReq"
-#define LN_ms_ext_req "Microsoft Extension Request"
-#define NID_ms_ext_req 171
-#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define SN_ms_code_ind "msCodeInd"
-#define LN_ms_code_ind "Microsoft Individual Code Signing"
-#define NID_ms_code_ind 134
-#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com "msCodeCom"
-#define LN_ms_code_com "Microsoft Commercial Code Signing"
-#define NID_ms_code_com 135
-#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign "msCTLSign"
-#define LN_ms_ctl_sign "Microsoft Trust List Signing"
-#define NID_ms_ctl_sign 136
-#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc "msSGC"
-#define LN_ms_sgc "Microsoft Server Gated Crypto"
-#define NID_ms_sgc 137
-#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs "msEFS"
-#define LN_ms_efs "Microsoft Encrypted File System"
-#define NID_ms_efs 138
-#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-#define SN_ms_smartcard_login "msSmartcardLogin"
-#define LN_ms_smartcard_login "Microsoft Smartcardlogin"
-#define NID_ms_smartcard_login 648
-#define OBJ_ms_smartcard_login 1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
-
-#define SN_ms_upn "msUPN"
-#define LN_ms_upn "Microsoft Universal Principal Name"
-#define NID_ms_upn 649
-#define OBJ_ms_upn 1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
-
-#define SN_idea_cbc "IDEA-CBC"
-#define LN_idea_cbc "idea-cbc"
-#define NID_idea_cbc 34
-#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_ecb "IDEA-ECB"
-#define LN_idea_ecb "idea-ecb"
-#define NID_idea_ecb 36
-
-#define SN_idea_cfb64 "IDEA-CFB"
-#define LN_idea_cfb64 "idea-cfb"
-#define NID_idea_cfb64 35
-
-#define SN_idea_ofb64 "IDEA-OFB"
-#define LN_idea_ofb64 "idea-ofb"
-#define NID_idea_ofb64 46
-
-#define SN_bf_cbc "BF-CBC"
-#define LN_bf_cbc "bf-cbc"
-#define NID_bf_cbc 91
-#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#define SN_bf_ecb "BF-ECB"
-#define LN_bf_ecb "bf-ecb"
-#define NID_bf_ecb 92
-
-#define SN_bf_cfb64 "BF-CFB"
-#define LN_bf_cfb64 "bf-cfb"
-#define NID_bf_cfb64 93
-
-#define SN_bf_ofb64 "BF-OFB"
-#define LN_bf_ofb64 "bf-ofb"
-#define NID_bf_ofb64 94
-
-#define SN_id_pkix "PKIX"
-#define NID_id_pkix 127
-#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
-
-#define SN_id_pkix_mod "id-pkix-mod"
-#define NID_id_pkix_mod 258
-#define OBJ_id_pkix_mod OBJ_id_pkix,0L
-
-#define SN_id_pe "id-pe"
-#define NID_id_pe 175
-#define OBJ_id_pe OBJ_id_pkix,1L
-
-#define SN_id_qt "id-qt"
-#define NID_id_qt 259
-#define OBJ_id_qt OBJ_id_pkix,2L
-
-#define SN_id_kp "id-kp"
-#define NID_id_kp 128
-#define OBJ_id_kp OBJ_id_pkix,3L
-
-#define SN_id_it "id-it"
-#define NID_id_it 260
-#define OBJ_id_it OBJ_id_pkix,4L
-
-#define SN_id_pkip "id-pkip"
-#define NID_id_pkip 261
-#define OBJ_id_pkip OBJ_id_pkix,5L
-
-#define SN_id_alg "id-alg"
-#define NID_id_alg 262
-#define OBJ_id_alg OBJ_id_pkix,6L
-
-#define SN_id_cmc "id-cmc"
-#define NID_id_cmc 263
-#define OBJ_id_cmc OBJ_id_pkix,7L
-
-#define SN_id_on "id-on"
-#define NID_id_on 264
-#define OBJ_id_on OBJ_id_pkix,8L
-
-#define SN_id_pda "id-pda"
-#define NID_id_pda 265
-#define OBJ_id_pda OBJ_id_pkix,9L
-
-#define SN_id_aca "id-aca"
-#define NID_id_aca 266
-#define OBJ_id_aca OBJ_id_pkix,10L
-
-#define SN_id_qcs "id-qcs"
-#define NID_id_qcs 267
-#define OBJ_id_qcs OBJ_id_pkix,11L
-
-#define SN_id_cct "id-cct"
-#define NID_id_cct 268
-#define OBJ_id_cct OBJ_id_pkix,12L
-
-#define SN_id_ppl "id-ppl"
-#define NID_id_ppl 662
-#define OBJ_id_ppl OBJ_id_pkix,21L
-
-#define SN_id_ad "id-ad"
-#define NID_id_ad 176
-#define OBJ_id_ad OBJ_id_pkix,48L
-
-#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88"
-#define NID_id_pkix1_explicit_88 269
-#define OBJ_id_pkix1_explicit_88 OBJ_id_pkix_mod,1L
-
-#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88"
-#define NID_id_pkix1_implicit_88 270
-#define OBJ_id_pkix1_implicit_88 OBJ_id_pkix_mod,2L
-
-#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93"
-#define NID_id_pkix1_explicit_93 271
-#define OBJ_id_pkix1_explicit_93 OBJ_id_pkix_mod,3L
-
-#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93"
-#define NID_id_pkix1_implicit_93 272
-#define OBJ_id_pkix1_implicit_93 OBJ_id_pkix_mod,4L
-
-#define SN_id_mod_crmf "id-mod-crmf"
-#define NID_id_mod_crmf 273
-#define OBJ_id_mod_crmf OBJ_id_pkix_mod,5L
-
-#define SN_id_mod_cmc "id-mod-cmc"
-#define NID_id_mod_cmc 274
-#define OBJ_id_mod_cmc OBJ_id_pkix_mod,6L
-
-#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88"
-#define NID_id_mod_kea_profile_88 275
-#define OBJ_id_mod_kea_profile_88 OBJ_id_pkix_mod,7L
-
-#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93"
-#define NID_id_mod_kea_profile_93 276
-#define OBJ_id_mod_kea_profile_93 OBJ_id_pkix_mod,8L
-
-#define SN_id_mod_cmp "id-mod-cmp"
-#define NID_id_mod_cmp 277
-#define OBJ_id_mod_cmp OBJ_id_pkix_mod,9L
-
-#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88"
-#define NID_id_mod_qualified_cert_88 278
-#define OBJ_id_mod_qualified_cert_88 OBJ_id_pkix_mod,10L
-
-#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93"
-#define NID_id_mod_qualified_cert_93 279
-#define OBJ_id_mod_qualified_cert_93 OBJ_id_pkix_mod,11L
-
-#define SN_id_mod_attribute_cert "id-mod-attribute-cert"
-#define NID_id_mod_attribute_cert 280
-#define OBJ_id_mod_attribute_cert OBJ_id_pkix_mod,12L
-
-#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol"
-#define NID_id_mod_timestamp_protocol 281
-#define OBJ_id_mod_timestamp_protocol OBJ_id_pkix_mod,13L
-
-#define SN_id_mod_ocsp "id-mod-ocsp"
-#define NID_id_mod_ocsp 282
-#define OBJ_id_mod_ocsp OBJ_id_pkix_mod,14L
-
-#define SN_id_mod_dvcs "id-mod-dvcs"
-#define NID_id_mod_dvcs 283
-#define OBJ_id_mod_dvcs OBJ_id_pkix_mod,15L
-
-#define SN_id_mod_cmp2000 "id-mod-cmp2000"
-#define NID_id_mod_cmp2000 284
-#define OBJ_id_mod_cmp2000 OBJ_id_pkix_mod,16L
-
-#define SN_info_access "authorityInfoAccess"
-#define LN_info_access "Authority Information Access"
-#define NID_info_access 177
-#define OBJ_info_access OBJ_id_pe,1L
-
-#define SN_biometricInfo "biometricInfo"
-#define LN_biometricInfo "Biometric Info"
-#define NID_biometricInfo 285
-#define OBJ_biometricInfo OBJ_id_pe,2L
-
-#define SN_qcStatements "qcStatements"
-#define NID_qcStatements 286
-#define OBJ_qcStatements OBJ_id_pe,3L
-
-#define SN_ac_auditEntity "ac-auditEntity"
-#define NID_ac_auditEntity 287
-#define OBJ_ac_auditEntity OBJ_id_pe,4L
-
-#define SN_ac_targeting "ac-targeting"
-#define NID_ac_targeting 288
-#define OBJ_ac_targeting OBJ_id_pe,5L
-
-#define SN_aaControls "aaControls"
-#define NID_aaControls 289
-#define OBJ_aaControls OBJ_id_pe,6L
-
-#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock"
-#define NID_sbgp_ipAddrBlock 290
-#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L
-
-#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum"
-#define NID_sbgp_autonomousSysNum 291
-#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L
-
-#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier"
-#define NID_sbgp_routerIdentifier 292
-#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L
-
-#define SN_ac_proxying "ac-proxying"
-#define NID_ac_proxying 397
-#define OBJ_ac_proxying OBJ_id_pe,10L
-
-#define SN_sinfo_access "subjectInfoAccess"
-#define LN_sinfo_access "Subject Information Access"
-#define NID_sinfo_access 398
-#define OBJ_sinfo_access OBJ_id_pe,11L
-
-#define SN_proxyCertInfo "proxyCertInfo"
-#define LN_proxyCertInfo "Proxy Certificate Information"
-#define NID_proxyCertInfo 663
-#define OBJ_proxyCertInfo OBJ_id_pe,14L
-
-#define SN_id_qt_cps "id-qt-cps"
-#define LN_id_qt_cps "Policy Qualifier CPS"
-#define NID_id_qt_cps 164
-#define OBJ_id_qt_cps OBJ_id_qt,1L
-
-#define SN_id_qt_unotice "id-qt-unotice"
-#define LN_id_qt_unotice "Policy Qualifier User Notice"
-#define NID_id_qt_unotice 165
-#define OBJ_id_qt_unotice OBJ_id_qt,2L
-
-#define SN_textNotice "textNotice"
-#define NID_textNotice 293
-#define OBJ_textNotice OBJ_id_qt,3L
-
-#define SN_server_auth "serverAuth"
-#define LN_server_auth "TLS Web Server Authentication"
-#define NID_server_auth 129
-#define OBJ_server_auth OBJ_id_kp,1L
-
-#define SN_client_auth "clientAuth"
-#define LN_client_auth "TLS Web Client Authentication"
-#define NID_client_auth 130
-#define OBJ_client_auth OBJ_id_kp,2L
-
-#define SN_code_sign "codeSigning"
-#define LN_code_sign "Code Signing"
-#define NID_code_sign 131
-#define OBJ_code_sign OBJ_id_kp,3L
-
-#define SN_email_protect "emailProtection"
-#define LN_email_protect "E-mail Protection"
-#define NID_email_protect 132
-#define OBJ_email_protect OBJ_id_kp,4L
-
-#define SN_ipsecEndSystem "ipsecEndSystem"
-#define LN_ipsecEndSystem "IPSec End System"
-#define NID_ipsecEndSystem 294
-#define OBJ_ipsecEndSystem OBJ_id_kp,5L
-
-#define SN_ipsecTunnel "ipsecTunnel"
-#define LN_ipsecTunnel "IPSec Tunnel"
-#define NID_ipsecTunnel 295
-#define OBJ_ipsecTunnel OBJ_id_kp,6L
-
-#define SN_ipsecUser "ipsecUser"
-#define LN_ipsecUser "IPSec User"
-#define NID_ipsecUser 296
-#define OBJ_ipsecUser OBJ_id_kp,7L
-
-#define SN_time_stamp "timeStamping"
-#define LN_time_stamp "Time Stamping"
-#define NID_time_stamp 133
-#define OBJ_time_stamp OBJ_id_kp,8L
-
-#define SN_OCSP_sign "OCSPSigning"
-#define LN_OCSP_sign "OCSP Signing"
-#define NID_OCSP_sign 180
-#define OBJ_OCSP_sign OBJ_id_kp,9L
-
-#define SN_dvcs "DVCS"
-#define LN_dvcs "dvcs"
-#define NID_dvcs 297
-#define OBJ_dvcs OBJ_id_kp,10L
-
-#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
-#define NID_id_it_caProtEncCert 298
-#define OBJ_id_it_caProtEncCert OBJ_id_it,1L
-
-#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes"
-#define NID_id_it_signKeyPairTypes 299
-#define OBJ_id_it_signKeyPairTypes OBJ_id_it,2L
-
-#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes"
-#define NID_id_it_encKeyPairTypes 300
-#define OBJ_id_it_encKeyPairTypes OBJ_id_it,3L
-
-#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg"
-#define NID_id_it_preferredSymmAlg 301
-#define OBJ_id_it_preferredSymmAlg OBJ_id_it,4L
-
-#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo"
-#define NID_id_it_caKeyUpdateInfo 302
-#define OBJ_id_it_caKeyUpdateInfo OBJ_id_it,5L
-
-#define SN_id_it_currentCRL "id-it-currentCRL"
-#define NID_id_it_currentCRL 303
-#define OBJ_id_it_currentCRL OBJ_id_it,6L
-
-#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs"
-#define NID_id_it_unsupportedOIDs 304
-#define OBJ_id_it_unsupportedOIDs OBJ_id_it,7L
-
-#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest"
-#define NID_id_it_subscriptionRequest 305
-#define OBJ_id_it_subscriptionRequest OBJ_id_it,8L
-
-#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse"
-#define NID_id_it_subscriptionResponse 306
-#define OBJ_id_it_subscriptionResponse OBJ_id_it,9L
-
-#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq"
-#define NID_id_it_keyPairParamReq 307
-#define OBJ_id_it_keyPairParamReq OBJ_id_it,10L
-
-#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep"
-#define NID_id_it_keyPairParamRep 308
-#define OBJ_id_it_keyPairParamRep OBJ_id_it,11L
-
-#define SN_id_it_revPassphrase "id-it-revPassphrase"
-#define NID_id_it_revPassphrase 309
-#define OBJ_id_it_revPassphrase OBJ_id_it,12L
-
-#define SN_id_it_implicitConfirm "id-it-implicitConfirm"
-#define NID_id_it_implicitConfirm 310
-#define OBJ_id_it_implicitConfirm OBJ_id_it,13L
-
-#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime"
-#define NID_id_it_confirmWaitTime 311
-#define OBJ_id_it_confirmWaitTime OBJ_id_it,14L
-
-#define SN_id_it_origPKIMessage "id-it-origPKIMessage"
-#define NID_id_it_origPKIMessage 312
-#define OBJ_id_it_origPKIMessage OBJ_id_it,15L
-
-#define SN_id_it_suppLangTags "id-it-suppLangTags"
-#define NID_id_it_suppLangTags 784
-#define OBJ_id_it_suppLangTags OBJ_id_it,16L
-
-#define SN_id_regCtrl "id-regCtrl"
-#define NID_id_regCtrl 313
-#define OBJ_id_regCtrl OBJ_id_pkip,1L
-
-#define SN_id_regInfo "id-regInfo"
-#define NID_id_regInfo 314
-#define OBJ_id_regInfo OBJ_id_pkip,2L
-
-#define SN_id_regCtrl_regToken "id-regCtrl-regToken"
-#define NID_id_regCtrl_regToken 315
-#define OBJ_id_regCtrl_regToken OBJ_id_regCtrl,1L
-
-#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator"
-#define NID_id_regCtrl_authenticator 316
-#define OBJ_id_regCtrl_authenticator OBJ_id_regCtrl,2L
-
-#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo"
-#define NID_id_regCtrl_pkiPublicationInfo 317
-#define OBJ_id_regCtrl_pkiPublicationInfo OBJ_id_regCtrl,3L
-
-#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions"
-#define NID_id_regCtrl_pkiArchiveOptions 318
-#define OBJ_id_regCtrl_pkiArchiveOptions OBJ_id_regCtrl,4L
-
-#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID"
-#define NID_id_regCtrl_oldCertID 319
-#define OBJ_id_regCtrl_oldCertID OBJ_id_regCtrl,5L
-
-#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey"
-#define NID_id_regCtrl_protocolEncrKey 320
-#define OBJ_id_regCtrl_protocolEncrKey OBJ_id_regCtrl,6L
-
-#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs"
-#define NID_id_regInfo_utf8Pairs 321
-#define OBJ_id_regInfo_utf8Pairs OBJ_id_regInfo,1L
-
-#define SN_id_regInfo_certReq "id-regInfo-certReq"
-#define NID_id_regInfo_certReq 322
-#define OBJ_id_regInfo_certReq OBJ_id_regInfo,2L
-
-#define SN_id_alg_des40 "id-alg-des40"
-#define NID_id_alg_des40 323
-#define OBJ_id_alg_des40 OBJ_id_alg,1L
-
-#define SN_id_alg_noSignature "id-alg-noSignature"
-#define NID_id_alg_noSignature 324
-#define OBJ_id_alg_noSignature OBJ_id_alg,2L
-
-#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1"
-#define NID_id_alg_dh_sig_hmac_sha1 325
-#define OBJ_id_alg_dh_sig_hmac_sha1 OBJ_id_alg,3L
-
-#define SN_id_alg_dh_pop "id-alg-dh-pop"
-#define NID_id_alg_dh_pop 326
-#define OBJ_id_alg_dh_pop OBJ_id_alg,4L
-
-#define SN_id_cmc_statusInfo "id-cmc-statusInfo"
-#define NID_id_cmc_statusInfo 327
-#define OBJ_id_cmc_statusInfo OBJ_id_cmc,1L
-
-#define SN_id_cmc_identification "id-cmc-identification"
-#define NID_id_cmc_identification 328
-#define OBJ_id_cmc_identification OBJ_id_cmc,2L
-
-#define SN_id_cmc_identityProof "id-cmc-identityProof"
-#define NID_id_cmc_identityProof 329
-#define OBJ_id_cmc_identityProof OBJ_id_cmc,3L
-
-#define SN_id_cmc_dataReturn "id-cmc-dataReturn"
-#define NID_id_cmc_dataReturn 330
-#define OBJ_id_cmc_dataReturn OBJ_id_cmc,4L
-
-#define SN_id_cmc_transactionId "id-cmc-transactionId"
-#define NID_id_cmc_transactionId 331
-#define OBJ_id_cmc_transactionId OBJ_id_cmc,5L
-
-#define SN_id_cmc_senderNonce "id-cmc-senderNonce"
-#define NID_id_cmc_senderNonce 332
-#define OBJ_id_cmc_senderNonce OBJ_id_cmc,6L
-
-#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce"
-#define NID_id_cmc_recipientNonce 333
-#define OBJ_id_cmc_recipientNonce OBJ_id_cmc,7L
-
-#define SN_id_cmc_addExtensions "id-cmc-addExtensions"
-#define NID_id_cmc_addExtensions 334
-#define OBJ_id_cmc_addExtensions OBJ_id_cmc,8L
-
-#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP"
-#define NID_id_cmc_encryptedPOP 335
-#define OBJ_id_cmc_encryptedPOP OBJ_id_cmc,9L
-
-#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP"
-#define NID_id_cmc_decryptedPOP 336
-#define OBJ_id_cmc_decryptedPOP OBJ_id_cmc,10L
-
-#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness"
-#define NID_id_cmc_lraPOPWitness 337
-#define OBJ_id_cmc_lraPOPWitness OBJ_id_cmc,11L
-
-#define SN_id_cmc_getCert "id-cmc-getCert"
-#define NID_id_cmc_getCert 338
-#define OBJ_id_cmc_getCert OBJ_id_cmc,15L
-
-#define SN_id_cmc_getCRL "id-cmc-getCRL"
-#define NID_id_cmc_getCRL 339
-#define OBJ_id_cmc_getCRL OBJ_id_cmc,16L
-
-#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest"
-#define NID_id_cmc_revokeRequest 340
-#define OBJ_id_cmc_revokeRequest OBJ_id_cmc,17L
-
-#define SN_id_cmc_regInfo "id-cmc-regInfo"
-#define NID_id_cmc_regInfo 341
-#define OBJ_id_cmc_regInfo OBJ_id_cmc,18L
-
-#define SN_id_cmc_responseInfo "id-cmc-responseInfo"
-#define NID_id_cmc_responseInfo 342
-#define OBJ_id_cmc_responseInfo OBJ_id_cmc,19L
-
-#define SN_id_cmc_queryPending "id-cmc-queryPending"
-#define NID_id_cmc_queryPending 343
-#define OBJ_id_cmc_queryPending OBJ_id_cmc,21L
-
-#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom"
-#define NID_id_cmc_popLinkRandom 344
-#define OBJ_id_cmc_popLinkRandom OBJ_id_cmc,22L
-
-#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness"
-#define NID_id_cmc_popLinkWitness 345
-#define OBJ_id_cmc_popLinkWitness OBJ_id_cmc,23L
-
-#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance"
-#define NID_id_cmc_confirmCertAcceptance 346
-#define OBJ_id_cmc_confirmCertAcceptance OBJ_id_cmc,24L
-
-#define SN_id_on_personalData "id-on-personalData"
-#define NID_id_on_personalData 347
-#define OBJ_id_on_personalData OBJ_id_on,1L
-
-#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier"
-#define LN_id_on_permanentIdentifier "Permanent Identifier"
-#define NID_id_on_permanentIdentifier 858
-#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L
-
-#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
-#define NID_id_pda_dateOfBirth 348
-#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L
-
-#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth"
-#define NID_id_pda_placeOfBirth 349
-#define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L
-
-#define SN_id_pda_gender "id-pda-gender"
-#define NID_id_pda_gender 351
-#define OBJ_id_pda_gender OBJ_id_pda,3L
-
-#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship"
-#define NID_id_pda_countryOfCitizenship 352
-#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L
-
-#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence"
-#define NID_id_pda_countryOfResidence 353
-#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L
-
-#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo"
-#define NID_id_aca_authenticationInfo 354
-#define OBJ_id_aca_authenticationInfo OBJ_id_aca,1L
-
-#define SN_id_aca_accessIdentity "id-aca-accessIdentity"
-#define NID_id_aca_accessIdentity 355
-#define OBJ_id_aca_accessIdentity OBJ_id_aca,2L
-
-#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity"
-#define NID_id_aca_chargingIdentity 356
-#define OBJ_id_aca_chargingIdentity OBJ_id_aca,3L
-
-#define SN_id_aca_group "id-aca-group"
-#define NID_id_aca_group 357
-#define OBJ_id_aca_group OBJ_id_aca,4L
-
-#define SN_id_aca_role "id-aca-role"
-#define NID_id_aca_role 358
-#define OBJ_id_aca_role OBJ_id_aca,5L
-
-#define SN_id_aca_encAttrs "id-aca-encAttrs"
-#define NID_id_aca_encAttrs 399
-#define OBJ_id_aca_encAttrs OBJ_id_aca,6L
-
-#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1"
-#define NID_id_qcs_pkixQCSyntax_v1 359
-#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L
-
-#define SN_id_cct_crs "id-cct-crs"
-#define NID_id_cct_crs 360
-#define OBJ_id_cct_crs OBJ_id_cct,1L
-
-#define SN_id_cct_PKIData "id-cct-PKIData"
-#define NID_id_cct_PKIData 361
-#define OBJ_id_cct_PKIData OBJ_id_cct,2L
-
-#define SN_id_cct_PKIResponse "id-cct-PKIResponse"
-#define NID_id_cct_PKIResponse 362
-#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L
-
-#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage"
-#define LN_id_ppl_anyLanguage "Any language"
-#define NID_id_ppl_anyLanguage 664
-#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L
-
-#define SN_id_ppl_inheritAll "id-ppl-inheritAll"
-#define LN_id_ppl_inheritAll "Inherit all"
-#define NID_id_ppl_inheritAll 665
-#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L
-
-#define SN_Independent "id-ppl-independent"
-#define LN_Independent "Independent"
-#define NID_Independent 667
-#define OBJ_Independent OBJ_id_ppl,2L
-
-#define SN_ad_OCSP "OCSP"
-#define LN_ad_OCSP "OCSP"
-#define NID_ad_OCSP 178
-#define OBJ_ad_OCSP OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers "caIssuers"
-#define LN_ad_ca_issuers "CA Issuers"
-#define NID_ad_ca_issuers 179
-#define OBJ_ad_ca_issuers OBJ_id_ad,2L
-
-#define SN_ad_timeStamping "ad_timestamping"
-#define LN_ad_timeStamping "AD Time Stamping"
-#define NID_ad_timeStamping 363
-#define OBJ_ad_timeStamping OBJ_id_ad,3L
-
-#define SN_ad_dvcs "AD_DVCS"
-#define LN_ad_dvcs "ad dvcs"
-#define NID_ad_dvcs 364
-#define OBJ_ad_dvcs OBJ_id_ad,4L
-
-#define SN_caRepository "caRepository"
-#define LN_caRepository "CA Repository"
-#define NID_caRepository 785
-#define OBJ_caRepository OBJ_id_ad,5L
-
-#define OBJ_id_pkix_OCSP OBJ_ad_OCSP
-
-#define SN_id_pkix_OCSP_basic "basicOCSPResponse"
-#define LN_id_pkix_OCSP_basic "Basic OCSP Response"
-#define NID_id_pkix_OCSP_basic 365
-#define OBJ_id_pkix_OCSP_basic OBJ_id_pkix_OCSP,1L
-
-#define SN_id_pkix_OCSP_Nonce "Nonce"
-#define LN_id_pkix_OCSP_Nonce "OCSP Nonce"
-#define NID_id_pkix_OCSP_Nonce 366
-#define OBJ_id_pkix_OCSP_Nonce OBJ_id_pkix_OCSP,2L
-
-#define SN_id_pkix_OCSP_CrlID "CrlID"
-#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID"
-#define NID_id_pkix_OCSP_CrlID 367
-#define OBJ_id_pkix_OCSP_CrlID OBJ_id_pkix_OCSP,3L
-
-#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses"
-#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses"
-#define NID_id_pkix_OCSP_acceptableResponses 368
-#define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L
-
-#define SN_id_pkix_OCSP_noCheck "noCheck"
-#define LN_id_pkix_OCSP_noCheck "OCSP No Check"
-#define NID_id_pkix_OCSP_noCheck 369
-#define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L
-
-#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff"
-#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff"
-#define NID_id_pkix_OCSP_archiveCutoff 370
-#define OBJ_id_pkix_OCSP_archiveCutoff OBJ_id_pkix_OCSP,6L
-
-#define SN_id_pkix_OCSP_serviceLocator "serviceLocator"
-#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator"
-#define NID_id_pkix_OCSP_serviceLocator 371
-#define OBJ_id_pkix_OCSP_serviceLocator OBJ_id_pkix_OCSP,7L
-
-#define SN_id_pkix_OCSP_extendedStatus "extendedStatus"
-#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status"
-#define NID_id_pkix_OCSP_extendedStatus 372
-#define OBJ_id_pkix_OCSP_extendedStatus OBJ_id_pkix_OCSP,8L
-
-#define SN_id_pkix_OCSP_valid "valid"
-#define NID_id_pkix_OCSP_valid 373
-#define OBJ_id_pkix_OCSP_valid OBJ_id_pkix_OCSP,9L
-
-#define SN_id_pkix_OCSP_path "path"
-#define NID_id_pkix_OCSP_path 374
-#define OBJ_id_pkix_OCSP_path OBJ_id_pkix_OCSP,10L
-
-#define SN_id_pkix_OCSP_trustRoot "trustRoot"
-#define LN_id_pkix_OCSP_trustRoot "Trust Root"
-#define NID_id_pkix_OCSP_trustRoot 375
-#define OBJ_id_pkix_OCSP_trustRoot OBJ_id_pkix_OCSP,11L
-
-#define SN_algorithm "algorithm"
-#define LN_algorithm "algorithm"
-#define NID_algorithm 376
-#define OBJ_algorithm 1L,3L,14L,3L,2L
-
-#define SN_md5WithRSA "RSA-NP-MD5"
-#define LN_md5WithRSA "md5WithRSA"
-#define NID_md5WithRSA 104
-#define OBJ_md5WithRSA OBJ_algorithm,3L
-
-#define SN_des_ecb "DES-ECB"
-#define LN_des_ecb "des-ecb"
-#define NID_des_ecb 29
-#define OBJ_des_ecb OBJ_algorithm,6L
-
-#define SN_des_cbc "DES-CBC"
-#define LN_des_cbc "des-cbc"
-#define NID_des_cbc 31
-#define OBJ_des_cbc OBJ_algorithm,7L
-
-#define SN_des_ofb64 "DES-OFB"
-#define LN_des_ofb64 "des-ofb"
-#define NID_des_ofb64 45
-#define OBJ_des_ofb64 OBJ_algorithm,8L
-
-#define SN_des_cfb64 "DES-CFB"
-#define LN_des_cfb64 "des-cfb"
-#define NID_des_cfb64 30
-#define OBJ_des_cfb64 OBJ_algorithm,9L
-
-#define SN_rsaSignature "rsaSignature"
-#define NID_rsaSignature 377
-#define OBJ_rsaSignature OBJ_algorithm,11L
-
-#define SN_dsa_2 "DSA-old"
-#define LN_dsa_2 "dsaEncryption-old"
-#define NID_dsa_2 67
-#define OBJ_dsa_2 OBJ_algorithm,12L
-
-#define SN_dsaWithSHA "DSA-SHA"
-#define LN_dsaWithSHA "dsaWithSHA"
-#define NID_dsaWithSHA 66
-#define OBJ_dsaWithSHA OBJ_algorithm,13L
-
-#define SN_shaWithRSAEncryption "RSA-SHA"
-#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption 42
-#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
-
-#define SN_des_ede_ecb "DES-EDE"
-#define LN_des_ede_ecb "des-ede"
-#define NID_des_ede_ecb 32
-#define OBJ_des_ede_ecb OBJ_algorithm,17L
-
-#define SN_des_ede3_ecb "DES-EDE3"
-#define LN_des_ede3_ecb "des-ede3"
-#define NID_des_ede3_ecb 33
-
-#define SN_des_ede_cbc "DES-EDE-CBC"
-#define LN_des_ede_cbc "des-ede-cbc"
-#define NID_des_ede_cbc 43
-
-#define SN_des_ede_cfb64 "DES-EDE-CFB"
-#define LN_des_ede_cfb64 "des-ede-cfb"
-#define NID_des_ede_cfb64 60
-
-#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
-#define LN_des_ede3_cfb64 "des-ede3-cfb"
-#define NID_des_ede3_cfb64 61
-
-#define SN_des_ede_ofb64 "DES-EDE-OFB"
-#define LN_des_ede_ofb64 "des-ede-ofb"
-#define NID_des_ede_ofb64 62
-
-#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
-#define LN_des_ede3_ofb64 "des-ede3-ofb"
-#define NID_des_ede3_ofb64 63
-
-#define SN_desx_cbc "DESX-CBC"
-#define LN_desx_cbc "desx-cbc"
-#define NID_desx_cbc 80
-
-#define SN_sha "SHA"
-#define LN_sha "sha"
-#define NID_sha 41
-#define OBJ_sha OBJ_algorithm,18L
-
-#define SN_sha1 "SHA1"
-#define LN_sha1 "sha1"
-#define NID_sha1 64
-#define OBJ_sha1 OBJ_algorithm,26L
-
-#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
-#define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
-#define NID_dsaWithSHA1_2 70
-#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
-
-#define SN_sha1WithRSA "RSA-SHA1-2"
-#define LN_sha1WithRSA "sha1WithRSA"
-#define NID_sha1WithRSA 115
-#define OBJ_sha1WithRSA OBJ_algorithm,29L
-
-#define SN_ripemd160 "RIPEMD160"
-#define LN_ripemd160 "ripemd160"
-#define NID_ripemd160 117
-#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
-
-#define SN_ripemd160WithRSA "RSA-RIPEMD160"
-#define LN_ripemd160WithRSA "ripemd160WithRSA"
-#define NID_ripemd160WithRSA 119
-#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
-
-#define SN_sxnet "SXNetID"
-#define LN_sxnet "Strong Extranet ID"
-#define NID_sxnet 143
-#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
-
-#define SN_X500 "X500"
-#define LN_X500 "directory services (X.500)"
-#define NID_X500 11
-#define OBJ_X500 2L,5L
-
-#define SN_X509 "X509"
-#define NID_X509 12
-#define OBJ_X509 OBJ_X500,4L
-
-#define SN_commonName "CN"
-#define LN_commonName "commonName"
-#define NID_commonName 13
-#define OBJ_commonName OBJ_X509,3L
-
-#define SN_surname "SN"
-#define LN_surname "surname"
-#define NID_surname 100
-#define OBJ_surname OBJ_X509,4L
-
-#define LN_serialNumber "serialNumber"
-#define NID_serialNumber 105
-#define OBJ_serialNumber OBJ_X509,5L
-
-#define SN_countryName "C"
-#define LN_countryName "countryName"
-#define NID_countryName 14
-#define OBJ_countryName OBJ_X509,6L
-
-#define SN_localityName "L"
-#define LN_localityName "localityName"
-#define NID_localityName 15
-#define OBJ_localityName OBJ_X509,7L
-
-#define SN_stateOrProvinceName "ST"
-#define LN_stateOrProvinceName "stateOrProvinceName"
-#define NID_stateOrProvinceName 16
-#define OBJ_stateOrProvinceName OBJ_X509,8L
-
-#define SN_streetAddress "street"
-#define LN_streetAddress "streetAddress"
-#define NID_streetAddress 660
-#define OBJ_streetAddress OBJ_X509,9L
-
-#define SN_organizationName "O"
-#define LN_organizationName "organizationName"
-#define NID_organizationName 17
-#define OBJ_organizationName OBJ_X509,10L
-
-#define SN_organizationalUnitName "OU"
-#define LN_organizationalUnitName "organizationalUnitName"
-#define NID_organizationalUnitName 18
-#define OBJ_organizationalUnitName OBJ_X509,11L
-
-#define SN_title "title"
-#define LN_title "title"
-#define NID_title 106
-#define OBJ_title OBJ_X509,12L
-
-#define LN_description "description"
-#define NID_description 107
-#define OBJ_description OBJ_X509,13L
-
-#define LN_searchGuide "searchGuide"
-#define NID_searchGuide 859
-#define OBJ_searchGuide OBJ_X509,14L
-
-#define LN_businessCategory "businessCategory"
-#define NID_businessCategory 860
-#define OBJ_businessCategory OBJ_X509,15L
-
-#define LN_postalAddress "postalAddress"
-#define NID_postalAddress 861
-#define OBJ_postalAddress OBJ_X509,16L
-
-#define LN_postalCode "postalCode"
-#define NID_postalCode 661
-#define OBJ_postalCode OBJ_X509,17L
-
-#define LN_postOfficeBox "postOfficeBox"
-#define NID_postOfficeBox 862
-#define OBJ_postOfficeBox OBJ_X509,18L
-
-#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName"
-#define NID_physicalDeliveryOfficeName 863
-#define OBJ_physicalDeliveryOfficeName OBJ_X509,19L
-
-#define LN_telephoneNumber "telephoneNumber"
-#define NID_telephoneNumber 864
-#define OBJ_telephoneNumber OBJ_X509,20L
-
-#define LN_telexNumber "telexNumber"
-#define NID_telexNumber 865
-#define OBJ_telexNumber OBJ_X509,21L
-
-#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier"
-#define NID_teletexTerminalIdentifier 866
-#define OBJ_teletexTerminalIdentifier OBJ_X509,22L
-
-#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber"
-#define NID_facsimileTelephoneNumber 867
-#define OBJ_facsimileTelephoneNumber OBJ_X509,23L
-
-#define LN_x121Address "x121Address"
-#define NID_x121Address 868
-#define OBJ_x121Address OBJ_X509,24L
-
-#define LN_internationaliSDNNumber "internationaliSDNNumber"
-#define NID_internationaliSDNNumber 869
-#define OBJ_internationaliSDNNumber OBJ_X509,25L
-
-#define LN_registeredAddress "registeredAddress"
-#define NID_registeredAddress 870
-#define OBJ_registeredAddress OBJ_X509,26L
-
-#define LN_destinationIndicator "destinationIndicator"
-#define NID_destinationIndicator 871
-#define OBJ_destinationIndicator OBJ_X509,27L
-
-#define LN_preferredDeliveryMethod "preferredDeliveryMethod"
-#define NID_preferredDeliveryMethod 872
-#define OBJ_preferredDeliveryMethod OBJ_X509,28L
-
-#define LN_presentationAddress "presentationAddress"
-#define NID_presentationAddress 873
-#define OBJ_presentationAddress OBJ_X509,29L
-
-#define LN_supportedApplicationContext "supportedApplicationContext"
-#define NID_supportedApplicationContext 874
-#define OBJ_supportedApplicationContext OBJ_X509,30L
-
-#define SN_member "member"
-#define NID_member 875
-#define OBJ_member OBJ_X509,31L
-
-#define SN_owner "owner"
-#define NID_owner 876
-#define OBJ_owner OBJ_X509,32L
-
-#define LN_roleOccupant "roleOccupant"
-#define NID_roleOccupant 877
-#define OBJ_roleOccupant OBJ_X509,33L
-
-#define SN_seeAlso "seeAlso"
-#define NID_seeAlso 878
-#define OBJ_seeAlso OBJ_X509,34L
-
-#define LN_userPassword "userPassword"
-#define NID_userPassword 879
-#define OBJ_userPassword OBJ_X509,35L
-
-#define LN_userCertificate "userCertificate"
-#define NID_userCertificate 880
-#define OBJ_userCertificate OBJ_X509,36L
-
-#define LN_cACertificate "cACertificate"
-#define NID_cACertificate 881
-#define OBJ_cACertificate OBJ_X509,37L
-
-#define LN_authorityRevocationList "authorityRevocationList"
-#define NID_authorityRevocationList 882
-#define OBJ_authorityRevocationList OBJ_X509,38L
-
-#define LN_certificateRevocationList "certificateRevocationList"
-#define NID_certificateRevocationList 883
-#define OBJ_certificateRevocationList OBJ_X509,39L
-
-#define LN_crossCertificatePair "crossCertificatePair"
-#define NID_crossCertificatePair 884
-#define OBJ_crossCertificatePair OBJ_X509,40L
-
-#define SN_name "name"
-#define LN_name "name"
-#define NID_name 173
-#define OBJ_name OBJ_X509,41L
-
-#define SN_givenName "GN"
-#define LN_givenName "givenName"
-#define NID_givenName 99
-#define OBJ_givenName OBJ_X509,42L
-
-#define SN_initials "initials"
-#define LN_initials "initials"
-#define NID_initials 101
-#define OBJ_initials OBJ_X509,43L
-
-#define LN_generationQualifier "generationQualifier"
-#define NID_generationQualifier 509
-#define OBJ_generationQualifier OBJ_X509,44L
-
-#define LN_x500UniqueIdentifier "x500UniqueIdentifier"
-#define NID_x500UniqueIdentifier 503
-#define OBJ_x500UniqueIdentifier OBJ_X509,45L
-
-#define SN_dnQualifier "dnQualifier"
-#define LN_dnQualifier "dnQualifier"
-#define NID_dnQualifier 174
-#define OBJ_dnQualifier OBJ_X509,46L
-
-#define LN_enhancedSearchGuide "enhancedSearchGuide"
-#define NID_enhancedSearchGuide 885
-#define OBJ_enhancedSearchGuide OBJ_X509,47L
-
-#define LN_protocolInformation "protocolInformation"
-#define NID_protocolInformation 886
-#define OBJ_protocolInformation OBJ_X509,48L
-
-#define LN_distinguishedName "distinguishedName"
-#define NID_distinguishedName 887
-#define OBJ_distinguishedName OBJ_X509,49L
-
-#define LN_uniqueMember "uniqueMember"
-#define NID_uniqueMember 888
-#define OBJ_uniqueMember OBJ_X509,50L
-
-#define LN_houseIdentifier "houseIdentifier"
-#define NID_houseIdentifier 889
-#define OBJ_houseIdentifier OBJ_X509,51L
-
-#define LN_supportedAlgorithms "supportedAlgorithms"
-#define NID_supportedAlgorithms 890
-#define OBJ_supportedAlgorithms OBJ_X509,52L
-
-#define LN_deltaRevocationList "deltaRevocationList"
-#define NID_deltaRevocationList 891
-#define OBJ_deltaRevocationList OBJ_X509,53L
-
-#define SN_dmdName "dmdName"
-#define NID_dmdName 892
-#define OBJ_dmdName OBJ_X509,54L
-
-#define LN_pseudonym "pseudonym"
-#define NID_pseudonym 510
-#define OBJ_pseudonym OBJ_X509,65L
-
-#define SN_role "role"
-#define LN_role "role"
-#define NID_role 400
-#define OBJ_role OBJ_X509,72L
-
-#define SN_X500algorithms "X500algorithms"
-#define LN_X500algorithms "directory services - algorithms"
-#define NID_X500algorithms 378
-#define OBJ_X500algorithms OBJ_X500,8L
-
-#define SN_rsa "RSA"
-#define LN_rsa "rsa"
-#define NID_rsa 19
-#define OBJ_rsa OBJ_X500algorithms,1L,1L
-
-#define SN_mdc2WithRSA "RSA-MDC2"
-#define LN_mdc2WithRSA "mdc2WithRSA"
-#define NID_mdc2WithRSA 96
-#define OBJ_mdc2WithRSA OBJ_X500algorithms,3L,100L
-
-#define SN_mdc2 "MDC2"
-#define LN_mdc2 "mdc2"
-#define NID_mdc2 95
-#define OBJ_mdc2 OBJ_X500algorithms,3L,101L
-
-#define SN_id_ce "id-ce"
-#define NID_id_ce 81
-#define OBJ_id_ce OBJ_X500,29L
-
-#define SN_subject_directory_attributes "subjectDirectoryAttributes"
-#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes"
-#define NID_subject_directory_attributes 769
-#define OBJ_subject_directory_attributes OBJ_id_ce,9L
-
-#define SN_subject_key_identifier "subjectKeyIdentifier"
-#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier 82
-#define OBJ_subject_key_identifier OBJ_id_ce,14L
-
-#define SN_key_usage "keyUsage"
-#define LN_key_usage "X509v3 Key Usage"
-#define NID_key_usage 83
-#define OBJ_key_usage OBJ_id_ce,15L
-
-#define SN_private_key_usage_period "privateKeyUsagePeriod"
-#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period 84
-#define OBJ_private_key_usage_period OBJ_id_ce,16L
-
-#define SN_subject_alt_name "subjectAltName"
-#define LN_subject_alt_name "X509v3 Subject Alternative Name"
-#define NID_subject_alt_name 85
-#define OBJ_subject_alt_name OBJ_id_ce,17L
-
-#define SN_issuer_alt_name "issuerAltName"
-#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name 86
-#define OBJ_issuer_alt_name OBJ_id_ce,18L
-
-#define SN_basic_constraints "basicConstraints"
-#define LN_basic_constraints "X509v3 Basic Constraints"
-#define NID_basic_constraints 87
-#define OBJ_basic_constraints OBJ_id_ce,19L
-
-#define SN_crl_number "crlNumber"
-#define LN_crl_number "X509v3 CRL Number"
-#define NID_crl_number 88
-#define OBJ_crl_number OBJ_id_ce,20L
-
-#define SN_crl_reason "CRLReason"
-#define LN_crl_reason "X509v3 CRL Reason Code"
-#define NID_crl_reason 141
-#define OBJ_crl_reason OBJ_id_ce,21L
-
-#define SN_invalidity_date "invalidityDate"
-#define LN_invalidity_date "Invalidity Date"
-#define NID_invalidity_date 142
-#define OBJ_invalidity_date OBJ_id_ce,24L
-
-#define SN_delta_crl "deltaCRL"
-#define LN_delta_crl "X509v3 Delta CRL Indicator"
-#define NID_delta_crl 140
-#define OBJ_delta_crl OBJ_id_ce,27L
-
-#define SN_issuing_distribution_point "issuingDistributionPoint"
-#define LN_issuing_distribution_point "X509v3 Issuing Distrubution Point"
-#define NID_issuing_distribution_point 770
-#define OBJ_issuing_distribution_point OBJ_id_ce,28L
-
-#define SN_certificate_issuer "certificateIssuer"
-#define LN_certificate_issuer "X509v3 Certificate Issuer"
-#define NID_certificate_issuer 771
-#define OBJ_certificate_issuer OBJ_id_ce,29L
-
-#define SN_name_constraints "nameConstraints"
-#define LN_name_constraints "X509v3 Name Constraints"
-#define NID_name_constraints 666
-#define OBJ_name_constraints OBJ_id_ce,30L
-
-#define SN_crl_distribution_points "crlDistributionPoints"
-#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points 103
-#define OBJ_crl_distribution_points OBJ_id_ce,31L
-
-#define SN_certificate_policies "certificatePolicies"
-#define LN_certificate_policies "X509v3 Certificate Policies"
-#define NID_certificate_policies 89
-#define OBJ_certificate_policies OBJ_id_ce,32L
-
-#define SN_any_policy "anyPolicy"
-#define LN_any_policy "X509v3 Any Policy"
-#define NID_any_policy 746
-#define OBJ_any_policy OBJ_certificate_policies,0L
-
-#define SN_policy_mappings "policyMappings"
-#define LN_policy_mappings "X509v3 Policy Mappings"
-#define NID_policy_mappings 747
-#define OBJ_policy_mappings OBJ_id_ce,33L
-
-#define SN_authority_key_identifier "authorityKeyIdentifier"
-#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier 90
-#define OBJ_authority_key_identifier OBJ_id_ce,35L
-
-#define SN_policy_constraints "policyConstraints"
-#define LN_policy_constraints "X509v3 Policy Constraints"
-#define NID_policy_constraints 401
-#define OBJ_policy_constraints OBJ_id_ce,36L
-
-#define SN_ext_key_usage "extendedKeyUsage"
-#define LN_ext_key_usage "X509v3 Extended Key Usage"
-#define NID_ext_key_usage 126
-#define OBJ_ext_key_usage OBJ_id_ce,37L
-
-#define SN_freshest_crl "freshestCRL"
-#define LN_freshest_crl "X509v3 Freshest CRL"
-#define NID_freshest_crl 857
-#define OBJ_freshest_crl OBJ_id_ce,46L
-
-#define SN_inhibit_any_policy "inhibitAnyPolicy"
-#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy"
-#define NID_inhibit_any_policy 748
-#define OBJ_inhibit_any_policy OBJ_id_ce,54L
-
-#define SN_target_information "targetInformation"
-#define LN_target_information "X509v3 AC Targeting"
-#define NID_target_information 402
-#define OBJ_target_information OBJ_id_ce,55L
-
-#define SN_no_rev_avail "noRevAvail"
-#define LN_no_rev_avail "X509v3 No Revocation Available"
-#define NID_no_rev_avail 403
-#define OBJ_no_rev_avail OBJ_id_ce,56L
-
-#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
-#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
-#define NID_anyExtendedKeyUsage 910
-#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
-
-#define SN_netscape "Netscape"
-#define LN_netscape "Netscape Communications Corp."
-#define NID_netscape 57
-#define OBJ_netscape 2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension "nsCertExt"
-#define LN_netscape_cert_extension "Netscape Certificate Extension"
-#define NID_netscape_cert_extension 58
-#define OBJ_netscape_cert_extension OBJ_netscape,1L
-
-#define SN_netscape_data_type "nsDataType"
-#define LN_netscape_data_type "Netscape Data Type"
-#define NID_netscape_data_type 59
-#define OBJ_netscape_data_type OBJ_netscape,2L
-
-#define SN_netscape_cert_type "nsCertType"
-#define LN_netscape_cert_type "Netscape Cert Type"
-#define NID_netscape_cert_type 71
-#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
-
-#define SN_netscape_base_url "nsBaseUrl"
-#define LN_netscape_base_url "Netscape Base Url"
-#define NID_netscape_base_url 72
-#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
-
-#define SN_netscape_revocation_url "nsRevocationUrl"
-#define LN_netscape_revocation_url "Netscape Revocation Url"
-#define NID_netscape_revocation_url 73
-#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
-
-#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
-#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
-#define NID_netscape_ca_revocation_url 74
-#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
-
-#define SN_netscape_renewal_url "nsRenewalUrl"
-#define LN_netscape_renewal_url "Netscape Renewal Url"
-#define NID_netscape_renewal_url 75
-#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
-
-#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
-#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
-#define NID_netscape_ca_policy_url 76
-#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
-
-#define SN_netscape_ssl_server_name "nsSslServerName"
-#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
-#define NID_netscape_ssl_server_name 77
-#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
-
-#define SN_netscape_comment "nsComment"
-#define LN_netscape_comment "Netscape Comment"
-#define NID_netscape_comment 78
-#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
-
-#define SN_netscape_cert_sequence "nsCertSequence"
-#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
-#define NID_netscape_cert_sequence 79
-#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
-
-#define SN_ns_sgc "nsSGC"
-#define LN_ns_sgc "Netscape Server Gated Crypto"
-#define NID_ns_sgc 139
-#define OBJ_ns_sgc OBJ_netscape,4L,1L
-
-#define SN_org "ORG"
-#define LN_org "org"
-#define NID_org 379
-#define OBJ_org OBJ_iso,3L
-
-#define SN_dod "DOD"
-#define LN_dod "dod"
-#define NID_dod 380
-#define OBJ_dod OBJ_org,6L
-
-#define SN_iana "IANA"
-#define LN_iana "iana"
-#define NID_iana 381
-#define OBJ_iana OBJ_dod,1L
-
-#define OBJ_internet OBJ_iana
-
-#define SN_Directory "directory"
-#define LN_Directory "Directory"
-#define NID_Directory 382
-#define OBJ_Directory OBJ_internet,1L
-
-#define SN_Management "mgmt"
-#define LN_Management "Management"
-#define NID_Management 383
-#define OBJ_Management OBJ_internet,2L
-
-#define SN_Experimental "experimental"
-#define LN_Experimental "Experimental"
-#define NID_Experimental 384
-#define OBJ_Experimental OBJ_internet,3L
-
-#define SN_Private "private"
-#define LN_Private "Private"
-#define NID_Private 385
-#define OBJ_Private OBJ_internet,4L
-
-#define SN_Security "security"
-#define LN_Security "Security"
-#define NID_Security 386
-#define OBJ_Security OBJ_internet,5L
-
-#define SN_SNMPv2 "snmpv2"
-#define LN_SNMPv2 "SNMPv2"
-#define NID_SNMPv2 387
-#define OBJ_SNMPv2 OBJ_internet,6L
-
-#define LN_Mail "Mail"
-#define NID_Mail 388
-#define OBJ_Mail OBJ_internet,7L
-
-#define SN_Enterprises "enterprises"
-#define LN_Enterprises "Enterprises"
-#define NID_Enterprises 389
-#define OBJ_Enterprises OBJ_Private,1L
-
-#define SN_dcObject "dcobject"
-#define LN_dcObject "dcObject"
-#define NID_dcObject 390
-#define OBJ_dcObject OBJ_Enterprises,1466L,344L
-
-#define SN_mime_mhs "mime-mhs"
-#define LN_mime_mhs "MIME MHS"
-#define NID_mime_mhs 504
-#define OBJ_mime_mhs OBJ_Mail,1L
-
-#define SN_mime_mhs_headings "mime-mhs-headings"
-#define LN_mime_mhs_headings "mime-mhs-headings"
-#define NID_mime_mhs_headings 505
-#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L
-
-#define SN_mime_mhs_bodies "mime-mhs-bodies"
-#define LN_mime_mhs_bodies "mime-mhs-bodies"
-#define NID_mime_mhs_bodies 506
-#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L
-
-#define SN_id_hex_partial_message "id-hex-partial-message"
-#define LN_id_hex_partial_message "id-hex-partial-message"
-#define NID_id_hex_partial_message 507
-#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L
-
-#define SN_id_hex_multipart_message "id-hex-multipart-message"
-#define LN_id_hex_multipart_message "id-hex-multipart-message"
-#define NID_id_hex_multipart_message 508
-#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L
-
-#define SN_rle_compression "RLE"
-#define LN_rle_compression "run length compression"
-#define NID_rle_compression 124
-#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L
-
-#define SN_zlib_compression "ZLIB"
-#define LN_zlib_compression "zlib compression"
-#define NID_zlib_compression 125
-#define OBJ_zlib_compression OBJ_id_smime_alg,8L
-
-#define OBJ_csor 2L,16L,840L,1L,101L,3L
-
-#define OBJ_nistAlgorithms OBJ_csor,4L
-
-#define OBJ_aes OBJ_nistAlgorithms,1L
-
-#define SN_aes_128_ecb "AES-128-ECB"
-#define LN_aes_128_ecb "aes-128-ecb"
-#define NID_aes_128_ecb 418
-#define OBJ_aes_128_ecb OBJ_aes,1L
-
-#define SN_aes_128_cbc "AES-128-CBC"
-#define LN_aes_128_cbc "aes-128-cbc"
-#define NID_aes_128_cbc 419
-#define OBJ_aes_128_cbc OBJ_aes,2L
-
-#define SN_aes_128_ofb128 "AES-128-OFB"
-#define LN_aes_128_ofb128 "aes-128-ofb"
-#define NID_aes_128_ofb128 420
-#define OBJ_aes_128_ofb128 OBJ_aes,3L
-
-#define SN_aes_128_cfb128 "AES-128-CFB"
-#define LN_aes_128_cfb128 "aes-128-cfb"
-#define NID_aes_128_cfb128 421
-#define OBJ_aes_128_cfb128 OBJ_aes,4L
-
-#define SN_id_aes128_wrap "id-aes128-wrap"
-#define NID_id_aes128_wrap 788
-#define OBJ_id_aes128_wrap OBJ_aes,5L
-
-#define SN_aes_128_gcm "id-aes128-GCM"
-#define LN_aes_128_gcm "aes-128-gcm"
-#define NID_aes_128_gcm 895
-#define OBJ_aes_128_gcm OBJ_aes,6L
-
-#define SN_aes_128_ccm "id-aes128-CCM"
-#define LN_aes_128_ccm "aes-128-ccm"
-#define NID_aes_128_ccm 896
-#define OBJ_aes_128_ccm OBJ_aes,7L
-
-#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
-#define NID_id_aes128_wrap_pad 897
-#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
-
-#define SN_aes_192_ecb "AES-192-ECB"
-#define LN_aes_192_ecb "aes-192-ecb"
-#define NID_aes_192_ecb 422
-#define OBJ_aes_192_ecb OBJ_aes,21L
-
-#define SN_aes_192_cbc "AES-192-CBC"
-#define LN_aes_192_cbc "aes-192-cbc"
-#define NID_aes_192_cbc 423
-#define OBJ_aes_192_cbc OBJ_aes,22L
-
-#define SN_aes_192_ofb128 "AES-192-OFB"
-#define LN_aes_192_ofb128 "aes-192-ofb"
-#define NID_aes_192_ofb128 424
-#define OBJ_aes_192_ofb128 OBJ_aes,23L
-
-#define SN_aes_192_cfb128 "AES-192-CFB"
-#define LN_aes_192_cfb128 "aes-192-cfb"
-#define NID_aes_192_cfb128 425
-#define OBJ_aes_192_cfb128 OBJ_aes,24L
-
-#define SN_id_aes192_wrap "id-aes192-wrap"
-#define NID_id_aes192_wrap 789
-#define OBJ_id_aes192_wrap OBJ_aes,25L
-
-#define SN_aes_192_gcm "id-aes192-GCM"
-#define LN_aes_192_gcm "aes-192-gcm"
-#define NID_aes_192_gcm 898
-#define OBJ_aes_192_gcm OBJ_aes,26L
-
-#define SN_aes_192_ccm "id-aes192-CCM"
-#define LN_aes_192_ccm "aes-192-ccm"
-#define NID_aes_192_ccm 899
-#define OBJ_aes_192_ccm OBJ_aes,27L
-
-#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
-#define NID_id_aes192_wrap_pad 900
-#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
-
-#define SN_aes_256_ecb "AES-256-ECB"
-#define LN_aes_256_ecb "aes-256-ecb"
-#define NID_aes_256_ecb 426
-#define OBJ_aes_256_ecb OBJ_aes,41L
-
-#define SN_aes_256_cbc "AES-256-CBC"
-#define LN_aes_256_cbc "aes-256-cbc"
-#define NID_aes_256_cbc 427
-#define OBJ_aes_256_cbc OBJ_aes,42L
-
-#define SN_aes_256_ofb128 "AES-256-OFB"
-#define LN_aes_256_ofb128 "aes-256-ofb"
-#define NID_aes_256_ofb128 428
-#define OBJ_aes_256_ofb128 OBJ_aes,43L
-
-#define SN_aes_256_cfb128 "AES-256-CFB"
-#define LN_aes_256_cfb128 "aes-256-cfb"
-#define NID_aes_256_cfb128 429
-#define OBJ_aes_256_cfb128 OBJ_aes,44L
-
-#define SN_id_aes256_wrap "id-aes256-wrap"
-#define NID_id_aes256_wrap 790
-#define OBJ_id_aes256_wrap OBJ_aes,45L
-
-#define SN_aes_256_gcm "id-aes256-GCM"
-#define LN_aes_256_gcm "aes-256-gcm"
-#define NID_aes_256_gcm 901
-#define OBJ_aes_256_gcm OBJ_aes,46L
-
-#define SN_aes_256_ccm "id-aes256-CCM"
-#define LN_aes_256_ccm "aes-256-ccm"
-#define NID_aes_256_ccm 902
-#define OBJ_aes_256_ccm OBJ_aes,47L
-
-#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
-#define NID_id_aes256_wrap_pad 903
-#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
-
-#define SN_aes_128_cfb1 "AES-128-CFB1"
-#define LN_aes_128_cfb1 "aes-128-cfb1"
-#define NID_aes_128_cfb1 650
-
-#define SN_aes_192_cfb1 "AES-192-CFB1"
-#define LN_aes_192_cfb1 "aes-192-cfb1"
-#define NID_aes_192_cfb1 651
-
-#define SN_aes_256_cfb1 "AES-256-CFB1"
-#define LN_aes_256_cfb1 "aes-256-cfb1"
-#define NID_aes_256_cfb1 652
-
-#define SN_aes_128_cfb8 "AES-128-CFB8"
-#define LN_aes_128_cfb8 "aes-128-cfb8"
-#define NID_aes_128_cfb8 653
-
-#define SN_aes_192_cfb8 "AES-192-CFB8"
-#define LN_aes_192_cfb8 "aes-192-cfb8"
-#define NID_aes_192_cfb8 654
-
-#define SN_aes_256_cfb8 "AES-256-CFB8"
-#define LN_aes_256_cfb8 "aes-256-cfb8"
-#define NID_aes_256_cfb8 655
-
-#define SN_aes_128_ctr "AES-128-CTR"
-#define LN_aes_128_ctr "aes-128-ctr"
-#define NID_aes_128_ctr 904
-
-#define SN_aes_192_ctr "AES-192-CTR"
-#define LN_aes_192_ctr "aes-192-ctr"
-#define NID_aes_192_ctr 905
-
-#define SN_aes_256_ctr "AES-256-CTR"
-#define LN_aes_256_ctr "aes-256-ctr"
-#define NID_aes_256_ctr 906
-
-#define SN_aes_128_ocb "AES-128-OCB"
-#define LN_aes_128_ocb "aes-128-ocb"
-#define NID_aes_128_ocb 958
-
-#define SN_aes_192_ocb "AES-192-OCB"
-#define LN_aes_192_ocb "aes-192-ocb"
-#define NID_aes_192_ocb 959
-
-#define SN_aes_256_ocb "AES-256-OCB"
-#define LN_aes_256_ocb "aes-256-ocb"
-#define NID_aes_256_ocb 960
-
-#define SN_aes_128_xts "AES-128-XTS"
-#define LN_aes_128_xts "aes-128-xts"
-#define NID_aes_128_xts 913
-
-#define SN_aes_256_xts "AES-256-XTS"
-#define LN_aes_256_xts "aes-256-xts"
-#define NID_aes_256_xts 914
-
-#define SN_des_cfb1 "DES-CFB1"
-#define LN_des_cfb1 "des-cfb1"
-#define NID_des_cfb1 656
-
-#define SN_des_cfb8 "DES-CFB8"
-#define LN_des_cfb8 "des-cfb8"
-#define NID_des_cfb8 657
-
-#define SN_des_ede3_cfb1 "DES-EDE3-CFB1"
-#define LN_des_ede3_cfb1 "des-ede3-cfb1"
-#define NID_des_ede3_cfb1 658
-
-#define SN_des_ede3_cfb8 "DES-EDE3-CFB8"
-#define LN_des_ede3_cfb8 "des-ede3-cfb8"
-#define NID_des_ede3_cfb8 659
-
-#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
-
-#define SN_sha256 "SHA256"
-#define LN_sha256 "sha256"
-#define NID_sha256 672
-#define OBJ_sha256 OBJ_nist_hashalgs,1L
-
-#define SN_sha384 "SHA384"
-#define LN_sha384 "sha384"
-#define NID_sha384 673
-#define OBJ_sha384 OBJ_nist_hashalgs,2L
-
-#define SN_sha512 "SHA512"
-#define LN_sha512 "sha512"
-#define NID_sha512 674
-#define OBJ_sha512 OBJ_nist_hashalgs,3L
-
-#define SN_sha224 "SHA224"
-#define LN_sha224 "sha224"
-#define NID_sha224 675
-#define OBJ_sha224 OBJ_nist_hashalgs,4L
-
-#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L
-
-#define SN_dsa_with_SHA224 "dsa_with_SHA224"
-#define NID_dsa_with_SHA224 802
-#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L
-
-#define SN_dsa_with_SHA256 "dsa_with_SHA256"
-#define NID_dsa_with_SHA256 803
-#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L
-
-#define SN_hold_instruction_code "holdInstructionCode"
-#define LN_hold_instruction_code "Hold Instruction Code"
-#define NID_hold_instruction_code 430
-#define OBJ_hold_instruction_code OBJ_id_ce,23L
-
-#define OBJ_holdInstruction OBJ_X9_57,2L
-
-#define SN_hold_instruction_none "holdInstructionNone"
-#define LN_hold_instruction_none "Hold Instruction None"
-#define NID_hold_instruction_none 431
-#define OBJ_hold_instruction_none OBJ_holdInstruction,1L
-
-#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer"
-#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer"
-#define NID_hold_instruction_call_issuer 432
-#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L
-
-#define SN_hold_instruction_reject "holdInstructionReject"
-#define LN_hold_instruction_reject "Hold Instruction Reject"
-#define NID_hold_instruction_reject 433
-#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L
-
-#define SN_data "data"
-#define NID_data 434
-#define OBJ_data OBJ_itu_t,9L
-
-#define SN_pss "pss"
-#define NID_pss 435
-#define OBJ_pss OBJ_data,2342L
-
-#define SN_ucl "ucl"
-#define NID_ucl 436
-#define OBJ_ucl OBJ_pss,19200300L
-
-#define SN_pilot "pilot"
-#define NID_pilot 437
-#define OBJ_pilot OBJ_ucl,100L
-
-#define LN_pilotAttributeType "pilotAttributeType"
-#define NID_pilotAttributeType 438
-#define OBJ_pilotAttributeType OBJ_pilot,1L
-
-#define LN_pilotAttributeSyntax "pilotAttributeSyntax"
-#define NID_pilotAttributeSyntax 439
-#define OBJ_pilotAttributeSyntax OBJ_pilot,3L
-
-#define LN_pilotObjectClass "pilotObjectClass"
-#define NID_pilotObjectClass 440
-#define OBJ_pilotObjectClass OBJ_pilot,4L
-
-#define LN_pilotGroups "pilotGroups"
-#define NID_pilotGroups 441
-#define OBJ_pilotGroups OBJ_pilot,10L
-
-#define LN_iA5StringSyntax "iA5StringSyntax"
-#define NID_iA5StringSyntax 442
-#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L
-
-#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax"
-#define NID_caseIgnoreIA5StringSyntax 443
-#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L
-
-#define LN_pilotObject "pilotObject"
-#define NID_pilotObject 444
-#define OBJ_pilotObject OBJ_pilotObjectClass,3L
-
-#define LN_pilotPerson "pilotPerson"
-#define NID_pilotPerson 445
-#define OBJ_pilotPerson OBJ_pilotObjectClass,4L
-
-#define SN_account "account"
-#define NID_account 446
-#define OBJ_account OBJ_pilotObjectClass,5L
-
-#define SN_document "document"
-#define NID_document 447
-#define OBJ_document OBJ_pilotObjectClass,6L
-
-#define SN_room "room"
-#define NID_room 448
-#define OBJ_room OBJ_pilotObjectClass,7L
-
-#define LN_documentSeries "documentSeries"
-#define NID_documentSeries 449
-#define OBJ_documentSeries OBJ_pilotObjectClass,9L
-
-#define SN_Domain "domain"
-#define LN_Domain "Domain"
-#define NID_Domain 392
-#define OBJ_Domain OBJ_pilotObjectClass,13L
-
-#define LN_rFC822localPart "rFC822localPart"
-#define NID_rFC822localPart 450
-#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L
-
-#define LN_dNSDomain "dNSDomain"
-#define NID_dNSDomain 451
-#define OBJ_dNSDomain OBJ_pilotObjectClass,15L
-
-#define LN_domainRelatedObject "domainRelatedObject"
-#define NID_domainRelatedObject 452
-#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L
-
-#define LN_friendlyCountry "friendlyCountry"
-#define NID_friendlyCountry 453
-#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L
-
-#define LN_simpleSecurityObject "simpleSecurityObject"
-#define NID_simpleSecurityObject 454
-#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L
-
-#define LN_pilotOrganization "pilotOrganization"
-#define NID_pilotOrganization 455
-#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L
-
-#define LN_pilotDSA "pilotDSA"
-#define NID_pilotDSA 456
-#define OBJ_pilotDSA OBJ_pilotObjectClass,21L
-
-#define LN_qualityLabelledData "qualityLabelledData"
-#define NID_qualityLabelledData 457
-#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L
-
-#define SN_userId "UID"
-#define LN_userId "userId"
-#define NID_userId 458
-#define OBJ_userId OBJ_pilotAttributeType,1L
-
-#define LN_textEncodedORAddress "textEncodedORAddress"
-#define NID_textEncodedORAddress 459
-#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L
-
-#define SN_rfc822Mailbox "mail"
-#define LN_rfc822Mailbox "rfc822Mailbox"
-#define NID_rfc822Mailbox 460
-#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L
-
-#define SN_info "info"
-#define NID_info 461
-#define OBJ_info OBJ_pilotAttributeType,4L
-
-#define LN_favouriteDrink "favouriteDrink"
-#define NID_favouriteDrink 462
-#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L
-
-#define LN_roomNumber "roomNumber"
-#define NID_roomNumber 463
-#define OBJ_roomNumber OBJ_pilotAttributeType,6L
-
-#define SN_photo "photo"
-#define NID_photo 464
-#define OBJ_photo OBJ_pilotAttributeType,7L
-
-#define LN_userClass "userClass"
-#define NID_userClass 465
-#define OBJ_userClass OBJ_pilotAttributeType,8L
-
-#define SN_host "host"
-#define NID_host 466
-#define OBJ_host OBJ_pilotAttributeType,9L
-
-#define SN_manager "manager"
-#define NID_manager 467
-#define OBJ_manager OBJ_pilotAttributeType,10L
-
-#define LN_documentIdentifier "documentIdentifier"
-#define NID_documentIdentifier 468
-#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L
-
-#define LN_documentTitle "documentTitle"
-#define NID_documentTitle 469
-#define OBJ_documentTitle OBJ_pilotAttributeType,12L
-
-#define LN_documentVersion "documentVersion"
-#define NID_documentVersion 470
-#define OBJ_documentVersion OBJ_pilotAttributeType,13L
-
-#define LN_documentAuthor "documentAuthor"
-#define NID_documentAuthor 471
-#define OBJ_documentAuthor OBJ_pilotAttributeType,14L
-
-#define LN_documentLocation "documentLocation"
-#define NID_documentLocation 472
-#define OBJ_documentLocation OBJ_pilotAttributeType,15L
-
-#define LN_homeTelephoneNumber "homeTelephoneNumber"
-#define NID_homeTelephoneNumber 473
-#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L
-
-#define SN_secretary "secretary"
-#define NID_secretary 474
-#define OBJ_secretary OBJ_pilotAttributeType,21L
-
-#define LN_otherMailbox "otherMailbox"
-#define NID_otherMailbox 475
-#define OBJ_otherMailbox OBJ_pilotAttributeType,22L
-
-#define LN_lastModifiedTime "lastModifiedTime"
-#define NID_lastModifiedTime 476
-#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L
-
-#define LN_lastModifiedBy "lastModifiedBy"
-#define NID_lastModifiedBy 477
-#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L
-
-#define SN_domainComponent "DC"
-#define LN_domainComponent "domainComponent"
-#define NID_domainComponent 391
-#define OBJ_domainComponent OBJ_pilotAttributeType,25L
-
-#define LN_aRecord "aRecord"
-#define NID_aRecord 478
-#define OBJ_aRecord OBJ_pilotAttributeType,26L
-
-#define LN_pilotAttributeType27 "pilotAttributeType27"
-#define NID_pilotAttributeType27 479
-#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L
-
-#define LN_mXRecord "mXRecord"
-#define NID_mXRecord 480
-#define OBJ_mXRecord OBJ_pilotAttributeType,28L
-
-#define LN_nSRecord "nSRecord"
-#define NID_nSRecord 481
-#define OBJ_nSRecord OBJ_pilotAttributeType,29L
-
-#define LN_sOARecord "sOARecord"
-#define NID_sOARecord 482
-#define OBJ_sOARecord OBJ_pilotAttributeType,30L
-
-#define LN_cNAMERecord "cNAMERecord"
-#define NID_cNAMERecord 483
-#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L
-
-#define LN_associatedDomain "associatedDomain"
-#define NID_associatedDomain 484
-#define OBJ_associatedDomain OBJ_pilotAttributeType,37L
-
-#define LN_associatedName "associatedName"
-#define NID_associatedName 485
-#define OBJ_associatedName OBJ_pilotAttributeType,38L
-
-#define LN_homePostalAddress "homePostalAddress"
-#define NID_homePostalAddress 486
-#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L
-
-#define LN_personalTitle "personalTitle"
-#define NID_personalTitle 487
-#define OBJ_personalTitle OBJ_pilotAttributeType,40L
-
-#define LN_mobileTelephoneNumber "mobileTelephoneNumber"
-#define NID_mobileTelephoneNumber 488
-#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L
-
-#define LN_pagerTelephoneNumber "pagerTelephoneNumber"
-#define NID_pagerTelephoneNumber 489
-#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L
-
-#define LN_friendlyCountryName "friendlyCountryName"
-#define NID_friendlyCountryName 490
-#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L
-
-#define SN_uniqueIdentifier "uid"
-#define LN_uniqueIdentifier "uniqueIdentifier"
-#define NID_uniqueIdentifier 102
-#define OBJ_uniqueIdentifier OBJ_pilotAttributeType,44L
-
-#define LN_organizationalStatus "organizationalStatus"
-#define NID_organizationalStatus 491
-#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L
-
-#define LN_janetMailbox "janetMailbox"
-#define NID_janetMailbox 492
-#define OBJ_janetMailbox OBJ_pilotAttributeType,46L
-
-#define LN_mailPreferenceOption "mailPreferenceOption"
-#define NID_mailPreferenceOption 493
-#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L
-
-#define LN_buildingName "buildingName"
-#define NID_buildingName 494
-#define OBJ_buildingName OBJ_pilotAttributeType,48L
-
-#define LN_dSAQuality "dSAQuality"
-#define NID_dSAQuality 495
-#define OBJ_dSAQuality OBJ_pilotAttributeType,49L
-
-#define LN_singleLevelQuality "singleLevelQuality"
-#define NID_singleLevelQuality 496
-#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L
-
-#define LN_subtreeMinimumQuality "subtreeMinimumQuality"
-#define NID_subtreeMinimumQuality 497
-#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L
-
-#define LN_subtreeMaximumQuality "subtreeMaximumQuality"
-#define NID_subtreeMaximumQuality 498
-#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L
-
-#define LN_personalSignature "personalSignature"
-#define NID_personalSignature 499
-#define OBJ_personalSignature OBJ_pilotAttributeType,53L
-
-#define LN_dITRedirect "dITRedirect"
-#define NID_dITRedirect 500
-#define OBJ_dITRedirect OBJ_pilotAttributeType,54L
-
-#define SN_audio "audio"
-#define NID_audio 501
-#define OBJ_audio OBJ_pilotAttributeType,55L
-
-#define LN_documentPublisher "documentPublisher"
-#define NID_documentPublisher 502
-#define OBJ_documentPublisher OBJ_pilotAttributeType,56L
-
-#define SN_id_set "id-set"
-#define LN_id_set "Secure Electronic Transactions"
-#define NID_id_set 512
-#define OBJ_id_set OBJ_international_organizations,42L
-
-#define SN_set_ctype "set-ctype"
-#define LN_set_ctype "content types"
-#define NID_set_ctype 513
-#define OBJ_set_ctype OBJ_id_set,0L
-
-#define SN_set_msgExt "set-msgExt"
-#define LN_set_msgExt "message extensions"
-#define NID_set_msgExt 514
-#define OBJ_set_msgExt OBJ_id_set,1L
-
-#define SN_set_attr "set-attr"
-#define NID_set_attr 515
-#define OBJ_set_attr OBJ_id_set,3L
-
-#define SN_set_policy "set-policy"
-#define NID_set_policy 516
-#define OBJ_set_policy OBJ_id_set,5L
-
-#define SN_set_certExt "set-certExt"
-#define LN_set_certExt "certificate extensions"
-#define NID_set_certExt 517
-#define OBJ_set_certExt OBJ_id_set,7L
-
-#define SN_set_brand "set-brand"
-#define NID_set_brand 518
-#define OBJ_set_brand OBJ_id_set,8L
-
-#define SN_setct_PANData "setct-PANData"
-#define NID_setct_PANData 519
-#define OBJ_setct_PANData OBJ_set_ctype,0L
-
-#define SN_setct_PANToken "setct-PANToken"
-#define NID_setct_PANToken 520
-#define OBJ_setct_PANToken OBJ_set_ctype,1L
-
-#define SN_setct_PANOnly "setct-PANOnly"
-#define NID_setct_PANOnly 521
-#define OBJ_setct_PANOnly OBJ_set_ctype,2L
-
-#define SN_setct_OIData "setct-OIData"
-#define NID_setct_OIData 522
-#define OBJ_setct_OIData OBJ_set_ctype,3L
-
-#define SN_setct_PI "setct-PI"
-#define NID_setct_PI 523
-#define OBJ_setct_PI OBJ_set_ctype,4L
-
-#define SN_setct_PIData "setct-PIData"
-#define NID_setct_PIData 524
-#define OBJ_setct_PIData OBJ_set_ctype,5L
-
-#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
-#define NID_setct_PIDataUnsigned 525
-#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L
-
-#define SN_setct_HODInput "setct-HODInput"
-#define NID_setct_HODInput 526
-#define OBJ_setct_HODInput OBJ_set_ctype,7L
-
-#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
-#define NID_setct_AuthResBaggage 527
-#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L
-
-#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
-#define NID_setct_AuthRevReqBaggage 528
-#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L
-
-#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
-#define NID_setct_AuthRevResBaggage 529
-#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L
-
-#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
-#define NID_setct_CapTokenSeq 530
-#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L
-
-#define SN_setct_PInitResData "setct-PInitResData"
-#define NID_setct_PInitResData 531
-#define OBJ_setct_PInitResData OBJ_set_ctype,12L
-
-#define SN_setct_PI_TBS "setct-PI-TBS"
-#define NID_setct_PI_TBS 532
-#define OBJ_setct_PI_TBS OBJ_set_ctype,13L
-
-#define SN_setct_PResData "setct-PResData"
-#define NID_setct_PResData 533
-#define OBJ_setct_PResData OBJ_set_ctype,14L
-
-#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
-#define NID_setct_AuthReqTBS 534
-#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L
-
-#define SN_setct_AuthResTBS "setct-AuthResTBS"
-#define NID_setct_AuthResTBS 535
-#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L
-
-#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
-#define NID_setct_AuthResTBSX 536
-#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L
-
-#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
-#define NID_setct_AuthTokenTBS 537
-#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L
-
-#define SN_setct_CapTokenData "setct-CapTokenData"
-#define NID_setct_CapTokenData 538
-#define OBJ_setct_CapTokenData OBJ_set_ctype,20L
-
-#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
-#define NID_setct_CapTokenTBS 539
-#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L
-
-#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
-#define NID_setct_AcqCardCodeMsg 540
-#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L
-
-#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
-#define NID_setct_AuthRevReqTBS 541
-#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L
-
-#define SN_setct_AuthRevResData "setct-AuthRevResData"
-#define NID_setct_AuthRevResData 542
-#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L
-
-#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
-#define NID_setct_AuthRevResTBS 543
-#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L
-
-#define SN_setct_CapReqTBS "setct-CapReqTBS"
-#define NID_setct_CapReqTBS 544
-#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L
-
-#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
-#define NID_setct_CapReqTBSX 545
-#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L
-
-#define SN_setct_CapResData "setct-CapResData"
-#define NID_setct_CapResData 546
-#define OBJ_setct_CapResData OBJ_set_ctype,28L
-
-#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
-#define NID_setct_CapRevReqTBS 547
-#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L
-
-#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
-#define NID_setct_CapRevReqTBSX 548
-#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L
-
-#define SN_setct_CapRevResData "setct-CapRevResData"
-#define NID_setct_CapRevResData 549
-#define OBJ_setct_CapRevResData OBJ_set_ctype,31L
-
-#define SN_setct_CredReqTBS "setct-CredReqTBS"
-#define NID_setct_CredReqTBS 550
-#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L
-
-#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
-#define NID_setct_CredReqTBSX 551
-#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L
-
-#define SN_setct_CredResData "setct-CredResData"
-#define NID_setct_CredResData 552
-#define OBJ_setct_CredResData OBJ_set_ctype,34L
-
-#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
-#define NID_setct_CredRevReqTBS 553
-#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L
-
-#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
-#define NID_setct_CredRevReqTBSX 554
-#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L
-
-#define SN_setct_CredRevResData "setct-CredRevResData"
-#define NID_setct_CredRevResData 555
-#define OBJ_setct_CredRevResData OBJ_set_ctype,37L
-
-#define SN_setct_PCertReqData "setct-PCertReqData"
-#define NID_setct_PCertReqData 556
-#define OBJ_setct_PCertReqData OBJ_set_ctype,38L
-
-#define SN_setct_PCertResTBS "setct-PCertResTBS"
-#define NID_setct_PCertResTBS 557
-#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L
-
-#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
-#define NID_setct_BatchAdminReqData 558
-#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L
-
-#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
-#define NID_setct_BatchAdminResData 559
-#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L
-
-#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
-#define NID_setct_CardCInitResTBS 560
-#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L
-
-#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
-#define NID_setct_MeAqCInitResTBS 561
-#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L
-
-#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
-#define NID_setct_RegFormResTBS 562
-#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L
-
-#define SN_setct_CertReqData "setct-CertReqData"
-#define NID_setct_CertReqData 563
-#define OBJ_setct_CertReqData OBJ_set_ctype,45L
-
-#define SN_setct_CertReqTBS "setct-CertReqTBS"
-#define NID_setct_CertReqTBS 564
-#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L
-
-#define SN_setct_CertResData "setct-CertResData"
-#define NID_setct_CertResData 565
-#define OBJ_setct_CertResData OBJ_set_ctype,47L
-
-#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
-#define NID_setct_CertInqReqTBS 566
-#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L
-
-#define SN_setct_ErrorTBS "setct-ErrorTBS"
-#define NID_setct_ErrorTBS 567
-#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L
-
-#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
-#define NID_setct_PIDualSignedTBE 568
-#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L
-
-#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
-#define NID_setct_PIUnsignedTBE 569
-#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L
-
-#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
-#define NID_setct_AuthReqTBE 570
-#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L
-
-#define SN_setct_AuthResTBE "setct-AuthResTBE"
-#define NID_setct_AuthResTBE 571
-#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L
-
-#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
-#define NID_setct_AuthResTBEX 572
-#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L
-
-#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
-#define NID_setct_AuthTokenTBE 573
-#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L
-
-#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
-#define NID_setct_CapTokenTBE 574
-#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L
-
-#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
-#define NID_setct_CapTokenTBEX 575
-#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L
-
-#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
-#define NID_setct_AcqCardCodeMsgTBE 576
-#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L
-
-#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
-#define NID_setct_AuthRevReqTBE 577
-#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L
-
-#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
-#define NID_setct_AuthRevResTBE 578
-#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L
-
-#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
-#define NID_setct_AuthRevResTBEB 579
-#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L
-
-#define SN_setct_CapReqTBE "setct-CapReqTBE"
-#define NID_setct_CapReqTBE 580
-#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L
-
-#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
-#define NID_setct_CapReqTBEX 581
-#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L
-
-#define SN_setct_CapResTBE "setct-CapResTBE"
-#define NID_setct_CapResTBE 582
-#define OBJ_setct_CapResTBE OBJ_set_ctype,64L
-
-#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
-#define NID_setct_CapRevReqTBE 583
-#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L
-
-#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
-#define NID_setct_CapRevReqTBEX 584
-#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L
-
-#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
-#define NID_setct_CapRevResTBE 585
-#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L
-
-#define SN_setct_CredReqTBE "setct-CredReqTBE"
-#define NID_setct_CredReqTBE 586
-#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L
-
-#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
-#define NID_setct_CredReqTBEX 587
-#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L
-
-#define SN_setct_CredResTBE "setct-CredResTBE"
-#define NID_setct_CredResTBE 588
-#define OBJ_setct_CredResTBE OBJ_set_ctype,70L
-
-#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
-#define NID_setct_CredRevReqTBE 589
-#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L
-
-#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
-#define NID_setct_CredRevReqTBEX 590
-#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L
-
-#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
-#define NID_setct_CredRevResTBE 591
-#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L
-
-#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
-#define NID_setct_BatchAdminReqTBE 592
-#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L
-
-#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
-#define NID_setct_BatchAdminResTBE 593
-#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L
-
-#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
-#define NID_setct_RegFormReqTBE 594
-#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L
-
-#define SN_setct_CertReqTBE "setct-CertReqTBE"
-#define NID_setct_CertReqTBE 595
-#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L
-
-#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
-#define NID_setct_CertReqTBEX 596
-#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L
-
-#define SN_setct_CertResTBE "setct-CertResTBE"
-#define NID_setct_CertResTBE 597
-#define OBJ_setct_CertResTBE OBJ_set_ctype,79L
-
-#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
-#define NID_setct_CRLNotificationTBS 598
-#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L
-
-#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
-#define NID_setct_CRLNotificationResTBS 599
-#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L
-
-#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
-#define NID_setct_BCIDistributionTBS 600
-#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L
-
-#define SN_setext_genCrypt "setext-genCrypt"
-#define LN_setext_genCrypt "generic cryptogram"
-#define NID_setext_genCrypt 601
-#define OBJ_setext_genCrypt OBJ_set_msgExt,1L
-
-#define SN_setext_miAuth "setext-miAuth"
-#define LN_setext_miAuth "merchant initiated auth"
-#define NID_setext_miAuth 602
-#define OBJ_setext_miAuth OBJ_set_msgExt,3L
-
-#define SN_setext_pinSecure "setext-pinSecure"
-#define NID_setext_pinSecure 603
-#define OBJ_setext_pinSecure OBJ_set_msgExt,4L
-
-#define SN_setext_pinAny "setext-pinAny"
-#define NID_setext_pinAny 604
-#define OBJ_setext_pinAny OBJ_set_msgExt,5L
-
-#define SN_setext_track2 "setext-track2"
-#define NID_setext_track2 605
-#define OBJ_setext_track2 OBJ_set_msgExt,7L
-
-#define SN_setext_cv "setext-cv"
-#define LN_setext_cv "additional verification"
-#define NID_setext_cv 606
-#define OBJ_setext_cv OBJ_set_msgExt,8L
-
-#define SN_set_policy_root "set-policy-root"
-#define NID_set_policy_root 607
-#define OBJ_set_policy_root OBJ_set_policy,0L
-
-#define SN_setCext_hashedRoot "setCext-hashedRoot"
-#define NID_setCext_hashedRoot 608
-#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L
-
-#define SN_setCext_certType "setCext-certType"
-#define NID_setCext_certType 609
-#define OBJ_setCext_certType OBJ_set_certExt,1L
-
-#define SN_setCext_merchData "setCext-merchData"
-#define NID_setCext_merchData 610
-#define OBJ_setCext_merchData OBJ_set_certExt,2L
-
-#define SN_setCext_cCertRequired "setCext-cCertRequired"
-#define NID_setCext_cCertRequired 611
-#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L
-
-#define SN_setCext_tunneling "setCext-tunneling"
-#define NID_setCext_tunneling 612
-#define OBJ_setCext_tunneling OBJ_set_certExt,4L
-
-#define SN_setCext_setExt "setCext-setExt"
-#define NID_setCext_setExt 613
-#define OBJ_setCext_setExt OBJ_set_certExt,5L
-
-#define SN_setCext_setQualf "setCext-setQualf"
-#define NID_setCext_setQualf 614
-#define OBJ_setCext_setQualf OBJ_set_certExt,6L
-
-#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
-#define NID_setCext_PGWYcapabilities 615
-#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L
-
-#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
-#define NID_setCext_TokenIdentifier 616
-#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L
-
-#define SN_setCext_Track2Data "setCext-Track2Data"
-#define NID_setCext_Track2Data 617
-#define OBJ_setCext_Track2Data OBJ_set_certExt,9L
-
-#define SN_setCext_TokenType "setCext-TokenType"
-#define NID_setCext_TokenType 618
-#define OBJ_setCext_TokenType OBJ_set_certExt,10L
-
-#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
-#define NID_setCext_IssuerCapabilities 619
-#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L
-
-#define SN_setAttr_Cert "setAttr-Cert"
-#define NID_setAttr_Cert 620
-#define OBJ_setAttr_Cert OBJ_set_attr,0L
-
-#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
-#define LN_setAttr_PGWYcap "payment gateway capabilities"
-#define NID_setAttr_PGWYcap 621
-#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L
-
-#define SN_setAttr_TokenType "setAttr-TokenType"
-#define NID_setAttr_TokenType 622
-#define OBJ_setAttr_TokenType OBJ_set_attr,2L
-
-#define SN_setAttr_IssCap "setAttr-IssCap"
-#define LN_setAttr_IssCap "issuer capabilities"
-#define NID_setAttr_IssCap 623
-#define OBJ_setAttr_IssCap OBJ_set_attr,3L
-
-#define SN_set_rootKeyThumb "set-rootKeyThumb"
-#define NID_set_rootKeyThumb 624
-#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L
-
-#define SN_set_addPolicy "set-addPolicy"
-#define NID_set_addPolicy 625
-#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L
-
-#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
-#define NID_setAttr_Token_EMV 626
-#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L
-
-#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
-#define NID_setAttr_Token_B0Prime 627
-#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L
-
-#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
-#define NID_setAttr_IssCap_CVM 628
-#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L
-
-#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
-#define NID_setAttr_IssCap_T2 629
-#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L
-
-#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
-#define NID_setAttr_IssCap_Sig 630
-#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L
-
-#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
-#define LN_setAttr_GenCryptgrm "generate cryptogram"
-#define NID_setAttr_GenCryptgrm 631
-#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L
-
-#define SN_setAttr_T2Enc "setAttr-T2Enc"
-#define LN_setAttr_T2Enc "encrypted track 2"
-#define NID_setAttr_T2Enc 632
-#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L
-
-#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
-#define LN_setAttr_T2cleartxt "cleartext track 2"
-#define NID_setAttr_T2cleartxt 633
-#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L
-
-#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
-#define LN_setAttr_TokICCsig "ICC or token signature"
-#define NID_setAttr_TokICCsig 634
-#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L
-
-#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
-#define LN_setAttr_SecDevSig "secure device signature"
-#define NID_setAttr_SecDevSig 635
-#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L
-
-#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
-#define NID_set_brand_IATA_ATA 636
-#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L
-
-#define SN_set_brand_Diners "set-brand-Diners"
-#define NID_set_brand_Diners 637
-#define OBJ_set_brand_Diners OBJ_set_brand,30L
-
-#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
-#define NID_set_brand_AmericanExpress 638
-#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L
-
-#define SN_set_brand_JCB "set-brand-JCB"
-#define NID_set_brand_JCB 639
-#define OBJ_set_brand_JCB OBJ_set_brand,35L
-
-#define SN_set_brand_Visa "set-brand-Visa"
-#define NID_set_brand_Visa 640
-#define OBJ_set_brand_Visa OBJ_set_brand,4L
-
-#define SN_set_brand_MasterCard "set-brand-MasterCard"
-#define NID_set_brand_MasterCard 641
-#define OBJ_set_brand_MasterCard OBJ_set_brand,5L
-
-#define SN_set_brand_Novus "set-brand-Novus"
-#define NID_set_brand_Novus 642
-#define OBJ_set_brand_Novus OBJ_set_brand,6011L
-
-#define SN_des_cdmf "DES-CDMF"
-#define LN_des_cdmf "des-cdmf"
-#define NID_des_cdmf 643
-#define OBJ_des_cdmf OBJ_rsadsi,3L,10L
-
-#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
-#define NID_rsaOAEPEncryptionSET 644
-#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L
-
-#define SN_ipsec3 "Oakley-EC2N-3"
-#define LN_ipsec3 "ipsec3"
-#define NID_ipsec3 749
-
-#define SN_ipsec4 "Oakley-EC2N-4"
-#define LN_ipsec4 "ipsec4"
-#define NID_ipsec4 750
-
-#define SN_whirlpool "whirlpool"
-#define NID_whirlpool 804
-#define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L
-
-#define SN_cryptopro "cryptopro"
-#define NID_cryptopro 805
-#define OBJ_cryptopro OBJ_member_body,643L,2L,2L
-
-#define SN_cryptocom "cryptocom"
-#define NID_cryptocom 806
-#define OBJ_cryptocom OBJ_member_body,643L,2L,9L
-
-#define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001"
-#define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001"
-#define NID_id_GostR3411_94_with_GostR3410_2001 807
-#define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L
-
-#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94"
-#define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94"
-#define NID_id_GostR3411_94_with_GostR3410_94 808
-#define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L
-
-#define SN_id_GostR3411_94 "md_gost94"
-#define LN_id_GostR3411_94 "GOST R 34.11-94"
-#define NID_id_GostR3411_94 809
-#define OBJ_id_GostR3411_94 OBJ_cryptopro,9L
-
-#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94"
-#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94"
-#define NID_id_HMACGostR3411_94 810
-#define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L
-
-#define SN_id_GostR3410_2001 "gost2001"
-#define LN_id_GostR3410_2001 "GOST R 34.10-2001"
-#define NID_id_GostR3410_2001 811
-#define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L
-
-#define SN_id_GostR3410_94 "gost94"
-#define LN_id_GostR3410_94 "GOST R 34.10-94"
-#define NID_id_GostR3410_94 812
-#define OBJ_id_GostR3410_94 OBJ_cryptopro,20L
-
-#define SN_id_Gost28147_89 "gost89"
-#define LN_id_Gost28147_89 "GOST 28147-89"
-#define NID_id_Gost28147_89 813
-#define OBJ_id_Gost28147_89 OBJ_cryptopro,21L
-
-#define SN_gost89_cnt "gost89-cnt"
-#define NID_gost89_cnt 814
-
-#define SN_id_Gost28147_89_MAC "gost-mac"
-#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC"
-#define NID_id_Gost28147_89_MAC 815
-#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L
-
-#define SN_id_GostR3411_94_prf "prf-gostr3411-94"
-#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF"
-#define NID_id_GostR3411_94_prf 816
-#define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L
-
-#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH"
-#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH"
-#define NID_id_GostR3410_2001DH 817
-#define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L
-
-#define SN_id_GostR3410_94DH "id-GostR3410-94DH"
-#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH"
-#define NID_id_GostR3410_94DH 818
-#define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L
-
-#define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing"
-#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819
-#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L
-
-#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing"
-#define NID_id_Gost28147_89_None_KeyMeshing 820
-#define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L
-
-#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet"
-#define NID_id_GostR3411_94_TestParamSet 821
-#define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L
-
-#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet"
-#define NID_id_GostR3411_94_CryptoProParamSet 822
-#define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L
-
-#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet"
-#define NID_id_Gost28147_89_TestParamSet 823
-#define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L
-
-#define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824
-#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L
-
-#define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825
-#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L
-
-#define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826
-#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L
-
-#define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827
-#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L
-
-#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828
-#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L
-
-#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829
-#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L
-
-#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830
-#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L
-
-#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet"
-#define NID_id_GostR3410_94_TestParamSet 831
-#define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L
-
-#define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832
-#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L
-
-#define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833
-#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L
-
-#define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834
-#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L
-
-#define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835
-#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L
-
-#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836
-#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L
-
-#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837
-#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L
-
-#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838
-#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L
-
-#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet"
-#define NID_id_GostR3410_2001_TestParamSet 839
-#define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L
-
-#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840
-#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L
-
-#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841
-#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L
-
-#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842
-#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L
-
-#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843
-#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L
-
-#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844
-#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L
-
-#define SN_id_GostR3410_94_a "id-GostR3410-94-a"
-#define NID_id_GostR3410_94_a 845
-#define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L
-
-#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis"
-#define NID_id_GostR3410_94_aBis 846
-#define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L
-
-#define SN_id_GostR3410_94_b "id-GostR3410-94-b"
-#define NID_id_GostR3410_94_b 847
-#define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L
-
-#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis"
-#define NID_id_GostR3410_94_bBis 848
-#define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L
-
-#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc"
-#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet"
-#define NID_id_Gost28147_89_cc 849
-#define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L
-
-#define SN_id_GostR3410_94_cc "gost94cc"
-#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom"
-#define NID_id_GostR3410_94_cc 850
-#define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L
-
-#define SN_id_GostR3410_2001_cc "gost2001cc"
-#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom"
-#define NID_id_GostR3410_2001_cc 851
-#define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L
-
-#define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc"
-#define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
-#define NID_id_GostR3411_94_with_GostR3410_94_cc 852
-#define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L
-
-#define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc"
-#define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
-#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853
-#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L
-
-#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc"
-#define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom"
-#define NID_id_GostR3410_2001_ParamSet_cc 854
-#define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L
-
-#define SN_camellia_128_cbc "CAMELLIA-128-CBC"
-#define LN_camellia_128_cbc "camellia-128-cbc"
-#define NID_camellia_128_cbc 751
-#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L
-
-#define SN_camellia_192_cbc "CAMELLIA-192-CBC"
-#define LN_camellia_192_cbc "camellia-192-cbc"
-#define NID_camellia_192_cbc 752
-#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L
-
-#define SN_camellia_256_cbc "CAMELLIA-256-CBC"
-#define LN_camellia_256_cbc "camellia-256-cbc"
-#define NID_camellia_256_cbc 753
-#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
-
-#define SN_id_camellia128_wrap "id-camellia128-wrap"
-#define NID_id_camellia128_wrap 907
-#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
-
-#define SN_id_camellia192_wrap "id-camellia192-wrap"
-#define NID_id_camellia192_wrap 908
-#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
-
-#define SN_id_camellia256_wrap "id-camellia256-wrap"
-#define NID_id_camellia256_wrap 909
-#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
-
-#define OBJ_ntt_ds 0L,3L,4401L,5L
-
-#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
-
-#define SN_camellia_128_ecb "CAMELLIA-128-ECB"
-#define LN_camellia_128_ecb "camellia-128-ecb"
-#define NID_camellia_128_ecb 754
-#define OBJ_camellia_128_ecb OBJ_camellia,1L
-
-#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB"
-#define LN_camellia_128_ofb128 "camellia-128-ofb"
-#define NID_camellia_128_ofb128 766
-#define OBJ_camellia_128_ofb128 OBJ_camellia,3L
-
-#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB"
-#define LN_camellia_128_cfb128 "camellia-128-cfb"
-#define NID_camellia_128_cfb128 757
-#define OBJ_camellia_128_cfb128 OBJ_camellia,4L
-
-#define SN_camellia_128_gcm "CAMELLIA-128-GCM"
-#define LN_camellia_128_gcm "camellia-128-gcm"
-#define NID_camellia_128_gcm 961
-#define OBJ_camellia_128_gcm OBJ_camellia,6L
-
-#define SN_camellia_128_ccm "CAMELLIA-128-CCM"
-#define LN_camellia_128_ccm "camellia-128-ccm"
-#define NID_camellia_128_ccm 962
-#define OBJ_camellia_128_ccm OBJ_camellia,7L
-
-#define SN_camellia_128_ctr "CAMELLIA-128-CTR"
-#define LN_camellia_128_ctr "camellia-128-ctr"
-#define NID_camellia_128_ctr 963
-#define OBJ_camellia_128_ctr OBJ_camellia,9L
-
-#define SN_camellia_128_cmac "CAMELLIA-128-CMAC"
-#define LN_camellia_128_cmac "camellia-128-cmac"
-#define NID_camellia_128_cmac 964
-#define OBJ_camellia_128_cmac OBJ_camellia,10L
-
-#define SN_camellia_192_ecb "CAMELLIA-192-ECB"
-#define LN_camellia_192_ecb "camellia-192-ecb"
-#define NID_camellia_192_ecb 755
-#define OBJ_camellia_192_ecb OBJ_camellia,21L
-
-#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB"
-#define LN_camellia_192_ofb128 "camellia-192-ofb"
-#define NID_camellia_192_ofb128 767
-#define OBJ_camellia_192_ofb128 OBJ_camellia,23L
-
-#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB"
-#define LN_camellia_192_cfb128 "camellia-192-cfb"
-#define NID_camellia_192_cfb128 758
-#define OBJ_camellia_192_cfb128 OBJ_camellia,24L
-
-#define SN_camellia_192_gcm "CAMELLIA-192-GCM"
-#define LN_camellia_192_gcm "camellia-192-gcm"
-#define NID_camellia_192_gcm 965
-#define OBJ_camellia_192_gcm OBJ_camellia,26L
-
-#define SN_camellia_192_ccm "CAMELLIA-192-CCM"
-#define LN_camellia_192_ccm "camellia-192-ccm"
-#define NID_camellia_192_ccm 966
-#define OBJ_camellia_192_ccm OBJ_camellia,27L
-
-#define SN_camellia_192_ctr "CAMELLIA-192-CTR"
-#define LN_camellia_192_ctr "camellia-192-ctr"
-#define NID_camellia_192_ctr 967
-#define OBJ_camellia_192_ctr OBJ_camellia,29L
-
-#define SN_camellia_192_cmac "CAMELLIA-192-CMAC"
-#define LN_camellia_192_cmac "camellia-192-cmac"
-#define NID_camellia_192_cmac 968
-#define OBJ_camellia_192_cmac OBJ_camellia,30L
-
-#define SN_camellia_256_ecb "CAMELLIA-256-ECB"
-#define LN_camellia_256_ecb "camellia-256-ecb"
-#define NID_camellia_256_ecb 756
-#define OBJ_camellia_256_ecb OBJ_camellia,41L
-
-#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB"
-#define LN_camellia_256_ofb128 "camellia-256-ofb"
-#define NID_camellia_256_ofb128 768
-#define OBJ_camellia_256_ofb128 OBJ_camellia,43L
-
-#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB"
-#define LN_camellia_256_cfb128 "camellia-256-cfb"
-#define NID_camellia_256_cfb128 759
-#define OBJ_camellia_256_cfb128 OBJ_camellia,44L
-
-#define SN_camellia_256_gcm "CAMELLIA-256-GCM"
-#define LN_camellia_256_gcm "camellia-256-gcm"
-#define NID_camellia_256_gcm 969
-#define OBJ_camellia_256_gcm OBJ_camellia,46L
-
-#define SN_camellia_256_ccm "CAMELLIA-256-CCM"
-#define LN_camellia_256_ccm "camellia-256-ccm"
-#define NID_camellia_256_ccm 970
-#define OBJ_camellia_256_ccm OBJ_camellia,47L
-
-#define SN_camellia_256_ctr "CAMELLIA-256-CTR"
-#define LN_camellia_256_ctr "camellia-256-ctr"
-#define NID_camellia_256_ctr 971
-#define OBJ_camellia_256_ctr OBJ_camellia,49L
-
-#define SN_camellia_256_cmac "CAMELLIA-256-CMAC"
-#define LN_camellia_256_cmac "camellia-256-cmac"
-#define NID_camellia_256_cmac 972
-#define OBJ_camellia_256_cmac OBJ_camellia,50L
-
-#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1"
-#define LN_camellia_128_cfb1 "camellia-128-cfb1"
-#define NID_camellia_128_cfb1 760
-
-#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1"
-#define LN_camellia_192_cfb1 "camellia-192-cfb1"
-#define NID_camellia_192_cfb1 761
-
-#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1"
-#define LN_camellia_256_cfb1 "camellia-256-cfb1"
-#define NID_camellia_256_cfb1 762
-
-#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8"
-#define LN_camellia_128_cfb8 "camellia-128-cfb8"
-#define NID_camellia_128_cfb8 763
-
-#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8"
-#define LN_camellia_192_cfb8 "camellia-192-cfb8"
-#define NID_camellia_192_cfb8 764
-
-#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8"
-#define LN_camellia_256_cfb8 "camellia-256-cfb8"
-#define NID_camellia_256_cfb8 765
-
-#define SN_kisa "KISA"
-#define LN_kisa "kisa"
-#define NID_kisa 773
-#define OBJ_kisa OBJ_member_body,410L,200004L
-
-#define SN_seed_ecb "SEED-ECB"
-#define LN_seed_ecb "seed-ecb"
-#define NID_seed_ecb 776
-#define OBJ_seed_ecb OBJ_kisa,1L,3L
-
-#define SN_seed_cbc "SEED-CBC"
-#define LN_seed_cbc "seed-cbc"
-#define NID_seed_cbc 777
-#define OBJ_seed_cbc OBJ_kisa,1L,4L
-
-#define SN_seed_cfb128 "SEED-CFB"
-#define LN_seed_cfb128 "seed-cfb"
-#define NID_seed_cfb128 779
-#define OBJ_seed_cfb128 OBJ_kisa,1L,5L
-
-#define SN_seed_ofb128 "SEED-OFB"
-#define LN_seed_ofb128 "seed-ofb"
-#define NID_seed_ofb128 778
-#define OBJ_seed_ofb128 OBJ_kisa,1L,6L
-
-#define SN_hmac "HMAC"
-#define LN_hmac "hmac"
-#define NID_hmac 855
-
-#define SN_cmac "CMAC"
-#define LN_cmac "cmac"
-#define NID_cmac 894
-
-#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
-#define LN_rc4_hmac_md5 "rc4-hmac-md5"
-#define NID_rc4_hmac_md5 915
-
-#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1"
-#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1"
-#define NID_aes_128_cbc_hmac_sha1 916
-
-#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1"
-#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1"
-#define NID_aes_192_cbc_hmac_sha1 917
-
-#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1"
-#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
-#define NID_aes_256_cbc_hmac_sha1 918
-
-#define SN_aes_128_cbc_hmac_sha256 "AES-128-CBC-HMAC-SHA256"
-#define LN_aes_128_cbc_hmac_sha256 "aes-128-cbc-hmac-sha256"
-#define NID_aes_128_cbc_hmac_sha256 948
-
-#define SN_aes_192_cbc_hmac_sha256 "AES-192-CBC-HMAC-SHA256"
-#define LN_aes_192_cbc_hmac_sha256 "aes-192-cbc-hmac-sha256"
-#define NID_aes_192_cbc_hmac_sha256 949
-
-#define SN_aes_256_cbc_hmac_sha256 "AES-256-CBC-HMAC-SHA256"
-#define LN_aes_256_cbc_hmac_sha256 "aes-256-cbc-hmac-sha256"
-#define NID_aes_256_cbc_hmac_sha256 950
-
-#define SN_dhpublicnumber "dhpublicnumber"
-#define LN_dhpublicnumber "X9.42 DH"
-#define NID_dhpublicnumber 920
-#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L
-
-#define SN_brainpoolP160r1 "brainpoolP160r1"
-#define NID_brainpoolP160r1 921
-#define OBJ_brainpoolP160r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,1L
-
-#define SN_brainpoolP160t1 "brainpoolP160t1"
-#define NID_brainpoolP160t1 922
-#define OBJ_brainpoolP160t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,2L
-
-#define SN_brainpoolP192r1 "brainpoolP192r1"
-#define NID_brainpoolP192r1 923
-#define OBJ_brainpoolP192r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,3L
-
-#define SN_brainpoolP192t1 "brainpoolP192t1"
-#define NID_brainpoolP192t1 924
-#define OBJ_brainpoolP192t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,4L
-
-#define SN_brainpoolP224r1 "brainpoolP224r1"
-#define NID_brainpoolP224r1 925
-#define OBJ_brainpoolP224r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,5L
-
-#define SN_brainpoolP224t1 "brainpoolP224t1"
-#define NID_brainpoolP224t1 926
-#define OBJ_brainpoolP224t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,6L
-
-#define SN_brainpoolP256r1 "brainpoolP256r1"
-#define NID_brainpoolP256r1 927
-#define OBJ_brainpoolP256r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,7L
-
-#define SN_brainpoolP256t1 "brainpoolP256t1"
-#define NID_brainpoolP256t1 928
-#define OBJ_brainpoolP256t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,8L
-
-#define SN_brainpoolP320r1 "brainpoolP320r1"
-#define NID_brainpoolP320r1 929
-#define OBJ_brainpoolP320r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,9L
-
-#define SN_brainpoolP320t1 "brainpoolP320t1"
-#define NID_brainpoolP320t1 930
-#define OBJ_brainpoolP320t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,10L
-
-#define SN_brainpoolP384r1 "brainpoolP384r1"
-#define NID_brainpoolP384r1 931
-#define OBJ_brainpoolP384r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,11L
-
-#define SN_brainpoolP384t1 "brainpoolP384t1"
-#define NID_brainpoolP384t1 932
-#define OBJ_brainpoolP384t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,12L
-
-#define SN_brainpoolP512r1 "brainpoolP512r1"
-#define NID_brainpoolP512r1 933
-#define OBJ_brainpoolP512r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,13L
-
-#define SN_brainpoolP512t1 "brainpoolP512t1"
-#define NID_brainpoolP512t1 934
-#define OBJ_brainpoolP512t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
-
-#define OBJ_x9_63_scheme 1L,3L,133L,16L,840L,63L,0L
-
-#define OBJ_secg_scheme OBJ_certicom_arc,1L
-
-#define SN_dhSinglePass_stdDH_sha1kdf_scheme "dhSinglePass-stdDH-sha1kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha1kdf_scheme 936
-#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme OBJ_x9_63_scheme,2L
-
-#define SN_dhSinglePass_stdDH_sha224kdf_scheme "dhSinglePass-stdDH-sha224kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha224kdf_scheme 937
-#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme OBJ_secg_scheme,11L,0L
-
-#define SN_dhSinglePass_stdDH_sha256kdf_scheme "dhSinglePass-stdDH-sha256kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha256kdf_scheme 938
-#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme OBJ_secg_scheme,11L,1L
-
-#define SN_dhSinglePass_stdDH_sha384kdf_scheme "dhSinglePass-stdDH-sha384kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha384kdf_scheme 939
-#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme OBJ_secg_scheme,11L,2L
-
-#define SN_dhSinglePass_stdDH_sha512kdf_scheme "dhSinglePass-stdDH-sha512kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha512kdf_scheme 940
-#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme OBJ_secg_scheme,11L,3L
-
-#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme "dhSinglePass-cofactorDH-sha1kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme 941
-#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme OBJ_x9_63_scheme,3L
-
-#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme "dhSinglePass-cofactorDH-sha224kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme 942
-#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme OBJ_secg_scheme,14L,0L
-
-#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme "dhSinglePass-cofactorDH-sha256kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme 943
-#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme OBJ_secg_scheme,14L,1L
-
-#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme "dhSinglePass-cofactorDH-sha384kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme 944
-#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme OBJ_secg_scheme,14L,2L
-
-#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme "dhSinglePass-cofactorDH-sha512kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme 945
-#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme OBJ_secg_scheme,14L,3L
-
-#define SN_dh_std_kdf "dh-std-kdf"
-#define NID_dh_std_kdf 946
-
-#define SN_dh_cofactor_kdf "dh-cofactor-kdf"
-#define NID_dh_cofactor_kdf 947
-
-#define SN_ct_precert_scts "ct_precert_scts"
-#define LN_ct_precert_scts "CT Precertificate SCTs"
-#define NID_ct_precert_scts 951
-#define OBJ_ct_precert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,2L
-
-#define SN_ct_precert_poison "ct_precert_poison"
-#define LN_ct_precert_poison "CT Precertificate Poison"
-#define NID_ct_precert_poison 952
-#define OBJ_ct_precert_poison 1L,3L,6L,1L,4L,1L,11129L,2L,4L,3L
-
-#define SN_ct_precert_signer "ct_precert_signer"
-#define LN_ct_precert_signer "CT Precertificate Signer"
-#define NID_ct_precert_signer 953
-#define OBJ_ct_precert_signer 1L,3L,6L,1L,4L,1L,11129L,2L,4L,4L
-
-#define SN_ct_cert_scts "ct_cert_scts"
-#define LN_ct_cert_scts "CT Certificate SCTs"
-#define NID_ct_cert_scts 954
-#define OBJ_ct_cert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,5L
-
-#define SN_jurisdictionLocalityName "jurisdictionL"
-#define LN_jurisdictionLocalityName "jurisdictionLocalityName"
-#define NID_jurisdictionLocalityName 955
-#define OBJ_jurisdictionLocalityName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,1L
-
-#define SN_jurisdictionStateOrProvinceName "jurisdictionST"
-#define LN_jurisdictionStateOrProvinceName "jurisdictionStateOrProvinceName"
-#define NID_jurisdictionStateOrProvinceName 956
-#define OBJ_jurisdictionStateOrProvinceName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,2L
-
-#define SN_jurisdictionCountryName "jurisdictionC"
-#define LN_jurisdictionCountryName "jurisdictionCountryName"
-#define NID_jurisdictionCountryName 957
-#define OBJ_jurisdictionCountryName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,3L
+++ /dev/null
-/* crypto/objects/objects.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_OBJECTS_H
-# define HEADER_OBJECTS_H
-
-# define USE_OBJ_MAC
-
-# ifdef USE_OBJ_MAC
-# include <openssl/obj_mac.h>
-# else
-# define SN_undef "UNDEF"
-# define LN_undef "undefined"
-# define NID_undef 0
-# define OBJ_undef 0L
-
-# define SN_Algorithm "Algorithm"
-# define LN_algorithm "algorithm"
-# define NID_algorithm 38
-# define OBJ_algorithm 1L,3L,14L,3L,2L
-
-# define LN_rsadsi "rsadsi"
-# define NID_rsadsi 1
-# define OBJ_rsadsi 1L,2L,840L,113549L
-
-# define LN_pkcs "pkcs"
-# define NID_pkcs 2
-# define OBJ_pkcs OBJ_rsadsi,1L
-
-# define SN_md2 "MD2"
-# define LN_md2 "md2"
-# define NID_md2 3
-# define OBJ_md2 OBJ_rsadsi,2L,2L
-
-# define SN_md5 "MD5"
-# define LN_md5 "md5"
-# define NID_md5 4
-# define OBJ_md5 OBJ_rsadsi,2L,5L
-
-# define SN_rc4 "RC4"
-# define LN_rc4 "rc4"
-# define NID_rc4 5
-# define OBJ_rc4 OBJ_rsadsi,3L,4L
-
-# define LN_rsaEncryption "rsaEncryption"
-# define NID_rsaEncryption 6
-# define OBJ_rsaEncryption OBJ_pkcs,1L,1L
-
-# define SN_md2WithRSAEncryption "RSA-MD2"
-# define LN_md2WithRSAEncryption "md2WithRSAEncryption"
-# define NID_md2WithRSAEncryption 7
-# define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L
-
-# define SN_md5WithRSAEncryption "RSA-MD5"
-# define LN_md5WithRSAEncryption "md5WithRSAEncryption"
-# define NID_md5WithRSAEncryption 8
-# define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L
-
-# define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
-# define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
-# define NID_pbeWithMD2AndDES_CBC 9
-# define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L
-
-# define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
-# define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
-# define NID_pbeWithMD5AndDES_CBC 10
-# define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L
-
-# define LN_X500 "X500"
-# define NID_X500 11
-# define OBJ_X500 2L,5L
-
-# define LN_X509 "X509"
-# define NID_X509 12
-# define OBJ_X509 OBJ_X500,4L
-
-# define SN_commonName "CN"
-# define LN_commonName "commonName"
-# define NID_commonName 13
-# define OBJ_commonName OBJ_X509,3L
-
-# define SN_countryName "C"
-# define LN_countryName "countryName"
-# define NID_countryName 14
-# define OBJ_countryName OBJ_X509,6L
-
-# define SN_localityName "L"
-# define LN_localityName "localityName"
-# define NID_localityName 15
-# define OBJ_localityName OBJ_X509,7L
-
-/* Postal Address? PA */
-
-/* should be "ST" (rfc1327) but MS uses 'S' */
-# define SN_stateOrProvinceName "ST"
-# define LN_stateOrProvinceName "stateOrProvinceName"
-# define NID_stateOrProvinceName 16
-# define OBJ_stateOrProvinceName OBJ_X509,8L
-
-# define SN_organizationName "O"
-# define LN_organizationName "organizationName"
-# define NID_organizationName 17
-# define OBJ_organizationName OBJ_X509,10L
-
-# define SN_organizationalUnitName "OU"
-# define LN_organizationalUnitName "organizationalUnitName"
-# define NID_organizationalUnitName 18
-# define OBJ_organizationalUnitName OBJ_X509,11L
-
-# define SN_rsa "RSA"
-# define LN_rsa "rsa"
-# define NID_rsa 19
-# define OBJ_rsa OBJ_X500,8L,1L,1L
-
-# define LN_pkcs7 "pkcs7"
-# define NID_pkcs7 20
-# define OBJ_pkcs7 OBJ_pkcs,7L
-
-# define LN_pkcs7_data "pkcs7-data"
-# define NID_pkcs7_data 21
-# define OBJ_pkcs7_data OBJ_pkcs7,1L
-
-# define LN_pkcs7_signed "pkcs7-signedData"
-# define NID_pkcs7_signed 22
-# define OBJ_pkcs7_signed OBJ_pkcs7,2L
-
-# define LN_pkcs7_enveloped "pkcs7-envelopedData"
-# define NID_pkcs7_enveloped 23
-# define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
-
-# define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
-# define NID_pkcs7_signedAndEnveloped 24
-# define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
-
-# define LN_pkcs7_digest "pkcs7-digestData"
-# define NID_pkcs7_digest 25
-# define OBJ_pkcs7_digest OBJ_pkcs7,5L
-
-# define LN_pkcs7_encrypted "pkcs7-encryptedData"
-# define NID_pkcs7_encrypted 26
-# define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
-
-# define LN_pkcs3 "pkcs3"
-# define NID_pkcs3 27
-# define OBJ_pkcs3 OBJ_pkcs,3L
-
-# define LN_dhKeyAgreement "dhKeyAgreement"
-# define NID_dhKeyAgreement 28
-# define OBJ_dhKeyAgreement OBJ_pkcs3,1L
-
-# define SN_des_ecb "DES-ECB"
-# define LN_des_ecb "des-ecb"
-# define NID_des_ecb 29
-# define OBJ_des_ecb OBJ_algorithm,6L
-
-# define SN_des_cfb64 "DES-CFB"
-# define LN_des_cfb64 "des-cfb"
-# define NID_des_cfb64 30
-/* IV + num */
-# define OBJ_des_cfb64 OBJ_algorithm,9L
-
-# define SN_des_cbc "DES-CBC"
-# define LN_des_cbc "des-cbc"
-# define NID_des_cbc 31
-/* IV */
-# define OBJ_des_cbc OBJ_algorithm,7L
-
-# define SN_des_ede "DES-EDE"
-# define LN_des_ede "des-ede"
-# define NID_des_ede 32
-/* ?? */
-# define OBJ_des_ede OBJ_algorithm,17L
-
-# define SN_des_ede3 "DES-EDE3"
-# define LN_des_ede3 "des-ede3"
-# define NID_des_ede3 33
-
-# define SN_idea_cbc "IDEA-CBC"
-# define LN_idea_cbc "idea-cbc"
-# define NID_idea_cbc 34
-# define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-# define SN_idea_cfb64 "IDEA-CFB"
-# define LN_idea_cfb64 "idea-cfb"
-# define NID_idea_cfb64 35
-
-# define SN_idea_ecb "IDEA-ECB"
-# define LN_idea_ecb "idea-ecb"
-# define NID_idea_ecb 36
-
-# define SN_rc2_cbc "RC2-CBC"
-# define LN_rc2_cbc "rc2-cbc"
-# define NID_rc2_cbc 37
-# define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
-
-# define SN_rc2_ecb "RC2-ECB"
-# define LN_rc2_ecb "rc2-ecb"
-# define NID_rc2_ecb 38
-
-# define SN_rc2_cfb64 "RC2-CFB"
-# define LN_rc2_cfb64 "rc2-cfb"
-# define NID_rc2_cfb64 39
-
-# define SN_rc2_ofb64 "RC2-OFB"
-# define LN_rc2_ofb64 "rc2-ofb"
-# define NID_rc2_ofb64 40
-
-# define SN_sha "SHA"
-# define LN_sha "sha"
-# define NID_sha 41
-# define OBJ_sha OBJ_algorithm,18L
-
-# define SN_shaWithRSAEncryption "RSA-SHA"
-# define LN_shaWithRSAEncryption "shaWithRSAEncryption"
-# define NID_shaWithRSAEncryption 42
-# define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
-
-# define SN_des_ede_cbc "DES-EDE-CBC"
-# define LN_des_ede_cbc "des-ede-cbc"
-# define NID_des_ede_cbc 43
-
-# define SN_des_ede3_cbc "DES-EDE3-CBC"
-# define LN_des_ede3_cbc "des-ede3-cbc"
-# define NID_des_ede3_cbc 44
-# define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
-
-# define SN_des_ofb64 "DES-OFB"
-# define LN_des_ofb64 "des-ofb"
-# define NID_des_ofb64 45
-# define OBJ_des_ofb64 OBJ_algorithm,8L
-
-# define SN_idea_ofb64 "IDEA-OFB"
-# define LN_idea_ofb64 "idea-ofb"
-# define NID_idea_ofb64 46
-
-# define LN_pkcs9 "pkcs9"
-# define NID_pkcs9 47
-# define OBJ_pkcs9 OBJ_pkcs,9L
-
-# define SN_pkcs9_emailAddress "Email"
-# define LN_pkcs9_emailAddress "emailAddress"
-# define NID_pkcs9_emailAddress 48
-# define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
-
-# define LN_pkcs9_unstructuredName "unstructuredName"
-# define NID_pkcs9_unstructuredName 49
-# define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
-
-# define LN_pkcs9_contentType "contentType"
-# define NID_pkcs9_contentType 50
-# define OBJ_pkcs9_contentType OBJ_pkcs9,3L
-
-# define LN_pkcs9_messageDigest "messageDigest"
-# define NID_pkcs9_messageDigest 51
-# define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
-
-# define LN_pkcs9_signingTime "signingTime"
-# define NID_pkcs9_signingTime 52
-# define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
-
-# define LN_pkcs9_countersignature "countersignature"
-# define NID_pkcs9_countersignature 53
-# define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
-
-# define LN_pkcs9_challengePassword "challengePassword"
-# define NID_pkcs9_challengePassword 54
-# define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
-
-# define LN_pkcs9_unstructuredAddress "unstructuredAddress"
-# define NID_pkcs9_unstructuredAddress 55
-# define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
-
-# define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
-# define NID_pkcs9_extCertAttributes 56
-# define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
-
-# define SN_netscape "Netscape"
-# define LN_netscape "Netscape Communications Corp."
-# define NID_netscape 57
-# define OBJ_netscape 2L,16L,840L,1L,113730L
-
-# define SN_netscape_cert_extension "nsCertExt"
-# define LN_netscape_cert_extension "Netscape Certificate Extension"
-# define NID_netscape_cert_extension 58
-# define OBJ_netscape_cert_extension OBJ_netscape,1L
-
-# define SN_netscape_data_type "nsDataType"
-# define LN_netscape_data_type "Netscape Data Type"
-# define NID_netscape_data_type 59
-# define OBJ_netscape_data_type OBJ_netscape,2L
-
-# define SN_des_ede_cfb64 "DES-EDE-CFB"
-# define LN_des_ede_cfb64 "des-ede-cfb"
-# define NID_des_ede_cfb64 60
-
-# define SN_des_ede3_cfb64 "DES-EDE3-CFB"
-# define LN_des_ede3_cfb64 "des-ede3-cfb"
-# define NID_des_ede3_cfb64 61
-
-# define SN_des_ede_ofb64 "DES-EDE-OFB"
-# define LN_des_ede_ofb64 "des-ede-ofb"
-# define NID_des_ede_ofb64 62
-
-# define SN_des_ede3_ofb64 "DES-EDE3-OFB"
-# define LN_des_ede3_ofb64 "des-ede3-ofb"
-# define NID_des_ede3_ofb64 63
-
-/* I'm not sure about the object ID */
-# define SN_sha1 "SHA1"
-# define LN_sha1 "sha1"
-# define NID_sha1 64
-# define OBJ_sha1 OBJ_algorithm,26L
-/* 28 Jun 1996 - eay */
-/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */
-
-# define SN_sha1WithRSAEncryption "RSA-SHA1"
-# define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
-# define NID_sha1WithRSAEncryption 65
-# define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L
-
-# define SN_dsaWithSHA "DSA-SHA"
-# define LN_dsaWithSHA "dsaWithSHA"
-# define NID_dsaWithSHA 66
-# define OBJ_dsaWithSHA OBJ_algorithm,13L
-
-# define SN_dsa_2 "DSA-old"
-# define LN_dsa_2 "dsaEncryption-old"
-# define NID_dsa_2 67
-# define OBJ_dsa_2 OBJ_algorithm,12L
-
-/* proposed by microsoft to RSA */
-# define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
-# define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
-# define NID_pbeWithSHA1AndRC2_CBC 68
-# define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L
-
-/*
- * proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now defined
- * explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something completely
- * different.
- */
-# define LN_id_pbkdf2 "PBKDF2"
-# define NID_id_pbkdf2 69
-# define OBJ_id_pbkdf2 OBJ_pkcs,5L,12L
-
-# define SN_dsaWithSHA1_2 "DSA-SHA1-old"
-# define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
-# define NID_dsaWithSHA1_2 70
-/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
-# define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
-
-# define SN_netscape_cert_type "nsCertType"
-# define LN_netscape_cert_type "Netscape Cert Type"
-# define NID_netscape_cert_type 71
-# define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
-
-# define SN_netscape_base_url "nsBaseUrl"
-# define LN_netscape_base_url "Netscape Base Url"
-# define NID_netscape_base_url 72
-# define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
-
-# define SN_netscape_revocation_url "nsRevocationUrl"
-# define LN_netscape_revocation_url "Netscape Revocation Url"
-# define NID_netscape_revocation_url 73
-# define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
-
-# define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
-# define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
-# define NID_netscape_ca_revocation_url 74
-# define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
-
-# define SN_netscape_renewal_url "nsRenewalUrl"
-# define LN_netscape_renewal_url "Netscape Renewal Url"
-# define NID_netscape_renewal_url 75
-# define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
-
-# define SN_netscape_ca_policy_url "nsCaPolicyUrl"
-# define LN_netscape_ca_policy_url "Netscape CA Policy Url"
-# define NID_netscape_ca_policy_url 76
-# define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
-
-# define SN_netscape_ssl_server_name "nsSslServerName"
-# define LN_netscape_ssl_server_name "Netscape SSL Server Name"
-# define NID_netscape_ssl_server_name 77
-# define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
-
-# define SN_netscape_comment "nsComment"
-# define LN_netscape_comment "Netscape Comment"
-# define NID_netscape_comment 78
-# define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
-
-# define SN_netscape_cert_sequence "nsCertSequence"
-# define LN_netscape_cert_sequence "Netscape Certificate Sequence"
-# define NID_netscape_cert_sequence 79
-# define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
-
-# define SN_desx_cbc "DESX-CBC"
-# define LN_desx_cbc "desx-cbc"
-# define NID_desx_cbc 80
-
-# define SN_id_ce "id-ce"
-# define NID_id_ce 81
-# define OBJ_id_ce 2L,5L,29L
-
-# define SN_subject_key_identifier "subjectKeyIdentifier"
-# define LN_subject_key_identifier "X509v3 Subject Key Identifier"
-# define NID_subject_key_identifier 82
-# define OBJ_subject_key_identifier OBJ_id_ce,14L
-
-# define SN_key_usage "keyUsage"
-# define LN_key_usage "X509v3 Key Usage"
-# define NID_key_usage 83
-# define OBJ_key_usage OBJ_id_ce,15L
-
-# define SN_private_key_usage_period "privateKeyUsagePeriod"
-# define LN_private_key_usage_period "X509v3 Private Key Usage Period"
-# define NID_private_key_usage_period 84
-# define OBJ_private_key_usage_period OBJ_id_ce,16L
-
-# define SN_subject_alt_name "subjectAltName"
-# define LN_subject_alt_name "X509v3 Subject Alternative Name"
-# define NID_subject_alt_name 85
-# define OBJ_subject_alt_name OBJ_id_ce,17L
-
-# define SN_issuer_alt_name "issuerAltName"
-# define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
-# define NID_issuer_alt_name 86
-# define OBJ_issuer_alt_name OBJ_id_ce,18L
-
-# define SN_basic_constraints "basicConstraints"
-# define LN_basic_constraints "X509v3 Basic Constraints"
-# define NID_basic_constraints 87
-# define OBJ_basic_constraints OBJ_id_ce,19L
-
-# define SN_crl_number "crlNumber"
-# define LN_crl_number "X509v3 CRL Number"
-# define NID_crl_number 88
-# define OBJ_crl_number OBJ_id_ce,20L
-
-# define SN_certificate_policies "certificatePolicies"
-# define LN_certificate_policies "X509v3 Certificate Policies"
-# define NID_certificate_policies 89
-# define OBJ_certificate_policies OBJ_id_ce,32L
-
-# define SN_authority_key_identifier "authorityKeyIdentifier"
-# define LN_authority_key_identifier "X509v3 Authority Key Identifier"
-# define NID_authority_key_identifier 90
-# define OBJ_authority_key_identifier OBJ_id_ce,35L
-
-# define SN_bf_cbc "BF-CBC"
-# define LN_bf_cbc "bf-cbc"
-# define NID_bf_cbc 91
-# define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-# define SN_bf_ecb "BF-ECB"
-# define LN_bf_ecb "bf-ecb"
-# define NID_bf_ecb 92
-
-# define SN_bf_cfb64 "BF-CFB"
-# define LN_bf_cfb64 "bf-cfb"
-# define NID_bf_cfb64 93
-
-# define SN_bf_ofb64 "BF-OFB"
-# define LN_bf_ofb64 "bf-ofb"
-# define NID_bf_ofb64 94
-
-# define SN_mdc2 "MDC2"
-# define LN_mdc2 "mdc2"
-# define NID_mdc2 95
-# define OBJ_mdc2 2L,5L,8L,3L,101L
-/* An alternative? 1L,3L,14L,3L,2L,19L */
-
-# define SN_mdc2WithRSA "RSA-MDC2"
-# define LN_mdc2WithRSA "mdc2withRSA"
-# define NID_mdc2WithRSA 96
-# define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L
-
-# define SN_rc4_40 "RC4-40"
-# define LN_rc4_40 "rc4-40"
-# define NID_rc4_40 97
-
-# define SN_rc2_40_cbc "RC2-40-CBC"
-# define LN_rc2_40_cbc "rc2-40-cbc"
-# define NID_rc2_40_cbc 98
-
-# define SN_givenName "G"
-# define LN_givenName "givenName"
-# define NID_givenName 99
-# define OBJ_givenName OBJ_X509,42L
-
-# define SN_surname "S"
-# define LN_surname "surname"
-# define NID_surname 100
-# define OBJ_surname OBJ_X509,4L
-
-# define SN_initials "I"
-# define LN_initials "initials"
-# define NID_initials 101
-# define OBJ_initials OBJ_X509,43L
-
-# define SN_uniqueIdentifier "UID"
-# define LN_uniqueIdentifier "uniqueIdentifier"
-# define NID_uniqueIdentifier 102
-# define OBJ_uniqueIdentifier OBJ_X509,45L
-
-# define SN_crl_distribution_points "crlDistributionPoints"
-# define LN_crl_distribution_points "X509v3 CRL Distribution Points"
-# define NID_crl_distribution_points 103
-# define OBJ_crl_distribution_points OBJ_id_ce,31L
-
-# define SN_md5WithRSA "RSA-NP-MD5"
-# define LN_md5WithRSA "md5WithRSA"
-# define NID_md5WithRSA 104
-# define OBJ_md5WithRSA OBJ_algorithm,3L
-
-# define SN_serialNumber "SN"
-# define LN_serialNumber "serialNumber"
-# define NID_serialNumber 105
-# define OBJ_serialNumber OBJ_X509,5L
-
-# define SN_title "T"
-# define LN_title "title"
-# define NID_title 106
-# define OBJ_title OBJ_X509,12L
-
-# define SN_description "D"
-# define LN_description "description"
-# define NID_description 107
-# define OBJ_description OBJ_X509,13L
-
-/* CAST5 is CAST-128, I'm just sticking with the documentation */
-# define SN_cast5_cbc "CAST5-CBC"
-# define LN_cast5_cbc "cast5-cbc"
-# define NID_cast5_cbc 108
-# define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L
-
-# define SN_cast5_ecb "CAST5-ECB"
-# define LN_cast5_ecb "cast5-ecb"
-# define NID_cast5_ecb 109
-
-# define SN_cast5_cfb64 "CAST5-CFB"
-# define LN_cast5_cfb64 "cast5-cfb"
-# define NID_cast5_cfb64 110
-
-# define SN_cast5_ofb64 "CAST5-OFB"
-# define LN_cast5_ofb64 "cast5-ofb"
-# define NID_cast5_ofb64 111
-
-# define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
-# define NID_pbeWithMD5AndCast5_CBC 112
-# define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L
-
-/*-
- * This is one sun will soon be using :-(
- * id-dsa-with-sha1 ID ::= {
- * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
- */
-# define SN_dsaWithSHA1 "DSA-SHA1"
-# define LN_dsaWithSHA1 "dsaWithSHA1"
-# define NID_dsaWithSHA1 113
-# define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L
-
-# define NID_md5_sha1 114
-# define SN_md5_sha1 "MD5-SHA1"
-# define LN_md5_sha1 "md5-sha1"
-
-# define SN_sha1WithRSA "RSA-SHA1-2"
-# define LN_sha1WithRSA "sha1WithRSA"
-# define NID_sha1WithRSA 115
-# define OBJ_sha1WithRSA OBJ_algorithm,29L
-
-# define SN_dsa "DSA"
-# define LN_dsa "dsaEncryption"
-# define NID_dsa 116
-# define OBJ_dsa 1L,2L,840L,10040L,4L,1L
-
-# define SN_ripemd160 "RIPEMD160"
-# define LN_ripemd160 "ripemd160"
-# define NID_ripemd160 117
-# define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
-
-/*
- * The name should actually be rsaSignatureWithripemd160, but I'm going to
- * continue using the convention I'm using with the other ciphers
- */
-# define SN_ripemd160WithRSA "RSA-RIPEMD160"
-# define LN_ripemd160WithRSA "ripemd160WithRSA"
-# define NID_ripemd160WithRSA 119
-# define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
-
-/*-
- * Taken from rfc2040
- * RC5_CBC_Parameters ::= SEQUENCE {
- * version INTEGER (v1_0(16)),
- * rounds INTEGER (8..127),
- * blockSizeInBits INTEGER (64, 128),
- * iv OCTET STRING OPTIONAL
- * }
- */
-# define SN_rc5_cbc "RC5-CBC"
-# define LN_rc5_cbc "rc5-cbc"
-# define NID_rc5_cbc 120
-# define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
-
-# define SN_rc5_ecb "RC5-ECB"
-# define LN_rc5_ecb "rc5-ecb"
-# define NID_rc5_ecb 121
-
-# define SN_rc5_cfb64 "RC5-CFB"
-# define LN_rc5_cfb64 "rc5-cfb"
-# define NID_rc5_cfb64 122
-
-# define SN_rc5_ofb64 "RC5-OFB"
-# define LN_rc5_ofb64 "rc5-ofb"
-# define NID_rc5_ofb64 123
-
-# define SN_rle_compression "RLE"
-# define LN_rle_compression "run length compression"
-# define NID_rle_compression 124
-# define OBJ_rle_compression 1L,1L,1L,1L,666L,1L
-
-# define SN_zlib_compression "ZLIB"
-# define LN_zlib_compression "zlib compression"
-# define NID_zlib_compression 125
-# define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L
-
-# define SN_ext_key_usage "extendedKeyUsage"
-# define LN_ext_key_usage "X509v3 Extended Key Usage"
-# define NID_ext_key_usage 126
-# define OBJ_ext_key_usage OBJ_id_ce,37
-
-# define SN_id_pkix "PKIX"
-# define NID_id_pkix 127
-# define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
-
-# define SN_id_kp "id-kp"
-# define NID_id_kp 128
-# define OBJ_id_kp OBJ_id_pkix,3L
-
-/* PKIX extended key usage OIDs */
-
-# define SN_server_auth "serverAuth"
-# define LN_server_auth "TLS Web Server Authentication"
-# define NID_server_auth 129
-# define OBJ_server_auth OBJ_id_kp,1L
-
-# define SN_client_auth "clientAuth"
-# define LN_client_auth "TLS Web Client Authentication"
-# define NID_client_auth 130
-# define OBJ_client_auth OBJ_id_kp,2L
-
-# define SN_code_sign "codeSigning"
-# define LN_code_sign "Code Signing"
-# define NID_code_sign 131
-# define OBJ_code_sign OBJ_id_kp,3L
-
-# define SN_email_protect "emailProtection"
-# define LN_email_protect "E-mail Protection"
-# define NID_email_protect 132
-# define OBJ_email_protect OBJ_id_kp,4L
-
-# define SN_time_stamp "timeStamping"
-# define LN_time_stamp "Time Stamping"
-# define NID_time_stamp 133
-# define OBJ_time_stamp OBJ_id_kp,8L
-
-/* Additional extended key usage OIDs: Microsoft */
-
-# define SN_ms_code_ind "msCodeInd"
-# define LN_ms_code_ind "Microsoft Individual Code Signing"
-# define NID_ms_code_ind 134
-# define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-# define SN_ms_code_com "msCodeCom"
-# define LN_ms_code_com "Microsoft Commercial Code Signing"
-# define NID_ms_code_com 135
-# define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-# define SN_ms_ctl_sign "msCTLSign"
-# define LN_ms_ctl_sign "Microsoft Trust List Signing"
-# define NID_ms_ctl_sign 136
-# define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-# define SN_ms_sgc "msSGC"
-# define LN_ms_sgc "Microsoft Server Gated Crypto"
-# define NID_ms_sgc 137
-# define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-# define SN_ms_efs "msEFS"
-# define LN_ms_efs "Microsoft Encrypted File System"
-# define NID_ms_efs 138
-# define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-/* Additional usage: Netscape */
-
-# define SN_ns_sgc "nsSGC"
-# define LN_ns_sgc "Netscape Server Gated Crypto"
-# define NID_ns_sgc 139
-# define OBJ_ns_sgc OBJ_netscape,4L,1L
-
-# define SN_delta_crl "deltaCRL"
-# define LN_delta_crl "X509v3 Delta CRL Indicator"
-# define NID_delta_crl 140
-# define OBJ_delta_crl OBJ_id_ce,27L
-
-# define SN_crl_reason "CRLReason"
-# define LN_crl_reason "CRL Reason Code"
-# define NID_crl_reason 141
-# define OBJ_crl_reason OBJ_id_ce,21L
-
-# define SN_invalidity_date "invalidityDate"
-# define LN_invalidity_date "Invalidity Date"
-# define NID_invalidity_date 142
-# define OBJ_invalidity_date OBJ_id_ce,24L
-
-# define SN_sxnet "SXNetID"
-# define LN_sxnet "Strong Extranet ID"
-# define NID_sxnet 143
-# define OBJ_sxnet 1L,3L,101L,1L,4L,1L
-
-/* PKCS12 and related OBJECT IDENTIFIERS */
-
-# define OBJ_pkcs12 OBJ_pkcs,12L
-# define OBJ_pkcs12_pbeids OBJ_pkcs12, 1
-
-# define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
-# define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
-# define NID_pbe_WithSHA1And128BitRC4 144
-# define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids, 1L
-
-# define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
-# define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
-# define NID_pbe_WithSHA1And40BitRC4 145
-# define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids, 2L
-
-# define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
-# define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
-# define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
-# define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 3L
-
-# define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
-# define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
-# define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
-# define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 4L
-
-# define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
-# define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
-# define NID_pbe_WithSHA1And128BitRC2_CBC 148
-# define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids, 5L
-
-# define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
-# define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
-# define NID_pbe_WithSHA1And40BitRC2_CBC 149
-# define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L
-
-# define OBJ_pkcs12_Version1 OBJ_pkcs12, 10L
-
-# define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1, 1L
-
-# define LN_keyBag "keyBag"
-# define NID_keyBag 150
-# define OBJ_keyBag OBJ_pkcs12_BagIds, 1L
-
-# define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
-# define NID_pkcs8ShroudedKeyBag 151
-# define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L
-
-# define LN_certBag "certBag"
-# define NID_certBag 152
-# define OBJ_certBag OBJ_pkcs12_BagIds, 3L
-
-# define LN_crlBag "crlBag"
-# define NID_crlBag 153
-# define OBJ_crlBag OBJ_pkcs12_BagIds, 4L
-
-# define LN_secretBag "secretBag"
-# define NID_secretBag 154
-# define OBJ_secretBag OBJ_pkcs12_BagIds, 5L
-
-# define LN_safeContentsBag "safeContentsBag"
-# define NID_safeContentsBag 155
-# define OBJ_safeContentsBag OBJ_pkcs12_BagIds, 6L
-
-# define LN_friendlyName "friendlyName"
-# define NID_friendlyName 156
-# define OBJ_friendlyName OBJ_pkcs9, 20L
-
-# define LN_localKeyID "localKeyID"
-# define NID_localKeyID 157
-# define OBJ_localKeyID OBJ_pkcs9, 21L
-
-# define OBJ_certTypes OBJ_pkcs9, 22L
-
-# define LN_x509Certificate "x509Certificate"
-# define NID_x509Certificate 158
-# define OBJ_x509Certificate OBJ_certTypes, 1L
-
-# define LN_sdsiCertificate "sdsiCertificate"
-# define NID_sdsiCertificate 159
-# define OBJ_sdsiCertificate OBJ_certTypes, 2L
-
-# define OBJ_crlTypes OBJ_pkcs9, 23L
-
-# define LN_x509Crl "x509Crl"
-# define NID_x509Crl 160
-# define OBJ_x509Crl OBJ_crlTypes, 1L
-
-/* PKCS#5 v2 OIDs */
-
-# define LN_pbes2 "PBES2"
-# define NID_pbes2 161
-# define OBJ_pbes2 OBJ_pkcs,5L,13L
-
-# define LN_pbmac1 "PBMAC1"
-# define NID_pbmac1 162
-# define OBJ_pbmac1 OBJ_pkcs,5L,14L
-
-# define LN_hmacWithSHA1 "hmacWithSHA1"
-# define NID_hmacWithSHA1 163
-# define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
-
-/* Policy Qualifier Ids */
-
-# define LN_id_qt_cps "Policy Qualifier CPS"
-# define SN_id_qt_cps "id-qt-cps"
-# define NID_id_qt_cps 164
-# define OBJ_id_qt_cps OBJ_id_pkix,2L,1L
-
-# define LN_id_qt_unotice "Policy Qualifier User Notice"
-# define SN_id_qt_unotice "id-qt-unotice"
-# define NID_id_qt_unotice 165
-# define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L
-
-# define SN_rc2_64_cbc "RC2-64-CBC"
-# define LN_rc2_64_cbc "rc2-64-cbc"
-# define NID_rc2_64_cbc 166
-
-# define SN_SMIMECapabilities "SMIME-CAPS"
-# define LN_SMIMECapabilities "S/MIME Capabilities"
-# define NID_SMIMECapabilities 167
-# define OBJ_SMIMECapabilities OBJ_pkcs9,15L
-
-# define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
-# define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
-# define NID_pbeWithMD2AndRC2_CBC 168
-# define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L
-
-# define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
-# define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
-# define NID_pbeWithMD5AndRC2_CBC 169
-# define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L
-
-# define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
-# define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
-# define NID_pbeWithSHA1AndDES_CBC 170
-# define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L
-
-/* Extension request OIDs */
-
-# define LN_ms_ext_req "Microsoft Extension Request"
-# define SN_ms_ext_req "msExtReq"
-# define NID_ms_ext_req 171
-# define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-# define LN_ext_req "Extension Request"
-# define SN_ext_req "extReq"
-# define NID_ext_req 172
-# define OBJ_ext_req OBJ_pkcs9,14L
-
-# define SN_name "name"
-# define LN_name "name"
-# define NID_name 173
-# define OBJ_name OBJ_X509,41L
-
-# define SN_dnQualifier "dnQualifier"
-# define LN_dnQualifier "dnQualifier"
-# define NID_dnQualifier 174
-# define OBJ_dnQualifier OBJ_X509,46L
-
-# define SN_id_pe "id-pe"
-# define NID_id_pe 175
-# define OBJ_id_pe OBJ_id_pkix,1L
-
-# define SN_id_ad "id-ad"
-# define NID_id_ad 176
-# define OBJ_id_ad OBJ_id_pkix,48L
-
-# define SN_info_access "authorityInfoAccess"
-# define LN_info_access "Authority Information Access"
-# define NID_info_access 177
-# define OBJ_info_access OBJ_id_pe,1L
-
-# define SN_ad_OCSP "OCSP"
-# define LN_ad_OCSP "OCSP"
-# define NID_ad_OCSP 178
-# define OBJ_ad_OCSP OBJ_id_ad,1L
-
-# define SN_ad_ca_issuers "caIssuers"
-# define LN_ad_ca_issuers "CA Issuers"
-# define NID_ad_ca_issuers 179
-# define OBJ_ad_ca_issuers OBJ_id_ad,2L
-
-# define SN_OCSP_sign "OCSPSigning"
-# define LN_OCSP_sign "OCSP Signing"
-# define NID_OCSP_sign 180
-# define OBJ_OCSP_sign OBJ_id_kp,9L
-# endif /* USE_OBJ_MAC */
-
-# include <openssl/bio.h>
-# include <openssl/asn1.h>
-
-# define OBJ_NAME_TYPE_UNDEF 0x00
-# define OBJ_NAME_TYPE_MD_METH 0x01
-# define OBJ_NAME_TYPE_CIPHER_METH 0x02
-# define OBJ_NAME_TYPE_PKEY_METH 0x03
-# define OBJ_NAME_TYPE_COMP_METH 0x04
-# define OBJ_NAME_TYPE_NUM 0x05
-
-# define OBJ_NAME_ALIAS 0x8000
-
-# define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01
-# define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct obj_name_st {
- int type;
- int alias;
- const char *name;
- const char *data;
-} OBJ_NAME;
-
-# define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
-
-int OBJ_NAME_init(void);
-int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
- int (*cmp_func) (const char *, const char *),
- void (*free_func) (const char *, int, const char *));
-const char *OBJ_NAME_get(const char *name, int type);
-int OBJ_NAME_add(const char *name, int type, const char *data);
-int OBJ_NAME_remove(const char *name, int type);
-void OBJ_NAME_cleanup(int type); /* -1 for everything */
-void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
- void *arg);
-void OBJ_NAME_do_all_sorted(int type,
- void (*fn) (const OBJ_NAME *, void *arg),
- void *arg);
-
-ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
-ASN1_OBJECT *OBJ_nid2obj(int n);
-const char *OBJ_nid2ln(int n);
-const char *OBJ_nid2sn(int n);
-int OBJ_obj2nid(const ASN1_OBJECT *o);
-ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
-int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
-int OBJ_txt2nid(const char *s);
-int OBJ_ln2nid(const char *s);
-int OBJ_sn2nid(const char *s);
-int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
-const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
- int (*cmp) (const void *, const void *));
-const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
- int size,
- int (*cmp) (const void *, const void *),
- int flags);
-
-# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \
- static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
- static int nm##_cmp(type1 const *, type2 const *); \
- scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
-
-# define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \
- _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
-# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
- type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
-
-/*-
- * Unsolved problem: if a type is actually a pointer type, like
- * nid_triple is, then its impossible to get a const where you need
- * it. Consider:
- *
- * typedef int nid_triple[3];
- * const void *a_;
- * const nid_triple const *a = a_;
- *
- * The assignement discards a const because what you really want is:
- *
- * const int const * const *a = a_;
- *
- * But if you do that, you lose the fact that a is an array of 3 ints,
- * which breaks comparison functions.
- *
- * Thus we end up having to cast, sadly, or unpack the
- * declarations. Or, as I finally did in this case, delcare nid_triple
- * to be a struct, which it should have been in the first place.
- *
- * Ben, August 2008.
- *
- * Also, strictly speaking not all types need be const, but handling
- * the non-constness means a lot of complication, and in practice
- * comparison routines do always not touch their arguments.
- */
-
-# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \
- static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
- { \
- type1 const *a = a_; \
- type2 const *b = b_; \
- return nm##_cmp(a,b); \
- } \
- static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
- { \
- return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
- nm##_cmp_BSEARCH_CMP_FN); \
- } \
- extern void dummy_prototype(void)
-
-# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
- static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
- { \
- type1 const *a = a_; \
- type2 const *b = b_; \
- return nm##_cmp(a,b); \
- } \
- type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
- { \
- return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
- nm##_cmp_BSEARCH_CMP_FN); \
- } \
- extern void dummy_prototype(void)
-
-# define OBJ_bsearch(type1,key,type2,base,num,cmp) \
- ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
- num,sizeof(type2), \
- ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
- (void)CHECKED_PTR_OF(type2,cmp##_type_2), \
- cmp##_BSEARCH_CMP_FN)))
-
-# define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \
- ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
- num,sizeof(type2), \
- ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
- (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
- cmp##_BSEARCH_CMP_FN)),flags)
-
-int OBJ_new_nid(int num);
-int OBJ_add_object(const ASN1_OBJECT *obj);
-int OBJ_create(const char *oid, const char *sn, const char *ln);
-void OBJ_cleanup(void);
-int OBJ_create_objects(BIO *in);
-
-size_t OBJ_length(const ASN1_OBJECT *obj);
-const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);
-
-int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
-int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
-int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
-void OBJ_sigid_free(void);
-
-extern int obj_cleanup_defer;
-void check_defer(int nid);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OBJ_strings(void);
-
-/* Error codes for the OBJ functions. */
-
-/* Function codes. */
-# define OBJ_F_OBJ_ADD_OBJECT 105
-# define OBJ_F_OBJ_CREATE 100
-# define OBJ_F_OBJ_DUP 101
-# define OBJ_F_OBJ_NAME_NEW_INDEX 106
-# define OBJ_F_OBJ_NID2LN 102
-# define OBJ_F_OBJ_NID2OBJ 103
-# define OBJ_F_OBJ_NID2SN 104
-
-/* Reason codes. */
-# define OBJ_R_MALLOC_FAILURE 100
-# define OBJ_R_UNKNOWN_NID 101
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* ocsp.h */
-/*
- * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project.
- */
-
-/*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
- * patch kit.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OCSP_H
-# define HEADER_OCSP_H
-
-# include <openssl/ossl_typ.h>
-# include <openssl/x509.h>
-# include <openssl/x509v3.h>
-# include <openssl/safestack.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Various flags and values */
-
-# define OCSP_DEFAULT_NONCE_LENGTH 16
-
-# define OCSP_NOCERTS 0x1
-# define OCSP_NOINTERN 0x2
-# define OCSP_NOSIGS 0x4
-# define OCSP_NOCHAIN 0x8
-# define OCSP_NOVERIFY 0x10
-# define OCSP_NOEXPLICIT 0x20
-# define OCSP_NOCASIGN 0x40
-# define OCSP_NODELEGATED 0x80
-# define OCSP_NOCHECKS 0x100
-# define OCSP_TRUSTOTHER 0x200
-# define OCSP_RESPID_KEY 0x400
-# define OCSP_NOTIME 0x800
-
-typedef struct ocsp_cert_id_st OCSP_CERTID;
-
-DECLARE_STACK_OF(OCSP_CERTID)
-
-typedef struct ocsp_one_request_st OCSP_ONEREQ;
-
-DECLARE_STACK_OF(OCSP_ONEREQ)
-
-typedef struct ocsp_req_info_st OCSP_REQINFO;
-typedef struct ocsp_signature_st OCSP_SIGNATURE;
-typedef struct ocsp_request_st OCSP_REQUEST;
-
-# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
-# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
-# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
-# define OCSP_RESPONSE_STATUS_TRYLATER 3
-# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
-# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
-
-typedef struct ocsp_resp_bytes_st OCSP_RESPBYTES;
-
-# define V_OCSP_RESPID_NAME 0
-# define V_OCSP_RESPID_KEY 1
-
-DECLARE_STACK_OF(OCSP_RESPID)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
-
-typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO;
-
-# define V_OCSP_CERTSTATUS_GOOD 0
-# define V_OCSP_CERTSTATUS_REVOKED 1
-# define V_OCSP_CERTSTATUS_UNKNOWN 2
-
-typedef struct ocsp_cert_status_st OCSP_CERTSTATUS;
-typedef struct ocsp_single_response_st OCSP_SINGLERESP;
-
-DECLARE_STACK_OF(OCSP_SINGLERESP)
-
-typedef struct ocsp_response_data_st OCSP_RESPDATA;
-
-typedef struct ocsp_basic_response_st OCSP_BASICRESP;
-
-/*-
- * CRLReason ::= ENUMERATED {
- * unspecified (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6),
- * removeFromCRL (8) }
- */
-# define OCSP_REVOKED_STATUS_NOSTATUS -1
-# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
-# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
-# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
-# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
-# define OCSP_REVOKED_STATUS_SUPERSEDED 4
-# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
-# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
-# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
-
-typedef struct ocsp_crl_id_st OCSP_CRLID;
-typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
-
-# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
-# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
-
-# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
-
-# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
-
-# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
-
-# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
- (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
-
-# define PEM_write_bio_OCSP_REQUEST(bp,o) \
- PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
- bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
- PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
- bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
-
-# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
-
-# define OCSP_REQUEST_sign(o,pkey,md) \
- ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
- o->optionalSignature->signatureAlgorithm,NULL,\
- o->optionalSignature->signature,o->tbsRequest,pkey,md)
-
-# define OCSP_BASICRESP_sign(o,pkey,md,d) \
- ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
- o->signature,o->tbsResponseData,pkey,md)
-
-# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
- a->optionalSignature->signatureAlgorithm,\
- a->optionalSignature->signature,a->tbsRequest,r)
-
-# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
- a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
-
-# define ASN1_BIT_STRING_digest(data,type,md,len) \
- ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
-
-# define OCSP_CERTSTATUS_dup(cs)\
- (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
- (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
-
-OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
-
-OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
-OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
- int maxline);
-int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
-int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
-OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
-void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
-void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
-int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
- ASN1_VALUE *val);
-int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
- const ASN1_ITEM *it);
-BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
-int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
- ASN1_VALUE *val);
-int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
-int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
-int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
- const char *name, const char *value);
-
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
-
-OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
- X509_NAME *issuerName,
- ASN1_BIT_STRING *issuerKey,
- ASN1_INTEGER *serialNumber);
-
-OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
-
-int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
-int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
-int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
-int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
-
-int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
-int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
-
-int OCSP_request_sign(OCSP_REQUEST *req,
- X509 *signer,
- EVP_PKEY *key,
- const EVP_MD *dgst,
- STACK_OF(X509) *certs, unsigned long flags);
-
-int OCSP_response_status(OCSP_RESPONSE *resp);
-OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
-
-ASN1_OCTET_STRING *OCSP_resp_get0_signature(OCSP_BASICRESP *bs);
-
-int OCSP_resp_count(OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
-int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
-int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
- ASN1_GENERALIZEDTIME **revtime,
- ASN1_GENERALIZEDTIME **thisupd,
- ASN1_GENERALIZEDTIME **nextupd);
-int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
- int *reason,
- ASN1_GENERALIZEDTIME **revtime,
- ASN1_GENERALIZEDTIME **thisupd,
- ASN1_GENERALIZEDTIME **nextupd);
-int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
- ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
-
-int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
- X509_STORE *store, unsigned long flags);
-
-int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
- int *pssl);
-
-int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-
-int OCSP_request_onereq_count(OCSP_REQUEST *req);
-OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
-OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
-int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
- ASN1_OCTET_STRING **pikeyHash,
- ASN1_INTEGER **pserial, OCSP_CERTID *cid);
-int OCSP_request_is_signed(OCSP_REQUEST *req);
-OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
- OCSP_CERTID *cid,
- int status, int reason,
- ASN1_TIME *revtime,
- ASN1_TIME *thisupd,
- ASN1_TIME *nextupd);
-int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
-int OCSP_basic_sign(OCSP_BASICRESP *brsp,
- X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
- STACK_OF(X509) *certs, unsigned long flags);
-
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
-
-X509_EXTENSION *OCSP_accept_responses_new(char **oids);
-
-X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
-
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
-
-int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
-int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
-int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
- int lastpos);
-int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
-X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
-void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
- int *idx);
-int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
- unsigned long flags);
-int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
-int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
-int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
-int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
-X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
-void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
-int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
- unsigned long flags);
-int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
-int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
-int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
- int lastpos);
-int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
- int lastpos);
-X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
-X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
-void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
- int *idx);
-int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
- int crit, unsigned long flags);
-int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
-int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
-int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
- int lastpos);
-int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
- int lastpos);
-X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
-X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
-void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
- int *idx);
-int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
- int crit, unsigned long flags);
-int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
-
-DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
-DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
-DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
-DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
-DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
-
-const char *OCSP_response_status_str(long s);
-const char *OCSP_cert_status_str(long s);
-const char *OCSP_crl_reason_str(long s);
-
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
-int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
-
-int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
- X509_STORE *st, unsigned long flags);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OCSP_strings(void);
-
-/* Error codes for the OCSP functions. */
-
-/* Function codes. */
-# define OCSP_F_ASN1_STRING_ENCODE 100
-# define OCSP_F_D2I_OCSP_NONCE 102
-# define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
-# define OCSP_F_OCSP_BASIC_SIGN 104
-# define OCSP_F_OCSP_BASIC_VERIFY 105
-# define OCSP_F_OCSP_CERT_ID_NEW 101
-# define OCSP_F_OCSP_CHECK_DELEGATED 106
-# define OCSP_F_OCSP_CHECK_IDS 107
-# define OCSP_F_OCSP_CHECK_ISSUER 108
-# define OCSP_F_OCSP_CHECK_VALIDITY 115
-# define OCSP_F_OCSP_MATCH_ISSUERID 109
-# define OCSP_F_OCSP_PARSE_URL 114
-# define OCSP_F_OCSP_REQUEST_SIGN 110
-# define OCSP_F_OCSP_REQUEST_VERIFY 116
-# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
-# define OCSP_F_OCSP_SENDREQ_BIO 112
-# define OCSP_F_OCSP_SENDREQ_NBIO 117
-# define OCSP_F_PARSE_HTTP_LINE1 118
-# define OCSP_F_REQUEST_VERIFY 113
-
-/* Reason codes. */
-# define OCSP_R_BAD_DATA 100
-# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
-# define OCSP_R_DIGEST_ERR 102
-# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
-# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
-# define OCSP_R_ERROR_PARSING_URL 121
-# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
-# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
-# define OCSP_R_NOT_BASIC_RESPONSE 104
-# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
-# define OCSP_R_NO_CONTENT 106
-# define OCSP_R_NO_PUBLIC_KEY 107
-# define OCSP_R_NO_RESPONSE_DATA 108
-# define OCSP_R_NO_REVOKED_TIME 109
-# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
-# define OCSP_R_REQUEST_NOT_SIGNED 128
-# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
-# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
-# define OCSP_R_SERVER_READ_ERROR 113
-# define OCSP_R_SERVER_RESPONSE_ERROR 114
-# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
-# define OCSP_R_SERVER_WRITE_ERROR 116
-# define OCSP_R_SIGNATURE_FAILURE 117
-# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
-# define OCSP_R_STATUS_EXPIRED 125
-# define OCSP_R_STATUS_NOT_YET_VALID 126
-# define OCSP_R_STATUS_TOO_OLD 127
-# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
-# define OCSP_R_UNKNOWN_NID 120
-# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-#ifndef HEADER_OPENSSLV_H
-# define HEADER_OPENSSLV_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*-
- * Numeric release version identifier:
- * MNNFFPPS: major minor fix patch status
- * The status nibble has one of the values 0 for development, 1 to e for betas
- * 1 to 14, and f for release. The patch level is exactly that.
- * For example:
- * 0.9.3-dev 0x00903000
- * 0.9.3-beta1 0x00903001
- * 0.9.3-beta2-dev 0x00903002
- * 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
- * 0.9.3 0x0090300f
- * 0.9.3a 0x0090301f
- * 0.9.4 0x0090400f
- * 1.2.3z 0x102031af
- *
- * For continuity reasons (because 0.9.5 is already out, and is coded
- * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
- * part is slightly different, by setting the highest bit. This means
- * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
- * with 0x0090600S...
- *
- * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
- * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
- * major minor fix final patch/beta)
- */
-# define OPENSSL_VERSION_NUMBER 0x10100000L
-# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-fips-dev xx XXX xxxx"
-# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-dev xx XXX xxxx"
-# endif
-# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
-
-/*-
- * The macros below are to be used for shared library (.so, .dll, ...)
- * versioning. That kind of versioning works a bit differently between
- * operating systems. The most usual scheme is to set a major and a minor
- * number, and have the runtime loader check that the major number is equal
- * to what it was at application link time, while the minor number has to
- * be greater or equal to what it was at application link time. With this
- * scheme, the version number is usually part of the file name, like this:
- *
- * libcrypto.so.0.9
- *
- * Some unixen also make a softlink with the major verson number only:
- *
- * libcrypto.so.0
- *
- * On Tru64 and IRIX 6.x it works a little bit differently. There, the
- * shared library version is stored in the file, and is actually a series
- * of versions, separated by colons. The rightmost version present in the
- * library when linking an application is stored in the application to be
- * matched at run time. When the application is run, a check is done to
- * see if the library version stored in the application matches any of the
- * versions in the version string of the library itself.
- * This version string can be constructed in any way, depending on what
- * kind of matching is desired. However, to implement the same scheme as
- * the one used in the other unixen, all compatible versions, from lowest
- * to highest, should be part of the string. Consecutive builds would
- * give the following versions strings:
- *
- * 3.0
- * 3.0:3.1
- * 3.0:3.1:3.2
- * 4.0
- * 4.0:4.1
- *
- * Notice how version 4 is completely incompatible with version, and
- * therefore give the breach you can see.
- *
- * There may be other schemes as well that I haven't yet discovered.
- *
- * So, here's the way it works here: first of all, the library version
- * number doesn't need at all to match the overall OpenSSL version.
- * However, it's nice and more understandable if it actually does.
- * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
- * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
- * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
- * we need to keep a history of version numbers, which is done in the
- * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
- * should only keep the versions that are binary compatible with the current.
- */
-# define SHLIB_VERSION_HISTORY ""
-# define SHLIB_VERSION_NUMBER "1.1"
-
-
-#ifdef __cplusplus
-}
-#endif
-#endif /* HEADER_OPENSSLV_H */
+++ /dev/null
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OPENSSL_TYPES_H
-# define HEADER_OPENSSL_TYPES_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/e_os2.h>
-
-# ifdef NO_ASN1_TYPEDEFS
-# define ASN1_INTEGER ASN1_STRING
-# define ASN1_ENUMERATED ASN1_STRING
-# define ASN1_BIT_STRING ASN1_STRING
-# define ASN1_OCTET_STRING ASN1_STRING
-# define ASN1_PRINTABLESTRING ASN1_STRING
-# define ASN1_T61STRING ASN1_STRING
-# define ASN1_IA5STRING ASN1_STRING
-# define ASN1_UTCTIME ASN1_STRING
-# define ASN1_GENERALIZEDTIME ASN1_STRING
-# define ASN1_TIME ASN1_STRING
-# define ASN1_GENERALSTRING ASN1_STRING
-# define ASN1_UNIVERSALSTRING ASN1_STRING
-# define ASN1_BMPSTRING ASN1_STRING
-# define ASN1_VISIBLESTRING ASN1_STRING
-# define ASN1_UTF8STRING ASN1_STRING
-# define ASN1_BOOLEAN int
-# define ASN1_NULL int
-# else
-typedef struct asn1_string_st ASN1_INTEGER;
-typedef struct asn1_string_st ASN1_ENUMERATED;
-typedef struct asn1_string_st ASN1_BIT_STRING;
-typedef struct asn1_string_st ASN1_OCTET_STRING;
-typedef struct asn1_string_st ASN1_PRINTABLESTRING;
-typedef struct asn1_string_st ASN1_T61STRING;
-typedef struct asn1_string_st ASN1_IA5STRING;
-typedef struct asn1_string_st ASN1_GENERALSTRING;
-typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
-typedef struct asn1_string_st ASN1_BMPSTRING;
-typedef struct asn1_string_st ASN1_UTCTIME;
-typedef struct asn1_string_st ASN1_TIME;
-typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
-typedef struct asn1_string_st ASN1_VISIBLESTRING;
-typedef struct asn1_string_st ASN1_UTF8STRING;
-typedef struct asn1_string_st ASN1_STRING;
-typedef int ASN1_BOOLEAN;
-typedef int ASN1_NULL;
-# endif
-
-typedef struct asn1_object_st ASN1_OBJECT;
-
-typedef struct ASN1_ITEM_st ASN1_ITEM;
-typedef struct asn1_pctx_st ASN1_PCTX;
-typedef struct asn1_sctx_st ASN1_SCTX;
-
-# ifdef OPENSSL_SYS_WIN32
-# undef X509_NAME
-# undef X509_EXTENSIONS
-# undef PKCS7_ISSUER_AND_SERIAL
-# undef OCSP_REQUEST
-# undef OCSP_RESPONSE
-# endif
-
-# ifdef BIGNUM
-# undef BIGNUM
-# endif
-typedef struct bignum_st BIGNUM;
-typedef struct bignum_ctx BN_CTX;
-typedef struct bn_blinding_st BN_BLINDING;
-typedef struct bn_mont_ctx_st BN_MONT_CTX;
-typedef struct bn_recp_ctx_st BN_RECP_CTX;
-typedef struct bn_gencb_st BN_GENCB;
-
-typedef struct buf_mem_st BUF_MEM;
-
-typedef struct evp_cipher_st EVP_CIPHER;
-typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
-typedef struct env_md_st EVP_MD;
-typedef struct env_md_ctx_st EVP_MD_CTX;
-typedef struct evp_pkey_st EVP_PKEY;
-
-typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
-
-typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
-typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
-
-typedef struct dh_st DH;
-typedef struct dh_method DH_METHOD;
-
-typedef struct dsa_st DSA;
-typedef struct dsa_method DSA_METHOD;
-
-typedef struct rsa_st RSA;
-typedef struct rsa_meth_st RSA_METHOD;
-
-typedef struct rand_meth_st RAND_METHOD;
-
-typedef struct ecdh_method ECDH_METHOD;
-typedef struct ecdsa_method ECDSA_METHOD;
-
-typedef struct x509_st X509;
-typedef struct X509_algor_st X509_ALGOR;
-typedef struct X509_crl_st X509_CRL;
-typedef struct x509_crl_method_st X509_CRL_METHOD;
-typedef struct x509_revoked_st X509_REVOKED;
-typedef struct X509_name_st X509_NAME;
-typedef struct X509_pubkey_st X509_PUBKEY;
-typedef struct x509_store_st X509_STORE;
-typedef struct x509_store_ctx_st X509_STORE_CTX;
-
-typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
-
-typedef struct v3_ext_ctx X509V3_CTX;
-typedef struct conf_st CONF;
-
-typedef struct store_st STORE;
-typedef struct store_method_st STORE_METHOD;
-
-typedef struct ui_st UI;
-typedef struct ui_method_st UI_METHOD;
-
-typedef struct st_ERR_FNS ERR_FNS;
-
-typedef struct engine_st ENGINE;
-typedef struct ssl_st SSL;
-typedef struct ssl_ctx_st SSL_CTX;
-
-typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
-typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
-typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
-typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
-
-typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
-typedef struct DIST_POINT_st DIST_POINT;
-typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
-typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
-
-typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
-/* Callback types for crypto.h */
-typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
-typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
-typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
- void *from_d, int idx, long argl, void *argp);
-
-typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
-typedef struct ocsp_response_st OCSP_RESPONSE;
-typedef struct ocsp_responder_id_st OCSP_RESPID;
-
-#ifdef __cplusplus
-}
-#endif
-#endif /* def HEADER_OPENSSL_TYPES_H */
+++ /dev/null
-/* crypto/pem/pem.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PEM_H
-# define HEADER_PEM_H
-
-# include <openssl/e_os2.h>
-# include <openssl/bio.h>
-# include <openssl/stack.h>
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-# include <openssl/pem2.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define PEM_BUFSIZE 1024
-
-# define PEM_OBJ_UNDEF 0
-# define PEM_OBJ_X509 1
-# define PEM_OBJ_X509_REQ 2
-# define PEM_OBJ_CRL 3
-# define PEM_OBJ_SSL_SESSION 4
-# define PEM_OBJ_PRIV_KEY 10
-# define PEM_OBJ_PRIV_RSA 11
-# define PEM_OBJ_PRIV_DSA 12
-# define PEM_OBJ_PRIV_DH 13
-# define PEM_OBJ_PUB_RSA 14
-# define PEM_OBJ_PUB_DSA 15
-# define PEM_OBJ_PUB_DH 16
-# define PEM_OBJ_DHPARAMS 17
-# define PEM_OBJ_DSAPARAMS 18
-# define PEM_OBJ_PRIV_RSA_PUBLIC 19
-# define PEM_OBJ_PRIV_ECDSA 20
-# define PEM_OBJ_PUB_ECDSA 21
-# define PEM_OBJ_ECPARAMETERS 22
-
-# define PEM_ERROR 30
-# define PEM_DEK_DES_CBC 40
-# define PEM_DEK_IDEA_CBC 45
-# define PEM_DEK_DES_EDE 50
-# define PEM_DEK_DES_ECB 60
-# define PEM_DEK_RSA 70
-# define PEM_DEK_RSA_MD2 80
-# define PEM_DEK_RSA_MD5 90
-
-# define PEM_MD_MD2 NID_md2
-# define PEM_MD_MD5 NID_md5
-# define PEM_MD_SHA NID_sha
-# define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
-# define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
-# define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
-
-# define PEM_STRING_X509_OLD "X509 CERTIFICATE"
-# define PEM_STRING_X509 "CERTIFICATE"
-# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
-# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
-# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
-# define PEM_STRING_X509_CRL "X509 CRL"
-# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
-# define PEM_STRING_PUBLIC "PUBLIC KEY"
-# define PEM_STRING_RSA "RSA PRIVATE KEY"
-# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
-# define PEM_STRING_DSA "DSA PRIVATE KEY"
-# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
-# define PEM_STRING_PKCS7 "PKCS7"
-# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
-# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
-# define PEM_STRING_PKCS8INF "PRIVATE KEY"
-# define PEM_STRING_DHPARAMS "DH PARAMETERS"
-# define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS"
-# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
-# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
-# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
-# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
-# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
-# define PEM_STRING_PARAMETERS "PARAMETERS"
-# define PEM_STRING_CMS "CMS"
-
- /*
- * Note that this structure is initialised by PEM_SealInit and cleaned up
- * by PEM_SealFinal (at least for now)
- */
-typedef struct PEM_Encode_Seal_st {
- EVP_ENCODE_CTX encode;
- EVP_MD_CTX md;
- EVP_CIPHER_CTX cipher;
-} PEM_ENCODE_SEAL_CTX;
-
-/* enc_type is one off */
-# define PEM_TYPE_ENCRYPTED 10
-# define PEM_TYPE_MIC_ONLY 20
-# define PEM_TYPE_MIC_CLEAR 30
-# define PEM_TYPE_CLEAR 40
-
-typedef struct pem_recip_st {
- char *name;
- X509_NAME *dn;
- int cipher;
- int key_enc;
- /* char iv[8]; unused and wrong size */
-} PEM_USER;
-
-typedef struct pem_ctx_st {
- int type; /* what type of object */
- struct {
- int version;
- int mode;
- } proc_type;
-
- char *domain;
-
- struct {
- int cipher;
- /*-
- unused, and wrong size
- unsigned char iv[8]; */
- } DEK_info;
-
- PEM_USER *originator;
-
- int num_recipient;
- PEM_USER **recipient;
-
-/*-
- XXX(ben): don#t think this is used!
- STACK *x509_chain; / * certificate chain */
- EVP_MD *md; /* signature type */
-
- int md_enc; /* is the md encrypted or not? */
- int md_len; /* length of md_data */
- char *md_data; /* message digest, could be pkey encrypted */
-
- EVP_CIPHER *dec; /* date encryption cipher */
- int key_len; /* key length */
- unsigned char *key; /* key */
- /*-
- unused, and wrong size
- unsigned char iv[8]; */
-
- int data_enc; /* is the data encrypted */
- int data_len;
- unsigned char *data;
-} PEM_CTX;
-
-/*
- * These macros make the PEM_read/PEM_write functions easier to maintain and
- * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
- * IMPLEMENT_PEM_rw_cb(...)
- */
-
-# ifdef OPENSSL_NO_STDIO
-
-# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
-# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
-# else
-
-# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
-type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
-}
-
-# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, const type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, \
- void *u) \
- { \
- return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
- }
-
-# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, \
- void *u) \
- { \
- return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
- }
-
-# endif
-
-# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
-}
-
-# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, const type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
- { \
- return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
- }
-
-# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
- { \
- return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
- }
-
-# define IMPLEMENT_PEM_write(name, type, str, asn1) \
- IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_write_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_read_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb(name, type, str, asn1)
-
-/* These are the same except they are for the declarations */
-
-# if defined(OPENSSL_NO_STDIO)
-
-# define DECLARE_PEM_read_fp(name, type) /**/
-# define DECLARE_PEM_write_fp(name, type) /**/
-# define DECLARE_PEM_write_cb_fp(name, type) /**/
-# else
-
-# define DECLARE_PEM_read_fp(name, type) \
- type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
-
-# define DECLARE_PEM_write_fp(name, type) \
- int PEM_write_##name(FILE *fp, type *x);
-
-# define DECLARE_PEM_write_fp_const(name, type) \
- int PEM_write_##name(FILE *fp, const type *x);
-
-# define DECLARE_PEM_write_cb_fp(name, type) \
- int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-# endif
-
-# define DECLARE_PEM_read_bio(name, type) \
- type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
-
-# define DECLARE_PEM_write_bio(name, type) \
- int PEM_write_bio_##name(BIO *bp, type *x);
-
-# define DECLARE_PEM_write_bio_const(name, type) \
- int PEM_write_bio_##name(BIO *bp, const type *x);
-
-# define DECLARE_PEM_write_cb_bio(name, type) \
- int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-# define DECLARE_PEM_write(name, type) \
- DECLARE_PEM_write_bio(name, type) \
- DECLARE_PEM_write_fp(name, type)
-# define DECLARE_PEM_write_const(name, type) \
- DECLARE_PEM_write_bio_const(name, type) \
- DECLARE_PEM_write_fp_const(name, type)
-# define DECLARE_PEM_write_cb(name, type) \
- DECLARE_PEM_write_cb_bio(name, type) \
- DECLARE_PEM_write_cb_fp(name, type)
-# define DECLARE_PEM_read(name, type) \
- DECLARE_PEM_read_bio(name, type) \
- DECLARE_PEM_read_fp(name, type)
-# define DECLARE_PEM_rw(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write(name, type)
-# define DECLARE_PEM_rw_const(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write_const(name, type)
-# define DECLARE_PEM_rw_cb(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write_cb(name, type)
-typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
- pem_password_cb *callback, void *u);
-
-int PEM_read_bio(BIO *bp, char **name, char **header,
- unsigned char **data, long *len);
-int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
- const unsigned char *data, long len);
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
- const char *name, BIO *bp, pem_password_cb *cb,
- void *u);
-void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
- pem_password_cb *cb, void *u);
-int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
- const EVP_CIPHER *enc, unsigned char *kstr, int klen,
- pem_password_cb *cb, void *u);
-
-STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u);
-int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
- unsigned char *kstr, int klen,
- pem_password_cb *cd, void *u);
-
-int PEM_read(FILE *fp, char **name, char **header,
- unsigned char **data, long *len);
-int PEM_write(FILE *fp, const char *name, const char *hdr,
- const unsigned char *data, long len);
-void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
- pem_password_cb *cb, void *u);
-int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
- void *x, const EVP_CIPHER *enc, unsigned char *kstr,
- int klen, pem_password_cb *callback, void *u);
-STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u);
-
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
- EVP_MD *md_type, unsigned char **ek, int *ekl,
- unsigned char *iv, EVP_PKEY **pubk, int npubk);
-int PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl);
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
- unsigned char *out, int *outl, EVP_PKEY *priv);
-
-int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
-int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
- unsigned int *siglen, EVP_PKEY *pkey);
-
-int PEM_def_callback(char *buf, int num, int w, void *key);
-void PEM_proc_type(char *buf, int type);
-void PEM_dek_info(char *buf, const char *type, int len, char *str);
-
-# include <openssl/symhacks.h>
-
-DECLARE_PEM_rw(X509, X509)
-DECLARE_PEM_rw(X509_AUX, X509)
-DECLARE_PEM_rw(X509_REQ, X509_REQ)
-DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
-DECLARE_PEM_rw(X509_CRL, X509_CRL)
-DECLARE_PEM_rw(PKCS7, PKCS7)
-DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-DECLARE_PEM_rw(PKCS8, X509_SIG)
-DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-# ifndef OPENSSL_NO_RSA
-DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
-DECLARE_PEM_rw_const(RSAPublicKey, RSA)
-DECLARE_PEM_rw(RSA_PUBKEY, RSA)
-# endif
-# ifndef OPENSSL_NO_DSA
-DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
-DECLARE_PEM_rw(DSA_PUBKEY, DSA)
-DECLARE_PEM_rw_const(DSAparams, DSA)
-# endif
-# ifndef OPENSSL_NO_EC
-DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
-DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
-DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
-# endif
-# ifndef OPENSSL_NO_DH
-DECLARE_PEM_rw_const(DHparams, DH)
-DECLARE_PEM_write_const(DHxparams, DH)
-# endif
-DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
- char *, int, pem_password_cb *, void *);
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
- void *u);
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
- void *u);
-
-int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen, pem_password_cb *cd,
- void *u);
-
-EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
-int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
-
-EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
-EVP_PKEY *b2i_PublicKey_bio(BIO *in);
-int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
-int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
-# ifndef OPENSSL_NO_RC4
-EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
-int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
- pem_password_cb *cb, void *u);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PEM_strings(void);
-
-/* Error codes for the PEM functions. */
-
-/* Function codes. */
-# define PEM_F_B2I_DSS 127
-# define PEM_F_B2I_PVK_BIO 128
-# define PEM_F_B2I_RSA 129
-# define PEM_F_CHECK_BITLEN_DSA 130
-# define PEM_F_CHECK_BITLEN_RSA 131
-# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
-# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
-# define PEM_F_DO_B2I 132
-# define PEM_F_DO_B2I_BIO 133
-# define PEM_F_DO_BLOB_HEADER 134
-# define PEM_F_DO_PK8PKEY 126
-# define PEM_F_DO_PK8PKEY_FP 125
-# define PEM_F_DO_PVK_BODY 135
-# define PEM_F_DO_PVK_HEADER 136
-# define PEM_F_I2B_PVK 137
-# define PEM_F_I2B_PVK_BIO 138
-# define PEM_F_LOAD_IV 101
-# define PEM_F_PEM_ASN1_READ 102
-# define PEM_F_PEM_ASN1_READ_BIO 103
-# define PEM_F_PEM_ASN1_WRITE 104
-# define PEM_F_PEM_ASN1_WRITE_BIO 105
-# define PEM_F_PEM_DEF_CALLBACK 100
-# define PEM_F_PEM_DO_HEADER 106
-# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
-# define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
-# define PEM_F_PEM_PK8PKEY 119
-# define PEM_F_PEM_READ 108
-# define PEM_F_PEM_READ_BIO 109
-# define PEM_F_PEM_READ_BIO_DHPARAMS 141
-# define PEM_F_PEM_READ_BIO_PARAMETERS 140
-# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
-# define PEM_F_PEM_READ_DHPARAMS 142
-# define PEM_F_PEM_READ_PRIVATEKEY 124
-# define PEM_F_PEM_SEALFINAL 110
-# define PEM_F_PEM_SEALINIT 111
-# define PEM_F_PEM_SIGNFINAL 112
-# define PEM_F_PEM_WRITE 113
-# define PEM_F_PEM_WRITE_BIO 114
-# define PEM_F_PEM_WRITE_PRIVATEKEY 139
-# define PEM_F_PEM_X509_INFO_READ 115
-# define PEM_F_PEM_X509_INFO_READ_BIO 116
-# define PEM_F_PEM_X509_INFO_WRITE_BIO 117
-
-/* Reason codes. */
-# define PEM_R_BAD_BASE64_DECODE 100
-# define PEM_R_BAD_DECRYPT 101
-# define PEM_R_BAD_END_LINE 102
-# define PEM_R_BAD_IV_CHARS 103
-# define PEM_R_BAD_MAGIC_NUMBER 116
-# define PEM_R_BAD_PASSWORD_READ 104
-# define PEM_R_BAD_VERSION_NUMBER 117
-# define PEM_R_BIO_WRITE_FAILURE 118
-# define PEM_R_CIPHER_IS_NULL 127
-# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
-# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
-# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
-# define PEM_R_INCONSISTENT_HEADER 121
-# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
-# define PEM_R_KEYBLOB_TOO_SHORT 123
-# define PEM_R_NOT_DEK_INFO 105
-# define PEM_R_NOT_ENCRYPTED 106
-# define PEM_R_NOT_PROC_TYPE 107
-# define PEM_R_NO_START_LINE 108
-# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
-# define PEM_R_PUBLIC_KEY_NO_RSA 110
-# define PEM_R_PVK_DATA_TOO_SHORT 124
-# define PEM_R_PVK_TOO_SHORT 125
-# define PEM_R_READ_KEY 111
-# define PEM_R_SHORT_HEADER 112
-# define PEM_R_UNSUPPORTED_CIPHER 113
-# define PEM_R_UNSUPPORTED_ENCRYPTION 114
-# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This header only exists to break a circular dependency between pem and err
- * Ben 30 Jan 1999.
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef HEADER_PEM_H
-void ERR_load_PEM_strings(void);
-#endif
-
-#ifdef __cplusplus
-}
-#endif
+++ /dev/null
-/* pkcs12.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PKCS12_H
-# define HEADER_PKCS12_H
-
-# include <openssl/bio.h>
-# include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define PKCS12_KEY_ID 1
-# define PKCS12_IV_ID 2
-# define PKCS12_MAC_ID 3
-
-/* Default iteration count */
-# ifndef PKCS12_DEFAULT_ITER
-# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
-# endif
-
-# define PKCS12_MAC_KEY_LENGTH 20
-
-# define PKCS12_SALT_LEN 8
-
-/* Uncomment out next line for unicode password and names, otherwise ASCII */
-
-/*
- * #define PBE_UNICODE
- */
-
-# ifdef PBE_UNICODE
-# define PKCS12_key_gen PKCS12_key_gen_uni
-# define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
-# else
-# define PKCS12_key_gen PKCS12_key_gen_asc
-# define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
-# endif
-
-/* MS key usage constants */
-
-# define KEY_EX 0x10
-# define KEY_SIG 0x80
-
-typedef struct {
- X509_SIG *dinfo;
- ASN1_OCTET_STRING *salt;
- ASN1_INTEGER *iter; /* defaults to 1 */
-} PKCS12_MAC_DATA;
-
-typedef struct {
- ASN1_INTEGER *version;
- PKCS12_MAC_DATA *mac;
- PKCS7 *authsafes;
-} PKCS12;
-
-typedef struct {
- ASN1_OBJECT *type;
- union {
- struct pkcs12_bag_st *bag; /* secret, crl and certbag */
- struct pkcs8_priv_key_info_st *keybag; /* keybag */
- X509_SIG *shkeybag; /* shrouded key bag */
- STACK_OF(PKCS12_SAFEBAG) *safes;
- ASN1_TYPE *other;
- } value;
- STACK_OF(X509_ATTRIBUTE) *attrib;
-} PKCS12_SAFEBAG;
-
-DECLARE_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct pkcs12_bag_st {
- ASN1_OBJECT *type;
- union {
- ASN1_OCTET_STRING *x509cert;
- ASN1_OCTET_STRING *x509crl;
- ASN1_OCTET_STRING *octet;
- ASN1_IA5STRING *sdsicert;
- ASN1_TYPE *other; /* Secret or other bag */
- } value;
-} PKCS12_BAGS;
-
-# define PKCS12_ERROR 0
-# define PKCS12_OK 1
-
-/* Compatibility macros */
-
-# define M_PKCS12_x5092certbag PKCS12_x5092certbag
-# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
-
-# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
-# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
-
-# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
-# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
-# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
-# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
-
-# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
-# define M_PKCS8_decrypt PKCS8_decrypt
-
-# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
-# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
-# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
-
-# define PKCS12_get_attr(bag, attr_nid) \
- PKCS12_get_attr_gen(bag->attrib, attr_nid)
-
-# define PKCS8_get_attr(p8, attr_nid) \
- PKCS12_get_attr_gen(p8->attributes, attr_nid)
-
-# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
-
-PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
- int nid1, int nid2);
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
- int passlen);
-PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
- const char *pass, int passlen);
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
- const char *pass, int passlen, unsigned char *salt,
- int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
- int passlen, unsigned char *salt,
- int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8);
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- STACK_OF(PKCS12_SAFEBAG) *bags);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
- int passlen);
-
-int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
-STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
- int namelen);
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
- int namelen);
-int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
- int namelen);
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
- const unsigned char *name, int namelen);
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
- int passlen, unsigned char *in, int inlen,
- unsigned char **data, int *datalen,
- int en_de);
-void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
- const char *pass, int passlen,
- ASN1_OCTET_STRING *oct, int zbuf);
-ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
- const ASN1_ITEM *it,
- const char *pass, int passlen,
- void *obj, int zbuf);
-PKCS12 *PKCS12_init(int mode);
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
- int saltlen, int id, int iter, int n,
- unsigned char *out, const EVP_MD *md_type);
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
- int saltlen, int id, int iter, int n,
- unsigned char *out, const EVP_MD *md_type);
-int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, const EVP_CIPHER *cipher,
- const EVP_MD *md_type, int en_de);
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *mac, unsigned int *maclen);
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- const EVP_MD *md_type);
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
- int saltlen, const EVP_MD *md_type);
-unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
- unsigned char **uni, int *unilen);
-char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
-
-DECLARE_ASN1_FUNCTIONS(PKCS12)
-DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
-
-void PKCS12_PBE_add(void);
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca);
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
- STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
- int mac_iter, int keytype);
-
-PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
-PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
- EVP_PKEY *key, int key_usage, int iter,
- int key_nid, char *pass);
-int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
- int safe_nid, int iter, char *pass);
-PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS12_strings(void);
-
-/* Error codes for the PKCS12 functions. */
-
-/* Function codes. */
-# define PKCS12_F_PARSE_BAG 129
-# define PKCS12_F_PARSE_BAGS 103
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
-# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
-# define PKCS12_F_PKCS12_CREATE 105
-# define PKCS12_F_PKCS12_GEN_MAC 107
-# define PKCS12_F_PKCS12_INIT 109
-# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
-# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
-# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
-# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
-# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
-# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
-# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
-# define PKCS12_F_PKCS12_NEWPASS 128
-# define PKCS12_F_PKCS12_PACK_P7DATA 114
-# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
-# define PKCS12_F_PKCS12_PARSE 118
-# define PKCS12_F_PKCS12_PBE_CRYPT 119
-# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
-# define PKCS12_F_PKCS12_SETUP_MAC 122
-# define PKCS12_F_PKCS12_SET_MAC 123
-# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
-# define PKCS12_F_PKCS12_UNPACK_P7DATA 131
-# define PKCS12_F_PKCS12_VERIFY_MAC 126
-# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
-# define PKCS12_F_PKCS8_ENCRYPT 125
-
-/* Reason codes. */
-# define PKCS12_R_CANT_PACK_STRUCTURE 100
-# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
-# define PKCS12_R_DECODE_ERROR 101
-# define PKCS12_R_ENCODE_ERROR 102
-# define PKCS12_R_ENCRYPT_ERROR 103
-# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
-# define PKCS12_R_INVALID_NULL_ARGUMENT 104
-# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
-# define PKCS12_R_IV_GEN_ERROR 106
-# define PKCS12_R_KEY_GEN_ERROR 107
-# define PKCS12_R_MAC_ABSENT 108
-# define PKCS12_R_MAC_GENERATION_ERROR 109
-# define PKCS12_R_MAC_SETUP_ERROR 110
-# define PKCS12_R_MAC_STRING_SET_ERROR 111
-# define PKCS12_R_MAC_VERIFY_ERROR 112
-# define PKCS12_R_MAC_VERIFY_FAILURE 113
-# define PKCS12_R_PARSE_ERROR 114
-# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
-# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
-# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
-# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
-# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/pkcs7/pkcs7.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PKCS7_H
-# define HEADER_PKCS7_H
-
-# include <openssl/asn1.h>
-# include <openssl/bio.h>
-# include <openssl/e_os2.h>
-
-# include <openssl/symhacks.h>
-# include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_SYS_WIN32
-/* Under Win32 thes are defined in wincrypt.h */
-# undef PKCS7_ISSUER_AND_SERIAL
-# undef PKCS7_SIGNER_INFO
-# endif
-
-/*-
-Encryption_ID DES-CBC
-Digest_ID MD5
-Digest_Encryption_ID rsaEncryption
-Key_Encryption_ID rsaEncryption
-*/
-
-typedef struct pkcs7_issuer_and_serial_st {
- X509_NAME *issuer;
- ASN1_INTEGER *serial;
-} PKCS7_ISSUER_AND_SERIAL;
-
-typedef struct pkcs7_signer_info_st {
- ASN1_INTEGER *version; /* version 1 */
- PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
- X509_ALGOR *digest_alg;
- STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
- X509_ALGOR *digest_enc_alg;
- ASN1_OCTET_STRING *enc_digest;
- STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
- /* The private key to sign with */
- EVP_PKEY *pkey;
-} PKCS7_SIGNER_INFO;
-
-DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
-
-typedef struct pkcs7_recip_info_st {
- ASN1_INTEGER *version; /* version 0 */
- PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
- X509_ALGOR *key_enc_algor;
- ASN1_OCTET_STRING *enc_key;
- X509 *cert; /* get the pub-key from this */
-} PKCS7_RECIP_INFO;
-
-DECLARE_STACK_OF(PKCS7_RECIP_INFO)
-
-typedef struct pkcs7_signed_st {
- ASN1_INTEGER *version; /* version 1 */
- STACK_OF(X509_ALGOR) *md_algs; /* md used */
- STACK_OF(X509) *cert; /* [ 0 ] */
- STACK_OF(X509_CRL) *crl; /* [ 1 ] */
- STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
- struct pkcs7_st *contents;
-} PKCS7_SIGNED;
-/*
- * The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
- * merging the two
- */
-
-typedef struct pkcs7_enc_content_st {
- ASN1_OBJECT *content_type;
- X509_ALGOR *algorithm;
- ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
- const EVP_CIPHER *cipher;
-} PKCS7_ENC_CONTENT;
-
-typedef struct pkcs7_enveloped_st {
- ASN1_INTEGER *version; /* version 0 */
- STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
- PKCS7_ENC_CONTENT *enc_data;
-} PKCS7_ENVELOPE;
-
-typedef struct pkcs7_signedandenveloped_st {
- ASN1_INTEGER *version; /* version 1 */
- STACK_OF(X509_ALGOR) *md_algs; /* md used */
- STACK_OF(X509) *cert; /* [ 0 ] */
- STACK_OF(X509_CRL) *crl; /* [ 1 ] */
- STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
- PKCS7_ENC_CONTENT *enc_data;
- STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
-} PKCS7_SIGN_ENVELOPE;
-
-typedef struct pkcs7_digest_st {
- ASN1_INTEGER *version; /* version 0 */
- X509_ALGOR *md; /* md used */
- struct pkcs7_st *contents;
- ASN1_OCTET_STRING *digest;
-} PKCS7_DIGEST;
-
-typedef struct pkcs7_encrypted_st {
- ASN1_INTEGER *version; /* version 0 */
- PKCS7_ENC_CONTENT *enc_data;
-} PKCS7_ENCRYPT;
-
-typedef struct pkcs7_st {
- /*
- * The following is non NULL if it contains ASN1 encoding of this
- * structure
- */
- unsigned char *asn1;
- long length;
-# define PKCS7_S_HEADER 0
-# define PKCS7_S_BODY 1
-# define PKCS7_S_TAIL 2
- int state; /* used during processing */
- int detached;
- ASN1_OBJECT *type;
- /* content as defined by the type */
- /*
- * all encryption/message digests are applied to the 'contents', leaving
- * out the 'type' field.
- */
- union {
- char *ptr;
- /* NID_pkcs7_data */
- ASN1_OCTET_STRING *data;
- /* NID_pkcs7_signed */
- PKCS7_SIGNED *sign;
- /* NID_pkcs7_enveloped */
- PKCS7_ENVELOPE *enveloped;
- /* NID_pkcs7_signedAndEnveloped */
- PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
- /* NID_pkcs7_digest */
- PKCS7_DIGEST *digest;
- /* NID_pkcs7_encrypted */
- PKCS7_ENCRYPT *encrypted;
- /* Anything else */
- ASN1_TYPE *other;
- } d;
-} PKCS7;
-
-DECLARE_STACK_OF(PKCS7)
-
-# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
-# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
-
-# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
-# define PKCS7_get_attributes(si) ((si)->unauth_attr)
-
-# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
-# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
-# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
-# define PKCS7_type_is_signedAndEnveloped(a) \
- (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
-# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
-# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
-
-# define PKCS7_set_detached(p,v) \
- PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
-# define PKCS7_get_detached(p) \
- PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
-
-# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
-
-/* S/MIME related flags */
-
-# define PKCS7_TEXT 0x1
-# define PKCS7_NOCERTS 0x2
-# define PKCS7_NOSIGS 0x4
-# define PKCS7_NOCHAIN 0x8
-# define PKCS7_NOINTERN 0x10
-# define PKCS7_NOVERIFY 0x20
-# define PKCS7_DETACHED 0x40
-# define PKCS7_BINARY 0x80
-# define PKCS7_NOATTR 0x100
-# define PKCS7_NOSMIMECAP 0x200
-# define PKCS7_NOOLDMIMETYPE 0x400
-# define PKCS7_CRLFEOL 0x800
-# define PKCS7_STREAM 0x1000
-# define PKCS7_NOCRL 0x2000
-# define PKCS7_PARTIAL 0x4000
-# define PKCS7_REUSE_DIGEST 0x8000
-
-/* Flags: for compatibility with older code */
-
-# define SMIME_TEXT PKCS7_TEXT
-# define SMIME_NOCERTS PKCS7_NOCERTS
-# define SMIME_NOSIGS PKCS7_NOSIGS
-# define SMIME_NOCHAIN PKCS7_NOCHAIN
-# define SMIME_NOINTERN PKCS7_NOINTERN
-# define SMIME_NOVERIFY PKCS7_NOVERIFY
-# define SMIME_DETACHED PKCS7_DETACHED
-# define SMIME_BINARY PKCS7_BINARY
-# define SMIME_NOATTR PKCS7_NOATTR
-
-/* CRLF ASCII canonicalisation */
-# define SMIME_ASCIICRLF 0x80000
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
-
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
- const EVP_MD *type, unsigned char *md,
- unsigned int *len);
-# ifndef OPENSSL_NO_STDIO
-PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
-int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
-# endif
-PKCS7 *PKCS7_dup(PKCS7 *p7);
-PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
-int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
-int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
-int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
-DECLARE_ASN1_FUNCTIONS(PKCS7)
-
-DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
-DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
-
-DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
-DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
-
-int PKCS7_set_type(PKCS7 *p7, int type);
-int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
- const EVP_MD *dgst);
-int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
-int PKCS7_content_new(PKCS7 *p7, int nid);
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
- BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
- X509 *x509);
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
- EVP_PKEY *pkey, const EVP_MD *dgst);
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
-void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
- X509_ALGOR **pdig, X509_ALGOR **psig);
-void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
-int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
- void *data);
-int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
- void *value);
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
- STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
- STACK_OF(X509_ATTRIBUTE) *sk);
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
- BIO *data, int flags);
-
-PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
- X509 *signcert, EVP_PKEY *pkey,
- const EVP_MD *md, int flags);
-
-int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
- BIO *indata, BIO *out, int flags);
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
- int flags);
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
- int flags);
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
- int flags);
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
- STACK_OF(X509_ALGOR) *cap);
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
-
-int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
-int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
-int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
- const unsigned char *md, int mdlen);
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
-
-BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS7_strings(void);
-
-/* Error codes for the PKCS7 functions. */
-
-/* Function codes. */
-# define PKCS7_F_B64_READ_PKCS7 120
-# define PKCS7_F_B64_WRITE_PKCS7 121
-# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
-# define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
-# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
-# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
-# define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
-# define PKCS7_F_PKCS7_ADD_CRL 101
-# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
-# define PKCS7_F_PKCS7_ADD_SIGNATURE 131
-# define PKCS7_F_PKCS7_ADD_SIGNER 103
-# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
-# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
-# define PKCS7_F_PKCS7_CTRL 104
-# define PKCS7_F_PKCS7_DATADECODE 112
-# define PKCS7_F_PKCS7_DATAFINAL 128
-# define PKCS7_F_PKCS7_DATAINIT 105
-# define PKCS7_F_PKCS7_DATASIGN 106
-# define PKCS7_F_PKCS7_DATAVERIFY 107
-# define PKCS7_F_PKCS7_DECRYPT 114
-# define PKCS7_F_PKCS7_DECRYPT_RINFO 133
-# define PKCS7_F_PKCS7_ENCODE_RINFO 132
-# define PKCS7_F_PKCS7_ENCRYPT 115
-# define PKCS7_F_PKCS7_FINAL 134
-# define PKCS7_F_PKCS7_FIND_DIGEST 127
-# define PKCS7_F_PKCS7_GET0_SIGNERS 124
-# define PKCS7_F_PKCS7_RECIP_INFO_SET 130
-# define PKCS7_F_PKCS7_SET_CIPHER 108
-# define PKCS7_F_PKCS7_SET_CONTENT 109
-# define PKCS7_F_PKCS7_SET_DIGEST 126
-# define PKCS7_F_PKCS7_SET_TYPE 110
-# define PKCS7_F_PKCS7_SIGN 116
-# define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
-# define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
-# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
-# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
-# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
-# define PKCS7_F_PKCS7_VERIFY 117
-# define PKCS7_F_SMIME_READ_PKCS7 122
-# define PKCS7_F_SMIME_TEXT 123
-
-/* Reason codes. */
-# define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
-# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
-# define PKCS7_R_CIPHER_NOT_INITIALIZED 116
-# define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
-# define PKCS7_R_CTRL_ERROR 152
-# define PKCS7_R_DECODE_ERROR 130
-# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
-# define PKCS7_R_DECRYPT_ERROR 119
-# define PKCS7_R_DIGEST_FAILURE 101
-# define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
-# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
-# define PKCS7_R_ERROR_ADDING_RECIPIENT 120
-# define PKCS7_R_ERROR_SETTING_CIPHER 121
-# define PKCS7_R_INVALID_MIME_TYPE 131
-# define PKCS7_R_INVALID_NULL_POINTER 143
-# define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
-# define PKCS7_R_MIME_NO_CONTENT_TYPE 132
-# define PKCS7_R_MIME_PARSE_ERROR 133
-# define PKCS7_R_MIME_SIG_PARSE_ERROR 134
-# define PKCS7_R_MISSING_CERIPEND_INFO 103
-# define PKCS7_R_NO_CONTENT 122
-# define PKCS7_R_NO_CONTENT_TYPE 135
-# define PKCS7_R_NO_DEFAULT_DIGEST 151
-# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
-# define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
-# define PKCS7_R_NO_MULTIPART_BOUNDARY 137
-# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
-# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146
-# define PKCS7_R_NO_SIGNATURES_ON_DATA 123
-# define PKCS7_R_NO_SIGNERS 142
-# define PKCS7_R_NO_SIG_CONTENT_TYPE 138
-# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
-# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
-# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
-# define PKCS7_R_PKCS7_DATAFINAL 126
-# define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
-# define PKCS7_R_PKCS7_DATASIGN 145
-# define PKCS7_R_PKCS7_PARSE_ERROR 139
-# define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140
-# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
-# define PKCS7_R_SIGNATURE_FAILURE 105
-# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
-# define PKCS7_R_SIGNING_CTRL_FAILURE 147
-# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
-# define PKCS7_R_SIG_INVALID_MIME_TYPE 141
-# define PKCS7_R_SMIME_TEXT_ERROR 129
-# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
-# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
-# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
-# define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
-# define PKCS7_R_UNKNOWN_OPERATION 110
-# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
-# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
-# define PKCS7_R_WRONG_CONTENT_TYPE 113
-# define PKCS7_R_WRONG_PKCS7_TYPE 114
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/pqueue/pqueue.h */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PQUEUE_H
-# define HEADER_PQUEUE_H
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-typedef struct _pqueue *pqueue;
-
-typedef struct _pitem {
- unsigned char priority[8]; /* 64-bit value in big-endian encoding */
- void *data;
- struct _pitem *next;
-} pitem;
-
-typedef struct _pitem *piterator;
-
-pitem *pitem_new(unsigned char *prio64be, void *data);
-void pitem_free(pitem *item);
-
-pqueue pqueue_new(void);
-void pqueue_free(pqueue pq);
-
-pitem *pqueue_insert(pqueue pq, pitem *item);
-pitem *pqueue_peek(pqueue pq);
-pitem *pqueue_pop(pqueue pq);
-pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
-pitem *pqueue_iterator(pqueue pq);
-pitem *pqueue_next(piterator *iter);
-
-void pqueue_print(pqueue pq);
-int pqueue_size(pqueue pq);
-
-#ifdef __cplusplus
-}
-#endif
-#endif /* ! HEADER_PQUEUE_H */
+++ /dev/null
-/* crypto/rand/rand.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RAND_H
-# define HEADER_RAND_H
-
-# include <stdlib.h>
-# include <openssl/ossl_typ.h>
-# include <openssl/e_os2.h>
-
-# if defined(OPENSSL_SYS_WINDOWS)
-# include <windows.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct rand_meth_st RAND_METHOD; */
-
-struct rand_meth_st {
- int (*seed) (const void *buf, int num);
- int (*bytes) (unsigned char *buf, int num);
- void (*cleanup) (void);
- int (*add) (const void *buf, int num, double entropy);
- int (*pseudorand) (unsigned char *buf, int num);
- int (*status) (void);
-};
-
-# ifdef BN_DEBUG
-extern int rand_predictable;
-# endif
-
-int RAND_set_rand_method(const RAND_METHOD *meth);
-const RAND_METHOD *RAND_get_rand_method(void);
-# ifndef OPENSSL_NO_ENGINE
-int RAND_set_rand_engine(ENGINE *engine);
-# endif
-RAND_METHOD *RAND_SSLeay(void);
-void RAND_cleanup(void);
-int RAND_bytes(unsigned char *buf, int num);
-#ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(int RAND_pseudo_bytes(unsigned char *buf, int num));
-#endif
-void RAND_seed(const void *buf, int num);
-void RAND_add(const void *buf, int num, double entropy);
-int RAND_load_file(const char *file, long max_bytes);
-int RAND_write_file(const char *file);
-const char *RAND_file_name(char *file, size_t num);
-int RAND_status(void);
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
-int RAND_egd(const char *path);
-int RAND_egd_bytes(const char *path, int bytes);
-int RAND_poll(void);
-
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-
-void RAND_screen(void);
-int RAND_event(UINT, WPARAM, LPARAM);
-
-# endif
-
-# ifdef OPENSSL_FIPS
-int RAND_init_fips(void);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RAND_strings(void);
-
-/* Error codes for the RAND functions. */
-
-/* Function codes. */
-# define RAND_F_FIPS_RAND 102
-# define RAND_F_FIPS_RAND_SET_DT 103
-# define RAND_F_FIPS_SET_PRNG_SEED 104
-# define RAND_F_FIPS_SET_TEST_MODE 105
-# define RAND_F_FIPS_X931_SET_DT 106
-# define RAND_F_RAND_GET_RAND_METHOD 101
-# define RAND_F_SSLEAY_RAND_BYTES 100
-
-/* Reason codes. */
-# define RAND_R_NOT_IN_TEST_MODE 101
-# define RAND_R_NO_KEY_SET 102
-# define RAND_R_PRNG_ERROR 103
-# define RAND_R_PRNG_KEYED 104
-# define RAND_R_PRNG_NOT_SEEDED 100
-# define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 105
-# define RAND_R_PRNG_STUCK 106
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/rand/randtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rand.h>
-
-#include "../e_os.h"
-
-/* some FIPS 140-1 random number test */
-/* some simple tests */
-
-int main(int argc, char **argv)
-{
- unsigned char buf[2500];
- int i, j, k, s, sign, nsign, err = 0;
- unsigned long n1;
- unsigned long n2[16];
- unsigned long runs[2][34];
- /*
- * double d;
- */
- long d;
-
- i = RAND_bytes(buf, 2500);
- if (i <= 0) {
- printf("init failed, the rand method is not properly installed\n");
- err++;
- goto err;
- }
-
- n1 = 0;
- for (i = 0; i < 16; i++)
- n2[i] = 0;
- for (i = 0; i < 34; i++)
- runs[0][i] = runs[1][i] = 0;
-
- /* test 1 and 2 */
- sign = 0;
- nsign = 0;
- for (i = 0; i < 2500; i++) {
- j = buf[i];
-
- n2[j & 0x0f]++;
- n2[(j >> 4) & 0x0f]++;
-
- for (k = 0; k < 8; k++) {
- s = (j & 0x01);
- if (s == sign)
- nsign++;
- else {
- if (nsign > 34)
- nsign = 34;
- if (nsign != 0) {
- runs[sign][nsign - 1]++;
- if (nsign > 6)
- runs[sign][5]++;
- }
- sign = s;
- nsign = 1;
- }
-
- if (s)
- n1++;
- j >>= 1;
- }
- }
- if (nsign > 34)
- nsign = 34;
- if (nsign != 0)
- runs[sign][nsign - 1]++;
-
- /* test 1 */
- if (!((9654 < n1) && (n1 < 10346))) {
- printf("test 1 failed, X=%lu\n", n1);
- err++;
- }
- printf("test 1 done\n");
-
- /* test 2 */
- d = 0;
- for (i = 0; i < 16; i++)
- d += n2[i] * n2[i];
- d = (d * 8) / 25 - 500000;
- if (!((103 < d) && (d < 5740))) {
- printf("test 2 failed, X=%ld.%02ld\n", d / 100L, d % 100L);
- err++;
- }
- printf("test 2 done\n");
-
- /* test 3 */
- for (i = 0; i < 2; i++) {
- if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) {
- printf("test 3 failed, bit=%d run=%d num=%lu\n",
- i, 1, runs[i][0]);
- err++;
- }
- if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) {
- printf("test 3 failed, bit=%d run=%d num=%lu\n",
- i, 2, runs[i][1]);
- err++;
- }
- if (!((502 < runs[i][2]) && (runs[i][2] < 748))) {
- printf("test 3 failed, bit=%d run=%d num=%lu\n",
- i, 3, runs[i][2]);
- err++;
- }
- if (!((223 < runs[i][3]) && (runs[i][3] < 402))) {
- printf("test 3 failed, bit=%d run=%d num=%lu\n",
- i, 4, runs[i][3]);
- err++;
- }
- if (!((90 < runs[i][4]) && (runs[i][4] < 223))) {
- printf("test 3 failed, bit=%d run=%d num=%lu\n",
- i, 5, runs[i][4]);
- err++;
- }
- if (!((90 < runs[i][5]) && (runs[i][5] < 223))) {
- printf("test 3 failed, bit=%d run=%d num=%lu\n",
- i, 6, runs[i][5]);
- err++;
- }
- }
- printf("test 3 done\n");
-
- /* test 4 */
- if (runs[0][33] != 0) {
- printf("test 4 failed, bit=%d run=%d num=%lu\n", 0, 34, runs[0][33]);
- err++;
- }
- if (runs[1][33] != 0) {
- printf("test 4 failed, bit=%d run=%d num=%lu\n", 1, 34, runs[1][33]);
- err++;
- }
- printf("test 4 done\n");
- err:
- err = ((err) ? 1 : 0);
-#ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-#endif
- EXIT(err);
-}
+++ /dev/null
-/* crypto/rc2/rc2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC2_H
-# define HEADER_RC2_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_RC2, RC2_INT */
-# ifdef OPENSSL_NO_RC2
-# error RC2 is disabled.
-# endif
-
-# define RC2_ENCRYPT 1
-# define RC2_DECRYPT 0
-
-# define RC2_BLOCK 8
-# define RC2_KEY_LENGTH 16
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc2_key_st {
- RC2_INT data[64];
-} RC2_KEY;
-
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
-void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out,
- RC2_KEY *key, int enc);
-void RC2_encrypt(unsigned long *data, RC2_KEY *key);
-void RC2_decrypt(unsigned long *data, RC2_KEY *key);
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- RC2_KEY *ks, unsigned char *iv, int enc);
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC2_KEY *schedule, unsigned char *ivec,
- int *num, int enc);
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC2_KEY *schedule, unsigned char *ivec,
- int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/rc2/rc2test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * This has been a quickly hacked 'ideatest.c'. When I add tests for other
- * RC2 modes, more of the code will be uncommented.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RC2
-int main(int argc, char *argv[])
-{
- printf("No RC2 support\n");
- return (0);
-}
-#else
-# include <openssl/rc2.h>
-
-static unsigned char RC2key[4][16] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F},
-};
-
-static unsigned char RC2plain[4][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-};
-
-static unsigned char RC2cipher[4][8] = {
- {0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7},
- {0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74},
- {0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E},
- {0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31},
-};
-
-int main(int argc, char *argv[])
-{
- int i, n, err = 0;
- RC2_KEY key;
- unsigned char buf[8], buf2[8];
-
- for (n = 0; n < 4; n++) {
- RC2_set_key(&key, 16, &(RC2key[n][0]), 0 /* or 1024 */ );
-
- RC2_ecb_encrypt(&(RC2plain[n][0]), buf, &key, RC2_ENCRYPT);
- if (memcmp(&(RC2cipher[n][0]), buf, 8) != 0) {
- printf("ecb rc2 error encrypting\n");
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", buf[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", RC2cipher[n][i]);
- err = 20;
- printf("\n");
- }
-
- RC2_ecb_encrypt(buf, buf2, &key, RC2_DECRYPT);
- if (memcmp(&(RC2plain[n][0]), buf2, 8) != 0) {
- printf("ecb RC2 error decrypting\n");
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", buf[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", RC2plain[n][i]);
- printf("\n");
- err = 3;
- }
- }
-
- if (err == 0)
- printf("ecb RC2 ok\n");
-
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- EXIT(err);
-}
-
-#endif
+++ /dev/null
-/* crypto/rc4/rc4.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC4_H
-# define HEADER_RC4_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_RC4, RC4_INT */
-# ifdef OPENSSL_NO_RC4
-# error RC4 is disabled.
-# endif
-
-# include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc4_key_st {
- RC4_INT x, y;
- RC4_INT data[256];
-} RC4_KEY;
-
-const char *RC4_options(void);
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
- unsigned char *outdata);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/rc4/rc4test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RC4
-int main(int argc, char *argv[])
-{
- printf("No RC4 support\n");
- return (0);
-}
-#else
-# include <openssl/rc4.h>
-# include <openssl/sha.h>
-
-static unsigned char keys[7][30] = {
- {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
- {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
- {8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {4, 0xef, 0x01, 0x23, 0x45},
- {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
- {4, 0xef, 0x01, 0x23, 0x45},
-};
-
-static unsigned char data_len[7] = { 8, 8, 8, 20, 28, 10 };
-
-static unsigned char data[7][30] = {
- {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xff},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0xff},
- {0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
- 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
- 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
- 0x12, 0x34, 0x56, 0x78, 0xff},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
- {0},
-};
-
-static unsigned char output[7][30] = {
- {0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96, 0x00},
- {0x74, 0x94, 0xc2, 0xe7, 0x10, 0x4b, 0x08, 0x79, 0x00},
- {0xde, 0x18, 0x89, 0x41, 0xa3, 0x37, 0x5d, 0x3a, 0x00},
- {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf,
- 0xbd, 0x61, 0x5a, 0x11, 0x62, 0xe1, 0xc7, 0xba,
- 0x36, 0xb6, 0x78, 0x58, 0x00},
- {0x66, 0xa0, 0x94, 0x9f, 0x8a, 0xf7, 0xd6, 0x89,
- 0x1f, 0x7f, 0x83, 0x2b, 0xa8, 0x33, 0xc0, 0x0c,
- 0x89, 0x2e, 0xbe, 0x30, 0x14, 0x3c, 0xe2, 0x87,
- 0x40, 0x01, 0x1e, 0xcf, 0x00},
- {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, 0xbd, 0x61, 0x00},
- {0},
-};
-
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- int j;
- unsigned char *p;
- RC4_KEY key;
- unsigned char obuf[512];
-
-# if !defined(OPENSSL_PIC)
- void OPENSSL_cpuid_setup(void);
-
- OPENSSL_cpuid_setup();
-# endif
-
- for (i = 0; i < 6; i++) {
- RC4_set_key(&key, keys[i][0], &(keys[i][1]));
- memset(obuf, 0x00, sizeof(obuf));
- RC4(&key, data_len[i], &(data[i][0]), obuf);
- if (memcmp(obuf, output[i], data_len[i] + 1) != 0) {
- printf("error calculating RC4\n");
- printf("output:");
- for (j = 0; j < data_len[i] + 1; j++)
- printf(" %02x", obuf[j]);
- printf("\n");
- printf("expect:");
- p = &(output[i][0]);
- for (j = 0; j < data_len[i] + 1; j++)
- printf(" %02x", *(p++));
- printf("\n");
- err++;
- } else
- printf("test %d ok\n", i);
- }
- printf("test end processing ");
- for (i = 0; i < data_len[3]; i++) {
- RC4_set_key(&key, keys[3][0], &(keys[3][1]));
- memset(obuf, 0x00, sizeof(obuf));
- RC4(&key, i, &(data[3][0]), obuf);
- if ((memcmp(obuf, output[3], i) != 0) || (obuf[i] != 0)) {
- printf("error in RC4 length processing\n");
- printf("output:");
- for (j = 0; j < i + 1; j++)
- printf(" %02x", obuf[j]);
- printf("\n");
- printf("expect:");
- p = &(output[3][0]);
- for (j = 0; j < i; j++)
- printf(" %02x", *(p++));
- printf(" 00\n");
- err++;
- } else {
- printf(".");
- fflush(stdout);
- }
- }
- printf("done\n");
- printf("test multi-call ");
- for (i = 0; i < data_len[3]; i++) {
- RC4_set_key(&key, keys[3][0], &(keys[3][1]));
- memset(obuf, 0x00, sizeof(obuf));
- RC4(&key, i, &(data[3][0]), obuf);
- RC4(&key, data_len[3] - i, &(data[3][i]), &(obuf[i]));
- if (memcmp(obuf, output[3], data_len[3] + 1) != 0) {
- printf("error in RC4 multi-call processing\n");
- printf("output:");
- for (j = 0; j < data_len[3] + 1; j++)
- printf(" %02x", obuf[j]);
- printf("\n");
- printf("expect:");
- p = &(output[3][0]);
- for (j = 0; j < data_len[3] + 1; j++)
- printf(" %02x", *(p++));
- err++;
- } else {
- printf(".");
- fflush(stdout);
- }
- }
- printf("done\n");
- printf("bulk test ");
- {
- unsigned char buf[513];
- SHA_CTX c;
- unsigned char md[SHA_DIGEST_LENGTH];
- static unsigned char expected[] = {
- 0xa4, 0x7b, 0xcc, 0x00, 0x3d, 0xd0, 0xbd, 0xe1, 0xac, 0x5f,
- 0x12, 0x1e, 0x45, 0xbc, 0xfb, 0x1a, 0xa1, 0xf2, 0x7f, 0xc5
- };
-
- RC4_set_key(&key, keys[0][0], &(keys[3][1]));
- memset(buf, '\0', sizeof(buf));
- SHA1_Init(&c);
- for (i = 0; i < 2571; i++) {
- RC4(&key, sizeof(buf), buf, buf);
- SHA1_Update(&c, buf, sizeof(buf));
- }
- SHA1_Final(md, &c);
-
- if (memcmp(md, expected, sizeof(md))) {
- printf("error in RC4 bulk test\n");
- printf("output:");
- for (j = 0; j < (int)sizeof(md); j++)
- printf(" %02x", md[j]);
- printf("\n");
- printf("expect:");
- for (j = 0; j < (int)sizeof(md); j++)
- printf(" %02x", expected[j]);
- printf("\n");
- err++;
- } else
- printf("ok\n");
- }
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- EXIT(err);
-}
-#endif
+++ /dev/null
-/* crypto/rc5/rc5.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC5_H
-# define HEADER_RC5_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_RC5 */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_RC5
-# error RC5 is disabled.
-# endif
-
-# define RC5_ENCRYPT 1
-# define RC5_DECRYPT 0
-
-# define RC5_32_INT unsigned int
-
-# define RC5_32_BLOCK 8
-# define RC5_32_KEY_LENGTH 16/* This is a default, max is 255 */
-
-/*
- * This are the only values supported. Tweak the code if you want more The
- * most supported modes will be RC5-32/12/16 RC5-32/16/8
- */
-# define RC5_8_ROUNDS 8
-# define RC5_12_ROUNDS 12
-# define RC5_16_ROUNDS 16
-
-typedef struct rc5_key_st {
- /* Number of rounds */
- int rounds;
- RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
-} RC5_32_KEY;
-
-void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
- int rounds);
-void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
- RC5_32_KEY *key, int enc);
-void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key);
-void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key);
-void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC5_32_KEY *ks, unsigned char *iv,
- int enc);
-void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC5_32_KEY *schedule,
- unsigned char *ivec, int *num, int enc);
-void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC5_32_KEY *schedule,
- unsigned char *ivec, int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/rc5/rc5test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * This has been a quickly hacked 'ideatest.c'. When I add tests for other
- * RC5 modes, more of the code will be uncommented.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RC5
-int main(int argc, char *argv[])
-{
- printf("No RC5 support\n");
- return (0);
-}
-#else
-# include <openssl/rc5.h>
-
-static unsigned char RC5key[5][16] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x91, 0x5f, 0x46, 0x19, 0xbe, 0x41, 0xb2, 0x51,
- 0x63, 0x55, 0xa5, 0x01, 0x10, 0xa9, 0xce, 0x91},
- {0x78, 0x33, 0x48, 0xe7, 0x5a, 0xeb, 0x0f, 0x2f,
- 0xd7, 0xb1, 0x69, 0xbb, 0x8d, 0xc1, 0x67, 0x87},
- {0xdc, 0x49, 0xdb, 0x13, 0x75, 0xa5, 0x58, 0x4f,
- 0x64, 0x85, 0xb4, 0x13, 0xb5, 0xf1, 0x2b, 0xaf},
- {0x52, 0x69, 0xf1, 0x49, 0xd4, 0x1b, 0xa0, 0x15,
- 0x24, 0x97, 0x57, 0x4d, 0x7f, 0x15, 0x31, 0x25},
-};
-
-static unsigned char RC5plain[5][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x21, 0xA5, 0xDB, 0xEE, 0x15, 0x4B, 0x8F, 0x6D},
- {0xF7, 0xC0, 0x13, 0xAC, 0x5B, 0x2B, 0x89, 0x52},
- {0x2F, 0x42, 0xB3, 0xB7, 0x03, 0x69, 0xFC, 0x92},
- {0x65, 0xC1, 0x78, 0xB2, 0x84, 0xD1, 0x97, 0xCC},
-};
-
-static unsigned char RC5cipher[5][8] = {
- {0x21, 0xA5, 0xDB, 0xEE, 0x15, 0x4B, 0x8F, 0x6D},
- {0xF7, 0xC0, 0x13, 0xAC, 0x5B, 0x2B, 0x89, 0x52},
- {0x2F, 0x42, 0xB3, 0xB7, 0x03, 0x69, 0xFC, 0x92},
- {0x65, 0xC1, 0x78, 0xB2, 0x84, 0xD1, 0x97, 0xCC},
- {0xEB, 0x44, 0xE4, 0x15, 0xDA, 0x31, 0x98, 0x24},
-};
-
-# define RC5_CBC_NUM 27
-static unsigned char rc5_cbc_cipher[RC5_CBC_NUM][8] = {
- {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1e},
- {0x79, 0x7b, 0xba, 0x4d, 0x78, 0x11, 0x1d, 0x1e},
- {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1f},
- {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1f},
- {0x8b, 0x9d, 0xed, 0x91, 0xce, 0x77, 0x94, 0xa6},
- {0x2f, 0x75, 0x9f, 0xe7, 0xad, 0x86, 0xa3, 0x78},
- {0xdc, 0xa2, 0x69, 0x4b, 0xf4, 0x0e, 0x07, 0x88},
- {0xdc, 0xa2, 0x69, 0x4b, 0xf4, 0x0e, 0x07, 0x88},
- {0xdc, 0xfe, 0x09, 0x85, 0x77, 0xec, 0xa5, 0xff},
- {0x96, 0x46, 0xfb, 0x77, 0x63, 0x8f, 0x9c, 0xa8},
- {0xb2, 0xb3, 0x20, 0x9d, 0xb6, 0x59, 0x4d, 0xa4},
- {0x54, 0x5f, 0x7f, 0x32, 0xa5, 0xfc, 0x38, 0x36},
- {0x82, 0x85, 0xe7, 0xc1, 0xb5, 0xbc, 0x74, 0x02},
- {0xfc, 0x58, 0x6f, 0x92, 0xf7, 0x08, 0x09, 0x34},
- {0xcf, 0x27, 0x0e, 0xf9, 0x71, 0x7f, 0xf7, 0xc4},
- {0xe4, 0x93, 0xf1, 0xc1, 0xbb, 0x4d, 0x6e, 0x8c},
- {0x5c, 0x4c, 0x04, 0x1e, 0x0f, 0x21, 0x7a, 0xc3},
- {0x92, 0x1f, 0x12, 0x48, 0x53, 0x73, 0xb4, 0xf7},
- {0x5b, 0xa0, 0xca, 0x6b, 0xbe, 0x7f, 0x5f, 0xad},
- {0xc5, 0x33, 0x77, 0x1c, 0xd0, 0x11, 0x0e, 0x63},
- {0x29, 0x4d, 0xdb, 0x46, 0xb3, 0x27, 0x8d, 0x60},
- {0xda, 0xd6, 0xbd, 0xa9, 0xdf, 0xe8, 0xf7, 0xe8},
- {0x97, 0xe0, 0x78, 0x78, 0x37, 0xed, 0x31, 0x7f},
- {0x78, 0x75, 0xdb, 0xf6, 0x73, 0x8c, 0x64, 0x78},
- {0x8f, 0x34, 0xc3, 0xc6, 0x81, 0xc9, 0x96, 0x95},
- {0x7c, 0xb3, 0xf1, 0xdf, 0x34, 0xf9, 0x48, 0x11},
- {0x7f, 0xd1, 0xa0, 0x23, 0xa5, 0xbb, 0xa2, 0x17},
-};
-
-static unsigned char rc5_cbc_key[RC5_CBC_NUM][17] = {
- {1, 0x00},
- {1, 0x00},
- {1, 0x00},
- {1, 0x00},
- {1, 0x00},
- {1, 0x11},
- {1, 0x00},
- {4, 0x00, 0x00, 0x00, 0x00},
- {1, 0x00},
- {1, 0x00},
- {1, 0x00},
- {1, 0x00},
- {4, 0x01, 0x02, 0x03, 0x04},
- {4, 0x01, 0x02, 0x03, 0x04},
- {4, 0x01, 0x02, 0x03, 0x04},
- {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
- 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
- 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
- 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {5, 0x01, 0x02, 0x03, 0x04, 0x05},
- {5, 0x01, 0x02, 0x03, 0x04, 0x05},
- {5, 0x01, 0x02, 0x03, 0x04, 0x05},
- {5, 0x01, 0x02, 0x03, 0x04, 0x05},
- {5, 0x01, 0x02, 0x03, 0x04, 0x05},
-};
-
-static unsigned char rc5_cbc_plain[RC5_CBC_NUM][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
- {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
- {0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x01},
-};
-
-static int rc5_cbc_rounds[RC5_CBC_NUM] = {
- 0, 0, 0, 0, 0, 1, 2, 2,
- 8, 8, 12, 16, 8, 12, 16, 12,
- 8, 12, 16, 8, 12, 16, 12, 8,
- 8, 8, 8,
-};
-
-static unsigned char rc5_cbc_iv[RC5_CBC_NUM][8] = {
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x78, 0x75, 0xdb, 0xf6, 0x73, 0x8c, 0x64, 0x78},
- {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {0x7c, 0xb3, 0xf1, 0xdf, 0x34, 0xf9, 0x48, 0x11},
-};
-
-int main(int argc, char *argv[])
-{
- int i, n, err = 0;
- RC5_32_KEY key;
- unsigned char buf[8], buf2[8], ivb[8];
-
- for (n = 0; n < 5; n++) {
- RC5_32_set_key(&key, 16, &(RC5key[n][0]), 12);
-
- RC5_32_ecb_encrypt(&(RC5plain[n][0]), buf, &key, RC5_ENCRYPT);
- if (memcmp(&(RC5cipher[n][0]), buf, 8) != 0) {
- printf("ecb RC5 error encrypting (%d)\n", n + 1);
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", buf[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", RC5cipher[n][i]);
- err = 20;
- printf("\n");
- }
-
- RC5_32_ecb_encrypt(buf, buf2, &key, RC5_DECRYPT);
- if (memcmp(&(RC5plain[n][0]), buf2, 8) != 0) {
- printf("ecb RC5 error decrypting (%d)\n", n + 1);
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", buf2[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", RC5plain[n][i]);
- printf("\n");
- err = 3;
- }
- }
- if (err == 0)
- printf("ecb RC5 ok\n");
-
- for (n = 0; n < RC5_CBC_NUM; n++) {
- i = rc5_cbc_rounds[n];
- if (i < 8)
- continue;
-
- RC5_32_set_key(&key, rc5_cbc_key[n][0], &(rc5_cbc_key[n][1]), i);
-
- memcpy(ivb, &(rc5_cbc_iv[n][0]), 8);
- RC5_32_cbc_encrypt(&(rc5_cbc_plain[n][0]), buf, 8,
- &key, &(ivb[0]), RC5_ENCRYPT);
-
- if (memcmp(&(rc5_cbc_cipher[n][0]), buf, 8) != 0) {
- printf("cbc RC5 error encrypting (%d)\n", n + 1);
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", buf[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", rc5_cbc_cipher[n][i]);
- err = 30;
- printf("\n");
- }
-
- memcpy(ivb, &(rc5_cbc_iv[n][0]), 8);
- RC5_32_cbc_encrypt(buf, buf2, 8, &key, &(ivb[0]), RC5_DECRYPT);
- if (memcmp(&(rc5_cbc_plain[n][0]), buf2, 8) != 0) {
- printf("cbc RC5 error decrypting (%d)\n", n + 1);
- printf("got :");
- for (i = 0; i < 8; i++)
- printf("%02X ", buf2[i]);
- printf("\n");
- printf("expected:");
- for (i = 0; i < 8; i++)
- printf("%02X ", rc5_cbc_plain[n][i]);
- printf("\n");
- err = 3;
- }
- }
- if (err == 0)
- printf("cbc RC5 ok\n");
-
- EXIT(err);
- return (err);
-}
-
-#endif
+++ /dev/null
-/* crypto/ripemd/ripemd.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RIPEMD_H
-# define HEADER_RIPEMD_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_RMD160
-# error RIPEMD is disabled.
-# endif
-
-# define RIPEMD160_LONG unsigned int
-
-# define RIPEMD160_CBLOCK 64
-# define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
-# define RIPEMD160_DIGEST_LENGTH 20
-
-typedef struct RIPEMD160state_st {
- RIPEMD160_LONG A, B, C, D, E;
- RIPEMD160_LONG Nl, Nh;
- RIPEMD160_LONG data[RIPEMD160_LBLOCK];
- unsigned int num;
-} RIPEMD160_CTX;
-
-int RIPEMD160_Init(RIPEMD160_CTX *c);
-int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
-int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md);
-void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/ripemd/rmdtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RMD160
-int main(int argc, char *argv[])
-{
- printf("No ripemd support\n");
- return (0);
-}
-#else
-# include <openssl/ripemd.h>
-# include <openssl/evp.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-static char *test[] = {
- "",
- "a",
- "abc",
- "message digest",
- "abcdefghijklmnopqrstuvwxyz",
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- NULL,
-};
-
-static char *ret[] = {
- "9c1185a5c5e9fc54612808977ee8f548b2258d31",
- "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
- "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
- "5d0689ef49d2fae572b881b123a85ffa21595f36",
- "f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
- "12a053384a9c0c88e405a06c27dcf49ada62eb2b",
- "b0e20b6e3116640286ed3a87a5713079b21f5189",
- "9b752e45573d4b39f4dbd3323cab82bf63326bfb",
-};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- char **P, **R;
- char *p;
- unsigned char md[RIPEMD160_DIGEST_LENGTH];
-
- P = test;
- R = ret;
- i = 1;
- while (*P != NULL) {
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));
-# endif
- EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_ripemd160(),
- NULL);
- p = pt(md);
- if (strcmp(p, (char *)*R) != 0) {
- printf("error calculating RIPEMD160 on '%s'\n", *P);
- printf("got %s instead of %s\n", p, *R);
- err++;
- } else
- printf("test %d ok\n", i);
- i++;
- R++;
- P++;
- }
- EXIT(err);
-}
-
-static char *pt(unsigned char *md)
-{
- int i;
- static char buf[80];
-
- for (i = 0; i < RIPEMD160_DIGEST_LENGTH; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
-#endif
+++ /dev/null
-/* crypto/rsa/rsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RSA_H
-# define HEADER_RSA_H
-
-# include <openssl/asn1.h>
-
-# include <openssl/bio.h>
-# include <openssl/crypto.h>
-# include <openssl/ossl_typ.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/bn.h>
-# endif
-
-# ifdef OPENSSL_NO_RSA
-# error RSA is disabled.
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Declared already in ossl_typ.h */
-/* typedef struct rsa_st RSA; */
-/* typedef struct rsa_meth_st RSA_METHOD; */
-
-struct rsa_meth_st {
- const char *name;
- int (*rsa_pub_enc) (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int (*rsa_pub_dec) (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int (*rsa_priv_enc) (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int (*rsa_priv_dec) (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- /* Can be null */
- int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
- /* Can be null */
- int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
- /* called at new */
- int (*init) (RSA *rsa);
- /* called at free */
- int (*finish) (RSA *rsa);
- /* RSA_METHOD_FLAG_* things */
- int flags;
- /* may be needed! */
- char *app_data;
- /*
- * New sign and verify functions: some libraries don't allow arbitrary
- * data to be signed/verified: this allows them to be used. Note: for
- * this to work the RSA_public_decrypt() and RSA_private_encrypt() should
- * *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
- * for backwards compatibility this functionality is only enabled if the
- * RSA_FLAG_SIGN_VER option is set in 'flags'.
- */
- int (*rsa_sign) (int type,
- const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen,
- const RSA *rsa);
- int (*rsa_verify) (int dtype, const unsigned char *m,
- unsigned int m_length, const unsigned char *sigbuf,
- unsigned int siglen, const RSA *rsa);
- /*
- * If this callback is NULL, the builtin software RSA key-gen will be
- * used. This is for behavioural compatibility whilst the code gets
- * rewired, but one day it would be nice to assume there are no such
- * things as "builtin software" implementations.
- */
- int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-};
-
-struct rsa_st {
- /*
- * The first parameter is used to pickup errors where this is passed
- * instead of aEVP_PKEY, it is set to 0
- */
- int pad;
- long version;
- const RSA_METHOD *meth;
- /* functional reference if 'meth' is ENGINE-provided */
- ENGINE *engine;
- BIGNUM *n;
- BIGNUM *e;
- BIGNUM *d;
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *dmp1;
- BIGNUM *dmq1;
- BIGNUM *iqmp;
- /* be careful using this if the RSA structure is shared */
- CRYPTO_EX_DATA ex_data;
- int references;
- int flags;
- /* Used to cache montgomery values */
- BN_MONT_CTX *_method_mod_n;
- BN_MONT_CTX *_method_mod_p;
- BN_MONT_CTX *_method_mod_q;
- /*
- * all BIGNUM values are actually in the following data, if it is not
- * NULL
- */
- char *bignum_data;
- BN_BLINDING *blinding;
- BN_BLINDING *mt_blinding;
-};
-
-# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
-# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
-# endif
-
-# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
-
-# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
-# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
-# endif
-# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
-
-/* exponent limit enforced for "large" modulus only */
-# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
-# endif
-
-# define RSA_3 0x3L
-# define RSA_F4 0x10001L
-
-# define RSA_METHOD_FLAG_NO_CHECK 0x0001/* don't check pub/private
- * match */
-
-# define RSA_FLAG_CACHE_PUBLIC 0x0002
-# define RSA_FLAG_CACHE_PRIVATE 0x0004
-# define RSA_FLAG_BLINDING 0x0008
-# define RSA_FLAG_THREAD_SAFE 0x0010
-/*
- * This flag means the private key operations will be handled by rsa_mod_exp
- * and that they do not depend on the private key components being present:
- * for example a key stored in external hardware. Without this flag
- * bn_mod_exp gets called when private key components are absent.
- */
-# define RSA_FLAG_EXT_PKEY 0x0020
-
-/*
- * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
- * functions.
- */
-# define RSA_FLAG_SIGN_VER 0x0040
-
-/*
- * new with 0.9.6j and 0.9.7b; the built-in
- * RSA implementation now uses blinding by
- * default (ignoring RSA_FLAG_BLINDING),
- * but other engines might not need it
- */
-# define RSA_FLAG_NO_BLINDING 0x0080
-/*
- * new with 0.9.8f; the built-in RSA
- * implementation now uses constant time
- * operations by default in private key operations,
- * e.g., constant time modular exponentiation,
- * modular inverse without leaking branches,
- * division without leaking branches. This
- * flag disables these constant time
- * operations and results in faster RSA
- * private key operations.
- */
-# define RSA_FLAG_NO_CONSTTIME 0x0100
-# ifdef OPENSSL_USE_DEPRECATED
-/* deprecated name for the flag*/
-/*
- * new with 0.9.7h; the built-in RSA
- * implementation now uses constant time
- * modular exponentiation for secret exponents
- * by default. This flag causes the
- * faster variable sliding window method to
- * be used for all exponents.
- */
-# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
-# endif
-
-# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
- pad, NULL)
-
-# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
- EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
-
-# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
- (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
- EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
- len, NULL)
-
-# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
- (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
- EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
- 0, plen)
-
-# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
- EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
-
-# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
- EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
-
-# define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
- EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
- EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
-
-# define EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
- EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
-
-# define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
- EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
- EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
- EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
- EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
-
-# define EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
- EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
-
-# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
-
-# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
-
-# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
-
-# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
-
-# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
-# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
-
-# define RSA_PKCS1_PADDING 1
-# define RSA_SSLV23_PADDING 2
-# define RSA_NO_PADDING 3
-# define RSA_PKCS1_OAEP_PADDING 4
-# define RSA_X931_PADDING 5
-/* EVP_PKEY_ only */
-# define RSA_PKCS1_PSS_PADDING 6
-
-# define RSA_PKCS1_PADDING_SIZE 11
-
-# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
-# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
-
-RSA *RSA_new(void);
-RSA *RSA_new_method(ENGINE *engine);
-int RSA_size(const RSA *rsa);
-int RSA_security_bits(const RSA *rsa);
-
-/* Deprecated version */
-# ifdef OPENSSL_USE_DEPRECATED
-DECLARE_DEPRECATED(RSA *RSA_generate_key(int bits, unsigned long e, void
- (*callback) (int, int, void *),
- void *cb_arg));
-# endif /* defined(OPENSSL_USE_DEPRECATED) */
-
-/* New version */
-int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-
-int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1,
- BIGNUM *q2, const BIGNUM *Xp1, const BIGNUM *Xp2,
- const BIGNUM *Xp, const BIGNUM *Xq1, const BIGNUM *Xq2,
- const BIGNUM *Xq, const BIGNUM *e, BN_GENCB *cb);
-int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e,
- BN_GENCB *cb);
-
-int RSA_check_key(const RSA *);
-int RSA_check_key_ex(const RSA *, BN_GENCB *cb);
- /* next 4 return -1 on error */
-int RSA_public_encrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-int RSA_private_encrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-int RSA_public_decrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-int RSA_private_decrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-void RSA_free(RSA *r);
-/* "up" the RSA object's reference count */
-int RSA_up_ref(RSA *r);
-
-int RSA_flags(const RSA *r);
-
-void RSA_set_default_method(const RSA_METHOD *meth);
-const RSA_METHOD *RSA_get_default_method(void);
-const RSA_METHOD *RSA_get_method(const RSA *rsa);
-int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-
-/* This function needs the memory locking malloc callbacks to be installed */
-int RSA_memory_lock(RSA *r);
-
-/* these are the actual SSLeay RSA functions */
-const RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
-const RSA_METHOD *RSA_null_method(void);
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
-
-typedef struct rsa_pss_params_st {
- X509_ALGOR *hashAlgorithm;
- X509_ALGOR *maskGenAlgorithm;
- ASN1_INTEGER *saltLength;
- ASN1_INTEGER *trailerField;
-} RSA_PSS_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
-
-typedef struct rsa_oaep_params_st {
- X509_ALGOR *hashFunc;
- X509_ALGOR *maskGenFunc;
- X509_ALGOR *pSourceFunc;
-} RSA_OAEP_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
-
-# ifndef OPENSSL_NO_STDIO
-int RSA_print_fp(FILE *fp, const RSA *r, int offset);
-# endif
-
-int RSA_print(BIO *bp, const RSA *r, int offset);
-
-# ifndef OPENSSL_NO_RC4
-int i2d_RSA_NET(const RSA *a, unsigned char **pp,
- int (*cb) (char *buf, int len, const char *prompt,
- int verify), int sgckey);
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
- int (*cb) (char *buf, int len, const char *prompt,
- int verify), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
- int (*cb) (char *buf, int len, const char *prompt,
- int verify));
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
- int (*cb) (char *buf, int len, const char *prompt,
- int verify));
-# endif
-
-/*
- * The following 2 functions sign and verify a X509_SIG ASN1 object inside
- * PKCS#1 padded RSA encryption
- */
-int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
- const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-/*
- * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
- * PKCS#1 padded RSA encryption
- */
-int RSA_sign_ASN1_OCTET_STRING(int type,
- const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen,
- RSA *rsa);
-int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
- unsigned int m_length, unsigned char *sigbuf,
- unsigned int siglen, RSA *rsa);
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-void RSA_blinding_off(RSA *rsa);
-BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
- const unsigned char *f, int fl);
-int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
- const unsigned char *f, int fl,
- int rsa_len);
-int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
- const unsigned char *f, int fl);
-int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
- const unsigned char *f, int fl,
- int rsa_len);
-int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
- long seedlen, const EVP_MD *dgst);
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
- const unsigned char *f, int fl,
- const unsigned char *p, int pl);
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
- const unsigned char *f, int fl, int rsa_len,
- const unsigned char *p, int pl);
-int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
- const unsigned char *from, int flen,
- const unsigned char *param, int plen,
- const EVP_MD *md, const EVP_MD *mgf1md);
-int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
- const unsigned char *from, int flen,
- int num, const unsigned char *param,
- int plen, const EVP_MD *md,
- const EVP_MD *mgf1md);
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
- const unsigned char *f, int fl);
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
- const unsigned char *f, int fl, int rsa_len);
-int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
- int fl);
-int RSA_padding_check_none(unsigned char *to, int tlen,
- const unsigned char *f, int fl, int rsa_len);
-int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
- int fl);
-int RSA_padding_check_X931(unsigned char *to, int tlen,
- const unsigned char *f, int fl, int rsa_len);
-int RSA_X931_hash_id(int nid);
-
-int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
- const EVP_MD *Hash, const unsigned char *EM,
- int sLen);
-int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
- const unsigned char *mHash, const EVP_MD *Hash,
- int sLen);
-
-int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
- const EVP_MD *Hash, const EVP_MD *mgf1Hash,
- const unsigned char *EM, int sLen);
-
-int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
- const unsigned char *mHash,
- const EVP_MD *Hash, const EVP_MD *mgf1Hash,
- int sLen);
-
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int RSA_set_ex_data(RSA *r, int idx, void *arg);
-void *RSA_get_ex_data(const RSA *r, int idx);
-
-RSA *RSAPublicKey_dup(RSA *rsa);
-RSA *RSAPrivateKey_dup(RSA *rsa);
-
-/*
- * If this flag is set the RSA method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its responsibility to ensure the
- * result is compliant.
- */
-
-# define RSA_FLAG_FIPS_METHOD 0x0400
-
-/*
- * If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
-/*
- * Application has decided PRNG is good enough to generate a key: don't
- * check.
- */
-# define RSA_FLAG_CHECKED 0x0800
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RSA_strings(void);
-
-/* Error codes for the RSA functions. */
-
-/* Function codes. */
-# define RSA_F_CHECK_PADDING_MD 140
-# define RSA_F_DO_RSA_PRINT 146
-# define RSA_F_FIPS_RSA_SIGN_DIGEST 149
-# define RSA_F_FIPS_RSA_VERIFY 150
-# define RSA_F_FIPS_RSA_VERIFY_DIGEST 151
-# define RSA_F_INT_RSA_VERIFY 145
-# define RSA_F_MEMORY_LOCK 100
-# define RSA_F_OLD_RSA_PRIV_DECODE 147
-# define RSA_F_PKEY_RSA_CTRL 143
-# define RSA_F_PKEY_RSA_CTRL_STR 144
-# define RSA_F_PKEY_RSA_SIGN 142
-# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
-# define RSA_F_RSA_ALGOR_TO_MD 156
-# define RSA_F_RSA_BUILTIN_KEYGEN 129
-# define RSA_F_RSA_CHECK_KEY 123
-# define RSA_F_RSA_CHECK_KEY_EX 160
-# define RSA_F_RSA_CMS_DECRYPT 159
-# define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
-# define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
-# define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
-# define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
-# define RSA_F_RSA_GENERATE_KEY 105
-# define RSA_F_RSA_ITEM_VERIFY 148
-# define RSA_F_RSA_MEMORY_LOCK 130
-# define RSA_F_RSA_MGF1_TO_MD 157
-# define RSA_F_RSA_NEW_METHOD 106
-# define RSA_F_RSA_NULL 124
-# define RSA_F_RSA_NULL_MOD_EXP 131
-# define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
-# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
-# define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
-# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
-# define RSA_F_RSA_OAEP_TO_CTX 158
-# define RSA_F_RSA_PADDING_ADD_NONE 107
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 154
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 152
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
-# define RSA_F_RSA_PADDING_ADD_SSLV23 110
-# define RSA_F_RSA_PADDING_ADD_X931 127
-# define RSA_F_RSA_PADDING_CHECK_NONE 111
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 153
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
-# define RSA_F_RSA_PADDING_CHECK_SSLV23 114
-# define RSA_F_RSA_PADDING_CHECK_X931 128
-# define RSA_F_RSA_PRINT 115
-# define RSA_F_RSA_PRINT_FP 116
-# define RSA_F_RSA_PRIV_DECODE 137
-# define RSA_F_RSA_PRIV_ENCODE 138
-# define RSA_F_RSA_PSS_TO_CTX 155
-# define RSA_F_RSA_PUB_DECODE 139
-# define RSA_F_RSA_SETUP_BLINDING 136
-# define RSA_F_RSA_SIGN 117
-# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
-# define RSA_F_RSA_VERIFY 119
-# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
-# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 126
-
-/* Reason codes. */
-# define RSA_R_ALGORITHM_MISMATCH 100
-# define RSA_R_BAD_E_VALUE 101
-# define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
-# define RSA_R_BAD_PAD_BYTE_COUNT 103
-# define RSA_R_BAD_SIGNATURE 104
-# define RSA_R_BLOCK_TYPE_IS_NOT_01 106
-# define RSA_R_BLOCK_TYPE_IS_NOT_02 107
-# define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
-# define RSA_R_DATA_TOO_LARGE 109
-# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
-# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
-# define RSA_R_DATA_TOO_SMALL 111
-# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
-# define RSA_R_DIGEST_DOES_NOT_MATCH 158
-# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
-# define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
-# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
-# define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
-# define RSA_R_FIRST_OCTET_INVALID 133
-# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
-# define RSA_R_INVALID_DIGEST 157
-# define RSA_R_INVALID_DIGEST_LENGTH 143
-# define RSA_R_INVALID_HEADER 137
-# define RSA_R_INVALID_KEYBITS 145
-# define RSA_R_INVALID_LABEL 160
-# define RSA_R_INVALID_MESSAGE_LENGTH 131
-# define RSA_R_INVALID_MGF1_MD 156
-# define RSA_R_INVALID_OAEP_PARAMETERS 161
-# define RSA_R_INVALID_PADDING 138
-# define RSA_R_INVALID_PADDING_MODE 141
-# define RSA_R_INVALID_PSS_PARAMETERS 149
-# define RSA_R_INVALID_PSS_SALTLEN 146
-# define RSA_R_INVALID_SALT_LENGTH 150
-# define RSA_R_INVALID_TRAILER 139
-# define RSA_R_INVALID_X931_DIGEST 142
-# define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
-# define RSA_R_KEY_SIZE_TOO_SMALL 120
-# define RSA_R_LAST_OCTET_INVALID 134
-# define RSA_R_MODULUS_TOO_LARGE 105
-# define RSA_R_NO_PUBLIC_EXPONENT 140
-# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
-# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
-# define RSA_R_OAEP_DECODING_ERROR 121
-# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
-# define RSA_R_PADDING_CHECK_FAILED 114
-# define RSA_R_PKCS_DECODING_ERROR 159
-# define RSA_R_P_NOT_PRIME 128
-# define RSA_R_Q_NOT_PRIME 129
-# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
-# define RSA_R_SLEN_CHECK_FAILED 136
-# define RSA_R_SLEN_RECOVERY_FAILED 135
-# define RSA_R_SSLV3_ROLLBACK_ATTACK 115
-# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
-# define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
-# define RSA_R_UNKNOWN_DIGEST 166
-# define RSA_R_UNKNOWN_MASK_DIGEST 151
-# define RSA_R_UNKNOWN_PADDING_TYPE 118
-# define RSA_R_UNKNOWN_PSS_DIGEST 152
-# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 162
-# define RSA_R_UNSUPPORTED_LABEL_SOURCE 163
-# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
-# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
-# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
-# define RSA_R_VALUE_MISSING 147
-# define RSA_R_WRONG_SIGNATURE_LENGTH 119
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* test vectors from p1ovect1.txt */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#include <openssl/bn.h>
-#ifdef OPENSSL_NO_RSA
-int main(int argc, char *argv[])
-{
- printf("No RSA support\n");
- return (0);
-}
-#else
-# include <openssl/rsa.h>
-
-# define SetKey \
- key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
- key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
- key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
- key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
- key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
- key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
- key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
- key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
- memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
- return (sizeof(ctext_ex) - 1);
-
-static int key1(RSA *key, unsigned char *c)
-{
- static unsigned char n[] =
- "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
- "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
- "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
- "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
- "\xF5";
-
- static unsigned char e[] = "\x11";
-
- static unsigned char d[] =
- "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
- "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
- "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
- "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
-
- static unsigned char p[] =
- "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
- "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
- "\x0D";
-
- static unsigned char q[] =
- "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
- "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
- "\x89";
-
- static unsigned char dmp1[] =
- "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
- "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
-
- static unsigned char dmq1[] =
- "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
- "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
- "\x51";
-
- static unsigned char iqmp[] =
- "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
- "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
-
- static unsigned char ctext_ex[] =
- "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
- "\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
- "\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
- "\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
-
- SetKey;
-}
-
-static int key2(RSA *key, unsigned char *c)
-{
- static unsigned char n[] =
- "\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
- "\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
- "\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
- "\x34\x77\xCF";
-
- static unsigned char e[] = "\x3";
-
- static unsigned char d[] =
- "\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
- "\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
- "\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
- "\xE5\xEB";
-
- static unsigned char p[] =
- "\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
- "\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
-
- static unsigned char q[] =
- "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
- "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
-
- static unsigned char dmp1[] =
- "\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
- "\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
-
- static unsigned char dmq1[] =
- "\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
- "\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
-
- static unsigned char iqmp[] =
- "\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
- "\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
-
- static unsigned char ctext_ex[] =
- "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
- "\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
- "\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
- "\x62\x51";
-
- SetKey;
-}
-
-static int key3(RSA *key, unsigned char *c)
-{
- static unsigned char n[] =
- "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
- "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
- "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
- "\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
- "\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
- "\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
- "\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
- "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
- "\xCB";
-
- static unsigned char e[] = "\x11";
-
- static unsigned char d[] =
- "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
- "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
- "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
- "\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
- "\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
- "\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
- "\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
- "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
- "\xC1";
-
- static unsigned char p[] =
- "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
- "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
- "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
- "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
- "\x99";
-
- static unsigned char q[] =
- "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
- "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
- "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
- "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
- "\x03";
-
- static unsigned char dmp1[] =
- "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
- "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
- "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
- "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
-
- static unsigned char dmq1[] =
- "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
- "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
- "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
- "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
-
- static unsigned char iqmp[] =
- "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
- "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
- "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
- "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
- "\xF7";
-
- static unsigned char ctext_ex[] =
- "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
- "\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
- "\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
- "\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
- "\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
- "\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
- "\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
- "\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
-
- SetKey;
-}
-
-static int pad_unknown(void)
-{
- unsigned long l;
- while ((l = ERR_get_error()) != 0)
- if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
- return (1);
- return (0);
-}
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-int main(int argc, char *argv[])
-{
- int err = 0;
- int v;
- RSA *key;
- unsigned char ptext[256];
- unsigned char ctext[256];
- static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
- unsigned char ctext_ex[256];
- int plen;
- int clen = 0;
- int num;
- int n;
-
- CRYPTO_malloc_debug_init();
- CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
-
- plen = sizeof(ptext_ex) - 1;
-
- for (v = 0; v < 6; v++) {
- key = RSA_new();
- switch (v % 3) {
- case 0:
- clen = key1(key, ctext_ex);
- break;
- case 1:
- clen = key2(key, ctext_ex);
- break;
- case 2:
- clen = key3(key, ctext_ex);
- break;
- }
- if (v / 3 >= 1)
- key->flags |= RSA_FLAG_NO_CONSTTIME;
-
- num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
- RSA_PKCS1_PADDING);
- if (num != clen) {
- printf("PKCS#1 v1.5 encryption failed!\n");
- err = 1;
- goto oaep;
- }
-
- num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING);
- if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
- printf("PKCS#1 v1.5 decryption failed!\n");
- err = 1;
- } else
- printf("PKCS #1 v1.5 encryption/decryption ok\n");
-
- oaep:
- ERR_clear_error();
- num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
- RSA_PKCS1_OAEP_PADDING);
- if (num == -1 && pad_unknown()) {
- printf("No OAEP support\n");
- goto next;
- }
- if (num != clen) {
- printf("OAEP encryption failed!\n");
- err = 1;
- goto next;
- }
-
- num = RSA_private_decrypt(num, ctext, ptext, key,
- RSA_PKCS1_OAEP_PADDING);
- if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
- printf("OAEP decryption (encrypted data) failed!\n");
- err = 1;
- } else if (memcmp(ctext, ctext_ex, num) == 0)
- printf("OAEP test vector %d passed!\n", v);
-
- /*
- * Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). Try
- * decrypting ctext_ex
- */
-
- num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
- RSA_PKCS1_OAEP_PADDING);
-
- if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
- printf("OAEP decryption (test vector data) failed!\n");
- err = 1;
- } else
- printf("OAEP encryption/decryption ok\n");
-
- /* Try decrypting corrupted ciphertexts */
- for (n = 0; n < clen; ++n) {
- int b;
- unsigned char saved = ctext[n];
- for (b = 0; b < 256; ++b) {
- if (b == saved)
- continue;
- ctext[n] = b;
- num = RSA_private_decrypt(num, ctext, ptext, key,
- RSA_PKCS1_OAEP_PADDING);
- if (num > 0) {
- printf("Corrupt data decrypted!\n");
- err = 1;
- }
- }
- }
- next:
- RSA_free(key);
- }
-
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
-
- CRYPTO_mem_leaks_fp(stderr);
-
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- return err;
-}
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Neither the name of author nor the names of its contributors may
- * be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SEED_H
-# define HEADER_SEED_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/e_os2.h>
-# include <openssl/crypto.h>
-
-# ifdef OPENSSL_NO_SEED
-# error SEED is disabled.
-# endif
-
-/* look whether we need 'long' to get 32 bits */
-# ifdef AES_LONG
-# ifndef SEED_LONG
-# define SEED_LONG 1
-# endif
-# endif
-
-# if !defined(NO_SYS_TYPES_H)
-# include <sys/types.h>
-# endif
-
-# define SEED_BLOCK_SIZE 16
-# define SEED_KEY_LENGTH 16
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct seed_key_st {
-# ifdef SEED_LONG
- unsigned long data[32];
-# else
- unsigned int data[32];
-# endif
-} SEED_KEY_SCHEDULE;
-
-void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
- SEED_KEY_SCHEDULE *ks);
-
-void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
- unsigned char d[SEED_BLOCK_SIZE],
- const SEED_KEY_SCHEDULE *ks);
-void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
- unsigned char d[SEED_BLOCK_SIZE],
- const SEED_KEY_SCHEDULE *ks);
-
-void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const SEED_KEY_SCHEDULE *ks, int enc);
-void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
- const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE], int enc);
-void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE], int *num,
- int enc);
-void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE], int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* HEADER_SEED_H */
+++ /dev/null
-/* crypto/sha/sha.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SHA_H
-# define HEADER_SHA_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*-
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! SHA_LONG has to be at least 32 bits wide. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-# define SHA_LONG unsigned int
-
-# define SHA_LBLOCK 16
-# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
- * contiguous array of 32 bit wide
- * big-endian values. */
-# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
-# define SHA_DIGEST_LENGTH 20
-
-typedef struct SHAstate_st {
- SHA_LONG h0, h1, h2, h3, h4;
- SHA_LONG Nl, Nh;
- SHA_LONG data[SHA_LBLOCK];
- unsigned int num;
-} SHA_CTX;
-
-int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
-int SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
-
-# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
- * contiguous array of 32 bit wide
- * big-endian values. */
-
-typedef struct SHA256state_st {
- SHA_LONG h[8];
- SHA_LONG Nl, Nh;
- SHA_LONG data[SHA_LBLOCK];
- unsigned int num, md_len;
-} SHA256_CTX;
-
-int SHA224_Init(SHA256_CTX *c);
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA224_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
-int SHA256_Init(SHA256_CTX *c);
-int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA256_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
-void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
-
-# define SHA224_DIGEST_LENGTH 28
-# define SHA256_DIGEST_LENGTH 32
-# define SHA384_DIGEST_LENGTH 48
-# define SHA512_DIGEST_LENGTH 64
-
-/*
- * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
- * being exactly 64-bit wide. See Implementation Notes in sha512.c
- * for further details.
- */
-/*
- * SHA-512 treats input data as a
- * contiguous array of 64 bit
- * wide big-endian values.
- */
-# define SHA512_CBLOCK (SHA_LBLOCK*8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define SHA_LONG64 unsigned __int64
-# define U64(C) C##UI64
-# elif defined(__arch64__)
-# define SHA_LONG64 unsigned long
-# define U64(C) C##UL
-# else
-# define SHA_LONG64 unsigned long long
-# define U64(C) C##ULL
-# endif
-
-typedef struct SHA512state_st {
- SHA_LONG64 h[8];
- SHA_LONG64 Nl, Nh;
- union {
- SHA_LONG64 d[SHA_LBLOCK];
- unsigned char p[SHA512_CBLOCK];
- } u;
- unsigned int num, md_len;
-} SHA512_CTX;
-
-int SHA384_Init(SHA512_CTX *c);
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
-int SHA512_Init(SHA512_CTX *c);
-int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA512_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
-void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/sha/sha1test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-
-#ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-#endif
-
-static char *test[] = {
- "abc",
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
- NULL,
-};
-
-static char *ret[] = {
- "a9993e364706816aba3e25717850c26c9cd0d89d",
- "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
-};
-
-static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- char **P, **R;
- static unsigned char buf[1000];
- char *p, *r;
- EVP_MD_CTX c;
- unsigned char md[SHA_DIGEST_LENGTH];
-
-#ifdef CHARSET_EBCDIC
- ebcdic2ascii(test[0], test[0], strlen(test[0]));
- ebcdic2ascii(test[1], test[1], strlen(test[1]));
-#endif
-
- EVP_MD_CTX_init(&c);
- P = test;
- R = ret;
- i = 1;
- while (*P != NULL) {
- EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);
- p = pt(md);
- if (strcmp(p, (char *)*R) != 0) {
- printf("error calculating SHA1 on '%s'\n", *P);
- printf("got %s instead of %s\n", p, *R);
- err++;
- } else
- printf("test %d ok\n", i);
- i++;
- R++;
- P++;
- }
-
- memset(buf, 'a', 1000);
-#ifdef CHARSET_EBCDIC
- ebcdic2ascii(buf, buf, 1000);
-#endif /* CHARSET_EBCDIC */
- EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
- for (i = 0; i < 1000; i++)
- EVP_DigestUpdate(&c, buf, 1000);
- EVP_DigestFinal_ex(&c, md, NULL);
- p = pt(md);
-
- r = bigret;
- if (strcmp(p, r) != 0) {
- printf("error calculating SHA1 on 'a' * 1000\n");
- printf("got %s instead of %s\n", p, r);
- err++;
- } else
- printf("test 3 ok\n");
-
-#ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-#endif
- EXIT(err);
- EVP_MD_CTX_cleanup(&c);
- return (0);
-}
-
-static char *pt(unsigned char *md)
-{
- int i;
- static char buf[80];
-
- for (i = 0; i < SHA_DIGEST_LENGTH; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
+++ /dev/null
-/* crypto/sha/sha256t.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- * ====================================================================
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-
-unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
- 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
- 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
- 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
- 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
-};
-
-unsigned char app_b2[SHA256_DIGEST_LENGTH] = {
- 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
- 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
- 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
- 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1
-};
-
-unsigned char app_b3[SHA256_DIGEST_LENGTH] = {
- 0xcd, 0xc7, 0x6e, 0x5c, 0x99, 0x14, 0xfb, 0x92,
- 0x81, 0xa1, 0xc7, 0xe2, 0x84, 0xd7, 0x3e, 0x67,
- 0xf1, 0x80, 0x9a, 0x48, 0xa4, 0x97, 0x20, 0x0e,
- 0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0
-};
-
-unsigned char addenum_1[SHA224_DIGEST_LENGTH] = {
- 0x23, 0x09, 0x7d, 0x22, 0x34, 0x05, 0xd8, 0x22,
- 0x86, 0x42, 0xa4, 0x77, 0xbd, 0xa2, 0x55, 0xb3,
- 0x2a, 0xad, 0xbc, 0xe4, 0xbd, 0xa0, 0xb3, 0xf7,
- 0xe3, 0x6c, 0x9d, 0xa7
-};
-
-unsigned char addenum_2[SHA224_DIGEST_LENGTH] = {
- 0x75, 0x38, 0x8b, 0x16, 0x51, 0x27, 0x76, 0xcc,
- 0x5d, 0xba, 0x5d, 0xa1, 0xfd, 0x89, 0x01, 0x50,
- 0xb0, 0xc6, 0x45, 0x5c, 0xb4, 0xf5, 0x8b, 0x19,
- 0x52, 0x52, 0x25, 0x25
-};
-
-unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
- 0x20, 0x79, 0x46, 0x55, 0x98, 0x0c, 0x91, 0xd8,
- 0xbb, 0xb4, 0xc1, 0xea, 0x97, 0x61, 0x8a, 0x4b,
- 0xf0, 0x3f, 0x42, 0x58, 0x19, 0x48, 0xb2, 0xee,
- 0x4e, 0xe7, 0xad, 0x67
-};
-
-int main(int argc, char **argv)
-{
- unsigned char md[SHA256_DIGEST_LENGTH];
- int i;
- EVP_MD_CTX evp;
-
- fprintf(stdout, "Testing SHA-256 ");
-
- EVP_Digest("abc", 3, md, NULL, EVP_sha256(), NULL);
- if (memcmp(md, app_b1, sizeof(app_b1))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 1 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
- "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha256(),
- NULL);
- if (memcmp(md, app_b2, sizeof(app_b2))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 2 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha256(), NULL);
- for (i = 0; i < 1000000; i += 288)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
- (1000000 - i) < 288 ? 1000000 - i : 288);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
-
- if (memcmp(md, app_b3, sizeof(app_b3))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 3 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- fprintf(stdout, " passed.\n");
- fflush(stdout);
-
- fprintf(stdout, "Testing SHA-224 ");
-
- EVP_Digest("abc", 3, md, NULL, EVP_sha224(), NULL);
- if (memcmp(md, addenum_1, sizeof(addenum_1))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 1 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
- "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha224(),
- NULL);
- if (memcmp(md, addenum_2, sizeof(addenum_2))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 2 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha224(), NULL);
- for (i = 0; i < 1000000; i += 64)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
- (1000000 - i) < 64 ? 1000000 - i : 64);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
-
- if (memcmp(md, addenum_3, sizeof(addenum_3))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 3 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- fprintf(stdout, " passed.\n");
- fflush(stdout);
-
- return 0;
-}
+++ /dev/null
-/* crypto/sha/sha512t.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- * ====================================================================
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include <openssl/crypto.h>
-
-unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
- 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
- 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
- 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
- 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
- 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
- 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
- 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
- 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f
-};
-
-unsigned char app_c2[SHA512_DIGEST_LENGTH] = {
- 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
- 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
- 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
- 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
- 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
- 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
- 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
- 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09
-};
-
-unsigned char app_c3[SHA512_DIGEST_LENGTH] = {
- 0xe7, 0x18, 0x48, 0x3d, 0x0c, 0xe7, 0x69, 0x64,
- 0x4e, 0x2e, 0x42, 0xc7, 0xbc, 0x15, 0xb4, 0x63,
- 0x8e, 0x1f, 0x98, 0xb1, 0x3b, 0x20, 0x44, 0x28,
- 0x56, 0x32, 0xa8, 0x03, 0xaf, 0xa9, 0x73, 0xeb,
- 0xde, 0x0f, 0xf2, 0x44, 0x87, 0x7e, 0xa6, 0x0a,
- 0x4c, 0xb0, 0x43, 0x2c, 0xe5, 0x77, 0xc3, 0x1b,
- 0xeb, 0x00, 0x9c, 0x5c, 0x2c, 0x49, 0xaa, 0x2e,
- 0x4e, 0xad, 0xb2, 0x17, 0xad, 0x8c, 0xc0, 0x9b
-};
-
-unsigned char app_d1[SHA384_DIGEST_LENGTH] = {
- 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b,
- 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
- 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63,
- 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
- 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23,
- 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7
-};
-
-unsigned char app_d2[SHA384_DIGEST_LENGTH] = {
- 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8,
- 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47,
- 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2,
- 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12,
- 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9,
- 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39
-};
-
-unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
- 0x9d, 0x0e, 0x18, 0x09, 0x71, 0x64, 0x74, 0xcb,
- 0x08, 0x6e, 0x83, 0x4e, 0x31, 0x0a, 0x4a, 0x1c,
- 0xed, 0x14, 0x9e, 0x9c, 0x00, 0xf2, 0x48, 0x52,
- 0x79, 0x72, 0xce, 0xc5, 0x70, 0x4c, 0x2a, 0x5b,
- 0x07, 0xb8, 0xb3, 0xdc, 0x38, 0xec, 0xc4, 0xeb,
- 0xae, 0x97, 0xdd, 0xd8, 0x7f, 0x3d, 0x89, 0x85
-};
-
-int main(int argc, char **argv)
-{
- unsigned char md[SHA512_DIGEST_LENGTH];
- int i;
- EVP_MD_CTX evp;
-
-# ifdef OPENSSL_IA32_SSE2
- /*
- * Alternative to this is to call OpenSSL_add_all_algorithms... The below
- * code is retained exclusively for debugging purposes.
- */
- {
- char *env;
-
- if ((env = getenv("OPENSSL_ia32cap")))
- OPENSSL_ia32cap = strtoul(env, NULL, 0);
- }
-# endif
-
- fprintf(stdout, "Testing SHA-512 ");
-
- EVP_Digest("abc", 3, md, NULL, EVP_sha512(), NULL);
- if (memcmp(md, app_c1, sizeof(app_c1))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 1 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
- "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
- "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
- "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha512(), NULL);
- if (memcmp(md, app_c2, sizeof(app_c2))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 2 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha512(), NULL);
- for (i = 0; i < 1000000; i += 288)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
- (1000000 - i) < 288 ? 1000000 - i : 288);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
-
- if (memcmp(md, app_c3, sizeof(app_c3))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 3 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- fprintf(stdout, " passed.\n");
- fflush(stdout);
-
- fprintf(stdout, "Testing SHA-384 ");
-
- EVP_Digest("abc", 3, md, NULL, EVP_sha384(), NULL);
- if (memcmp(md, app_d1, sizeof(app_d1))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 1 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
- "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
- "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
- "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha384(), NULL);
- if (memcmp(md, app_d2, sizeof(app_d2))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 2 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha384(), NULL);
- for (i = 0; i < 1000000; i += 64)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
- (1000000 - i) < 64 ? 1000000 - i : 64);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
-
- if (memcmp(md, app_d3, sizeof(app_d3))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 3 of 3 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- fprintf(stdout, " passed.\n");
- fflush(stdout);
-
- return 0;
-}
+++ /dev/null
-/* crypto/srp/srp.h */
-/*
- * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef __SRP_H__
-# define __SRP_H__
-
-# ifndef OPENSSL_NO_SRP
-
-# include <stdio.h>
-# include <string.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/safestack.h>
-# include <openssl/bn.h>
-# include <openssl/crypto.h>
-
-typedef struct SRP_gN_cache_st {
- char *b64_bn;
- BIGNUM *bn;
-} SRP_gN_cache;
-
-
-DECLARE_STACK_OF(SRP_gN_cache)
-
-typedef struct SRP_user_pwd_st {
- char *id;
- BIGNUM *s;
- BIGNUM *v;
- const BIGNUM *g;
- const BIGNUM *N;
- char *info;
-} SRP_user_pwd;
-
-DECLARE_STACK_OF(SRP_user_pwd)
-
-typedef struct SRP_VBASE_st {
- STACK_OF(SRP_user_pwd) *users_pwd;
- STACK_OF(SRP_gN_cache) *gN_cache;
-/* to simulate a user */
- char *seed_key;
- BIGNUM *default_g;
- BIGNUM *default_N;
-} SRP_VBASE;
-
-/*
- * Structure interne pour retenir les couples N et g
- */
-typedef struct SRP_gN_st {
- char *id;
- BIGNUM *g;
- BIGNUM *N;
-} SRP_gN;
-
-DECLARE_STACK_OF(SRP_gN)
-
-SRP_VBASE *SRP_VBASE_new(char *seed_key);
-int SRP_VBASE_free(SRP_VBASE *vb);
-int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
-SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
-char *SRP_create_verifier(const char *user, const char *pass, char **salt,
- char **verifier, const char *N, const char *g);
-int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
- BIGNUM **verifier, const BIGNUM *N,
- const BIGNUM *g);
-
-# define SRP_NO_ERROR 0
-# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
-# define SRP_ERR_VBASE_BN_LIB 2
-# define SRP_ERR_OPEN_FILE 3
-# define SRP_ERR_MEMORY 4
-
-# define DB_srptype 0
-# define DB_srpverifier 1
-# define DB_srpsalt 2
-# define DB_srpid 3
-# define DB_srpgN 4
-# define DB_srpinfo 5
-# undef DB_NUMBER
-# define DB_NUMBER 6
-
-# define DB_SRP_INDEX 'I'
-# define DB_SRP_VALID 'V'
-# define DB_SRP_REVOKED 'R'
-# define DB_SRP_MODIF 'v'
-
-/* see srp.c */
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
-SRP_gN *SRP_get_default_gN(const char *id);
-
-/* server side .... */
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
- BIGNUM *N);
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
-
-/* client side .... */
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
- BIGNUM *a, BIGNUM *u);
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
-
-# define SRP_MINIMAL_N 1024
-
-#ifdef __cplusplus
-}
-#endif
-
-# endif
-#endif
+++ /dev/null
-#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_SRP
-
-# include <stdio.h>
-
-int main(int argc, char *argv[])
-{
- printf("No SRP support\n");
- return (0);
-}
-
-#else
-
-# include <openssl/srp.h>
-# include <openssl/rand.h>
-# include <openssl/err.h>
-
-static void showbn(const char *name, const BIGNUM *bn)
-{
- fputs(name, stdout);
- fputs(" = ", stdout);
- BN_print_fp(stdout, bn);
- putc('\n', stdout);
-}
-
-# define RANDOM_SIZE 32 /* use 256 bits on each side */
-
-static int run_srp(const char *username, const char *client_pass,
- const char *server_pass)
-{
- int ret = -1;
- BIGNUM *s = NULL;
- BIGNUM *v = NULL;
- BIGNUM *a = NULL;
- BIGNUM *b = NULL;
- BIGNUM *u = NULL;
- BIGNUM *x = NULL;
- BIGNUM *Apub = NULL;
- BIGNUM *Bpub = NULL;
- BIGNUM *Kclient = NULL;
- BIGNUM *Kserver = NULL;
- unsigned char rand_tmp[RANDOM_SIZE];
- /* use builtin 1024-bit params */
- const SRP_gN *GN = SRP_get_default_gN("1024");
-
- if (GN == NULL) {
- fprintf(stderr, "Failed to get SRP parameters\n");
- return -1;
- }
- /* Set up server's password entry */
- if (!SRP_create_verifier_BN(username, server_pass, &s, &v, GN->N, GN->g)) {
- fprintf(stderr, "Failed to create SRP verifier\n");
- return -1;
- }
-
- showbn("N", GN->N);
- showbn("g", GN->g);
- showbn("Salt", s);
- showbn("Verifier", v);
-
- /* Server random */
- RAND_bytes(rand_tmp, sizeof(rand_tmp));
- b = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
- /* TODO - check b != 0 */
- showbn("b", b);
-
- /* Server's first message */
- Bpub = SRP_Calc_B(b, GN->N, GN->g, v);
- showbn("B", Bpub);
-
- if (!SRP_Verify_B_mod_N(Bpub, GN->N)) {
- fprintf(stderr, "Invalid B\n");
- return -1;
- }
-
- /* Client random */
- RAND_bytes(rand_tmp, sizeof(rand_tmp));
- a = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
- /* TODO - check a != 0 */
- showbn("a", a);
-
- /* Client's response */
- Apub = SRP_Calc_A(a, GN->N, GN->g);
- showbn("A", Apub);
-
- if (!SRP_Verify_A_mod_N(Apub, GN->N)) {
- fprintf(stderr, "Invalid A\n");
- return -1;
- }
-
- /* Both sides calculate u */
- u = SRP_Calc_u(Apub, Bpub, GN->N);
-
- /* Client's key */
- x = SRP_Calc_x(s, username, client_pass);
- Kclient = SRP_Calc_client_key(GN->N, Bpub, GN->g, x, a, u);
- showbn("Client's key", Kclient);
-
- /* Server's key */
- Kserver = SRP_Calc_server_key(Apub, v, u, b, GN->N);
- showbn("Server's key", Kserver);
-
- if (BN_cmp(Kclient, Kserver) == 0) {
- ret = 0;
- } else {
- fprintf(stderr, "Keys mismatch\n");
- ret = 1;
- }
-
- BN_clear_free(Kclient);
- BN_clear_free(Kserver);
- BN_clear_free(x);
- BN_free(u);
- BN_free(Apub);
- BN_clear_free(a);
- BN_free(Bpub);
- BN_clear_free(b);
- BN_free(s);
- BN_clear_free(v);
-
- return ret;
-}
-
-int main(int argc, char **argv)
-{
- BIO *bio_err;
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
- CRYPTO_malloc_debug_init();
- CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- ERR_load_crypto_strings();
-
- /* "Negative" test, expect a mismatch */
- if (run_srp("alice", "password1", "password2") == 0) {
- fprintf(stderr, "Mismatched SRP run failed\n");
- return 1;
- }
-
- /* "Positive" test, should pass */
- if (run_srp("alice", "password", "password") != 0) {
- fprintf(stderr, "Plain SRP run failed\n");
- return 1;
- }
-
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_thread_state(NULL);
- ERR_free_strings();
- CRYPTO_mem_leaks(bio_err);
-
- return 0;
-}
-#endif
+++ /dev/null
-/* automatically generated by util/mkstack.pl */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SAFESTACK_H
-# define HEADER_SAFESTACK_H
-
-# include <openssl/stack.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifndef CHECKED_PTR_OF
-# define CHECKED_PTR_OF(type, p) ((void*) (1 ? p : (type*)0))
-# endif
-
-/*
- * In C++ we get problems because an explicit cast is needed from (void *) we
- * use CHECKED_STACK_OF to ensure the correct type is passed in the macros
- * below.
- */
-
-# define CHECKED_STACK_OF(type, p) \
- ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
-
-# define CHECKED_SK_COPY_FUNC(type, p) \
- ((void *(*)(void *)) ((1 ? p : (type *(*)(const type *))0)))
-
-# define CHECKED_SK_FREE_FUNC(type, p) \
- ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
-
-# define CHECKED_SK_CMP_FUNC(type, p) \
- ((int (*)(const void *, const void *)) \
- ((1 ? p : (int (*)(const type * const *, const type * const *))0)))
-
-# define STACK_OF(type) struct stack_st_##type
-# define PREDECLARE_STACK_OF(type) STACK_OF(type);
-
-# define DECLARE_STACK_OF(type) STACK_OF(type);
-# define DECLARE_SPECIAL_STACK_OF(type, type2) STACK_OF(type);
-
-/*-
- * Strings are special: normally an lhash entry will point to a single
- * (somewhat) mutable object. In the case of strings:
- *
- * a) Instead of a single char, there is an array of chars, NUL-terminated.
- * b) The string may have be immutable.
- *
- * So, they need their own declarations. Especially important for
- * type-checking tools, such as Deputy.
- *
- * In practice, however, it appears to be hard to have a const
- * string. For now, I'm settling for dealing with the fact it is a
- * string at all.
- */
-typedef char *OPENSSL_STRING;
-typedef const char *OPENSSL_CSTRING;
-
-/*-
- * Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
- * STACK_OF(STRING) is really more like STACK_OF(char), only, as mentioned
- * above, instead of a single char each entry is a NUL-terminated array of
- * chars. So, we have to implement STRING specially for STACK_OF. This is
- * dealt with in the autogenerated macros below.
- */
-DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
-
-/*
- * Similarly, we sometimes use a block of characters, NOT nul-terminated.
- * These should also be distinguished from "normal" stacks.
- */
-typedef void *OPENSSL_BLOCK;
-DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
-
-/*
- * This file is automatically generated by util/mkstack.pl
- * Do not edit!
- */
-
-/*
- * SKM_sk_... stack macros are internal to safestack.h: never use them
- * directly, use sk_<type>_... instead
- */
-# define SKM_sk_new(type, cmp) \
- ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
-# define SKM_sk_new_null(type) \
- ((STACK_OF(type) *)sk_new_null())
-# define SKM_sk_free(type, st) \
- sk_free(CHECKED_STACK_OF(type, st))
-# define SKM_sk_num(type, st) \
- sk_num(CHECKED_STACK_OF(type, st))
-# define SKM_sk_value(type, st,i) \
- ((type *)sk_value(CHECKED_STACK_OF(type, st), i))
-# define SKM_sk_set(type, st,i,val) \
- sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val))
-# define SKM_sk_zero(type, st) \
- sk_zero(CHECKED_STACK_OF(type, st))
-# define SKM_sk_push(type, st, val) \
- sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_unshift(type, st, val) \
- sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_find(type, st, val) \
- sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_find_ex(type, st, val) \
- sk_find_ex(CHECKED_STACK_OF(type, st), \
- CHECKED_PTR_OF(type, val))
-# define SKM_sk_delete(type, st, i) \
- (type *)sk_delete(CHECKED_STACK_OF(type, st), i)
-# define SKM_sk_delete_ptr(type, st, ptr) \
- (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr))
-# define SKM_sk_insert(type, st,val, i) \
- sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i)
-# define SKM_sk_set_cmp_func(type, st, cmp) \
- ((int (*)(const type * const *,const type * const *)) \
- sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp)))
-# define SKM_sk_dup(type, st) \
- (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st))
-# define SKM_sk_pop_free(type, st, free_func) \
- sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func))
-# define SKM_sk_deep_copy(type, st, copy_func, free_func) \
- (STACK_OF(type) *)sk_deep_copy(CHECKED_STACK_OF(type, st), CHECKED_SK_COPY_FUNC(type, copy_func), CHECKED_SK_FREE_FUNC(type, free_func))
-# define SKM_sk_shift(type, st) \
- (type *)sk_shift(CHECKED_STACK_OF(type, st))
-# define SKM_sk_pop(type, st) \
- (type *)sk_pop(CHECKED_STACK_OF(type, st))
-# define SKM_sk_sort(type, st) \
- sk_sort(CHECKED_STACK_OF(type, st))
-# define SKM_sk_is_sorted(type, st) \
- sk_is_sorted(CHECKED_STACK_OF(type, st))
-
-# define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- (STACK_OF(type) *)d2i_ASN1_SET( \
- (STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
- pp, length, \
- CHECKED_D2I_OF(type, d2i_func), \
- CHECKED_SK_FREE_FUNC(type, free_func), \
- ex_tag, ex_class)
-# define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
- i2d_ASN1_SET(CHECKED_STACK_OF(type, st), pp, \
- CHECKED_I2D_OF(type, i2d_func), \
- ex_tag, ex_class, is_set)
-
-# define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
- ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
- CHECKED_I2D_OF(type, i2d_func), buf, len)
-# define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
- (STACK_OF(type) *)ASN1_seq_unpack(buf, \
- len, CHECKED_D2I_OF(type, d2i_func), \
- CHECKED_SK_FREE_FUNC(type, free_func))
-# define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
- (STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
- CHECKED_D2I_OF(type, d2i_func), \
- CHECKED_SK_FREE_FUNC(type, free_func), \
- pass, passlen, oct, seq)
-
-# define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp))
-# define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
-# define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
-# define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
-# define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
-# define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
-# define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
-# define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
-# define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
-# define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
-# define sk_ACCESS_DESCRIPTION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ACCESS_DESCRIPTION, (st), (copy_func), (free_func))
-# define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
-
-# define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp))
-# define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange)
-# define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st))
-# define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st))
-# define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i))
-# define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val))
-# define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st))
-# define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i))
-# define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr))
-# define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i))
-# define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp))
-# define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st)
-# define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func))
-# define sk_ASIdOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASIdOrRange, (st), (copy_func), (free_func))
-# define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st))
-# define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st))
-# define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st))
-# define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st))
-
-# define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp))
-# define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
-# define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i))
-# define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val))
-# define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i))
-# define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr))
-# define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i))
-# define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp))
-# define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st)
-# define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func))
-# define sk_ASN1_GENERALSTRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_GENERALSTRING, (st), (copy_func), (free_func))
-# define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
-
-# define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp))
-# define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
-# define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
-# define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
-# define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
-# define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
-# define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
-# define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
-# define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
-# define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
-# define sk_ASN1_INTEGER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_INTEGER, (st), (copy_func), (free_func))
-# define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
-
-# define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp))
-# define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
-# define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
-# define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
-# define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
-# define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
-# define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
-# define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
-# define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
-# define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
-# define sk_ASN1_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_OBJECT, (st), (copy_func), (free_func))
-# define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
-
-# define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp))
-# define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
-# define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
-# define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
-# define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
-# define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
-# define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
-# define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
-# define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
-# define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
-# define sk_ASN1_STRING_TABLE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_STRING_TABLE, (st), (copy_func), (free_func))
-# define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
-
-# define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp))
-# define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
-# define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
-# define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
-# define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
-# define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
-# define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
-# define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
-# define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
-# define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
-# define sk_ASN1_TYPE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_TYPE, (st), (copy_func), (free_func))
-# define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
-
-# define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp))
-# define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING)
-# define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i))
-# define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val))
-# define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i))
-# define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr))
-# define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i))
-# define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp))
-# define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st)
-# define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func))
-# define sk_ASN1_UTF8STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_UTF8STRING, (st), (copy_func), (free_func))
-# define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st))
-
-# define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp))
-# define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
-# define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
-# define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
-# define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
-# define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
-# define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
-# define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
-# define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
-# define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
-# define sk_ASN1_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_VALUE, (st), (copy_func), (free_func))
-# define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
-
-# define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp))
-# define sk_BIO_new_null() SKM_sk_new_null(BIO)
-# define sk_BIO_free(st) SKM_sk_free(BIO, (st))
-# define sk_BIO_num(st) SKM_sk_num(BIO, (st))
-# define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
-# define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
-# define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
-# define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
-# define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
-# define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
-# define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val))
-# define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
-# define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
-# define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
-# define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
-# define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
-# define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
-# define sk_BIO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BIO, (st), (copy_func), (free_func))
-# define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
-# define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
-# define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
-# define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
-
-# define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp))
-# define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY)
-# define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i))
-# define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val))
-# define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i))
-# define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr))
-# define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i))
-# define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp))
-# define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st)
-# define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func))
-# define sk_BY_DIR_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_ENTRY, (st), (copy_func), (free_func))
-# define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st))
-
-# define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp))
-# define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH)
-# define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i))
-# define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val))
-# define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i))
-# define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr))
-# define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i))
-# define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp))
-# define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st)
-# define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func))
-# define sk_BY_DIR_HASH_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_HASH, (st), (copy_func), (free_func))
-# define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st))
-
-# define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp))
-# define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices)
-# define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i))
-# define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val))
-# define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i))
-# define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr))
-# define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i))
-# define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp))
-# define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st)
-# define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func))
-# define sk_CMS_CertificateChoices_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_CertificateChoices, (st), (copy_func), (free_func))
-# define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st))
-
-# define sk_CMS_RecipientEncryptedKey_new(cmp) SKM_sk_new(CMS_RecipientEncryptedKey, (cmp))
-# define sk_CMS_RecipientEncryptedKey_new_null() SKM_sk_new_null(CMS_RecipientEncryptedKey)
-# define sk_CMS_RecipientEncryptedKey_free(st) SKM_sk_free(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_num(st) SKM_sk_num(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_value(st, i) SKM_sk_value(CMS_RecipientEncryptedKey, (st), (i))
-# define sk_CMS_RecipientEncryptedKey_set(st, i, val) SKM_sk_set(CMS_RecipientEncryptedKey, (st), (i), (val))
-# define sk_CMS_RecipientEncryptedKey_zero(st) SKM_sk_zero(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_push(st, val) SKM_sk_push(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_unshift(st, val) SKM_sk_unshift(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_find(st, val) SKM_sk_find(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_delete(st, i) SKM_sk_delete(CMS_RecipientEncryptedKey, (st), (i))
-# define sk_CMS_RecipientEncryptedKey_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientEncryptedKey, (st), (ptr))
-# define sk_CMS_RecipientEncryptedKey_insert(st, val, i) SKM_sk_insert(CMS_RecipientEncryptedKey, (st), (val), (i))
-# define sk_CMS_RecipientEncryptedKey_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientEncryptedKey, (st), (cmp))
-# define sk_CMS_RecipientEncryptedKey_dup(st) SKM_sk_dup(CMS_RecipientEncryptedKey, st)
-# define sk_CMS_RecipientEncryptedKey_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientEncryptedKey, (st), (free_func))
-# define sk_CMS_RecipientEncryptedKey_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientEncryptedKey, (st), (copy_func), (free_func))
-# define sk_CMS_RecipientEncryptedKey_shift(st) SKM_sk_shift(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_pop(st) SKM_sk_pop(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_sort(st) SKM_sk_sort(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientEncryptedKey, (st))
-
-# define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp))
-# define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo)
-# define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i))
-# define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val))
-# define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i))
-# define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr))
-# define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i))
-# define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp))
-# define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st)
-# define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func))
-# define sk_CMS_RecipientInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientInfo, (st), (copy_func), (free_func))
-# define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st))
-
-# define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp))
-# define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice)
-# define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i))
-# define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val))
-# define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i))
-# define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr))
-# define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i))
-# define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp))
-# define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st)
-# define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func))
-# define sk_CMS_RevocationInfoChoice_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RevocationInfoChoice, (st), (copy_func), (free_func))
-# define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st))
-
-# define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp))
-# define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo)
-# define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i))
-# define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val))
-# define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i))
-# define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr))
-# define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i))
-# define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp))
-# define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st)
-# define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func))
-# define sk_CMS_SignerInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_SignerInfo, (st), (copy_func), (free_func))
-# define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st))
-
-# define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp))
-# define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
-# define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i))
-# define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val))
-# define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i))
-# define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr))
-# define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i))
-# define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp))
-# define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st)
-# define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func))
-# define sk_CONF_IMODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_IMODULE, (st), (copy_func), (free_func))
-# define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
-
-# define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp))
-# define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
-# define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
-# define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
-# define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i))
-# define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val))
-# define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st))
-# define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i))
-# define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr))
-# define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i))
-# define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp))
-# define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st)
-# define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func))
-# define sk_CONF_MODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_MODULE, (st), (copy_func), (free_func))
-# define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st))
-# define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
-# define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
-# define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
-
-# define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp))
-# define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
-# define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
-# define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
-# define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
-# define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
-# define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
-# define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
-# define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
-# define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
-# define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
-# define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
-# define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
-# define sk_CONF_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_VALUE, (st), (copy_func), (free_func))
-# define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
-# define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
-# define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
-# define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
-
-# define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
-# define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
-# define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
-# define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
-# define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
-# define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
-# define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
-# define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
-# define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
-# define sk_CRYPTO_EX_DATA_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_EX_DATA_FUNCS, (st), (copy_func), (free_func))
-# define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
-
-# define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
-# define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
-# define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
-# define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
-# define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
-# define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
-# define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
-# define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
-# define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
-# define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
-# define sk_CRYPTO_dynlock_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_dynlock, (st), (copy_func), (free_func))
-# define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
-
-# define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp))
-# define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
-# define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
-# define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
-# define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
-# define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
-# define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
-# define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
-# define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
-# define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
-# define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
-# define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
-# define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
-# define sk_DIST_POINT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(DIST_POINT, (st), (copy_func), (free_func))
-# define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
-# define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
-# define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
-# define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
-
-# define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp))
-# define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
-# define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
-# define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
-# define sk_ENGINE_value(st, i) SKM_sk_value(ENGINE, (st), (i))
-# define sk_ENGINE_set(st, i, val) SKM_sk_set(ENGINE, (st), (i), (val))
-# define sk_ENGINE_zero(st) SKM_sk_zero(ENGINE, (st))
-# define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val))
-# define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val))
-# define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val))
-# define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val))
-# define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i))
-# define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr))
-# define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i))
-# define sk_ENGINE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE, (st), (cmp))
-# define sk_ENGINE_dup(st) SKM_sk_dup(ENGINE, st)
-# define sk_ENGINE_pop_free(st, free_func) SKM_sk_pop_free(ENGINE, (st), (free_func))
-# define sk_ENGINE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE, (st), (copy_func), (free_func))
-# define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st))
-# define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
-# define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
-# define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
-
-# define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp))
-# define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
-# define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_value(st, i) SKM_sk_value(ENGINE_CLEANUP_ITEM, (st), (i))
-# define sk_ENGINE_CLEANUP_ITEM_set(st, i, val) SKM_sk_set(ENGINE_CLEANUP_ITEM, (st), (i), (val))
-# define sk_ENGINE_CLEANUP_ITEM_zero(st) SKM_sk_zero(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i))
-# define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr))
-# define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i))
-# define sk_ENGINE_CLEANUP_ITEM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE_CLEANUP_ITEM, (st), (cmp))
-# define sk_ENGINE_CLEANUP_ITEM_dup(st) SKM_sk_dup(ENGINE_CLEANUP_ITEM, st)
-# define sk_ENGINE_CLEANUP_ITEM_pop_free(st, free_func) SKM_sk_pop_free(ENGINE_CLEANUP_ITEM, (st), (free_func))
-# define sk_ENGINE_CLEANUP_ITEM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE_CLEANUP_ITEM, (st), (copy_func), (free_func))
-# define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
-
-# define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp))
-# define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID)
-# define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i))
-# define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val))
-# define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i))
-# define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr))
-# define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i))
-# define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp))
-# define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st)
-# define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func))
-# define sk_ESS_CERT_ID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ESS_CERT_ID, (st), (copy_func), (free_func))
-# define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st))
-
-# define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp))
-# define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD)
-# define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st))
-# define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st))
-# define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i))
-# define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val))
-# define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st))
-# define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val))
-# define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val))
-# define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val))
-# define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val))
-# define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i))
-# define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr))
-# define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i))
-# define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp))
-# define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st)
-# define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func))
-# define sk_EVP_MD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_MD, (st), (copy_func), (free_func))
-# define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st))
-# define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st))
-# define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st))
-# define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st))
-
-# define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp))
-# define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL)
-# define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i))
-# define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val))
-# define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i))
-# define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr))
-# define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i))
-# define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp))
-# define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st)
-# define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func))
-# define sk_EVP_PBE_CTL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PBE_CTL, (st), (copy_func), (free_func))
-# define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st))
-
-# define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp))
-# define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD)
-# define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i))
-# define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i))
-# define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr))
-# define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i))
-# define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp))
-# define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st)
-# define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func))
-# define sk_EVP_PKEY_ASN1_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_ASN1_METHOD, (st), (copy_func), (free_func))
-# define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st))
-
-# define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp))
-# define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD)
-# define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i))
-# define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val))
-# define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i))
-# define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr))
-# define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i))
-# define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp))
-# define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st)
-# define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func))
-# define sk_EVP_PKEY_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_METHOD, (st), (copy_func), (free_func))
-# define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
-
-# define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
-# define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
-# define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
-# define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
-# define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
-# define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
-# define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
-# define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
-# define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
-# define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
-# define sk_GENERAL_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAME, (st), (copy_func), (free_func))
-# define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
-
-# define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp))
-# define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES)
-# define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i))
-# define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val))
-# define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i))
-# define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr))
-# define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i))
-# define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp))
-# define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st)
-# define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func))
-# define sk_GENERAL_NAMES_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAMES, (st), (copy_func), (free_func))
-# define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st))
-
-# define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp))
-# define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
-# define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i))
-# define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val))
-# define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i))
-# define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr))
-# define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i))
-# define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp))
-# define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st)
-# define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func))
-# define sk_GENERAL_SUBTREE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_SUBTREE, (st), (copy_func), (free_func))
-# define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
-
-# define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp))
-# define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily)
-# define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st))
-# define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st))
-# define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i))
-# define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val))
-# define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st))
-# define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i))
-# define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr))
-# define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i))
-# define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp))
-# define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st)
-# define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func))
-# define sk_IPAddressFamily_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressFamily, (st), (copy_func), (free_func))
-# define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st))
-# define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st))
-# define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st))
-# define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st))
-
-# define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp))
-# define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange)
-# define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i))
-# define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val))
-# define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i))
-# define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr))
-# define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i))
-# define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp))
-# define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st)
-# define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func))
-# define sk_IPAddressOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressOrRange, (st), (copy_func), (free_func))
-# define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st))
-
-# define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp))
-# define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
-# define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_value(st, i) SKM_sk_value(KRB5_APREQBODY, (st), (i))
-# define sk_KRB5_APREQBODY_set(st, i, val) SKM_sk_set(KRB5_APREQBODY, (st), (i), (val))
-# define sk_KRB5_APREQBODY_zero(st) SKM_sk_zero(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i))
-# define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr))
-# define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i))
-# define sk_KRB5_APREQBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_APREQBODY, (st), (cmp))
-# define sk_KRB5_APREQBODY_dup(st) SKM_sk_dup(KRB5_APREQBODY, st)
-# define sk_KRB5_APREQBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_APREQBODY, (st), (free_func))
-# define sk_KRB5_APREQBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_APREQBODY, (st), (copy_func), (free_func))
-# define sk_KRB5_APREQBODY_shift(st) SKM_sk_shift(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
-
-# define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp))
-# define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
-# define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_value(st, i) SKM_sk_value(KRB5_AUTHDATA, (st), (i))
-# define sk_KRB5_AUTHDATA_set(st, i, val) SKM_sk_set(KRB5_AUTHDATA, (st), (i), (val))
-# define sk_KRB5_AUTHDATA_zero(st) SKM_sk_zero(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i))
-# define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr))
-# define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i))
-# define sk_KRB5_AUTHDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHDATA, (st), (cmp))
-# define sk_KRB5_AUTHDATA_dup(st) SKM_sk_dup(KRB5_AUTHDATA, st)
-# define sk_KRB5_AUTHDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHDATA, (st), (free_func))
-# define sk_KRB5_AUTHDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHDATA, (st), (copy_func), (free_func))
-# define sk_KRB5_AUTHDATA_shift(st) SKM_sk_shift(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
-
-# define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp))
-# define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
-# define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_value(st, i) SKM_sk_value(KRB5_AUTHENTBODY, (st), (i))
-# define sk_KRB5_AUTHENTBODY_set(st, i, val) SKM_sk_set(KRB5_AUTHENTBODY, (st), (i), (val))
-# define sk_KRB5_AUTHENTBODY_zero(st) SKM_sk_zero(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i))
-# define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr))
-# define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i))
-# define sk_KRB5_AUTHENTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHENTBODY, (st), (cmp))
-# define sk_KRB5_AUTHENTBODY_dup(st) SKM_sk_dup(KRB5_AUTHENTBODY, st)
-# define sk_KRB5_AUTHENTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHENTBODY, (st), (free_func))
-# define sk_KRB5_AUTHENTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHENTBODY, (st), (copy_func), (free_func))
-# define sk_KRB5_AUTHENTBODY_shift(st) SKM_sk_shift(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
-
-# define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp))
-# define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
-# define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_value(st, i) SKM_sk_value(KRB5_CHECKSUM, (st), (i))
-# define sk_KRB5_CHECKSUM_set(st, i, val) SKM_sk_set(KRB5_CHECKSUM, (st), (i), (val))
-# define sk_KRB5_CHECKSUM_zero(st) SKM_sk_zero(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_find_ex(st, val) SKM_sk_find_ex(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i))
-# define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr))
-# define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i))
-# define sk_KRB5_CHECKSUM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_CHECKSUM, (st), (cmp))
-# define sk_KRB5_CHECKSUM_dup(st) SKM_sk_dup(KRB5_CHECKSUM, st)
-# define sk_KRB5_CHECKSUM_pop_free(st, free_func) SKM_sk_pop_free(KRB5_CHECKSUM, (st), (free_func))
-# define sk_KRB5_CHECKSUM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_CHECKSUM, (st), (copy_func), (free_func))
-# define sk_KRB5_CHECKSUM_shift(st) SKM_sk_shift(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
-
-# define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp))
-# define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
-# define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_value(st, i) SKM_sk_value(KRB5_ENCDATA, (st), (i))
-# define sk_KRB5_ENCDATA_set(st, i, val) SKM_sk_set(KRB5_ENCDATA, (st), (i), (val))
-# define sk_KRB5_ENCDATA_zero(st) SKM_sk_zero(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i))
-# define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr))
-# define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i))
-# define sk_KRB5_ENCDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCDATA, (st), (cmp))
-# define sk_KRB5_ENCDATA_dup(st) SKM_sk_dup(KRB5_ENCDATA, st)
-# define sk_KRB5_ENCDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCDATA, (st), (free_func))
-# define sk_KRB5_ENCDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCDATA, (st), (copy_func), (free_func))
-# define sk_KRB5_ENCDATA_shift(st) SKM_sk_shift(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
-
-# define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp))
-# define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
-# define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_value(st, i) SKM_sk_value(KRB5_ENCKEY, (st), (i))
-# define sk_KRB5_ENCKEY_set(st, i, val) SKM_sk_set(KRB5_ENCKEY, (st), (i), (val))
-# define sk_KRB5_ENCKEY_zero(st) SKM_sk_zero(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i))
-# define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr))
-# define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i))
-# define sk_KRB5_ENCKEY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCKEY, (st), (cmp))
-# define sk_KRB5_ENCKEY_dup(st) SKM_sk_dup(KRB5_ENCKEY, st)
-# define sk_KRB5_ENCKEY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCKEY, (st), (free_func))
-# define sk_KRB5_ENCKEY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCKEY, (st), (copy_func), (free_func))
-# define sk_KRB5_ENCKEY_shift(st) SKM_sk_shift(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
-
-# define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp))
-# define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
-# define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_value(st, i) SKM_sk_value(KRB5_PRINCNAME, (st), (i))
-# define sk_KRB5_PRINCNAME_set(st, i, val) SKM_sk_set(KRB5_PRINCNAME, (st), (i), (val))
-# define sk_KRB5_PRINCNAME_zero(st) SKM_sk_zero(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_find_ex(st, val) SKM_sk_find_ex(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i))
-# define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr))
-# define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i))
-# define sk_KRB5_PRINCNAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_PRINCNAME, (st), (cmp))
-# define sk_KRB5_PRINCNAME_dup(st) SKM_sk_dup(KRB5_PRINCNAME, st)
-# define sk_KRB5_PRINCNAME_pop_free(st, free_func) SKM_sk_pop_free(KRB5_PRINCNAME, (st), (free_func))
-# define sk_KRB5_PRINCNAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_PRINCNAME, (st), (copy_func), (free_func))
-# define sk_KRB5_PRINCNAME_shift(st) SKM_sk_shift(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
-
-# define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp))
-# define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
-# define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_value(st, i) SKM_sk_value(KRB5_TKTBODY, (st), (i))
-# define sk_KRB5_TKTBODY_set(st, i, val) SKM_sk_set(KRB5_TKTBODY, (st), (i), (val))
-# define sk_KRB5_TKTBODY_zero(st) SKM_sk_zero(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i))
-# define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr))
-# define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i))
-# define sk_KRB5_TKTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_TKTBODY, (st), (cmp))
-# define sk_KRB5_TKTBODY_dup(st) SKM_sk_dup(KRB5_TKTBODY, st)
-# define sk_KRB5_TKTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_TKTBODY, (st), (free_func))
-# define sk_KRB5_TKTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_TKTBODY, (st), (copy_func), (free_func))
-# define sk_KRB5_TKTBODY_shift(st) SKM_sk_shift(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
-
-# define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp))
-# define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA)
-# define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i))
-# define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val))
-# define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i))
-# define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr))
-# define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i))
-# define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp))
-# define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st)
-# define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func))
-# define sk_MEM_OBJECT_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MEM_OBJECT_DATA, (st), (copy_func), (free_func))
-# define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st))
-
-# define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp))
-# define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
-# define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
-# define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
-# define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
-# define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
-# define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
-# define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
-# define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
-# define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
-# define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
-# define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
-# define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
-# define sk_MIME_HEADER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_HEADER, (st), (copy_func), (free_func))
-# define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
-# define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
-# define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
-# define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
-
-# define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp))
-# define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
-# define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
-# define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
-# define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
-# define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
-# define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
-# define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
-# define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
-# define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
-# define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
-# define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
-# define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
-# define sk_MIME_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_PARAM, (st), (copy_func), (free_func))
-# define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
-# define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
-# define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
-# define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
-
-# define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp))
-# define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
-# define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
-# define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
-# define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
-# define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
-# define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
-# define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
-# define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
-# define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
-# define sk_NAME_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(NAME_FUNCS, (st), (copy_func), (free_func))
-# define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
-
-# define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp))
-# define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
-# define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i))
-# define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val))
-# define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i))
-# define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr))
-# define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i))
-# define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp))
-# define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st)
-# define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func))
-# define sk_OCSP_CERTID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_CERTID, (st), (copy_func), (free_func))
-# define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
-
-# define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp))
-# define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
-# define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i))
-# define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val))
-# define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i))
-# define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr))
-# define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i))
-# define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp))
-# define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st)
-# define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func))
-# define sk_OCSP_ONEREQ_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_ONEREQ, (st), (copy_func), (free_func))
-# define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
-
-# define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp))
-# define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID)
-# define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i))
-# define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val))
-# define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i))
-# define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr))
-# define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i))
-# define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp))
-# define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st)
-# define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func))
-# define sk_OCSP_RESPID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_RESPID, (st), (copy_func), (free_func))
-# define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st))
-
-# define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp))
-# define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
-# define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i))
-# define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val))
-# define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i))
-# define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr))
-# define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i))
-# define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp))
-# define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st)
-# define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func))
-# define sk_OCSP_SINGLERESP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_SINGLERESP, (st), (copy_func), (free_func))
-# define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
-
-# define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp))
-# define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
-# define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
-# define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
-# define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
-# define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
-# define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
-# define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
-# define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
-# define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
-# define sk_PKCS12_SAFEBAG_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS12_SAFEBAG, (st), (copy_func), (free_func))
-# define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
-
-# define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp))
-# define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
-# define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
-# define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
-# define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
-# define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
-# define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
-# define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
-# define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
-# define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
-# define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val))
-# define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
-# define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
-# define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
-# define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
-# define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
-# define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
-# define sk_PKCS7_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7, (st), (copy_func), (free_func))
-# define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
-# define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
-# define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
-# define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
-
-# define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp))
-# define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
-# define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
-# define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
-# define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
-# define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
-# define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
-# define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
-# define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
-# define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
-# define sk_PKCS7_RECIP_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_RECIP_INFO, (st), (copy_func), (free_func))
-# define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
-
-# define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp))
-# define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
-# define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
-# define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
-# define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
-# define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
-# define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
-# define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
-# define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
-# define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
-# define sk_PKCS7_SIGNER_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_SIGNER_INFO, (st), (copy_func), (free_func))
-# define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
-
-# define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp))
-# define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
-# define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
-# define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
-# define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
-# define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
-# define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
-# define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
-# define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
-# define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
-# define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
-# define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
-# define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
-# define sk_POLICYINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYINFO, (st), (copy_func), (free_func))
-# define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
-# define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
-# define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
-# define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
-
-# define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp))
-# define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
-# define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
-# define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
-# define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
-# define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
-# define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
-# define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
-# define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
-# define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
-# define sk_POLICYQUALINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYQUALINFO, (st), (copy_func), (free_func))
-# define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
-
-# define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp))
-# define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
-# define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i))
-# define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val))
-# define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i))
-# define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr))
-# define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i))
-# define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp))
-# define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st)
-# define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func))
-# define sk_POLICY_MAPPING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICY_MAPPING, (st), (copy_func), (free_func))
-# define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
-
-# define sk_SCT_new(cmp) SKM_sk_new(SCT, (cmp))
-# define sk_SCT_new_null() SKM_sk_new_null(SCT)
-# define sk_SCT_free(st) SKM_sk_free(SCT, (st))
-# define sk_SCT_num(st) SKM_sk_num(SCT, (st))
-# define sk_SCT_value(st, i) SKM_sk_value(SCT, (st), (i))
-# define sk_SCT_set(st, i, val) SKM_sk_set(SCT, (st), (i), (val))
-# define sk_SCT_zero(st) SKM_sk_zero(SCT, (st))
-# define sk_SCT_push(st, val) SKM_sk_push(SCT, (st), (val))
-# define sk_SCT_unshift(st, val) SKM_sk_unshift(SCT, (st), (val))
-# define sk_SCT_find(st, val) SKM_sk_find(SCT, (st), (val))
-# define sk_SCT_find_ex(st, val) SKM_sk_find_ex(SCT, (st), (val))
-# define sk_SCT_delete(st, i) SKM_sk_delete(SCT, (st), (i))
-# define sk_SCT_delete_ptr(st, ptr) SKM_sk_delete_ptr(SCT, (st), (ptr))
-# define sk_SCT_insert(st, val, i) SKM_sk_insert(SCT, (st), (val), (i))
-# define sk_SCT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SCT, (st), (cmp))
-# define sk_SCT_dup(st) SKM_sk_dup(SCT, st)
-# define sk_SCT_pop_free(st, free_func) SKM_sk_pop_free(SCT, (st), (free_func))
-# define sk_SCT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SCT, (st), (copy_func), (free_func))
-# define sk_SCT_shift(st) SKM_sk_shift(SCT, (st))
-# define sk_SCT_pop(st) SKM_sk_pop(SCT, (st))
-# define sk_SCT_sort(st) SKM_sk_sort(SCT, (st))
-# define sk_SCT_is_sorted(st) SKM_sk_is_sorted(SCT, (st))
-
-# define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
-# define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
-# define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
-# define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
-# define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
-# define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
-# define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
-# define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
-# define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
-# define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
-# define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
-# define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
-# define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
-# define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
-# define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
-# define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
-# define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
-# define sk_SRP_gN_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN, (st), (copy_func), (free_func))
-# define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
-# define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
-# define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
-# define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
-
-# define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
-# define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
-# define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
-# define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
-# define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
-# define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
-# define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
-# define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
-# define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
-# define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
-# define sk_SRP_gN_cache_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN_cache, (st), (copy_func), (free_func))
-# define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
-
-# define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
-# define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
-# define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
-# define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
-# define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
-# define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
-# define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
-# define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
-# define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
-# define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
-# define sk_SRP_user_pwd_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_user_pwd, (st), (copy_func), (free_func))
-# define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
-
-# define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
-# define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
-# define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
-# define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
-# define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
-# define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
-# define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
-# define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
-# define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
-# define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
-# define sk_SRTP_PROTECTION_PROFILE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRTP_PROTECTION_PROFILE, (st), (copy_func), (free_func))
-# define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
-
-# define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
-# define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
-# define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
-# define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
-# define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
-# define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
-# define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
-# define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
-# define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
-# define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
-# define sk_SSL_CIPHER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_CIPHER, (st), (copy_func), (free_func))
-# define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
-
-# define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp))
-# define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
-# define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
-# define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
-# define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
-# define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
-# define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
-# define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
-# define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
-# define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
-# define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
-# define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
-# define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
-# define sk_SSL_COMP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_COMP, (st), (copy_func), (free_func))
-# define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
-# define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
-# define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
-# define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
-
-# define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp))
-# define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY)
-# define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i))
-# define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i))
-# define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr))
-# define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i))
-# define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp))
-# define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st)
-# define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func))
-# define sk_STACK_OF_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STACK_OF_X509_NAME_ENTRY, (st), (copy_func), (free_func))
-# define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st))
-
-# define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp))
-# define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO)
-# define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i))
-# define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val))
-# define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i))
-# define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr))
-# define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i))
-# define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp))
-# define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st)
-# define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func))
-# define sk_STORE_ATTR_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_ATTR_INFO, (st), (copy_func), (free_func))
-# define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st))
-
-# define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp))
-# define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
-# define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i))
-# define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val))
-# define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i))
-# define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr))
-# define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i))
-# define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp))
-# define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st)
-# define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func))
-# define sk_STORE_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_OBJECT, (st), (copy_func), (free_func))
-# define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
-
-# define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp))
-# define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
-# define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
-# define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
-# define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
-# define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
-# define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
-# define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
-# define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
-# define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
-# define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val))
-# define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
-# define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
-# define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
-# define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
-# define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
-# define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
-# define sk_SXNETID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SXNETID, (st), (copy_func), (free_func))
-# define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
-# define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
-# define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
-# define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
-
-# define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp))
-# define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
-# define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
-# define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
-# define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i))
-# define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val))
-# define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st))
-# define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val))
-# define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val))
-# define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val))
-# define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val))
-# define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i))
-# define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr))
-# define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i))
-# define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp))
-# define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st)
-# define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func))
-# define sk_UI_STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(UI_STRING, (st), (copy_func), (free_func))
-# define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
-# define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
-# define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
-# define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
-
-# define sk_X509_new(cmp) SKM_sk_new(X509, (cmp))
-# define sk_X509_new_null() SKM_sk_new_null(X509)
-# define sk_X509_free(st) SKM_sk_free(X509, (st))
-# define sk_X509_num(st) SKM_sk_num(X509, (st))
-# define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
-# define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
-# define sk_X509_zero(st) SKM_sk_zero(X509, (st))
-# define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
-# define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
-# define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
-# define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val))
-# define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
-# define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
-# define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
-# define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
-# define sk_X509_dup(st) SKM_sk_dup(X509, st)
-# define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
-# define sk_X509_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509, (st), (copy_func), (free_func))
-# define sk_X509_shift(st) SKM_sk_shift(X509, (st))
-# define sk_X509_pop(st) SKM_sk_pop(X509, (st))
-# define sk_X509_sort(st) SKM_sk_sort(X509, (st))
-# define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
-
-# define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp))
-# define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
-# define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
-# define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
-# define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
-# define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
-# define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
-# define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
-# define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
-# define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
-# define sk_X509V3_EXT_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509V3_EXT_METHOD, (st), (copy_func), (free_func))
-# define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
-
-# define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp))
-# define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
-# define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
-# define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
-# define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
-# define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
-# define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
-# define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
-# define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
-# define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
-# define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
-# define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
-# define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
-# define sk_X509_ALGOR_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ALGOR, (st), (copy_func), (free_func))
-# define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
-# define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
-# define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
-# define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
-
-# define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp))
-# define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
-# define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
-# define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
-# define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
-# define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
-# define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
-# define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
-# define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
-# define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
-# define sk_X509_ATTRIBUTE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ATTRIBUTE, (st), (copy_func), (free_func))
-# define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
-
-# define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp))
-# define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
-# define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
-# define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
-# define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
-# define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
-# define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
-# define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
-# define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
-# define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
-# define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val))
-# define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
-# define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
-# define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
-# define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
-# define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
-# define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
-# define sk_X509_CRL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_CRL, (st), (copy_func), (free_func))
-# define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
-# define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
-# define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
-# define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
-
-# define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp))
-# define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
-# define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
-# define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
-# define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
-# define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
-# define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
-# define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
-# define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
-# define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
-# define sk_X509_EXTENSION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_EXTENSION, (st), (copy_func), (free_func))
-# define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
-
-# define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp))
-# define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
-# define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
-# define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
-# define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
-# define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
-# define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
-# define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
-# define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
-# define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
-# define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val))
-# define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
-# define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
-# define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
-# define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
-# define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
-# define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
-# define sk_X509_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_INFO, (st), (copy_func), (free_func))
-# define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
-# define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
-# define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
-# define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
-
-# define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp))
-# define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
-# define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
-# define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
-# define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
-# define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
-# define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
-# define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
-# define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
-# define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
-# define sk_X509_LOOKUP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_LOOKUP, (st), (copy_func), (free_func))
-# define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
-
-# define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp))
-# define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
-# define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
-# define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
-# define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
-# define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
-# define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
-# define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
-# define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
-# define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
-# define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val))
-# define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
-# define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
-# define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
-# define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
-# define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
-# define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
-# define sk_X509_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME, (st), (copy_func), (free_func))
-# define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
-# define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
-# define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
-# define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
-
-# define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp))
-# define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
-# define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
-# define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
-# define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
-# define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
-# define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
-# define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
-# define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
-# define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
-# define sk_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME_ENTRY, (st), (copy_func), (free_func))
-# define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
-
-# define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp))
-# define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
-# define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
-# define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
-# define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
-# define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
-# define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
-# define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
-# define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
-# define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
-# define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
-# define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
-# define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
-# define sk_X509_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_OBJECT, (st), (copy_func), (free_func))
-# define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
-# define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
-# define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
-# define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
-
-# define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp))
-# define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
-# define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i))
-# define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val))
-# define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i))
-# define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr))
-# define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i))
-# define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp))
-# define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st)
-# define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func))
-# define sk_X509_POLICY_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_DATA, (st), (copy_func), (free_func))
-# define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
-
-# define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp))
-# define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
-# define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i))
-# define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val))
-# define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i))
-# define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr))
-# define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i))
-# define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp))
-# define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st)
-# define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func))
-# define sk_X509_POLICY_NODE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_NODE, (st), (copy_func), (free_func))
-# define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
-
-# define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp))
-# define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
-# define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
-# define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
-# define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
-# define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
-# define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
-# define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
-# define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
-# define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
-# define sk_X509_PURPOSE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_PURPOSE, (st), (copy_func), (free_func))
-# define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
-
-# define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp))
-# define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
-# define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
-# define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
-# define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
-# define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
-# define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
-# define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
-# define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
-# define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
-# define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
-# define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
-# define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
-# define sk_X509_REVOKED_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_REVOKED, (st), (copy_func), (free_func))
-# define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
-# define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
-# define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
-# define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
-
-# define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp))
-# define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
-# define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
-# define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
-# define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
-# define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
-# define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
-# define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
-# define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
-# define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
-# define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
-# define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
-# define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
-# define sk_X509_TRUST_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_TRUST, (st), (copy_func), (free_func))
-# define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
-# define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
-# define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
-# define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
-
-# define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp))
-# define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
-# define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i))
-# define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val))
-# define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i))
-# define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr))
-# define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i))
-# define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp))
-# define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st)
-# define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func))
-# define sk_X509_VERIFY_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_VERIFY_PARAM, (st), (copy_func), (free_func))
-# define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
-
-# define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp))
-# define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple)
-# define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st))
-# define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st))
-# define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i))
-# define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val))
-# define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st))
-# define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val))
-# define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val))
-# define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val))
-# define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val))
-# define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i))
-# define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr))
-# define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i))
-# define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp))
-# define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st)
-# define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func))
-# define sk_nid_triple_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(nid_triple, (st), (copy_func), (free_func))
-# define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st))
-# define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st))
-# define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st))
-# define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st))
-
-# define sk_void_new(cmp) SKM_sk_new(void, (cmp))
-# define sk_void_new_null() SKM_sk_new_null(void)
-# define sk_void_free(st) SKM_sk_free(void, (st))
-# define sk_void_num(st) SKM_sk_num(void, (st))
-# define sk_void_value(st, i) SKM_sk_value(void, (st), (i))
-# define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val))
-# define sk_void_zero(st) SKM_sk_zero(void, (st))
-# define sk_void_push(st, val) SKM_sk_push(void, (st), (val))
-# define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val))
-# define sk_void_find(st, val) SKM_sk_find(void, (st), (val))
-# define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val))
-# define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i))
-# define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr))
-# define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i))
-# define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp))
-# define sk_void_dup(st) SKM_sk_dup(void, st)
-# define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func))
-# define sk_void_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(void, (st), (copy_func), (free_func))
-# define sk_void_shift(st) SKM_sk_shift(void, (st))
-# define sk_void_pop(st) SKM_sk_pop(void, (st))
-# define sk_void_sort(st) SKM_sk_sort(void, (st))
-# define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
-
-# define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
-# define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
-# define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
-# define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
-# define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC(char, free_func))
-# define sk_OPENSSL_STRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_STRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_COPY_FUNC(char, copy_func), CHECKED_SK_FREE_FUNC(char, free_func)))
-# define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
-# define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
-# define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
-# define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
-# define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
-# define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \
- ((int (*)(const char * const *,const char * const *)) \
- sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
-# define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
-# define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
-# define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
-# define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
-# define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
-
-# define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
-# define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
-# define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
-# define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
-# define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC(void, free_func))
-# define sk_OPENSSL_BLOCK_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_BLOCK) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_COPY_FUNC(void, copy_func), CHECKED_SK_FREE_FUNC(void, free_func)))
-# define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
-# define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
-# define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
-# define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
-# define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \
- ((int (*)(const void * const *,const void * const *)) \
- sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
-# define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
-# define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
-# define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
-
-# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
-# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
-# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))
-# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)))
-# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
-# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
-# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
-# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
- ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
- sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
-# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
-
-# define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
-# define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
-# define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
-# define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst)
-# define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn)
-# define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg)
-# define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh)
-# define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh)
-# define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh)
-# define lh_ADDED_OBJ_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(ADDED_OBJ,lh,out)
-# define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out)
-# define lh_ADDED_OBJ_stats_bio(lh,out) \
- LHM_lh_stats_bio(ADDED_OBJ,lh,out)
-# define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh)
-
-# define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info)
-# define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst)
-# define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst)
-# define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst)
-# define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn)
-# define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg)
-# define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh)
-# define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh)
-# define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh)
-# define lh_APP_INFO_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(APP_INFO,lh,out)
-# define lh_APP_INFO_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(APP_INFO,lh,out)
-# define lh_APP_INFO_stats_bio(lh,out) \
- LHM_lh_stats_bio(APP_INFO,lh,out)
-# define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh)
-
-# define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value)
-# define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst)
-# define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst)
-# define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst)
-# define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn)
-# define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg)
-# define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh)
-# define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh)
-# define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh)
-# define lh_CONF_VALUE_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(CONF_VALUE,lh,out)
-# define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out)
-# define lh_CONF_VALUE_stats_bio(lh,out) \
- LHM_lh_stats_bio(CONF_VALUE,lh,out)
-# define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh)
-
-# define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile)
-# define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst)
-# define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst)
-# define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst)
-# define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn)
-# define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg)
-# define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh)
-# define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh)
-# define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh)
-# define lh_ENGINE_PILE_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(ENGINE_PILE,lh,out)
-# define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out)
-# define lh_ENGINE_PILE_stats_bio(lh,out) \
- LHM_lh_stats_bio(ENGINE_PILE,lh,out)
-# define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh)
-
-# define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state)
-# define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst)
-# define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst)
-# define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst)
-# define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn)
-# define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg)
-# define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh)
-# define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh)
-# define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh)
-# define lh_ERR_STATE_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(ERR_STATE,lh,out)
-# define lh_ERR_STATE_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out)
-# define lh_ERR_STATE_stats_bio(lh,out) \
- LHM_lh_stats_bio(ERR_STATE,lh,out)
-# define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh)
-
-# define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data)
-# define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst)
-# define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst)
-# define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst)
-# define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn)
-# define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg)
-# define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh)
-# define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh)
-# define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh)
-# define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out)
-# define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out)
-# define lh_ERR_STRING_DATA_stats_bio(lh,out) \
- LHM_lh_stats_bio(ERR_STRING_DATA,lh,out)
-# define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh)
-
-# define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item)
-# define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst)
-# define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst)
-# define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst)
-# define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn)
-# define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg)
-# define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh)
-# define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh)
-# define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh)
-# define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out)
-# define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out)
-# define lh_EX_CLASS_ITEM_stats_bio(lh,out) \
- LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out)
-# define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh)
-
-# define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function)
-# define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst)
-# define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst)
-# define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst)
-# define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn)
-# define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg)
-# define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh)
-# define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh)
-# define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh)
-# define lh_FUNCTION_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(FUNCTION,lh,out)
-# define lh_FUNCTION_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(FUNCTION,lh,out)
-# define lh_FUNCTION_stats_bio(lh,out) \
- LHM_lh_stats_bio(FUNCTION,lh,out)
-# define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh)
-
-# define lh_MEM_new() LHM_lh_new(MEM,mem)
-# define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst)
-# define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst)
-# define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst)
-# define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn)
-# define lh_MEM_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg)
-# define lh_MEM_error(lh) LHM_lh_error(MEM,lh)
-# define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh)
-# define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh)
-# define lh_MEM_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(MEM,lh,out)
-# define lh_MEM_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(MEM,lh,out)
-# define lh_MEM_stats_bio(lh,out) \
- LHM_lh_stats_bio(MEM,lh,out)
-# define lh_MEM_free(lh) LHM_lh_free(MEM,lh)
-
-# define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name)
-# define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst)
-# define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst)
-# define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst)
-# define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn)
-# define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg)
-# define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh)
-# define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh)
-# define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh)
-# define lh_OBJ_NAME_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(OBJ_NAME,lh,out)
-# define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out)
-# define lh_OBJ_NAME_stats_bio(lh,out) \
- LHM_lh_stats_bio(OBJ_NAME,lh,out)
-# define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh)
-
-# define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring)
-# define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst)
-# define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst)
-# define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst)
-# define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn)
-# define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg)
-# define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh)
-# define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh)
-# define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh)
-# define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out)
-# define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out)
-# define lh_OPENSSL_CSTRING_stats_bio(lh,out) \
- LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out)
-# define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh)
-
-# define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string)
-# define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst)
-# define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst)
-# define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst)
-# define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn)
-# define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg)
-# define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh)
-# define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh)
-# define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh)
-# define lh_OPENSSL_STRING_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out)
-# define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out)
-# define lh_OPENSSL_STRING_stats_bio(lh,out) \
- LHM_lh_stats_bio(OPENSSL_STRING,lh,out)
-# define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh)
-
-# define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session)
-# define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst)
-# define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst)
-# define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst)
-# define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn)
-# define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \
- LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg)
-# define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh)
-# define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh)
-# define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh)
-# define lh_SSL_SESSION_node_stats_bio(lh,out) \
- LHM_lh_node_stats_bio(SSL_SESSION,lh,out)
-# define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \
- LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out)
-# define lh_SSL_SESSION_stats_bio(lh,out) \
- LHM_lh_stats_bio(SSL_SESSION,lh,out)
-# define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh)
-
-# ifdef __cplusplus
-}
-# endif
-#endif
+++ /dev/null
-/* crypto/stack/stack.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_STACK_H
-# define HEADER_STACK_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct stack_st _STACK; /* Use STACK_OF(...) instead */
-
-int sk_num(const _STACK *);
-void *sk_value(const _STACK *, int);
-
-void *sk_set(_STACK *, int, void *);
-
-_STACK *sk_new(int (*cmp) (const void *, const void *));
-_STACK *sk_new_null(void);
-void sk_free(_STACK *);
-void sk_pop_free(_STACK *st, void (*func) (void *));
-_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
-int sk_insert(_STACK *sk, void *data, int where);
-void *sk_delete(_STACK *st, int loc);
-void *sk_delete_ptr(_STACK *st, void *p);
-int sk_find(_STACK *st, void *data);
-int sk_find_ex(_STACK *st, void *data);
-int sk_push(_STACK *st, void *data);
-int sk_unshift(_STACK *st, void *data);
-void *sk_shift(_STACK *st);
-void *sk_pop(_STACK *st);
-void sk_zero(_STACK *st);
-int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
- (const void *, const void *);
-_STACK *sk_dup(_STACK *st);
-void sk_sort(_STACK *st);
-int sk_is_sorted(const _STACK *st);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/store/store.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_STORE_H
-# define HEADER_STORE_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_STORE
-# error STORE is disabled.
-# endif
-
-# include <openssl/ossl_typ.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/x509.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct store_st STORE; */
-/* typedef struct store_method_st STORE_METHOD; */
-
-/*
- * All the following functions return 0, a negative number or NULL on error.
- * When everything is fine, they return a positive value or a non-NULL
- * pointer, all depending on their purpose.
- */
-
-/* Creators and destructor. */
-STORE *STORE_new_method(const STORE_METHOD *method);
-STORE *STORE_new_engine(ENGINE *engine);
-void STORE_free(STORE *ui);
-
-/*
- * Give a user interface parametrised control commands. This can be used to
- * send down an integer, a data pointer or a function pointer, as well as be
- * used to get information from a STORE.
- */
-int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void));
-
-/*
- * A control to set the directory with keys and certificates. Used by the
- * built-in directory level method.
- */
-# define STORE_CTRL_SET_DIRECTORY 0x0001
-/*
- * A control to set a file to load. Used by the built-in file level method.
- */
-# define STORE_CTRL_SET_FILE 0x0002
-/*
- * A control to set a configuration file to load. Can be used by any method
- * that wishes to load a configuration file.
- */
-# define STORE_CTRL_SET_CONF_FILE 0x0003
-/*
- * A control to set a the section of the loaded configuration file. Can be
- * used by any method that wishes to load a configuration file.
- */
-# define STORE_CTRL_SET_CONF_SECTION 0x0004
-
-/* Some methods may use extra data */
-# define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg)
-# define STORE_get_app_data(s) STORE_get_ex_data(s,0)
-int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-int STORE_set_ex_data(STORE *r, int idx, void *arg);
-void *STORE_get_ex_data(STORE *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-const STORE_METHOD *STORE_get_method(STORE *store);
-const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
-
-/* The standard OpenSSL methods. */
-/*
- * This is the in-memory method. It does everything except revoking and
- * updating, and is of course volatile. It's used by other methods that have
- * an in-memory cache.
- */
-const STORE_METHOD *STORE_Memory(void);
-# if 0 /* Not yet implemented */
-/*
- * This is the directory store. It does everything except revoking and
- * updating, and uses STORE_Memory() to cache things in memory.
- */
-const STORE_METHOD *STORE_Directory(void);
-/*
- * This is the file store. It does everything except revoking and updating,
- * and uses STORE_Memory() to cache things in memory. Certificates are added
- * to it with the store operation, and it will only get cached certificates.
- */
-const STORE_METHOD *STORE_File(void);
-# endif
-
-/*
- * Store functions take a type code for the type of data they should store or
- * fetch
- */
-typedef enum STORE_object_types {
- STORE_OBJECT_TYPE_X509_CERTIFICATE = 0x01, /* X509 * */
- STORE_OBJECT_TYPE_X509_CRL = 0x02, /* X509_CRL * */
- STORE_OBJECT_TYPE_PRIVATE_KEY = 0x03, /* EVP_PKEY * */
- STORE_OBJECT_TYPE_PUBLIC_KEY = 0x04, /* EVP_PKEY * */
- STORE_OBJECT_TYPE_NUMBER = 0x05, /* BIGNUM * */
- STORE_OBJECT_TYPE_ARBITRARY = 0x06, /* BUF_MEM * */
- STORE_OBJECT_TYPE_NUM = 0x06 /* The amount of known object types */
-} STORE_OBJECT_TYPES;
-/* List of text strings corresponding to the object types. */
-extern const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1];
-
-/*
- * Some store functions take a parameter list. Those parameters come with
- * one of the following codes. The comments following the codes below
- * indicate what type the value should be a pointer to.
- */
-typedef enum STORE_params {
- STORE_PARAM_EVP_TYPE = 0x01, /* int */
- STORE_PARAM_BITS = 0x02, /* size_t */
- STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */
- STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */
- STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */
- STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */
- STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */
-} STORE_PARAM_TYPES;
-/*
- * Parameter value sizes. -1 means unknown, anything else is the required
- * size.
- */
-extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1];
-
-/*
- * Store functions take attribute lists. Those attributes come with codes.
- * The comments following the codes below indicate what type the value should
- * be a pointer to.
- */
-typedef enum STORE_attribs {
- STORE_ATTR_END = 0x00,
- STORE_ATTR_FRIENDLYNAME = 0x01, /* C string */
- STORE_ATTR_KEYID = 0x02, /* 160 bit string (SHA1) */
- STORE_ATTR_ISSUERKEYID = 0x03, /* 160 bit string (SHA1) */
- STORE_ATTR_SUBJECTKEYID = 0x04, /* 160 bit string (SHA1) */
- STORE_ATTR_ISSUERSERIALHASH = 0x05, /* 160 bit string (SHA1) */
- STORE_ATTR_ISSUER = 0x06, /* X509_NAME * */
- STORE_ATTR_SERIAL = 0x07, /* BIGNUM * */
- STORE_ATTR_SUBJECT = 0x08, /* X509_NAME * */
- STORE_ATTR_CERTHASH = 0x09, /* 160 bit string (SHA1) */
- STORE_ATTR_EMAIL = 0x0a, /* C string */
- STORE_ATTR_FILENAME = 0x0b, /* C string */
- STORE_ATTR_TYPE_NUM = 0x0b, /* The amount of known attribute types */
- STORE_ATTR_OR = 0xff /* This is a special separator, which
- * expresses the OR operation. */
-} STORE_ATTR_TYPES;
-/*
- * Attribute value sizes. -1 means unknown, anything else is the required
- * size.
- */
-extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1];
-
-typedef enum STORE_certificate_status {
- STORE_X509_VALID = 0x00,
- STORE_X509_EXPIRED = 0x01,
- STORE_X509_SUSPENDED = 0x02,
- STORE_X509_REVOKED = 0x03
-} STORE_CERTIFICATE_STATUS;
-
-/*
- * Engine store functions will return a structure that contains all the
- * necessary information, including revokation status for certificates. This
- * is really not needed for application authors, as the ENGINE framework
- * functions will extract the OpenSSL-specific information when at all
- * possible. However, for engine authors, it's crucial to know this
- * structure.
- */
-typedef struct STORE_OBJECT_st {
- STORE_OBJECT_TYPES type;
- union {
- struct {
- STORE_CERTIFICATE_STATUS status;
- X509 *certificate;
- } x509;
- X509_CRL *crl;
- EVP_PKEY *key;
- BIGNUM *number;
- BUF_MEM *arbitrary;
- } data;
-} STORE_OBJECT;
-DECLARE_STACK_OF(STORE_OBJECT)
-STORE_OBJECT *STORE_OBJECT_new(void);
-void STORE_OBJECT_free(STORE_OBJECT *data);
-
-/*
- * The following functions handle the storage. They return 0, a negative
- * number or NULL on error, anything else on success.
- */
-X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-X509 *STORE_list_certificate_next(STORE *e, void *handle);
-int STORE_list_certificate_end(STORE *e, void *handle);
-int STORE_list_certificate_endp(STORE *e, void *handle);
-EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_private_key(STORE *e, EVP_PKEY *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
-int STORE_list_private_key_end(STORE *e, void *handle);
-int STORE_list_private_key_endp(STORE *e, void *handle);
-EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_public_key(STORE *e, EVP_PKEY *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
-int STORE_list_public_key_end(STORE *e, void *handle);
-int STORE_list_public_key_endp(STORE *e, void *handle);
-X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
-int STORE_list_crl_end(STORE *e, void *handle);
-int STORE_list_crl_endp(STORE *e, void *handle);
-int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_sttributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-
-/* Create and manipulate methods */
-STORE_METHOD *STORE_create_method(char *name);
-void STORE_destroy_method(STORE_METHOD *store_method);
-
-/* These callback types are use for store handlers */
-typedef int (*STORE_INITIALISE_FUNC_PTR) (STORE *);
-typedef void (*STORE_CLEANUP_FUNC_PTR) (STORE *);
-typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *,
- STORE_OBJECT_TYPES
- type,
- OPENSSL_ITEM
- attributes[],
- OPENSSL_ITEM
- parameters[]);
-typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *,
- STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
-typedef int (*STORE_END_OBJECT_FUNC_PTR) (STORE *, void *handle);
-typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_STORE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
- STORE_OBJECT *data,
- OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
- OPENSSL_ITEM search_attributes[],
- OPENSSL_ITEM add_attributes[],
- OPENSSL_ITEM modify_attributes[],
- OPENSSL_ITEM delete_attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_GENERIC_FUNC_PTR) (STORE *, OPENSSL_ITEM attributes[],
- OPENSSL_ITEM parameters[]);
-typedef int (*STORE_CTRL_FUNC_PTR) (STORE *, int cmd, long l, void *p,
- void (*f) (void));
-
-int STORE_method_set_initialise_function(STORE_METHOD *sm,
- STORE_INITIALISE_FUNC_PTR init_f);
-int STORE_method_set_cleanup_function(STORE_METHOD *sm,
- STORE_CLEANUP_FUNC_PTR clean_f);
-int STORE_method_set_generate_function(STORE_METHOD *sm,
- STORE_GENERATE_OBJECT_FUNC_PTR
- generate_f);
-int STORE_method_set_get_function(STORE_METHOD *sm,
- STORE_GET_OBJECT_FUNC_PTR get_f);
-int STORE_method_set_store_function(STORE_METHOD *sm,
- STORE_STORE_OBJECT_FUNC_PTR store_f);
-int STORE_method_set_modify_function(STORE_METHOD *sm,
- STORE_MODIFY_OBJECT_FUNC_PTR store_f);
-int STORE_method_set_revoke_function(STORE_METHOD *sm,
- STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
-int STORE_method_set_delete_function(STORE_METHOD *sm,
- STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
-int STORE_method_set_list_start_function(STORE_METHOD *sm,
- STORE_START_OBJECT_FUNC_PTR
- list_start_f);
-int STORE_method_set_list_next_function(STORE_METHOD *sm,
- STORE_NEXT_OBJECT_FUNC_PTR
- list_next_f);
-int STORE_method_set_list_end_function(STORE_METHOD *sm,
- STORE_END_OBJECT_FUNC_PTR list_end_f);
-int STORE_method_set_update_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_lock_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
- STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_ctrl_function(STORE_METHOD *sm,
- STORE_CTRL_FUNC_PTR ctrl_f);
-
-STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
- *sm);
-STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
-STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
- *sm);
-STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
-STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
-STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
- *sm);
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
- *sm);
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
- *sm);
-STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
- *sm);
-STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
- *sm);
-STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD
- *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
- *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
- *sm);
-STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
-
-/* Method helper structures and functions. */
-
-/*
- * This structure is the result of parsing through the information in a list
- * of OPENSSL_ITEMs. It stores all the necessary information in a structured
- * way.
- */
-typedef struct STORE_attr_info_st STORE_ATTR_INFO;
-
-/*
- * Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
- * Note that we do this in the list form, since the list of OPENSSL_ITEMs can
- * come in blocks separated with STORE_ATTR_OR. Note that the value returned
- * by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free().
- */
-void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
-STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
-int STORE_parse_attrs_end(void *handle);
-int STORE_parse_attrs_endp(void *handle);
-
-/* Creator and destructor */
-STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
-int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
-
-/* Manipulators */
-char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code);
-int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- char *cstr, size_t cstr_size);
-int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- unsigned char *sha1str, size_t sha1str_size);
-int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- X509_NAME *dn);
-int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- BIGNUM *number);
-int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- char *cstr, size_t cstr_size);
-int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code,
- unsigned char *sha1str,
- size_t sha1str_size);
-int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
- X509_NAME *dn);
-int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
- STORE_ATTR_TYPES code, BIGNUM *number);
-
-/*
- * Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values in
- * each contained attribute.
- */
-int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
- const STORE_ATTR_INFO *const *b);
-/*
- * Check if the set of attributes in a is within the range of attributes set
- * in b.
- */
-int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-/* Check if the set of attributes in a are also set in b. */
-int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
-int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_STORE_strings(void);
-
-/* Error codes for the STORE functions. */
-
-/* Function codes. */
-# define STORE_F_MEM_DELETE 134
-# define STORE_F_MEM_GENERATE 135
-# define STORE_F_MEM_LIST_END 168
-# define STORE_F_MEM_LIST_NEXT 136
-# define STORE_F_MEM_LIST_START 137
-# define STORE_F_MEM_MODIFY 169
-# define STORE_F_MEM_STORE 138
-# define STORE_F_STORE_ATTR_INFO_GET0_CSTR 139
-# define STORE_F_STORE_ATTR_INFO_GET0_DN 140
-# define STORE_F_STORE_ATTR_INFO_GET0_NUMBER 141
-# define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR 142
-# define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR 143
-# define STORE_F_STORE_ATTR_INFO_MODIFY_DN 144
-# define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER 145
-# define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR 146
-# define STORE_F_STORE_ATTR_INFO_SET_CSTR 147
-# define STORE_F_STORE_ATTR_INFO_SET_DN 148
-# define STORE_F_STORE_ATTR_INFO_SET_NUMBER 149
-# define STORE_F_STORE_ATTR_INFO_SET_SHA1STR 150
-# define STORE_F_STORE_CERTIFICATE 170
-# define STORE_F_STORE_CTRL 161
-# define STORE_F_STORE_DELETE_ARBITRARY 158
-# define STORE_F_STORE_DELETE_CERTIFICATE 102
-# define STORE_F_STORE_DELETE_CRL 103
-# define STORE_F_STORE_DELETE_NUMBER 104
-# define STORE_F_STORE_DELETE_PRIVATE_KEY 105
-# define STORE_F_STORE_DELETE_PUBLIC_KEY 106
-# define STORE_F_STORE_GENERATE_CRL 107
-# define STORE_F_STORE_GENERATE_KEY 108
-# define STORE_F_STORE_GET_ARBITRARY 159
-# define STORE_F_STORE_GET_CERTIFICATE 109
-# define STORE_F_STORE_GET_CRL 110
-# define STORE_F_STORE_GET_NUMBER 111
-# define STORE_F_STORE_GET_PRIVATE_KEY 112
-# define STORE_F_STORE_GET_PUBLIC_KEY 113
-# define STORE_F_STORE_LIST_CERTIFICATE_END 114
-# define STORE_F_STORE_LIST_CERTIFICATE_ENDP 153
-# define STORE_F_STORE_LIST_CERTIFICATE_NEXT 115
-# define STORE_F_STORE_LIST_CERTIFICATE_START 116
-# define STORE_F_STORE_LIST_CRL_END 117
-# define STORE_F_STORE_LIST_CRL_ENDP 154
-# define STORE_F_STORE_LIST_CRL_NEXT 118
-# define STORE_F_STORE_LIST_CRL_START 119
-# define STORE_F_STORE_LIST_PRIVATE_KEY_END 120
-# define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP 155
-# define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT 121
-# define STORE_F_STORE_LIST_PRIVATE_KEY_START 122
-# define STORE_F_STORE_LIST_PUBLIC_KEY_END 123
-# define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP 156
-# define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT 124
-# define STORE_F_STORE_LIST_PUBLIC_KEY_START 125
-# define STORE_F_STORE_MODIFY_ARBITRARY 162
-# define STORE_F_STORE_MODIFY_CERTIFICATE 163
-# define STORE_F_STORE_MODIFY_CRL 164
-# define STORE_F_STORE_MODIFY_NUMBER 165
-# define STORE_F_STORE_MODIFY_PRIVATE_KEY 166
-# define STORE_F_STORE_MODIFY_PUBLIC_KEY 167
-# define STORE_F_STORE_NEW_ENGINE 133
-# define STORE_F_STORE_NEW_METHOD 132
-# define STORE_F_STORE_PARSE_ATTRS_END 151
-# define STORE_F_STORE_PARSE_ATTRS_ENDP 172
-# define STORE_F_STORE_PARSE_ATTRS_NEXT 152
-# define STORE_F_STORE_PARSE_ATTRS_START 171
-# define STORE_F_STORE_REVOKE_CERTIFICATE 129
-# define STORE_F_STORE_REVOKE_PRIVATE_KEY 130
-# define STORE_F_STORE_REVOKE_PUBLIC_KEY 131
-# define STORE_F_STORE_STORE_ARBITRARY 157
-# define STORE_F_STORE_STORE_CERTIFICATE 100
-# define STORE_F_STORE_STORE_CRL 101
-# define STORE_F_STORE_STORE_NUMBER 126
-# define STORE_F_STORE_STORE_PRIVATE_KEY 127
-# define STORE_F_STORE_STORE_PUBLIC_KEY 128
-
-/* Reason codes. */
-# define STORE_R_ALREADY_HAS_A_VALUE 127
-# define STORE_R_FAILED_DELETING_ARBITRARY 132
-# define STORE_R_FAILED_DELETING_CERTIFICATE 100
-# define STORE_R_FAILED_DELETING_KEY 101
-# define STORE_R_FAILED_DELETING_NUMBER 102
-# define STORE_R_FAILED_GENERATING_CRL 103
-# define STORE_R_FAILED_GENERATING_KEY 104
-# define STORE_R_FAILED_GETTING_ARBITRARY 133
-# define STORE_R_FAILED_GETTING_CERTIFICATE 105
-# define STORE_R_FAILED_GETTING_KEY 106
-# define STORE_R_FAILED_GETTING_NUMBER 107
-# define STORE_R_FAILED_LISTING_CERTIFICATES 108
-# define STORE_R_FAILED_LISTING_KEYS 109
-# define STORE_R_FAILED_MODIFYING_ARBITRARY 138
-# define STORE_R_FAILED_MODIFYING_CERTIFICATE 139
-# define STORE_R_FAILED_MODIFYING_CRL 140
-# define STORE_R_FAILED_MODIFYING_NUMBER 141
-# define STORE_R_FAILED_MODIFYING_PRIVATE_KEY 142
-# define STORE_R_FAILED_MODIFYING_PUBLIC_KEY 143
-# define STORE_R_FAILED_REVOKING_CERTIFICATE 110
-# define STORE_R_FAILED_REVOKING_KEY 111
-# define STORE_R_FAILED_STORING_ARBITRARY 134
-# define STORE_R_FAILED_STORING_CERTIFICATE 112
-# define STORE_R_FAILED_STORING_KEY 113
-# define STORE_R_FAILED_STORING_NUMBER 114
-# define STORE_R_NOT_IMPLEMENTED 128
-# define STORE_R_NO_CONTROL_FUNCTION 144
-# define STORE_R_NO_DELETE_ARBITRARY_FUNCTION 135
-# define STORE_R_NO_DELETE_NUMBER_FUNCTION 115
-# define STORE_R_NO_DELETE_OBJECT_FUNCTION 116
-# define STORE_R_NO_GENERATE_CRL_FUNCTION 117
-# define STORE_R_NO_GENERATE_OBJECT_FUNCTION 118
-# define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION 136
-# define STORE_R_NO_GET_OBJECT_FUNCTION 119
-# define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION 120
-# define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION 131
-# define STORE_R_NO_LIST_OBJECT_END_FUNCTION 121
-# define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION 122
-# define STORE_R_NO_LIST_OBJECT_START_FUNCTION 123
-# define STORE_R_NO_MODIFY_OBJECT_FUNCTION 145
-# define STORE_R_NO_REVOKE_OBJECT_FUNCTION 124
-# define STORE_R_NO_STORE 129
-# define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION 137
-# define STORE_R_NO_STORE_OBJECT_FUNCTION 125
-# define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION 126
-# define STORE_R_NO_VALUE 130
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SYMHACKS_H
-# define HEADER_SYMHACKS_H
-
-# include <openssl/e_os2.h>
-
-/*
- * Hacks to solve the problem with linkers incapable of handling very long
- * symbol names. In the case of VMS, the limit is 31 characters on VMS for
- * VAX.
- */
-/*
- * Note that this affects util/libeay.num and util/ssleay.num... you may
- * change those manually, but that's not recommended, as those files are
- * controlled centrally and updated on Unix, and the central definition may
- * disagree with yours, which in turn may come with shareable library
- * incompatibilities.
- */
-# ifdef OPENSSL_SYS_VMS
-
-/* Hack a long name in crypto/ex_data.c */
-# undef CRYPTO_get_ex_data_implementation
-# define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl
-# undef CRYPTO_set_ex_data_implementation
-# define CRYPTO_set_ex_data_implementation CRYPTO_set_ex_data_impl
-
-/* Hack a long name in crypto/asn1/a_mbstr.c */
-# undef ASN1_STRING_set_default_mask_asc
-# define ASN1_STRING_set_default_mask_asc ASN1_STRING_set_def_mask_asc
-
-/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
-# undef PEM_read_NETSCAPE_CERT_SEQUENCE
-# define PEM_read_NETSCAPE_CERT_SEQUENCE PEM_read_NS_CERT_SEQ
-# undef PEM_write_NETSCAPE_CERT_SEQUENCE
-# define PEM_write_NETSCAPE_CERT_SEQUENCE PEM_write_NS_CERT_SEQ
-# undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
-# define PEM_read_bio_NETSCAPE_CERT_SEQUENCE PEM_read_bio_NS_CERT_SEQ
-# undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
-# define PEM_write_bio_NETSCAPE_CERT_SEQUENCE PEM_write_bio_NS_CERT_SEQ
-# undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
-# define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE PEM_write_cb_bio_NS_CERT_SEQ
-
-/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
-# undef PEM_read_PKCS8_PRIV_KEY_INFO
-# define PEM_read_PKCS8_PRIV_KEY_INFO PEM_read_P8_PRIV_KEY_INFO
-# undef PEM_write_PKCS8_PRIV_KEY_INFO
-# define PEM_write_PKCS8_PRIV_KEY_INFO PEM_write_P8_PRIV_KEY_INFO
-# undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
-# define PEM_read_bio_PKCS8_PRIV_KEY_INFO PEM_read_bio_P8_PRIV_KEY_INFO
-# undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
-# define PEM_write_bio_PKCS8_PRIV_KEY_INFO PEM_write_bio_P8_PRIV_KEY_INFO
-# undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
-# define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
-
-/* Hack other PEM names */
-# undef PEM_write_bio_PKCS8PrivateKey_nid
-# define PEM_write_bio_PKCS8PrivateKey_nid PEM_write_bio_PKCS8PrivKey_nid
-
-/* Hack some long X509 names */
-# undef X509_REVOKED_get_ext_by_critical
-# define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic
-# undef X509_policy_tree_get0_user_policies
-# define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies
-# undef X509_policy_node_get0_qualifiers
-# define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
-# undef X509_STORE_CTX_get_explicit_policy
-# define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy
-# undef X509_STORE_CTX_get0_current_issuer
-# define X509_STORE_CTX_get0_current_issuer X509_STORE_CTX_get0_cur_issuer
-
-/* Hack some long CRYPTO names */
-# undef CRYPTO_set_dynlock_destroy_callback
-# define CRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_destroy_cb
-# undef CRYPTO_set_dynlock_create_callback
-# define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb
-# undef CRYPTO_set_dynlock_lock_callback
-# define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
-# undef CRYPTO_get_dynlock_lock_callback
-# define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
-# undef CRYPTO_get_dynlock_destroy_callback
-# define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb
-# undef CRYPTO_get_dynlock_create_callback
-# define CRYPTO_get_dynlock_create_callback CRYPTO_get_dynlock_create_cb
-# undef CRYPTO_set_locked_mem_ex_functions
-# define CRYPTO_set_locked_mem_ex_functions CRYPTO_set_locked_mem_ex_funcs
-# undef CRYPTO_get_locked_mem_ex_functions
-# define CRYPTO_get_locked_mem_ex_functions CRYPTO_get_locked_mem_ex_funcs
-
-/* Hack some long SSL/TLS names */
-# undef SSL_CTX_set_default_verify_paths
-# define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
-# undef SSL_get_ex_data_X509_STORE_CTX_idx
-# define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx
-# undef SSL_add_file_cert_subjects_to_stack
-# define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk
-# undef SSL_add_dir_cert_subjects_to_stack
-# define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk
-# undef SSL_CTX_use_certificate_chain_file
-# define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
-# undef SSL_CTX_set_cert_verify_callback
-# define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
-# undef SSL_CTX_set_default_passwd_cb_userdata
-# define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
-# undef SSL_COMP_get_compression_methods
-# define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
-# undef ssl_add_clienthello_renegotiate_ext
-# define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
-# undef ssl_add_serverhello_renegotiate_ext
-# define ssl_add_serverhello_renegotiate_ext ssl_add_serverhello_reneg_ext
-# undef ssl_parse_clienthello_renegotiate_ext
-# define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
-# undef ssl_parse_serverhello_renegotiate_ext
-# define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
-# undef SSL_srp_server_param_with_username
-# define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
-# undef SSL_CTX_set_srp_client_pwd_callback
-# define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
-# undef SSL_CTX_set_srp_verify_param_callback
-# define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
-# undef SSL_CTX_set_srp_username_callback
-# define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
-# undef ssl_add_clienthello_use_srtp_ext
-# define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
-# undef ssl_add_serverhello_use_srtp_ext
-# define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
-# undef ssl_parse_clienthello_use_srtp_ext
-# define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
-# undef ssl_parse_serverhello_use_srtp_ext
-# define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
-# undef SSL_CTX_set_next_protos_advertised_cb
-# define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
-# undef SSL_CTX_set_next_proto_select_cb
-# define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
-# undef SSL_CTX_set_not_resumable_session_callback
-# define SSL_CTX_set_not_resumable_session_callback \
- SSL_CTX_set_not_resumbl_sess_cb
-# undef SSL_set_not_resumable_session_callback
-# define SSL_set_not_resumable_session_callback SSL_set_not_resumbl_sess_cb
-# undef ssl_check_clienthello_tlsext_late
-# define ssl_check_clienthello_tlsext_late ssl_chk_clienthello_tlsext_late
-# undef ssl3_cbc_record_digest_supported
-# define ssl3_cbc_record_digest_supported ssl3_cbc_rcd_digest_supported
-# undef SSL_COMP_set0_compression_methods
-# define SSL_COMP_set0_compression_methods SSL_COMP_set0_compr_methods
-# undef SSL_COMP_free_compression_methods
-# define SSL_COMP_free_compression_methods SSL_COMP_free_compr_methods
-
-/* Hack some long ENGINE names */
-# undef ENGINE_get_default_BN_mod_exp_crt
-# define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt
-# undef ENGINE_set_default_BN_mod_exp_crt
-# define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt
-# undef ENGINE_set_load_privkey_function
-# define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
-# undef ENGINE_get_load_privkey_function
-# define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
-# undef ENGINE_unregister_pkey_asn1_meths
-# define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths
-# undef ENGINE_register_all_pkey_asn1_meths
-# define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths
-# undef ENGINE_set_default_pkey_asn1_meths
-# define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths
-# undef ENGINE_get_pkey_asn1_meth_engine
-# define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng
-# undef ENGINE_set_load_ssl_client_cert_function
-# define ENGINE_set_load_ssl_client_cert_function \
- ENGINE_set_ld_ssl_clnt_cert_fn
-# undef ENGINE_get_ssl_client_cert_function
-# define ENGINE_get_ssl_client_cert_function ENGINE_get_ssl_client_cert_fn
-
-/* Hack some long OCSP names */
-# undef OCSP_REQUEST_get_ext_by_critical
-# define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
-# undef OCSP_BASICRESP_get_ext_by_critical
-# define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit
-# undef OCSP_SINGLERESP_get_ext_by_critical
-# define OCSP_SINGLERESP_get_ext_by_critical OCSP_SINGLERESP_get_ext_by_crit
-
-/* Hack some long EVP names */
-# undef OPENSSL_add_all_algorithms_noconf
-# define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf
-# undef OPENSSL_add_all_algorithms_conf
-# define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf
-# undef EVP_PKEY_meth_set_verify_recover
-# define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover
-
-/* Hack some long EC names */
-# undef EC_GROUP_set_point_conversion_form
-# define EC_GROUP_set_point_conversion_form EC_GROUP_set_point_conv_form
-# undef EC_GROUP_get_point_conversion_form
-# define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
-# undef EC_GROUP_clear_free_all_extra_data
-# define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
-# undef EC_KEY_set_public_key_affine_coordinates
-# define EC_KEY_set_public_key_affine_coordinates \
- EC_KEY_set_pub_key_aff_coords
-# undef EC_POINT_set_Jprojective_coordinates_GFp
-# define EC_POINT_set_Jprojective_coordinates_GFp \
- EC_POINT_set_Jproj_coords_GFp
-# undef EC_POINT_get_Jprojective_coordinates_GFp
-# define EC_POINT_get_Jprojective_coordinates_GFp \
- EC_POINT_get_Jproj_coords_GFp
-# undef EC_POINT_set_affine_coordinates_GFp
-# define EC_POINT_set_affine_coordinates_GFp EC_POINT_set_affine_coords_GFp
-# undef EC_POINT_get_affine_coordinates_GFp
-# define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp
-# undef EC_POINT_set_compressed_coordinates_GFp
-# define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp
-# undef EC_POINT_set_affine_coordinates_GF2m
-# define EC_POINT_set_affine_coordinates_GF2m EC_POINT_set_affine_coords_GF2m
-# undef EC_POINT_get_affine_coordinates_GF2m
-# define EC_POINT_get_affine_coordinates_GF2m EC_POINT_get_affine_coords_GF2m
-# undef EC_POINT_set_compressed_coordinates_GF2m
-# define EC_POINT_set_compressed_coordinates_GF2m \
- EC_POINT_set_compr_coords_GF2m
-# undef ec_GF2m_simple_group_clear_finish
-# define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
-# undef ec_GF2m_simple_group_check_discriminant
-# define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
-# undef ec_GF2m_simple_point_clear_finish
-# define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
-# undef ec_GF2m_simple_point_set_to_infinity
-# define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
-# undef ec_GF2m_simple_points_make_affine
-# define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
-# undef ec_GF2m_simple_point_set_affine_coordinates
-# define ec_GF2m_simple_point_set_affine_coordinates \
- ec_GF2m_smp_pt_set_af_coords
-# undef ec_GF2m_simple_point_get_affine_coordinates
-# define ec_GF2m_simple_point_get_affine_coordinates \
- ec_GF2m_smp_pt_get_af_coords
-# undef ec_GF2m_simple_set_compressed_coordinates
-# define ec_GF2m_simple_set_compressed_coordinates \
- ec_GF2m_smp_set_compr_coords
-# undef ec_GFp_simple_group_set_curve_GFp
-# define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp
-# undef ec_GFp_simple_group_get_curve_GFp
-# define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
-# undef ec_GFp_simple_group_clear_finish
-# define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
-# undef ec_GFp_simple_group_set_generator
-# define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator
-# undef ec_GFp_simple_group_get0_generator
-# define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator
-# undef ec_GFp_simple_group_get_cofactor
-# define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
-# undef ec_GFp_simple_point_clear_finish
-# define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
-# undef ec_GFp_simple_point_set_to_infinity
-# define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
-# undef ec_GFp_simple_points_make_affine
-# define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
-# undef ec_GFp_simple_set_Jprojective_coordinates_GFp
-# define ec_GFp_simple_set_Jprojective_coordinates_GFp \
- ec_GFp_smp_set_Jproj_coords_GFp
-# undef ec_GFp_simple_get_Jprojective_coordinates_GFp
-# define ec_GFp_simple_get_Jprojective_coordinates_GFp \
- ec_GFp_smp_get_Jproj_coords_GFp
-# undef ec_GFp_simple_point_set_affine_coordinates_GFp
-# define ec_GFp_simple_point_set_affine_coordinates_GFp \
- ec_GFp_smp_pt_set_af_coords_GFp
-# undef ec_GFp_simple_point_get_affine_coordinates_GFp
-# define ec_GFp_simple_point_get_affine_coordinates_GFp \
- ec_GFp_smp_pt_get_af_coords_GFp
-# undef ec_GFp_simple_set_compressed_coordinates_GFp
-# define ec_GFp_simple_set_compressed_coordinates_GFp \
- ec_GFp_smp_set_compr_coords_GFp
-# undef ec_GFp_simple_point_set_affine_coordinates
-# define ec_GFp_simple_point_set_affine_coordinates \
- ec_GFp_smp_pt_set_af_coords
-# undef ec_GFp_simple_point_get_affine_coordinates
-# define ec_GFp_simple_point_get_affine_coordinates \
- ec_GFp_smp_pt_get_af_coords
-# undef ec_GFp_simple_set_compressed_coordinates
-# define ec_GFp_simple_set_compressed_coordinates \
- ec_GFp_smp_set_compr_coords
-# undef ec_GFp_simple_group_check_discriminant
-# define ec_GFp_simple_group_check_discriminant ec_GFp_simple_grp_chk_discrim
-
-/* Hack som long STORE names */
-# undef STORE_method_set_initialise_function
-# define STORE_method_set_initialise_function STORE_meth_set_initialise_fn
-# undef STORE_method_set_cleanup_function
-# define STORE_method_set_cleanup_function STORE_meth_set_cleanup_fn
-# undef STORE_method_set_generate_function
-# define STORE_method_set_generate_function STORE_meth_set_generate_fn
-# undef STORE_method_set_modify_function
-# define STORE_method_set_modify_function STORE_meth_set_modify_fn
-# undef STORE_method_set_revoke_function
-# define STORE_method_set_revoke_function STORE_meth_set_revoke_fn
-# undef STORE_method_set_delete_function
-# define STORE_method_set_delete_function STORE_meth_set_delete_fn
-# undef STORE_method_set_list_start_function
-# define STORE_method_set_list_start_function STORE_meth_set_list_start_fn
-# undef STORE_method_set_list_next_function
-# define STORE_method_set_list_next_function STORE_meth_set_list_next_fn
-# undef STORE_method_set_list_end_function
-# define STORE_method_set_list_end_function STORE_meth_set_list_end_fn
-# undef STORE_method_set_update_store_function
-# define STORE_method_set_update_store_function STORE_meth_set_update_store_fn
-# undef STORE_method_set_lock_store_function
-# define STORE_method_set_lock_store_function STORE_meth_set_lock_store_fn
-# undef STORE_method_set_unlock_store_function
-# define STORE_method_set_unlock_store_function STORE_meth_set_unlock_store_fn
-# undef STORE_method_get_initialise_function
-# define STORE_method_get_initialise_function STORE_meth_get_initialise_fn
-# undef STORE_method_get_cleanup_function
-# define STORE_method_get_cleanup_function STORE_meth_get_cleanup_fn
-# undef STORE_method_get_generate_function
-# define STORE_method_get_generate_function STORE_meth_get_generate_fn
-# undef STORE_method_get_modify_function
-# define STORE_method_get_modify_function STORE_meth_get_modify_fn
-# undef STORE_method_get_revoke_function
-# define STORE_method_get_revoke_function STORE_meth_get_revoke_fn
-# undef STORE_method_get_delete_function
-# define STORE_method_get_delete_function STORE_meth_get_delete_fn
-# undef STORE_method_get_list_start_function
-# define STORE_method_get_list_start_function STORE_meth_get_list_start_fn
-# undef STORE_method_get_list_next_function
-# define STORE_method_get_list_next_function STORE_meth_get_list_next_fn
-# undef STORE_method_get_list_end_function
-# define STORE_method_get_list_end_function STORE_meth_get_list_end_fn
-# undef STORE_method_get_update_store_function
-# define STORE_method_get_update_store_function STORE_meth_get_update_store_fn
-# undef STORE_method_get_lock_store_function
-# define STORE_method_get_lock_store_function STORE_meth_get_lock_store_fn
-# undef STORE_method_get_unlock_store_function
-# define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn
-
-/* Hack some long TS names */
-# undef TS_RESP_CTX_set_status_info_cond
-# define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond
-# undef TS_RESP_CTX_set_clock_precision_digits
-# define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits
-# undef TS_CONF_set_clock_precision_digits
-# define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits
-
-/* Hack some long CMS names */
-# undef CMS_RecipientInfo_ktri_get0_algs
-# define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs
-# undef CMS_RecipientInfo_ktri_get0_signer_id
-# define CMS_RecipientInfo_ktri_get0_signer_id CMS_RecipInfo_ktri_get0_sigr_id
-# undef CMS_OtherRevocationInfoFormat_it
-# define CMS_OtherRevocationInfoFormat_it CMS_OtherRevocInfoFormat_it
-# undef CMS_KeyAgreeRecipientIdentifier_it
-# define CMS_KeyAgreeRecipientIdentifier_it CMS_KeyAgreeRecipIdentifier_it
-# undef CMS_OriginatorIdentifierOrKey_it
-# define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it
-# undef cms_SignerIdentifier_get0_signer_id
-# define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id
-# undef CMS_RecipientInfo_kari_get0_orig_id
-# define CMS_RecipientInfo_kari_get0_orig_id CMS_RecipInfo_kari_get0_orig_id
-# undef CMS_RecipientInfo_kari_get0_reks
-# define CMS_RecipientInfo_kari_get0_reks CMS_RecipInfo_kari_get0_reks
-# undef CMS_RecipientInfo_kari_set0_pkey
-# define CMS_RecipientInfo_kari_set0_pkey CMS_RecipInfo_kari_set0_pkey
-# undef CMS_RecipientInfo_kari_orig_id_cmp
-# define CMS_RecipientInfo_kari_orig_id_cmp CMS_RecipInfo_kari_orig_id_cmp
-# undef CMS_RecipientEncryptedKey_cert_cmp
-# define CMS_RecipientEncryptedKey_cert_cmp CMS_RecipEncryptedKey_cert_cmp
-# undef CMS_RecipientEncryptedKey_get0_id
-# define CMS_RecipientEncryptedKey_get0_id CMS_RecipEncryptedKey_get0_id
-
-/* Hack some long DTLS1 names */
-# undef dtls1_retransmit_buffered_messages
-# define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
-
-/* Hack some long SRP names */
-# undef SRP_generate_server_master_secret
-# define SRP_generate_server_master_secret SRP_gen_server_master_secret
-# undef SRP_generate_client_master_secret
-# define SRP_generate_client_master_secret SRP_gen_client_master_secret
-
-/* Hack some long UI names */
-# undef UI_method_get_prompt_constructor
-# define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
-# undef UI_method_set_prompt_constructor
-# define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
-
-/* Hack some long RSA names */
-# undef RSA_padding_check_PKCS1_OAEP_mgf1
-# define RSA_padding_check_PKCS1_OAEP_mgf1 RSA_padding_chk_PKCS1_OAEP_mgf1
-
-# endif /* defined OPENSSL_SYS_VMS */
-
-/* Case insensitive linking causes problems.... */
-# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
-# undef ERR_load_CRYPTO_strings
-# define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
-# undef OCSP_crlID_new
-# define OCSP_crlID_new OCSP_crlID2_new
-
-# undef d2i_ECPARAMETERS
-# define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
-# undef i2d_ECPARAMETERS
-# define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
-# undef d2i_ECPKPARAMETERS
-# define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
-# undef i2d_ECPKPARAMETERS
-# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
-
-/*
- * These functions do not seem to exist! However, I'm paranoid... Original
- * command in x509v3.h: These functions are being redefined in another
- * directory, and clash when the linker is case-insensitive, so let's hide
- * them a little, by giving them an extra 'o' at the beginning of the name...
- */
-# undef X509v3_cleanup_extensions
-# define X509v3_cleanup_extensions oX509v3_cleanup_extensions
-# undef X509v3_add_extension
-# define X509v3_add_extension oX509v3_add_extension
-# undef X509v3_add_netscape_extensions
-# define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
-# undef X509v3_add_standard_extensions
-# define X509v3_add_standard_extensions oX509v3_add_standard_extensions
-
-/* This one clashes with CMS_data_create */
-# undef cms_Data_create
-# define cms_Data_create priv_cms_Data_create
-
-# endif
-
-#endif /* ! defined HEADER_VMS_IDHACKS_H */
+++ /dev/null
-/* crypto/ts/ts.h */
-/*
- * Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL project
- * 2002, 2003, 2004.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_TS_H
-# define HEADER_TS_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/symhacks.h>
-# include <openssl/buffer.h>
-# include <openssl/evp.h>
-# include <openssl/bio.h>
-# include <openssl/stack.h>
-# include <openssl/asn1.h>
-# include <openssl/safestack.h>
-
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
-
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# endif
-
-# ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef WIN32
-/* Under Win32 this is defined in wincrypt.h */
-# undef X509_NAME
-# endif
-
-# include <openssl/x509.h>
-# include <openssl/x509v3.h>
-
-/*-
-MessageImprint ::= SEQUENCE {
- hashAlgorithm AlgorithmIdentifier,
- hashedMessage OCTET STRING }
-*/
-
-typedef struct TS_msg_imprint_st {
- X509_ALGOR *hash_algo;
- ASN1_OCTET_STRING *hashed_msg;
-} TS_MSG_IMPRINT;
-
-/*-
-TimeStampReq ::= SEQUENCE {
- version INTEGER { v1(1) },
- messageImprint MessageImprint,
- --a hash algorithm OID and the hash value of the data to be
- --time-stamped
- reqPolicy TSAPolicyId OPTIONAL,
- nonce INTEGER OPTIONAL,
- certReq BOOLEAN DEFAULT FALSE,
- extensions [0] IMPLICIT Extensions OPTIONAL }
-*/
-
-typedef struct TS_req_st {
- ASN1_INTEGER *version;
- TS_MSG_IMPRINT *msg_imprint;
- ASN1_OBJECT *policy_id; /* OPTIONAL */
- ASN1_INTEGER *nonce; /* OPTIONAL */
- ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */
- STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
-} TS_REQ;
-
-/*-
-Accuracy ::= SEQUENCE {
- seconds INTEGER OPTIONAL,
- millis [0] INTEGER (1..999) OPTIONAL,
- micros [1] INTEGER (1..999) OPTIONAL }
-*/
-
-typedef struct TS_accuracy_st {
- ASN1_INTEGER *seconds;
- ASN1_INTEGER *millis;
- ASN1_INTEGER *micros;
-} TS_ACCURACY;
-
-/*-
-TSTInfo ::= SEQUENCE {
- version INTEGER { v1(1) },
- policy TSAPolicyId,
- messageImprint MessageImprint,
- -- MUST have the same value as the similar field in
- -- TimeStampReq
- serialNumber INTEGER,
- -- Time-Stamping users MUST be ready to accommodate integers
- -- up to 160 bits.
- genTime GeneralizedTime,
- accuracy Accuracy OPTIONAL,
- ordering BOOLEAN DEFAULT FALSE,
- nonce INTEGER OPTIONAL,
- -- MUST be present if the similar field was present
- -- in TimeStampReq. In that case it MUST have the same value.
- tsa [0] GeneralName OPTIONAL,
- extensions [1] IMPLICIT Extensions OPTIONAL }
-*/
-
-typedef struct TS_tst_info_st {
- ASN1_INTEGER *version;
- ASN1_OBJECT *policy_id;
- TS_MSG_IMPRINT *msg_imprint;
- ASN1_INTEGER *serial;
- ASN1_GENERALIZEDTIME *time;
- TS_ACCURACY *accuracy;
- ASN1_BOOLEAN ordering;
- ASN1_INTEGER *nonce;
- GENERAL_NAME *tsa;
- STACK_OF(X509_EXTENSION) *extensions;
-} TS_TST_INFO;
-
-/*-
-PKIStatusInfo ::= SEQUENCE {
- status PKIStatus,
- statusString PKIFreeText OPTIONAL,
- failInfo PKIFailureInfo OPTIONAL }
-
-From RFC 1510 - section 3.1.1:
-PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
- -- text encoded as UTF-8 String (note: each UTF8String SHOULD
- -- include an RFC 1766 language tag to indicate the language
- -- of the contained text)
-*/
-
-/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
-
-# define TS_STATUS_GRANTED 0
-# define TS_STATUS_GRANTED_WITH_MODS 1
-# define TS_STATUS_REJECTION 2
-# define TS_STATUS_WAITING 3
-# define TS_STATUS_REVOCATION_WARNING 4
-# define TS_STATUS_REVOCATION_NOTIFICATION 5
-
-/*
- * Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c
- */
-
-# define TS_INFO_BAD_ALG 0
-# define TS_INFO_BAD_REQUEST 2
-# define TS_INFO_BAD_DATA_FORMAT 5
-# define TS_INFO_TIME_NOT_AVAILABLE 14
-# define TS_INFO_UNACCEPTED_POLICY 15
-# define TS_INFO_UNACCEPTED_EXTENSION 16
-# define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
-# define TS_INFO_SYSTEM_FAILURE 25
-
-typedef struct TS_status_info_st {
- ASN1_INTEGER *status;
- STACK_OF(ASN1_UTF8STRING) *text;
- ASN1_BIT_STRING *failure_info;
-} TS_STATUS_INFO;
-
-DECLARE_STACK_OF(ASN1_UTF8STRING)
-
-/*-
-TimeStampResp ::= SEQUENCE {
- status PKIStatusInfo,
- timeStampToken TimeStampToken OPTIONAL }
-*/
-
-typedef struct TS_resp_st {
- TS_STATUS_INFO *status_info;
- PKCS7 *token;
- TS_TST_INFO *tst_info;
-} TS_RESP;
-
-/* The structure below would belong to the ESS component. */
-
-/*-
-IssuerSerial ::= SEQUENCE {
- issuer GeneralNames,
- serialNumber CertificateSerialNumber
- }
-*/
-
-typedef struct ESS_issuer_serial {
- STACK_OF(GENERAL_NAME) *issuer;
- ASN1_INTEGER *serial;
-} ESS_ISSUER_SERIAL;
-
-/*-
-ESSCertID ::= SEQUENCE {
- certHash Hash,
- issuerSerial IssuerSerial OPTIONAL
-}
-*/
-
-typedef struct ESS_cert_id {
- ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
- ESS_ISSUER_SERIAL *issuer_serial;
-} ESS_CERT_ID;
-
-DECLARE_STACK_OF(ESS_CERT_ID)
-
-/*-
-SigningCertificate ::= SEQUENCE {
- certs SEQUENCE OF ESSCertID,
- policies SEQUENCE OF PolicyInformation OPTIONAL
-}
-*/
-
-typedef struct ESS_signing_cert {
- STACK_OF(ESS_CERT_ID) *cert_ids;
- STACK_OF(POLICYINFO) *policy_info;
-} ESS_SIGNING_CERT;
-
-TS_REQ *TS_REQ_new(void);
-void TS_REQ_free(TS_REQ *a);
-int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
-TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
-
-TS_REQ *TS_REQ_dup(TS_REQ *a);
-
-TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
-int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
-TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
-int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
-
-TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
-void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
-int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
- const unsigned char **pp, long length);
-
-TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
-
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
-int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
-int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
-
-TS_RESP *TS_RESP_new(void);
-void TS_RESP_free(TS_RESP *a);
-int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
-TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
-TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
-TS_RESP *TS_RESP_dup(TS_RESP *a);
-
-TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
-int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
-TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
-int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
-
-TS_STATUS_INFO *TS_STATUS_INFO_new(void);
-void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
-int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
-TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
- const unsigned char **pp, long length);
-TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
-
-TS_TST_INFO *TS_TST_INFO_new(void);
-void TS_TST_INFO_free(TS_TST_INFO *a);
-int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
-TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
- long length);
-TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
-
-TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
-int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
-TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
-int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
-
-TS_ACCURACY *TS_ACCURACY_new(void);
-void TS_ACCURACY_free(TS_ACCURACY *a);
-int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
-TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
- long length);
-TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
-
-ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
-void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
-int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp);
-ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
- const unsigned char **pp,
- long length);
-ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
-
-ESS_CERT_ID *ESS_CERT_ID_new(void);
-void ESS_CERT_ID_free(ESS_CERT_ID *a);
-int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
-ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
- long length);
-ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
-
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
-void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
-int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp);
-ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
- const unsigned char **pp, long length);
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
-
-void ERR_load_TS_strings(void);
-
-int TS_REQ_set_version(TS_REQ *a, long version);
-long TS_REQ_get_version(const TS_REQ *a);
-
-int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
-TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
-
-int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
-X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
-
-int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
-ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
-
-int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
-ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
-
-int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
-const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
-
-int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
-int TS_REQ_get_cert_req(const TS_REQ *a);
-
-STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
-void TS_REQ_ext_free(TS_REQ *a);
-int TS_REQ_get_ext_count(TS_REQ *a);
-int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
-int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
-int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
-X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
-X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
-int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
-void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
-
-/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
-
-int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
-
-/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
-
-int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
-TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
-
-/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
-void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
-PKCS7 *TS_RESP_get_token(TS_RESP *a);
-TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
-
-int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
-long TS_TST_INFO_get_version(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
-ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
-
-int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
-TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
-
-int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
-const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
-const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
-TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
-
-int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
-const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
-
-int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
-const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
-
-int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
-const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
-
-int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
-int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
-const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
-GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
-
-STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
-void TS_TST_INFO_ext_free(TS_TST_INFO *a);
-int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
-int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
-int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
-int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
-X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
-X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
-int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
-void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
-
-/*
- * Declarations related to response generation, defined in ts/ts_resp_sign.c.
- */
-
-/* Optional flags for response generation. */
-
-/* Don't include the TSA name in response. */
-# define TS_TSA_NAME 0x01
-
-/* Set ordering to true in response. */
-# define TS_ORDERING 0x02
-
-/*
- * Include the signer certificate and the other specified certificates in
- * the ESS signing certificate attribute beside the PKCS7 signed data.
- * Only the signer certificates is included by default.
- */
-# define TS_ESS_CERT_ID_CHAIN 0x04
-
-/* Forward declaration. */
-struct TS_resp_ctx;
-
-/* This must return a unique number less than 160 bits long. */
-typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
-
-/*
- * This must return the seconds and microseconds since Jan 1, 1970 in the sec
- * and usec variables allocated by the caller. Return non-zero for success
- * and zero for failure.
- */
-typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
- long *usec);
-
-/*
- * This must process the given extension. It can modify the TS_TST_INFO
- * object of the context. Return values: !0 (processed), 0 (error, it must
- * set the status info/failure info of the response).
- */
-typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
- void *);
-
-typedef struct TS_resp_ctx {
- X509 *signer_cert;
- EVP_PKEY *signer_key;
- STACK_OF(X509) *certs; /* Certs to include in signed data. */
- STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
- ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
- STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */
- ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */
- ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */
- ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */
- unsigned clock_precision_digits; /* fraction of seconds in time stamp
- * token. */
- unsigned flags; /* Optional info, see values above. */
- /* Callback functions. */
- TS_serial_cb serial_cb;
- void *serial_cb_data; /* User data for serial_cb. */
- TS_time_cb time_cb;
- void *time_cb_data; /* User data for time_cb. */
- TS_extension_cb extension_cb;
- void *extension_cb_data; /* User data for extension_cb. */
- /* These members are used only while creating the response. */
- TS_REQ *request;
- TS_RESP *response;
- TS_TST_INFO *tst_info;
-} TS_RESP_CTX;
-
-DECLARE_STACK_OF(EVP_MD)
-
-/* Creates a response context that can be used for generating responses. */
-TS_RESP_CTX *TS_RESP_CTX_new(void);
-void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
-
-/* No additional certs are included in the response by default. */
-int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
-
-/*
- * Adds a new acceptable policy, only the default policy is accepted by
- * default.
- */
-int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
-
-/*
- * Adds a new acceptable message digest. Note that no message digests are
- * accepted by default. The md argument is shared with the caller.
- */
-int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
-
-/* Accuracy is not included by default. */
-int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
- int secs, int millis, int micros);
-
-/*
- * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
- * '3' msec, '6' usec, and so on. Default is 0.
- */
-int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
- unsigned clock_precision_digits);
-/* At most we accept usec precision. */
-# define TS_MAX_CLOCK_PRECISION_DIGITS 6
-
-/* No flags are set by default. */
-void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
-
-/* Default callback always returns a constant. */
-void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
-
-/* Default callback uses the gettimeofday() and gmtime() system calls. */
-void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
-
-/*
- * Default callback rejects all extensions. The extension callback is called
- * when the TS_TST_INFO object is already set up and not signed yet.
- */
-/* FIXME: extension handling is not tested yet. */
-void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
- TS_extension_cb cb, void *data);
-
-/* The following methods can be used in the callbacks. */
-int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
- int status, const char *text);
-
-/* Sets the status info only if it is still TS_STATUS_GRANTED. */
-int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
- int status, const char *text);
-
-int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
-
-/* The get methods below can be used in the extension callback. */
-TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
-
-TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
-
-/*
- * Creates the signed TS_TST_INFO and puts it in TS_RESP.
- * In case of errors it sets the status info properly.
- * Returns NULL only in case of memory allocation/fatal error.
- */
-TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
-
-/*
- * Declarations related to response verification,
- * they are defined in ts/ts_resp_verify.c.
- */
-
-int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
- X509_STORE *store, X509 **signer_out);
-
-/* Context structure for the generic verify method. */
-
-/* Verify the signer's certificate and the signature of the response. */
-# define TS_VFY_SIGNATURE (1u << 0)
-/* Verify the version number of the response. */
-# define TS_VFY_VERSION (1u << 1)
-/* Verify if the policy supplied by the user matches the policy of the TSA. */
-# define TS_VFY_POLICY (1u << 2)
-/*
- * Verify the message imprint provided by the user. This flag should not be
- * specified with TS_VFY_DATA.
- */
-# define TS_VFY_IMPRINT (1u << 3)
-/*
- * Verify the message imprint computed by the verify method from the user
- * provided data and the MD algorithm of the response. This flag should not
- * be specified with TS_VFY_IMPRINT.
- */
-# define TS_VFY_DATA (1u << 4)
-/* Verify the nonce value. */
-# define TS_VFY_NONCE (1u << 5)
-/* Verify if the TSA name field matches the signer certificate. */
-# define TS_VFY_SIGNER (1u << 6)
-/* Verify if the TSA name field equals to the user provided name. */
-# define TS_VFY_TSA_NAME (1u << 7)
-
-/* You can use the following convenience constants. */
-# define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \
- | TS_VFY_VERSION \
- | TS_VFY_POLICY \
- | TS_VFY_IMPRINT \
- | TS_VFY_NONCE \
- | TS_VFY_SIGNER \
- | TS_VFY_TSA_NAME)
-# define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \
- | TS_VFY_VERSION \
- | TS_VFY_POLICY \
- | TS_VFY_DATA \
- | TS_VFY_NONCE \
- | TS_VFY_SIGNER \
- | TS_VFY_TSA_NAME)
-
-typedef struct TS_verify_ctx {
- /* Set this to the union of TS_VFY_... flags you want to carry out. */
- unsigned flags;
- /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
- X509_STORE *store;
- STACK_OF(X509) *certs;
- /* Must be set only with TS_VFY_POLICY. */
- ASN1_OBJECT *policy;
- /*
- * Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the
- * algorithm from the response is used.
- */
- X509_ALGOR *md_alg;
- unsigned char *imprint;
- unsigned imprint_len;
- /* Must be set only with TS_VFY_DATA. */
- BIO *data;
- /* Must be set only with TS_VFY_TSA_NAME. */
- ASN1_INTEGER *nonce;
- /* Must be set only with TS_VFY_TSA_NAME. */
- GENERAL_NAME *tsa_name;
-} TS_VERIFY_CTX;
-
-int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
-int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
-
-/*
- * Declarations related to response verification context,
- * they are defined in ts/ts_verify_ctx.c.
- */
-
-/* Set all fields to zero. */
-TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
-void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
-void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
-void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
-
-/*-
- * If ctx is NULL, it allocates and returns a new object, otherwise
- * it returns ctx. It initialises all the members as follows:
- * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
- * certs = NULL
- * store = NULL
- * policy = policy from the request or NULL if absent (in this case
- * TS_VFY_POLICY is cleared from flags as well)
- * md_alg = MD algorithm from request
- * imprint, imprint_len = imprint from request
- * data = NULL
- * nonce, nonce_len = nonce from the request or NULL if absent (in this case
- * TS_VFY_NONCE is cleared from flags as well)
- * tsa_name = NULL
- * Important: after calling this method TS_VFY_SIGNATURE should be added!
- */
-TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
-
-/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
-
-int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
-int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
-int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
-
-/* Common utility functions defined in ts/ts_lib.c */
-
-int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
-int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
-int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
-int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
-int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
-
-/*
- * Function declarations for handling configuration options, defined in
- * ts/ts_conf.c
- */
-
-X509 *TS_CONF_load_cert(const char *file);
-STACK_OF(X509) *TS_CONF_load_certs(const char *file);
-EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
-const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
-int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
- TS_RESP_CTX *ctx);
-int TS_CONF_set_crypto_device(CONF *conf, const char *section,
- const char *device);
-int TS_CONF_set_default_engine(const char *name);
-int TS_CONF_set_signer_cert(CONF *conf, const char *section,
- const char *cert, TS_RESP_CTX *ctx);
-int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
- TS_RESP_CTX *ctx);
-int TS_CONF_set_signer_key(CONF *conf, const char *section,
- const char *key, const char *pass,
- TS_RESP_CTX *ctx);
-int TS_CONF_set_def_policy(CONF *conf, const char *section,
- const char *policy, TS_RESP_CTX *ctx);
-int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
- TS_RESP_CTX *ctx);
-int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
- TS_RESP_CTX *ctx);
-
-/* -------------------------------------------------- */
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_TS_strings(void);
-
-/* Error codes for the TS functions. */
-
-/* Function codes. */
-# define TS_F_D2I_TS_RESP 147
-# define TS_F_DEF_SERIAL_CB 110
-# define TS_F_DEF_TIME_CB 111
-# define TS_F_ESS_ADD_SIGNING_CERT 112
-# define TS_F_ESS_CERT_ID_NEW_INIT 113
-# define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
-# define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
-# define TS_F_PKCS7_TO_TS_TST_INFO 148
-# define TS_F_TS_ACCURACY_SET_MICROS 115
-# define TS_F_TS_ACCURACY_SET_MILLIS 116
-# define TS_F_TS_ACCURACY_SET_SECONDS 117
-# define TS_F_TS_CHECK_IMPRINTS 100
-# define TS_F_TS_CHECK_NONCES 101
-# define TS_F_TS_CHECK_POLICY 102
-# define TS_F_TS_CHECK_SIGNING_CERTS 103
-# define TS_F_TS_CHECK_STATUS_INFO 104
-# define TS_F_TS_COMPUTE_IMPRINT 145
-# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
-# define TS_F_TS_GET_STATUS_TEXT 105
-# define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
-# define TS_F_TS_REQ_SET_MSG_IMPRINT 119
-# define TS_F_TS_REQ_SET_NONCE 120
-# define TS_F_TS_REQ_SET_POLICY_ID 121
-# define TS_F_TS_RESP_CREATE_RESPONSE 122
-# define TS_F_TS_RESP_CREATE_TST_INFO 123
-# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
-# define TS_F_TS_RESP_CTX_ADD_MD 125
-# define TS_F_TS_RESP_CTX_ADD_POLICY 126
-# define TS_F_TS_RESP_CTX_NEW 127
-# define TS_F_TS_RESP_CTX_SET_ACCURACY 128
-# define TS_F_TS_RESP_CTX_SET_CERTS 129
-# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
-# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
-# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
-# define TS_F_TS_RESP_GET_POLICY 133
-# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
-# define TS_F_TS_RESP_SET_STATUS_INFO 135
-# define TS_F_TS_RESP_SET_TST_INFO 150
-# define TS_F_TS_RESP_SIGN 136
-# define TS_F_TS_RESP_VERIFY_SIGNATURE 106
-# define TS_F_TS_RESP_VERIFY_TOKEN 107
-# define TS_F_TS_TST_INFO_SET_ACCURACY 137
-# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
-# define TS_F_TS_TST_INFO_SET_NONCE 139
-# define TS_F_TS_TST_INFO_SET_POLICY_ID 140
-# define TS_F_TS_TST_INFO_SET_SERIAL 141
-# define TS_F_TS_TST_INFO_SET_TIME 142
-# define TS_F_TS_TST_INFO_SET_TSA 143
-# define TS_F_TS_VERIFY 108
-# define TS_F_TS_VERIFY_CERT 109
-# define TS_F_TS_VERIFY_CTX_NEW 144
-
-/* Reason codes. */
-# define TS_R_BAD_PKCS7_TYPE 132
-# define TS_R_BAD_TYPE 133
-# define TS_R_CERTIFICATE_VERIFY_ERROR 100
-# define TS_R_COULD_NOT_SET_ENGINE 127
-# define TS_R_COULD_NOT_SET_TIME 115
-# define TS_R_D2I_TS_RESP_INT_FAILED 128
-# define TS_R_DETACHED_CONTENT 134
-# define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
-# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
-# define TS_R_INVALID_NULL_POINTER 102
-# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
-# define TS_R_MESSAGE_IMPRINT_MISMATCH 103
-# define TS_R_NONCE_MISMATCH 104
-# define TS_R_NONCE_NOT_RETURNED 105
-# define TS_R_NO_CONTENT 106
-# define TS_R_NO_TIME_STAMP_TOKEN 107
-# define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
-# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
-# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
-# define TS_R_POLICY_MISMATCH 108
-# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
-# define TS_R_RESPONSE_SETUP_ERROR 121
-# define TS_R_SIGNATURE_FAILURE 109
-# define TS_R_THERE_MUST_BE_ONE_SIGNER 110
-# define TS_R_TIME_SYSCALL_ERROR 122
-# define TS_R_TOKEN_NOT_PRESENT 130
-# define TS_R_TOKEN_PRESENT 131
-# define TS_R_TSA_NAME_MISMATCH 111
-# define TS_R_TSA_UNTRUSTED 112
-# define TS_R_TST_INFO_SETUP_ERROR 123
-# define TS_R_TS_DATASIGN 124
-# define TS_R_UNACCEPTABLE_POLICY 125
-# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
-# define TS_R_UNSUPPORTED_VERSION 113
-# define TS_R_WRONG_CONTENT_TYPE 114
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/txt_db/txt_db.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_TXT_DB_H
-# define HEADER_TXT_DB_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/bio.h>
-# include <openssl/stack.h>
-# include <openssl/lhash.h>
-
-# define DB_ERROR_OK 0
-# define DB_ERROR_MALLOC 1
-# define DB_ERROR_INDEX_CLASH 2
-# define DB_ERROR_INDEX_OUT_OF_RANGE 3
-# define DB_ERROR_NO_INDEX 4
-# define DB_ERROR_INSERT_INDEX_CLASH 5
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef OPENSSL_STRING *OPENSSL_PSTRING;
-DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
-
-typedef struct txt_db_st {
- int num_fields;
- STACK_OF(OPENSSL_PSTRING) *data;
- LHASH_OF(OPENSSL_STRING) **index;
- int (**qual) (OPENSSL_STRING *);
- long error;
- long arg1;
- long arg2;
- OPENSSL_STRING *arg_row;
-} TXT_DB;
-
-TXT_DB *TXT_DB_read(BIO *in, int num);
-long TXT_DB_write(BIO *out, TXT_DB *db);
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
- LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
-void TXT_DB_free(TXT_DB *db);
-OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
- OPENSSL_STRING *value);
-int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_H
-# define HEADER_UI_H
-
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/crypto.h>
-# endif
-# include <openssl/safestack.h>
-# include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Declared already in ossl_typ.h */
-/* typedef struct ui_st UI; */
-/* typedef struct ui_method_st UI_METHOD; */
-
-/*
- * All the following functions return -1 or NULL on error and in some cases
- * (UI_process()) -2 if interrupted or in some other way cancelled. When
- * everything is fine, they return 0, a positive value or a non-NULL pointer,
- * all depending on their purpose.
- */
-
-/* Creators and destructor. */
-UI *UI_new(void);
-UI *UI_new_method(const UI_METHOD *method);
-void UI_free(UI *ui);
-
-/*-
- The following functions are used to add strings to be printed and prompt
- strings to prompt for data. The names are UI_{add,dup}_<function>_string
- and UI_{add,dup}_input_boolean.
-
- UI_{add,dup}_<function>_string have the following meanings:
- add add a text or prompt string. The pointers given to these
- functions are used verbatim, no copying is done.
- dup make a copy of the text or prompt string, then add the copy
- to the collection of strings in the user interface.
- <function>
- The function is a name for the functionality that the given
- string shall be used for. It can be one of:
- input use the string as data prompt.
- verify use the string as verification prompt. This
- is used to verify a previous input.
- info use the string for informational output.
- error use the string for error output.
- Honestly, there's currently no difference between info and error for the
- moment.
-
- UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
- and are typically used when one wants to prompt for a yes/no response.
-
- All of the functions in this group take a UI and a prompt string.
- The string input and verify addition functions also take a flag argument,
- a buffer for the result to end up with, a minimum input size and a maximum
- input size (the result buffer MUST be large enough to be able to contain
- the maximum number of characters). Additionally, the verify addition
- functions takes another buffer to compare the result against.
- The boolean input functions take an action description string (which should
- be safe to ignore if the expected user action is obvious, for example with
- a dialog box with an OK button and a Cancel button), a string of acceptable
- characters to mean OK and to mean Cancel. The two last strings are checked
- to make sure they don't have common characters. Additionally, the same
- flag argument as for the string input is taken, as well as a result buffer.
- The result buffer is required to be at least one byte long. Depending on
- the answer, the first character from the OK or the Cancel character strings
- will be stored in the first byte of the result buffer. No NUL will be
- added, so the result is *not* a string.
-
- On success, the all return an index of the added information. That index
- is usefull when retrieving results with UI_get0_result(). */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize);
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize);
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize,
- const char *test_buf);
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
- char *result_buf, int minsize, int maxsize,
- const char *test_buf);
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
- const char *ok_chars, const char *cancel_chars,
- int flags, char *result_buf);
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
- const char *ok_chars, const char *cancel_chars,
- int flags, char *result_buf);
-int UI_add_info_string(UI *ui, const char *text);
-int UI_dup_info_string(UI *ui, const char *text);
-int UI_add_error_string(UI *ui, const char *text);
-int UI_dup_error_string(UI *ui, const char *text);
-
-/* These are the possible flags. They can be or'ed together. */
-/* Use to have echoing of input */
-# define UI_INPUT_FLAG_ECHO 0x01
-/*
- * Use a default password. Where that password is found is completely up to
- * the application, it might for example be in the user data set with
- * UI_add_user_data(). It is not recommended to have more than one input in
- * each UI being marked with this flag, or the application might get
- * confused.
- */
-# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
-
-/*-
- * The user of these routines may want to define flags of their own. The core
- * UI won't look at those, but will pass them on to the method routines. They
- * must use higher bits so they don't get confused with the UI bits above.
- * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
- * example of use is this:
- *
- * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
- *
-*/
-# define UI_INPUT_FLAG_USER_BASE 16
-
-/*-
- * The following function helps construct a prompt. object_desc is a
- * textual short description of the object, for example "pass phrase",
- * and object_name is the name of the object (might be a card name or
- * a file name.
- * The returned string shall always be allocated on the heap with
- * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
- *
- * If the ui_method doesn't contain a pointer to a user-defined prompt
- * constructor, a default string is built, looking like this:
- *
- * "Enter {object_desc} for {object_name}:"
- *
- * So, if object_desc has the value "pass phrase" and object_name has
- * the value "foo.key", the resulting string is:
- *
- * "Enter pass phrase for foo.key:"
-*/
-char *UI_construct_prompt(UI *ui_method,
- const char *object_desc, const char *object_name);
-
-/*
- * The following function is used to store a pointer to user-specific data.
- * Any previous such pointer will be returned and replaced.
- *
- * For callback purposes, this function makes a lot more sense than using
- * ex_data, since the latter requires that different parts of OpenSSL or
- * applications share the same ex_data index.
- *
- * Note that the UI_OpenSSL() method completely ignores the user data. Other
- * methods may not, however.
- */
-void *UI_add_user_data(UI *ui, void *user_data);
-/* We need a user data retrieving function as well. */
-void *UI_get0_user_data(UI *ui);
-
-/* Return the result associated with a prompt given with the index i. */
-const char *UI_get0_result(UI *ui, int i);
-
-/* When all strings have been added, process the whole thing. */
-int UI_process(UI *ui);
-
-/*
- * Give a user interface parametrised control commands. This can be used to
- * send down an integer, a data pointer or a function pointer, as well as be
- * used to get information from a UI.
- */
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
-
-/* The commands */
-/*
- * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
- * OpenSSL error stack before printing any info or added error messages and
- * before any prompting.
- */
-# define UI_CTRL_PRINT_ERRORS 1
-/*
- * Check if a UI_process() is possible to do again with the same instance of
- * a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
- * if not.
- */
-# define UI_CTRL_IS_REDOABLE 2
-
-/* Some methods may use extra data */
-# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
-# define UI_get_app_data(s) UI_get_ex_data(s,0)
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int UI_set_ex_data(UI *r, int idx, void *arg);
-void *UI_get_ex_data(UI *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-void UI_set_default_method(const UI_METHOD *meth);
-const UI_METHOD *UI_get_default_method(void);
-const UI_METHOD *UI_get_method(UI *ui);
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void);
-
-/* ---------- For method writers ---------- */
-/*-
- A method contains a number of functions that implement the low level
- of the User Interface. The functions are:
-
- an opener This function starts a session, maybe by opening
- a channel to a tty, or by opening a window.
- a writer This function is called to write a given string,
- maybe to the tty, maybe as a field label in a
- window.
- a flusher This function is called to flush everything that
- has been output so far. It can be used to actually
- display a dialog box after it has been built.
- a reader This function is called to read a given prompt,
- maybe from the tty, maybe from a field in a
- window. Note that it's called wth all string
- structures, not only the prompt ones, so it must
- check such things itself.
- a closer This function closes the session, maybe by closing
- the channel to the tty, or closing the window.
-
- All these functions are expected to return:
-
- 0 on error.
- 1 on success.
- -1 on out-of-band events, for example if some prompting has
- been canceled (by pressing Ctrl-C, for example). This is
- only checked when returned by the flusher or the reader.
-
- The way this is used, the opener is first called, then the writer for all
- strings, then the flusher, then the reader for all strings and finally the
- closer. Note that if you want to prompt from a terminal or other command
- line interface, the best is to have the reader also write the prompts
- instead of having the writer do it. If you want to prompt from a dialog
- box, the writer can be used to build up the contents of the box, and the
- flusher to actually display the box and run the event loop until all data
- has been given, after which the reader only grabs the given data and puts
- them back into the UI strings.
-
- All method functions take a UI as argument. Additionally, the writer and
- the reader take a UI_STRING.
-*/
-
-/*
- * The UI_STRING type is the data structure that contains all the needed info
- * about a string or a prompt, including test data for a verification prompt.
- */
-typedef struct ui_string_st UI_STRING;
-DECLARE_STACK_OF(UI_STRING)
-
-/*
- * The different types of strings that are currently supported. This is only
- * needed by method authors.
- */
-enum UI_string_types {
- UIT_NONE = 0,
- UIT_PROMPT, /* Prompt for a string */
- UIT_VERIFY, /* Prompt for a string and verify */
- UIT_BOOLEAN, /* Prompt for a yes/no response */
- UIT_INFO, /* Send info to the user */
- UIT_ERROR /* Send an error message to the user */
-};
-
-/* Create and manipulate methods */
-UI_METHOD *UI_create_method(char *name);
-void UI_destroy_method(UI_METHOD *ui_method);
-int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
-int UI_method_set_writer(UI_METHOD *method,
- int (*writer) (UI *ui, UI_STRING *uis));
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
-int UI_method_set_reader(UI_METHOD *method,
- int (*reader) (UI *ui, UI_STRING *uis));
-int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
-int UI_method_set_prompt_constructor(UI_METHOD *method,
- char *(*prompt_constructor) (UI *ui,
- const char
- *object_desc,
- const char
- *object_name));
-int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
-int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
-int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
-int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
-int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
-char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
- const char *,
- const char *);
-
-/*
- * The following functions are helpers for method writers to access relevant
- * data from a UI_STRING.
- */
-
-/* Return type of the UI_STRING */
-enum UI_string_types UI_get_string_type(UI_STRING *uis);
-/* Return input flags of the UI_STRING */
-int UI_get_input_flags(UI_STRING *uis);
-/* Return the actual string to output (the prompt, info or error) */
-const char *UI_get0_output_string(UI_STRING *uis);
-/*
- * Return the optional action string to output (the boolean promtp
- * instruction)
- */
-const char *UI_get0_action_string(UI_STRING *uis);
-/* Return the result of a prompt */
-const char *UI_get0_result_string(UI_STRING *uis);
-/*
- * Return the string to test the result against. Only useful with verifies.
- */
-const char *UI_get0_test_string(UI_STRING *uis);
-/* Return the required minimum size of the result */
-int UI_get_result_minsize(UI_STRING *uis);
-/* Return the required maximum size of the result */
-int UI_get_result_maxsize(UI_STRING *uis);
-/* Set the result of a UI_STRING. */
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
-
-/* A couple of popular utility functions */
-int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
- int verify);
-int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
- int verify);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_UI_strings(void);
-
-/* Error codes for the UI functions. */
-
-/* Function codes. */
-# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
-# define UI_F_GENERAL_ALLOCATE_PROMPT 109
-# define UI_F_GENERAL_ALLOCATE_STRING 100
-# define UI_F_UI_CTRL 111
-# define UI_F_UI_DUP_ERROR_STRING 101
-# define UI_F_UI_DUP_INFO_STRING 102
-# define UI_F_UI_DUP_INPUT_BOOLEAN 110
-# define UI_F_UI_DUP_INPUT_STRING 103
-# define UI_F_UI_DUP_VERIFY_STRING 106
-# define UI_F_UI_GET0_RESULT 107
-# define UI_F_UI_NEW_METHOD 104
-# define UI_F_UI_SET_RESULT 105
-
-/* Reason codes. */
-# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
-# define UI_R_INDEX_TOO_LARGE 102
-# define UI_R_INDEX_TOO_SMALL 103
-# define UI_R_NO_RESULT_BUFFER 105
-# define UI_R_RESULT_TOO_LARGE 100
-# define UI_R_RESULT_TOO_SMALL 101
-# define UI_R_UNKNOWN_CONTROL_COMMAND 106
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-#ifndef HEADER_WHRLPOOL_H
-# define HEADER_WHRLPOOL_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define WHIRLPOOL_DIGEST_LENGTH (512/8)
-# define WHIRLPOOL_BBLOCK 512
-# define WHIRLPOOL_COUNTER (256/8)
-
-typedef struct {
- union {
- unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
- /* double q is here to ensure 64-bit alignment */
- double q[WHIRLPOOL_DIGEST_LENGTH / sizeof(double)];
- } H;
- unsigned char data[WHIRLPOOL_BBLOCK / 8];
- unsigned int bitoff;
- size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
-} WHIRLPOOL_CTX;
-
-# ifndef OPENSSL_NO_WHIRLPOOL
-int WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
-int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *inp, size_t bytes);
-void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp, size_t bits);
-int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c);
-unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md);
-# endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
- * ====================================================================
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/whrlpool.h>
-#include <openssl/crypto.h>
-
-#if defined(OPENSSL_NO_WHIRLPOOL)
-int main(int argc, char *argv[])
-{
- printf("No Whirlpool support\n");
- return (0);
-}
-#else
-
-/* ISO/IEC 10118-3 test vector set */
-unsigned char iso_test_1[WHIRLPOOL_DIGEST_LENGTH] = {
- 0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66,
- 0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26,
- 0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8,
- 0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7,
- 0x3E, 0x83, 0xBE, 0x69, 0x8B, 0x28, 0x8F, 0xEB,
- 0xCF, 0x88, 0xE3, 0xE0, 0x3C, 0x4F, 0x07, 0x57,
- 0xEA, 0x89, 0x64, 0xE5, 0x9B, 0x63, 0xD9, 0x37,
- 0x08, 0xB1, 0x38, 0xCC, 0x42, 0xA6, 0x6E, 0xB3
-};
-
-unsigned char iso_test_2[WHIRLPOOL_DIGEST_LENGTH] = {
- 0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F,
- 0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7,
- 0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69,
- 0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42,
- 0xD1, 0x1B, 0xC6, 0x45, 0x41, 0x3A, 0xEF, 0xF6,
- 0x3A, 0x42, 0x39, 0x1A, 0x39, 0x14, 0x5A, 0x59,
- 0x1A, 0x92, 0x20, 0x0D, 0x56, 0x01, 0x95, 0xE5,
- 0x3B, 0x47, 0x85, 0x84, 0xFD, 0xAE, 0x23, 0x1A
-};
-
-unsigned char iso_test_3[WHIRLPOOL_DIGEST_LENGTH] = {
- 0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB,
- 0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B,
- 0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72,
- 0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C,
- 0x71, 0x81, 0xEE, 0xBD, 0xB6, 0xC5, 0x7E, 0x27,
- 0x7D, 0x0E, 0x34, 0x95, 0x71, 0x14, 0xCB, 0xD6,
- 0xC7, 0x97, 0xFC, 0x9D, 0x95, 0xD8, 0xB5, 0x82,
- 0xD2, 0x25, 0x29, 0x20, 0x76, 0xD4, 0xEE, 0xF5
-};
-
-unsigned char iso_test_4[WHIRLPOOL_DIGEST_LENGTH] = {
- 0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6,
- 0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC,
- 0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C,
- 0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B,
- 0x84, 0x21, 0x55, 0x76, 0x59, 0xEF, 0x55, 0xC1,
- 0x06, 0xB4, 0xB5, 0x2A, 0xC5, 0xA4, 0xAA, 0xA6,
- 0x92, 0xED, 0x92, 0x00, 0x52, 0x83, 0x8F, 0x33,
- 0x62, 0xE8, 0x6D, 0xBD, 0x37, 0xA8, 0x90, 0x3E
-};
-
-unsigned char iso_test_5[WHIRLPOOL_DIGEST_LENGTH] = {
- 0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9,
- 0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A,
- 0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5,
- 0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B,
- 0x08, 0xBF, 0x2A, 0x92, 0x51, 0xC3, 0x0B, 0x6A,
- 0x0B, 0x8A, 0xAE, 0x86, 0x17, 0x7A, 0xB4, 0xA6,
- 0xF6, 0x8F, 0x67, 0x3E, 0x72, 0x07, 0x86, 0x5D,
- 0x5D, 0x98, 0x19, 0xA3, 0xDB, 0xA4, 0xEB, 0x3B
-};
-
-unsigned char iso_test_6[WHIRLPOOL_DIGEST_LENGTH] = {
- 0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B,
- 0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90,
- 0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC,
- 0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E,
- 0x08, 0xEB, 0xA2, 0x66, 0x29, 0x12, 0x9D, 0x8F,
- 0xB7, 0xCB, 0x57, 0x21, 0x1B, 0x92, 0x81, 0xA6,
- 0x55, 0x17, 0xCC, 0x87, 0x9D, 0x7B, 0x96, 0x21,
- 0x42, 0xC6, 0x5F, 0x5A, 0x7A, 0xF0, 0x14, 0x67
-};
-
-unsigned char iso_test_7[WHIRLPOOL_DIGEST_LENGTH] = {
- 0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D,
- 0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0,
- 0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6,
- 0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29,
- 0x4D, 0x5B, 0xD8, 0xDF, 0x2A, 0x6C, 0x44, 0xE5,
- 0x38, 0xCD, 0x04, 0x7B, 0x26, 0x81, 0xA5, 0x1A,
- 0x2C, 0x60, 0x48, 0x1E, 0x88, 0xC5, 0xA2, 0x0B,
- 0x2C, 0x2A, 0x80, 0xCF, 0x3A, 0x9A, 0x08, 0x3B
-};
-
-unsigned char iso_test_8[WHIRLPOOL_DIGEST_LENGTH] = {
- 0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61,
- 0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48,
- 0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62,
- 0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69,
- 0x16, 0xBD, 0xC8, 0x03, 0x1B, 0xC5, 0xBE, 0x1B,
- 0x7B, 0x94, 0x76, 0x39, 0xFE, 0x05, 0x0B, 0x56,
- 0x93, 0x9B, 0xAA, 0xA0, 0xAD, 0xFF, 0x9A, 0xE6,
- 0x74, 0x5B, 0x7B, 0x18, 0x1C, 0x3B, 0xE3, 0xFD
-};
-
-unsigned char iso_test_9[WHIRLPOOL_DIGEST_LENGTH] = {
- 0x0C, 0x99, 0x00, 0x5B, 0xEB, 0x57, 0xEF, 0xF5,
- 0x0A, 0x7C, 0xF0, 0x05, 0x56, 0x0D, 0xDF, 0x5D,
- 0x29, 0x05, 0x7F, 0xD8, 0x6B, 0x20, 0xBF, 0xD6,
- 0x2D, 0xEC, 0xA0, 0xF1, 0xCC, 0xEA, 0x4A, 0xF5,
- 0x1F, 0xC1, 0x54, 0x90, 0xED, 0xDC, 0x47, 0xAF,
- 0x32, 0xBB, 0x2B, 0x66, 0xC3, 0x4F, 0xF9, 0xAD,
- 0x8C, 0x60, 0x08, 0xAD, 0x67, 0x7F, 0x77, 0x12,
- 0x69, 0x53, 0xB2, 0x26, 0xE4, 0xED, 0x8B, 0x01
-};
-
-int main(int argc, char *argv[])
-{
- unsigned char md[WHIRLPOOL_DIGEST_LENGTH];
- int i;
- WHIRLPOOL_CTX ctx;
-
-# ifdef OPENSSL_IA32_SSE2
- /*
- * Alternative to this is to call OpenSSL_add_all_algorithms... The below
- * code is retained exclusively for debugging purposes.
- */
- {
- char *env;
-
- if ((env = getenv("OPENSSL_ia32cap")))
- OPENSSL_ia32cap = strtoul(env, NULL, 0);
- }
-# endif
-
- fprintf(stdout, "Testing Whirlpool ");
-
- WHIRLPOOL("", 0, md);
- if (memcmp(md, iso_test_1, sizeof(iso_test_1))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 1 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL("a", 1, md);
- if (memcmp(md, iso_test_2, sizeof(iso_test_2))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 2 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL("abc", 3, md);
- if (memcmp(md, iso_test_3, sizeof(iso_test_3))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 3 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL("message digest", 14, md);
- if (memcmp(md, iso_test_4, sizeof(iso_test_4))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 4 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL("abcdefghijklmnopqrstuvwxyz", 26, md);
- if (memcmp(md, iso_test_5, sizeof(iso_test_5))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 5 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "abcdefghijklmnopqrstuvwxyz" "0123456789", 62, md);
- if (memcmp(md, iso_test_6, sizeof(iso_test_6))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 6 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL("1234567890" "1234567890" "1234567890" "1234567890"
- "1234567890" "1234567890" "1234567890" "1234567890", 80, md);
- if (memcmp(md, iso_test_7, sizeof(iso_test_7))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 7 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL("abcdbcdecdefdefgefghfghighijhijk", 32, md);
- if (memcmp(md, iso_test_8, sizeof(iso_test_8))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 8 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- WHIRLPOOL_Init(&ctx);
- for (i = 0; i < 1000000; i += 288)
- WHIRLPOOL_Update(&ctx, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
- "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
- (1000000 - i) < 288 ? 1000000 - i : 288);
- WHIRLPOOL_Final(md, &ctx);
- if (memcmp(md, iso_test_9, sizeof(iso_test_9))) {
- fflush(stdout);
- fprintf(stderr, "\nTEST 9 of 9 failed.\n");
- return 1;
- } else
- fprintf(stdout, ".");
- fflush(stdout);
-
- fprintf(stdout, " passed.\n");
- fflush(stdout);
-
- return 0;
-}
-#endif
+++ /dev/null
-/* crypto/x509/x509.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_X509_H
-# define HEADER_X509_H
-
-# include <openssl/e_os2.h>
-# include <openssl/symhacks.h>
-# include <openssl/buffer.h>
-# include <openssl/evp.h>
-# include <openssl/bio.h>
-# include <openssl/stack.h>
-# include <openssl/asn1.h>
-# include <openssl/safestack.h>
-
-# ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-# include <openssl/ecdsa.h>
-# include <openssl/ecdh.h>
-# endif
-
-# ifdef OPENSSL_USE_DEPRECATED
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# endif
-# ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-# endif
-# endif
-
-# include <openssl/sha.h>
-# include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_SYS_WIN32
-/* Under Win32 these are defined in wincrypt.h */
-# undef X509_NAME
-# undef X509_EXTENSIONS
-# endif
-
-# define X509_FILETYPE_PEM 1
-# define X509_FILETYPE_ASN1 2
-# define X509_FILETYPE_DEFAULT 3
-
-# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
-# define X509v3_KU_NON_REPUDIATION 0x0040
-# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
-# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
-# define X509v3_KU_KEY_AGREEMENT 0x0008
-# define X509v3_KU_KEY_CERT_SIGN 0x0004
-# define X509v3_KU_CRL_SIGN 0x0002
-# define X509v3_KU_ENCIPHER_ONLY 0x0001
-# define X509v3_KU_DECIPHER_ONLY 0x8000
-# define X509v3_KU_UNDEF 0xffff
-
-typedef struct X509_objects_st {
- int nid;
- int (*a2i) (void);
- int (*i2a) (void);
-} X509_OBJECTS;
-
-struct X509_algor_st {
- ASN1_OBJECT *algorithm;
- ASN1_TYPE *parameter;
-} /* X509_ALGOR */ ;
-
-typedef STACK_OF(X509_ALGOR) X509_ALGORS;
-
-typedef struct X509_val_st {
- ASN1_TIME *notBefore;
- ASN1_TIME *notAfter;
-} X509_VAL;
-
-struct X509_pubkey_st {
- X509_ALGOR *algor;
- ASN1_BIT_STRING *public_key;
- EVP_PKEY *pkey;
-};
-
-typedef struct X509_sig_st {
- X509_ALGOR *algor;
- ASN1_OCTET_STRING *digest;
-} X509_SIG;
-
-typedef struct X509_name_entry_st X509_NAME_ENTRY;
-
-DECLARE_STACK_OF(X509_NAME_ENTRY)
-
-DECLARE_STACK_OF(X509_NAME)
-
-# define X509_EX_V_NETSCAPE_HACK 0x8000
-# define X509_EX_V_INIT 0x0001
-typedef struct X509_extension_st X509_EXTENSION;
-
-typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
-
-DECLARE_STACK_OF(X509_EXTENSION)
-
-typedef struct x509_attributes_st X509_ATTRIBUTE;
-
-DECLARE_STACK_OF(X509_ATTRIBUTE)
-
-typedef struct X509_req_info_st {
- ASN1_ENCODING enc;
- ASN1_INTEGER *version;
- X509_NAME *subject;
- X509_PUBKEY *pubkey;
- /* d=2 hl=2 l= 0 cons: cont: 00 */
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} X509_REQ_INFO;
-
-typedef struct X509_req_st {
- X509_REQ_INFO *req_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
-} X509_REQ;
-
-typedef struct x509_cinf_st {
- ASN1_INTEGER *version; /* [ 0 ] default of v1 */
- ASN1_INTEGER *serialNumber;
- X509_ALGOR *signature;
- X509_NAME *issuer;
- X509_VAL *validity;
- X509_NAME *subject;
- X509_PUBKEY *key;
- ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
- ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
- STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
- ASN1_ENCODING enc;
-} X509_CINF;
-
-/*
- * This stuff is certificate "auxiliary info" it contains details which are
- * useful in certificate stores and databases. When used this is tagged onto
- * the end of the certificate itself
- */
-
-typedef struct x509_cert_aux_st {
- STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
- STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
- ASN1_UTF8STRING *alias; /* "friendly name" */
- ASN1_OCTET_STRING *keyid; /* key id of private key */
- STACK_OF(X509_ALGOR) *other; /* other unspecified info */
-} X509_CERT_AUX;
-
-struct x509_st {
- X509_CINF *cert_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int valid;
- int references;
- char *name;
- CRYPTO_EX_DATA ex_data;
- /* These contain copies of various extension values */
- long ex_pathlen;
- long ex_pcpathlen;
- unsigned long ex_flags;
- unsigned long ex_kusage;
- unsigned long ex_xkusage;
- unsigned long ex_nscert;
- ASN1_OCTET_STRING *skid;
- AUTHORITY_KEYID *akid;
- X509_POLICY_CACHE *policy_cache;
- STACK_OF(DIST_POINT) *crldp;
- STACK_OF(GENERAL_NAME) *altname;
- NAME_CONSTRAINTS *nc;
- STACK_OF(IPAddressFamily) *rfc3779_addr;
- struct ASIdentifiers_st *rfc3779_asid;
- unsigned char sha1_hash[SHA_DIGEST_LENGTH];
- X509_CERT_AUX *aux;
-} /* X509 */ ;
-
-DECLARE_STACK_OF(X509)
-
-/* This is used for a table of trust checking functions */
-
-typedef struct x509_trust_st {
- int trust;
- int flags;
- int (*check_trust) (struct x509_trust_st *, X509 *, int);
- char *name;
- int arg1;
- void *arg2;
-} X509_TRUST;
-
-DECLARE_STACK_OF(X509_TRUST)
-
-/* standard trust ids */
-
-# define X509_TRUST_DEFAULT -1/* Only valid in purpose settings */
-
-# define X509_TRUST_COMPAT 1
-# define X509_TRUST_SSL_CLIENT 2
-# define X509_TRUST_SSL_SERVER 3
-# define X509_TRUST_EMAIL 4
-# define X509_TRUST_OBJECT_SIGN 5
-# define X509_TRUST_OCSP_SIGN 6
-# define X509_TRUST_OCSP_REQUEST 7
-# define X509_TRUST_TSA 8
-
-/* Keep these up to date! */
-# define X509_TRUST_MIN 1
-# define X509_TRUST_MAX 8
-
-/* trust_flags values */
-# define X509_TRUST_DYNAMIC 1
-# define X509_TRUST_DYNAMIC_NAME 2
-
-/* check_trust return codes */
-
-# define X509_TRUST_TRUSTED 1
-# define X509_TRUST_REJECTED 2
-# define X509_TRUST_UNTRUSTED 3
-
-/* Flags for X509_print_ex() */
-
-# define X509_FLAG_COMPAT 0
-# define X509_FLAG_NO_HEADER 1L
-# define X509_FLAG_NO_VERSION (1L << 1)
-# define X509_FLAG_NO_SERIAL (1L << 2)
-# define X509_FLAG_NO_SIGNAME (1L << 3)
-# define X509_FLAG_NO_ISSUER (1L << 4)
-# define X509_FLAG_NO_VALIDITY (1L << 5)
-# define X509_FLAG_NO_SUBJECT (1L << 6)
-# define X509_FLAG_NO_PUBKEY (1L << 7)
-# define X509_FLAG_NO_EXTENSIONS (1L << 8)
-# define X509_FLAG_NO_SIGDUMP (1L << 9)
-# define X509_FLAG_NO_AUX (1L << 10)
-# define X509_FLAG_NO_ATTRIBUTES (1L << 11)
-# define X509_FLAG_NO_IDS (1L << 12)
-
-/* Flags specific to X509_NAME_print_ex() */
-
-/* The field separator information */
-
-# define XN_FLAG_SEP_MASK (0xf << 16)
-
-# define XN_FLAG_COMPAT 0/* Traditional SSLeay: use old
- * X509_NAME_print */
-# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */
-# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */
-# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */
-# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */
-
-# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */
-
-/* How the field name is shown */
-
-# define XN_FLAG_FN_MASK (0x3 << 21)
-
-# define XN_FLAG_FN_SN 0/* Object short name */
-# define XN_FLAG_FN_LN (1 << 21)/* Object long name */
-# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */
-# define XN_FLAG_FN_NONE (3 << 21)/* No field names */
-
-# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */
-
-/*
- * This determines if we dump fields we don't recognise: RFC2253 requires
- * this.
- */
-
-# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20
- * characters */
-
-/* Complete set of RFC2253 flags */
-
-# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
- XN_FLAG_SEP_COMMA_PLUS | \
- XN_FLAG_DN_REV | \
- XN_FLAG_FN_SN | \
- XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-/* readable oneline form */
-
-# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
- ASN1_STRFLGS_ESC_QUOTE | \
- XN_FLAG_SEP_CPLUS_SPC | \
- XN_FLAG_SPC_EQ | \
- XN_FLAG_FN_SN)
-
-/* readable multiline form */
-
-# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
- ASN1_STRFLGS_ESC_MSB | \
- XN_FLAG_SEP_MULTILINE | \
- XN_FLAG_SPC_EQ | \
- XN_FLAG_FN_LN | \
- XN_FLAG_FN_ALIGN)
-
-struct x509_revoked_st {
- ASN1_INTEGER *serialNumber;
- ASN1_TIME *revocationDate;
- STACK_OF(X509_EXTENSION) /* optional */ *extensions;
- /* Set up if indirect CRL */
- STACK_OF(GENERAL_NAME) *issuer;
- /* Revocation reason */
- int reason;
- int sequence; /* load sequence */
-};
-
-DECLARE_STACK_OF(X509_REVOKED)
-
-typedef struct X509_crl_info_st {
- ASN1_INTEGER *version;
- X509_ALGOR *sig_alg;
- X509_NAME *issuer;
- ASN1_TIME *lastUpdate;
- ASN1_TIME *nextUpdate;
- STACK_OF(X509_REVOKED) *revoked;
- STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
- ASN1_ENCODING enc;
-} X509_CRL_INFO;
-
-struct X509_crl_st {
- /* actual signature */
- X509_CRL_INFO *crl;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
- int flags;
- /* Copies of various extensions */
- AUTHORITY_KEYID *akid;
- ISSUING_DIST_POINT *idp;
- /* Convenient breakdown of IDP */
- int idp_flags;
- int idp_reasons;
- /* CRL and base CRL numbers for delta processing */
- ASN1_INTEGER *crl_number;
- ASN1_INTEGER *base_crl_number;
- unsigned char sha1_hash[SHA_DIGEST_LENGTH];
- STACK_OF(GENERAL_NAMES) *issuers;
- const X509_CRL_METHOD *meth;
- void *meth_data;
-} /* X509_CRL */ ;
-
-DECLARE_STACK_OF(X509_CRL)
-
-typedef struct private_key_st {
- int version;
- /* The PKCS#8 data types */
- X509_ALGOR *enc_algor;
- ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
- /* When decrypted, the following will not be NULL */
- EVP_PKEY *dec_pkey;
- /* used to encrypt and decrypt */
- int key_length;
- char *key_data;
- int key_free; /* true if we should auto free key_data */
- /* expanded version of 'enc_algor' */
- EVP_CIPHER_INFO cipher;
- int references;
-} X509_PKEY;
-
-typedef struct X509_info_st {
- X509 *x509;
- X509_CRL *crl;
- X509_PKEY *x_pkey;
- EVP_CIPHER_INFO enc_cipher;
- int enc_len;
- char *enc_data;
- int references;
-} X509_INFO;
-
-DECLARE_STACK_OF(X509_INFO)
-
-/*
- * The next 2 structures and their 8 routines were sent to me by Pat Richard
- * <patr@x509.com> and are used to manipulate Netscapes spki structures -
- * useful if you are writing a CA web page
- */
-typedef struct Netscape_spkac_st {
- X509_PUBKEY *pubkey;
- ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
-} NETSCAPE_SPKAC;
-
-typedef struct Netscape_spki_st {
- NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
- X509_ALGOR *sig_algor;
- ASN1_BIT_STRING *signature;
-} NETSCAPE_SPKI;
-
-/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence {
- ASN1_OBJECT *type;
- STACK_OF(X509) *certs;
-} NETSCAPE_CERT_SEQUENCE;
-
-/*- Unused (and iv length is wrong)
-typedef struct CBCParameter_st
- {
- unsigned char iv[8];
- } CBC_PARAM;
-*/
-
-/* Password based encryption structure */
-
-typedef struct PBEPARAM_st {
- ASN1_OCTET_STRING *salt;
- ASN1_INTEGER *iter;
-} PBEPARAM;
-
-/* Password based encryption V2 structures */
-
-typedef struct PBE2PARAM_st {
- X509_ALGOR *keyfunc;
- X509_ALGOR *encryption;
-} PBE2PARAM;
-
-typedef struct PBKDF2PARAM_st {
-/* Usually OCTET STRING but could be anything */
- ASN1_TYPE *salt;
- ASN1_INTEGER *iter;
- ASN1_INTEGER *keylength;
- X509_ALGOR *prf;
-} PBKDF2PARAM;
-
-/* PKCS#8 private key info structure */
-
-struct pkcs8_priv_key_info_st {
- /* Flag for various broken formats */
- int broken;
-# define PKCS8_OK 0
-# define PKCS8_NO_OCTET 1
-# define PKCS8_EMBEDDED_PARAM 2
-# define PKCS8_NS_DB 3
-# define PKCS8_NEG_PRIVKEY 4
- ASN1_INTEGER *version;
- X509_ALGOR *pkeyalg;
- /* Should be OCTET STRING but some are broken */
- ASN1_TYPE *pkey;
- STACK_OF(X509_ATTRIBUTE) *attributes;
-};
-
-#ifdef __cplusplus
-}
-#endif
-
-# include <openssl/x509_vfy.h>
-# include <openssl/pkcs7.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define X509_EXT_PACK_UNKNOWN 1
-# define X509_EXT_PACK_STRING 2
-
-# define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
-/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
-# define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
-# define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
-# define X509_extract_key(x) X509_get_pubkey(x)/*****/
-# define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
-# define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
-# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
-# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
-# define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
-
-# define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
-# define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
-# define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
-# define X509_CRL_get_issuer(x) ((x)->crl->issuer)
-# define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
-
-void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
-X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
- int (*crl_free) (X509_CRL *crl),
- int (*crl_lookup) (X509_CRL *crl,
- X509_REVOKED **ret,
- ASN1_INTEGER *ser,
- X509_NAME *issuer),
- int (*crl_verify) (X509_CRL *crl,
- EVP_PKEY *pk));
-void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
-
-void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
-void *X509_CRL_get_meth_data(X509_CRL *crl);
-
-/*
- * This one is only used so that a binary form can output, as in
- * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
- */
-# define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
-
-const char *X509_verify_cert_error_string(long n);
-
-int X509_verify(X509 *a, EVP_PKEY *r);
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
-
-NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len);
-char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
-
-int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
-int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
-int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert);
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
-int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl);
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
-
-int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_digest(const X509 *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-
-# ifndef OPENSSL_NO_STDIO
-X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-int i2d_X509_fp(FILE *fp, X509 *x509);
-X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
-int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
-int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
-int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
-# endif
-# ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
-# endif
-X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
-int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
- PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-# endif
-
-X509 *d2i_X509_bio(BIO *bp, X509 **x509);
-int i2d_X509_bio(BIO *bp, X509 *x509);
-X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
-int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
-int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
-int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
-# endif
-# ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
-# endif
-X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
-int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
- PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-
-X509 *X509_dup(X509 *x509);
-X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-X509_CRL *X509_CRL_dup(X509_CRL *crl);
-X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
-X509_REQ *X509_REQ_dup(X509_REQ *req);
-X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
-int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
- void *pval);
-void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
- X509_ALGOR *algor);
-void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
-int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
-
-X509_NAME *X509_NAME_dup(X509_NAME *xn);
-X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-
-int X509_cmp_time(const ASN1_TIME *s, time_t *t);
-int X509_cmp_current_time(const ASN1_TIME *s);
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
-ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
- int offset_day, long offset_sec, time_t *t);
-ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
-
-const char *X509_get_default_cert_area(void);
-const char *X509_get_default_cert_dir(void);
-const char *X509_get_default_cert_file(void);
-const char *X509_get_default_cert_dir_env(void);
-const char *X509_get_default_cert_file_env(void);
-const char *X509_get_default_private_dir(void);
-
-X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey);
-
-DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
-DECLARE_ASN1_FUNCTIONS(X509_VAL)
-
-DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
-int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
-# ifndef OPENSSL_NO_RSA
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
-RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
-# endif
-# ifndef OPENSSL_NO_DSA
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp);
-DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
-# endif
-# ifndef OPENSSL_NO_EC
-int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
-EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length);
-# endif
-
-DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_REQ)
-
-DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
-
-DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME)
-
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(X509_CINF)
-
-DECLARE_ASN1_FUNCTIONS(X509)
-DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int X509_set_ex_data(X509 *r, int idx, void *arg);
-void *X509_get_ex_data(X509 *r, int idx);
-int i2d_X509_AUX(X509 *a, unsigned char **pp);
-X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
-
-int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
-
-void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
- const X509 *x);
-int X509_get_signature_nid(const X509 *x);
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len);
-int X509_keyid_set1(X509 *x, unsigned char *id, int len);
-unsigned char *X509_alias_get0(X509 *x, int *len);
-unsigned char *X509_keyid_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
- int);
-int X509_TRUST_set(int *t, int trust);
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-void X509_trust_clear(X509 *x);
-void X509_reject_clear(X509 *x);
-
-DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_CRL)
-
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
-int X509_CRL_get0_by_serial(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial);
-int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
-
-X509_PKEY *X509_PKEY_new(void);
-void X509_PKEY_free(X509_PKEY *a);
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
-
-X509_INFO *X509_INFO_new(void);
-void X509_INFO_free(X509_INFO *a);
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
-
-int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
-
-int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
- unsigned char *md, unsigned int *len);
-
-int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- char *data, EVP_PKEY *pkey, const EVP_MD *type);
-
-int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
- unsigned char *md, unsigned int *len);
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
- EVP_PKEY *pkey, const EVP_MD *type);
-int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- void *asn, EVP_MD_CTX *ctx);
-
-int X509_set_version(X509 *x, long version);
-int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
-ASN1_INTEGER *X509_get_serialNumber(X509 *x);
-int X509_set_issuer_name(X509 *x, X509_NAME *name);
-X509_NAME *X509_get_issuer_name(X509 *a);
-int X509_set_subject_name(X509 *x, X509_NAME *name);
-X509_NAME *X509_get_subject_name(X509 *a);
-int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
-int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
-int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
-EVP_PKEY *X509_get_pubkey(X509 *x);
-ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
-int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
-
-int X509_REQ_set_version(X509_REQ *x, long version);
-int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
-int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
-EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
-int X509_REQ_extension_nid(int nid);
-int *X509_REQ_get_extension_nids(void);
-void X509_REQ_set_extension_nids(int *nids);
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
- int nid);
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
-int X509_REQ_get_attr_count(const X509_REQ *req);
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
- int nid, int type,
- const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- const char *attrname, int type,
- const unsigned char *bytes, int len);
-
-int X509_CRL_set_version(X509_CRL *x, long version);
-int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
-int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_sort(X509_CRL *crl);
-
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
-int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
-
-X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
- EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
-
-int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
-
-int X509_check_private_key(X509 *x509, EVP_PKEY *pkey);
-int X509_chain_check_suiteb(int *perror_depth,
- X509 *x, STACK_OF(X509) *chain,
- unsigned long flags);
-int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags);
-STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
-
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_and_serial_hash(X509 *a);
-
-int X509_issuer_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_name_hash(X509 *a);
-
-int X509_subject_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_subject_name_hash(X509 *x);
-
-# ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_name_hash_old(X509 *a);
-unsigned long X509_subject_name_hash_old(X509 *x);
-# endif
-
-int X509_cmp(const X509 *a, const X509 *b);
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-unsigned long X509_NAME_hash(X509_NAME *x);
-unsigned long X509_NAME_hash_old(X509_NAME *x);
-
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
-# ifndef OPENSSL_NO_STDIO
-int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-int X509_print_fp(FILE *bp, X509 *x);
-int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
-int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
- unsigned long flags);
-# endif
-
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
- unsigned long flags);
-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-int X509_print(BIO *bp, X509 *x);
-int X509_ocspid_print(BIO *bp, X509 *x);
-int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
-int X509_CRL_print(BIO *bp, X509_CRL *x);
-int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
- unsigned long cflag);
-int X509_REQ_print(BIO *bp, X509_REQ *req);
-
-int X509_NAME_entry_count(X509_NAME *name);
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- char *buf, int len);
-
-/*
- * NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
- * lastpos, search after that position on.
- */
-int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
-int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
- int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len, int loc,
- int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
- unsigned char *bytes, int len, int loc,
- int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
- const char *field, int type,
- const unsigned char *bytes,
- int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
- int type, unsigned char *bytes,
- int len);
-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
- const unsigned char *bytes, int len, int loc,
- int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
- ASN1_OBJECT *obj, int type,
- const unsigned char *bytes,
- int len);
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
- const unsigned char *bytes, int len);
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
-
-int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
- int nid, int lastpos);
-int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
- ASN1_OBJECT *obj, int lastpos);
-int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
- int crit, int lastpos);
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
- X509_EXTENSION *ex, int loc);
-
-int X509_get_ext_count(X509 *x);
-int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
-int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos);
-int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
-X509_EXTENSION *X509_get_ext(X509 *x, int loc);
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
- unsigned long flags);
-
-int X509_CRL_get_ext_count(X509_CRL *x);
-int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
-int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos);
-int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
- unsigned long flags);
-
-int X509_REVOKED_get_ext_count(X509_REVOKED *x);
-int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
-int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
- int lastpos);
-int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
-int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
-void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
- unsigned long flags);
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
- int nid, int crit,
- ASN1_OCTET_STRING *data);
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
- ASN1_OBJECT *obj, int crit,
- ASN1_OCTET_STRING *data);
-int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj);
-int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
-ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
- int lastpos);
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
- ASN1_OBJECT *obj, int lastpos);
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
- X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
- **x, const ASN1_OBJECT *obj,
- int type,
- const unsigned char *bytes,
- int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
- **x, int nid, int type,
- const unsigned char *bytes,
- int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
- **x, const char *attrname,
- int type,
- const unsigned char *bytes,
- int len);
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
- int lastpos, int type);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, const void *data,
- int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- const ASN1_OBJECT *obj,
- int atrtype, const void *data,
- int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
- const char *atrname, int type,
- const unsigned char *bytes,
- int len);
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
- const void *data, int len);
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
- void *data);
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
-
-int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
-int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
-int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
-X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
-int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
-int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
- const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
- int nid, int type,
- const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
- const char *attrname, int type,
- const unsigned char *bytes, int len);
-
-int X509_verify_cert(X509_STORE_CTX *ctx);
-
-/* lookup a cert from a X509 STACK */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
- ASN1_INTEGER *serial);
-X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(PBEPARAM)
-DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
-DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
- const unsigned char *salt, int saltlen);
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
- const unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen,
- unsigned char *aiv, int prf_nid);
-
-X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
- int prf_nid, int keylen);
-
-/* PKCS#8 utilities */
-
-DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
-
-EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
-
-int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
- int version, int ptype, void *pval,
- unsigned char *penc, int penclen);
-int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
-
-int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
- int ptype, void *pval,
- unsigned char *penc, int penclen);
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa, X509_PUBKEY *pub);
-
-int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST *X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
- char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(X509_TRUST *xp);
-char *X509_TRUST_get0_name(X509_TRUST *xp);
-int X509_TRUST_get_trust(X509_TRUST *xp);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509_strings(void);
-
-/* Error codes for the X509 functions. */
-
-/* Function codes. */
-# define X509_F_ADD_CERT_DIR 100
-# define X509_F_BY_FILE_CTRL 101
-# define X509_F_CHECK_POLICY 145
-# define X509_F_DIR_CTRL 102
-# define X509_F_GET_CERT_BY_SUBJECT 103
-# define X509_F_NETSCAPE_SPKI_B64_DECODE 129
-# define X509_F_NETSCAPE_SPKI_B64_ENCODE 130
-# define X509_F_X509AT_ADD1_ATTR 135
-# define X509_F_X509V3_ADD_EXT 104
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
-# define X509_F_X509_ATTRIBUTE_GET0_DATA 139
-# define X509_F_X509_ATTRIBUTE_SET1_DATA 138
-# define X509_F_X509_CHECK_PRIVATE_KEY 128
-# define X509_F_X509_CRL_DIFF 105
-# define X509_F_X509_CRL_PRINT_FP 147
-# define X509_F_X509_EXTENSION_CREATE_BY_NID 108
-# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
-# define X509_F_X509_GET_PUBKEY_PARAMETERS 110
-# define X509_F_X509_LOAD_CERT_CRL_FILE 132
-# define X509_F_X509_LOAD_CERT_FILE 111
-# define X509_F_X509_LOAD_CRL_FILE 112
-# define X509_F_X509_NAME_ADD_ENTRY 113
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131
-# define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
-# define X509_F_X509_NAME_ONELINE 116
-# define X509_F_X509_NAME_PRINT 117
-# define X509_F_X509_PRINT_EX_FP 118
-# define X509_F_X509_PUBKEY_GET 119
-# define X509_F_X509_PUBKEY_SET 120
-# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144
-# define X509_F_X509_REQ_PRINT_EX 121
-# define X509_F_X509_REQ_PRINT_FP 122
-# define X509_F_X509_REQ_TO_X509 123
-# define X509_F_X509_STORE_ADD_CERT 124
-# define X509_F_X509_STORE_ADD_CRL 125
-# define X509_F_X509_STORE_CTX_GET1_ISSUER 146
-# define X509_F_X509_STORE_CTX_INIT 143
-# define X509_F_X509_STORE_CTX_NEW 142
-# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
-# define X509_F_X509_TO_X509_REQ 126
-# define X509_F_X509_TRUST_ADD 133
-# define X509_F_X509_TRUST_SET 141
-# define X509_F_X509_VERIFY_CERT 127
-
-/* Reason codes. */
-# define X509_R_AKID_MISMATCH 110
-# define X509_R_BAD_X509_FILETYPE 100
-# define X509_R_BASE64_DECODE_ERROR 118
-# define X509_R_CANT_CHECK_DH_KEY 114
-# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
-# define X509_R_CRL_ALREADY_DELTA 127
-# define X509_R_CRL_VERIFY_FAILURE 131
-# define X509_R_ERR_ASN1_LIB 102
-# define X509_R_IDP_MISMATCH 128
-# define X509_R_INVALID_DIRECTORY 113
-# define X509_R_INVALID_FIELD_NAME 119
-# define X509_R_INVALID_TRUST 123
-# define X509_R_ISSUER_MISMATCH 129
-# define X509_R_KEY_TYPE_MISMATCH 115
-# define X509_R_KEY_VALUES_MISMATCH 116
-# define X509_R_LOADING_CERT_DIR 103
-# define X509_R_LOADING_DEFAULTS 104
-# define X509_R_METHOD_NOT_SUPPORTED 124
-# define X509_R_NEWER_CRL_NOT_NEWER 132
-# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
-# define X509_R_NO_CRL_NUMBER 130
-# define X509_R_PUBLIC_KEY_DECODE_ERROR 125
-# define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
-# define X509_R_SHOULD_RETRY 106
-# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
-# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
-# define X509_R_UNKNOWN_KEY_TYPE 117
-# define X509_R_UNKNOWN_NID 109
-# define X509_R_UNKNOWN_PURPOSE_ID 121
-# define X509_R_UNKNOWN_TRUST_ID 120
-# define X509_R_UNSUPPORTED_ALGORITHM 111
-# define X509_R_WRONG_LOOKUP_TYPE 112
-# define X509_R_WRONG_TYPE 122
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* crypto/x509/x509_vfy.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-# include <openssl/x509.h>
-/*
- * openssl/x509.h ends up #include-ing this file at about the only
- * appropriate moment.
- */
-#endif
-
-#ifndef HEADER_X509_VFY_H
-# define HEADER_X509_VFY_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/lhash.h>
-# include <openssl/bio.h>
-# include <openssl/crypto.h>
-# include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct x509_file_st {
- int num_paths; /* number of paths to files or directories */
- int num_alloced;
- char **paths; /* the list of paths or directories */
- int *path_type;
-} X509_CERT_FILE_CTX;
-
-/*******************************/
-/*-
-SSL_CTX -> X509_STORE
- -> X509_LOOKUP
- ->X509_LOOKUP_METHOD
- -> X509_LOOKUP
- ->X509_LOOKUP_METHOD
-
-SSL -> X509_STORE_CTX
- ->X509_STORE
-
-The X509_STORE holds the tables etc for verification stuff.
-A X509_STORE_CTX is used while validating a single certificate.
-The X509_STORE has X509_LOOKUPs for looking up certs.
-The X509_STORE then calls a function to actually verify the
-certificate chain.
-*/
-
-# define X509_LU_RETRY -1
-# define X509_LU_FAIL 0
-# define X509_LU_X509 1
-# define X509_LU_CRL 2
-# define X509_LU_PKEY 3
-
-typedef struct x509_object_st {
- /* one of the above types */
- int type;
- union {
- char *ptr;
- X509 *x509;
- X509_CRL *crl;
- EVP_PKEY *pkey;
- } data;
-} X509_OBJECT;
-
-typedef struct x509_lookup_st X509_LOOKUP;
-
-DECLARE_STACK_OF(X509_LOOKUP)
-DECLARE_STACK_OF(X509_OBJECT)
-
-/* This is a static that defines the function interface */
-typedef struct x509_lookup_method_st {
- const char *name;
- int (*new_item) (X509_LOOKUP *ctx);
- void (*free) (X509_LOOKUP *ctx);
- int (*init) (X509_LOOKUP *ctx);
- int (*shutdown) (X509_LOOKUP *ctx);
- int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
- char **ret);
- int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
- X509_OBJECT *ret);
- int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
- ASN1_INTEGER *serial, X509_OBJECT *ret);
- int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len,
- X509_OBJECT *ret);
- int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
- X509_OBJECT *ret);
-} X509_LOOKUP_METHOD;
-
-typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID;
-
-/*
- * This structure hold all parameters associated with a verify operation by
- * including an X509_VERIFY_PARAM structure in related structures the
- * parameters used can be customized
- */
-
-typedef struct X509_VERIFY_PARAM_st {
- char *name;
- time_t check_time; /* Time to use */
- unsigned long inh_flags; /* Inheritance flags */
- unsigned long flags; /* Various verify flags */
- int purpose; /* purpose to check untrusted certificates */
- int trust; /* trust setting to check */
- int depth; /* Verify depth */
- STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
- X509_VERIFY_PARAM_ID *id; /* opaque ID data */
-} X509_VERIFY_PARAM;
-
-DECLARE_STACK_OF(X509_VERIFY_PARAM)
-
-/*
- * This is used to hold everything. It is used for all certificate
- * validation. Once we have a certificate chain, the 'verify' function is
- * then called to actually check the cert chain.
- */
-struct x509_store_st {
- /* The following is a cache of trusted certs */
- int cache; /* if true, stash any hits */
- STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
- /* These are external lookup methods */
- STACK_OF(X509_LOOKUP) *get_cert_methods;
- X509_VERIFY_PARAM *param;
- /* Callbacks for various operations */
- /* called to verify a certificate */
- int (*verify) (X509_STORE_CTX *ctx);
- /* error callback */
- int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
- /* get issuers cert from ctx */
- int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
- /* check issued */
- int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
- /* Check revocation status of chain */
- int (*check_revocation) (X509_STORE_CTX *ctx);
- /* retrieve CRL */
- int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
- /* Check CRL validity */
- int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
- /* Check certificate against CRL */
- int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
- STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
- STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
- int (*cleanup) (X509_STORE_CTX *ctx);
- CRYPTO_EX_DATA ex_data;
- int references;
-} /* X509_STORE */ ;
-
-int X509_STORE_set_depth(X509_STORE *store, int depth);
-
-# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
-# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
-
-/* This is the functions plus an instance of the local variables. */
-struct x509_lookup_st {
- int init; /* have we been started */
- int skip; /* don't use us. */
- X509_LOOKUP_METHOD *method; /* the functions */
- char *method_data; /* method data */
- X509_STORE *store_ctx; /* who owns us */
-} /* X509_LOOKUP */ ;
-
-/*
- * This is a used when verifying cert chains. Since the gathering of the
- * cert chain can take some time (and have to be 'retried', this needs to be
- * kept and passed around.
- */
-struct x509_store_ctx_st { /* X509_STORE_CTX */
- X509_STORE *ctx;
- /* used when looking up certs */
- int current_method;
- /* The following are set by the caller */
- /* The cert to check */
- X509 *cert;
- /* chain of X509s - untrusted - passed in */
- STACK_OF(X509) *untrusted;
- /* set of CRLs passed in */
- STACK_OF(X509_CRL) *crls;
- X509_VERIFY_PARAM *param;
- /* Other info for use with get_issuer() */
- void *other_ctx;
- /* Callbacks for various operations */
- /* called to verify a certificate */
- int (*verify) (X509_STORE_CTX *ctx);
- /* error callback */
- int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
- /* get issuers cert from ctx */
- int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
- /* check issued */
- int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
- /* Check revocation status of chain */
- int (*check_revocation) (X509_STORE_CTX *ctx);
- /* retrieve CRL */
- int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
- /* Check CRL validity */
- int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
- /* Check certificate against CRL */
- int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
- int (*check_policy) (X509_STORE_CTX *ctx);
- STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
- STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
- int (*cleanup) (X509_STORE_CTX *ctx);
- /* The following is built up */
- /* if 0, rebuild chain */
- int valid;
- /* index of last untrusted cert */
- int last_untrusted;
- /* chain of X509s - built up and trusted */
- STACK_OF(X509) *chain;
- /* Valid policy tree */
- X509_POLICY_TREE *tree;
- /* Require explicit policy value */
- int explicit_policy;
- /* When something goes wrong, this is why */
- int error_depth;
- int error;
- X509 *current_cert;
- /* cert currently being tested as valid issuer */
- X509 *current_issuer;
- /* current CRL */
- X509_CRL *current_crl;
- /* score of current CRL */
- int current_crl_score;
- /* Reason mask */
- unsigned int current_reasons;
- /* For CRL path validation: parent context */
- X509_STORE_CTX *parent;
- CRYPTO_EX_DATA ex_data;
-} /* X509_STORE_CTX */ ;
-
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
-
-# define X509_STORE_CTX_set_app_data(ctx,data) \
- X509_STORE_CTX_set_ex_data(ctx,0,data)
-# define X509_STORE_CTX_get_app_data(ctx) \
- X509_STORE_CTX_get_ex_data(ctx,0)
-
-# define X509_L_FILE_LOAD 1
-# define X509_L_ADD_DIR 2
-
-# define X509_LOOKUP_load_file(x,name,type) \
- X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
-
-# define X509_LOOKUP_add_dir(x,name,type) \
- X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
-
-# define X509_V_OK 0
-/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
-
-# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
-# define X509_V_ERR_UNABLE_TO_GET_CRL 3
-# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
-# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
-# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
-# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
-# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
-# define X509_V_ERR_CERT_NOT_YET_VALID 9
-# define X509_V_ERR_CERT_HAS_EXPIRED 10
-# define X509_V_ERR_CRL_NOT_YET_VALID 11
-# define X509_V_ERR_CRL_HAS_EXPIRED 12
-# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
-# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
-# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
-# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
-# define X509_V_ERR_OUT_OF_MEM 17
-# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
-# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
-# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
-# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
-# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
-# define X509_V_ERR_CERT_REVOKED 23
-# define X509_V_ERR_INVALID_CA 24
-# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
-# define X509_V_ERR_INVALID_PURPOSE 26
-# define X509_V_ERR_CERT_UNTRUSTED 27
-# define X509_V_ERR_CERT_REJECTED 28
-/* These are 'informational' when looking for issuer cert */
-# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
-# define X509_V_ERR_AKID_SKID_MISMATCH 30
-# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
-# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
-
-# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
-# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
-# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
-# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
-# define X509_V_ERR_INVALID_NON_CA 37
-# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
-# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
-# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
-
-# define X509_V_ERR_INVALID_EXTENSION 41
-# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
-# define X509_V_ERR_NO_EXPLICIT_POLICY 43
-# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
-# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
-
-# define X509_V_ERR_UNNESTED_RESOURCE 46
-
-# define X509_V_ERR_PERMITTED_VIOLATION 47
-# define X509_V_ERR_EXCLUDED_VIOLATION 48
-# define X509_V_ERR_SUBTREE_MINMAX 49
-# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
-# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
-# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
-# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
-/* Another issuer check debug option */
-# define X509_V_ERR_PATH_LOOP 55
-/* Suite B mode algorithm violation */
-# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
-# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
-# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
-# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
-# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
-# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
-/* Host, email and IP check errors */
-# define X509_V_ERR_HOSTNAME_MISMATCH 62
-# define X509_V_ERR_EMAIL_MISMATCH 63
-# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
-
-/* The application is not happy */
-# define X509_V_ERR_APPLICATION_VERIFICATION 50
-
-/* Certificate verify flags */
-
-/* Send issuer+subject checks to verify_cb */
-# define X509_V_FLAG_CB_ISSUER_CHECK 0x1
-/* Use check time instead of current time */
-# define X509_V_FLAG_USE_CHECK_TIME 0x2
-/* Lookup CRLs */
-# define X509_V_FLAG_CRL_CHECK 0x4
-/* Lookup CRLs for whole chain */
-# define X509_V_FLAG_CRL_CHECK_ALL 0x8
-/* Ignore unhandled critical extensions */
-# define X509_V_FLAG_IGNORE_CRITICAL 0x10
-/* Disable workarounds for broken certificates */
-# define X509_V_FLAG_X509_STRICT 0x20
-/* Enable proxy certificate validation */
-# define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
-/* Enable policy checking */
-# define X509_V_FLAG_POLICY_CHECK 0x80
-/* Policy variable require-explicit-policy */
-# define X509_V_FLAG_EXPLICIT_POLICY 0x100
-/* Policy variable inhibit-any-policy */
-# define X509_V_FLAG_INHIBIT_ANY 0x200
-/* Policy variable inhibit-policy-mapping */
-# define X509_V_FLAG_INHIBIT_MAP 0x400
-/* Notify callback that policy is OK */
-# define X509_V_FLAG_NOTIFY_POLICY 0x800
-/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
-# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
-/* Delta CRL support */
-# define X509_V_FLAG_USE_DELTAS 0x2000
-/* Check selfsigned CA signature */
-# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
-/* Use trusted store first */
-# define X509_V_FLAG_TRUSTED_FIRST 0x8000
-/* Suite B 128 bit only mode: not normally used */
-# define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
-/* Suite B 192 bit only mode */
-# define X509_V_FLAG_SUITEB_192_LOS 0x20000
-/* Suite B 128 bit mode allowing 192 bit algorithms */
-# define X509_V_FLAG_SUITEB_128_LOS 0x30000
-/* Allow partial chains if at least one certificate is in trusted store */
-# define X509_V_FLAG_PARTIAL_CHAIN 0x80000
-/*
- * If the initial chain is not trusted, do not attempt to build an alternative
- * chain. Alternate chain checking was introduced in 1.1.0. Setting this flag
- * will force the behaviour to match that of previous versions.
- */
-# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
-
-# define X509_VP_FLAG_DEFAULT 0x1
-# define X509_VP_FLAG_OVERWRITE 0x2
-# define X509_VP_FLAG_RESET_FLAGS 0x4
-# define X509_VP_FLAG_LOCKED 0x8
-# define X509_VP_FLAG_ONCE 0x10
-
-/* Internal use: mask of policy related options */
-# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
- | X509_V_FLAG_EXPLICIT_POLICY \
- | X509_V_FLAG_INHIBIT_ANY \
- | X509_V_FLAG_INHIBIT_MAP)
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
- X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
- int type, X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
- X509_OBJECT *x);
-void X509_OBJECT_up_ref_count(X509_OBJECT *a);
-void X509_OBJECT_free_contents(X509_OBJECT *a);
-X509_STORE *X509_STORE_new(void);
-void X509_STORE_free(X509_STORE *v);
-
-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
-int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
-int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
-int X509_STORE_set_trust(X509_STORE *ctx, int trust);
-int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
-
-void X509_STORE_set_verify_cb(X509_STORE *ctx,
- int (*verify_cb) (int, X509_STORE_CTX *));
-
-void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
- STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
- *ctx,
- X509_NAME *nm));
-
-X509_STORE_CTX *X509_STORE_CTX_new(void);
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
- X509 *x509, STACK_OF(X509) *chain);
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
-
-X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
- X509_OBJECT *ret);
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
- long argl, char **ret);
-
-# ifndef OPENSSL_NO_STDIO
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-# endif
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
-void X509_LOOKUP_free(X509_LOOKUP *ctx);
-int X509_LOOKUP_init(X509_LOOKUP *ctx);
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
- X509_OBJECT *ret);
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
- ASN1_INTEGER *serial, X509_OBJECT *ret);
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len,
- X509_OBJECT *ret);
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
- X509_OBJECT *ret);
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
-
-# ifndef OPENSSL_NO_STDIO
-int X509_STORE_load_locations(X509_STORE *ctx,
- const char *file, const char *dir);
-int X509_STORE_set_default_paths(X509_STORE *ctx);
-# endif
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
-void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
-X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
-X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
-X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
-void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
- int purpose, int trust);
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
- time_t t);
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
- int (*verify_cb) (int, X509_STORE_CTX *));
-
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
-
-/* X509_VERIFY_PARAM functions */
-
-X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
-void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
- const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
- const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
-int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
- unsigned long flags);
-int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
- unsigned long flags);
-unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
-int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
-void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
-void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
-int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
- ASN1_OBJECT *policy);
-int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
- STACK_OF(ASN1_OBJECT) *policies);
-
-int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
- const char *name, size_t namelen);
-int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
- const char *name, size_t namelen);
-void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
- unsigned int flags);
-char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
-int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
- const char *email, size_t emaillen);
-int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
- const unsigned char *ip, size_t iplen);
-int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
- const char *ipasc);
-
-int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
-const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
-
-int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_get_count(void);
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
-void X509_VERIFY_PARAM_table_cleanup(void);
-
-int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
- STACK_OF(X509) *certs,
- STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
-
-void X509_policy_tree_free(X509_POLICY_TREE *tree);
-
-int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
-X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
- int i);
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
- X509_POLICY_TREE
- *tree);
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
- X509_POLICY_TREE
- *tree);
-
-int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
-
-X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
- int i);
-
-const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
-
-STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
- X509_POLICY_NODE
- *node);
-const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
- *node);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include "../e_os.h"
-#include <string.h>
-
-static const char *const names[] = {
- "a", "b", ".", "*", "@",
- ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..",
- "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com",
- "*@example.com", "test@*.example.com", "example.com", "www.example.com",
- "test.www.example.com", "*.example.com", "*.www.example.com",
- "test.*.example.com", "www.*.com",
- ".www.example.com", "*www.example.com",
- "example.net", "xn--rger-koa.example.com",
- "a.example.com", "b.example.com",
- "postmaster@example.com", "Postmaster@example.com",
- "postmaster@EXAMPLE.COM",
- NULL
-};
-
-static const char *const exceptions[] = {
- "set CN: host: [*.example.com] matches [a.example.com]",
- "set CN: host: [*.example.com] matches [b.example.com]",
- "set CN: host: [*.example.com] matches [www.example.com]",
- "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]",
- "set CN: host: [*.www.example.com] matches [test.www.example.com]",
- "set CN: host: [*.www.example.com] matches [.www.example.com]",
- "set CN: host: [*www.example.com] matches [www.example.com]",
- "set CN: host: [test.www.example.com] matches [.www.example.com]",
- "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
- "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
- "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]",
- "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
- "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]",
- "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
- "set dnsName: host: [*.example.com] matches [www.example.com]",
- "set dnsName: host: [*.example.com] matches [a.example.com]",
- "set dnsName: host: [*.example.com] matches [b.example.com]",
- "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]",
- "set dnsName: host: [*.www.example.com] matches [test.www.example.com]",
- "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
- "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
- "set dnsName: host: [*.www.example.com] matches [.www.example.com]",
- "set dnsName: host: [*www.example.com] matches [www.example.com]",
- "set dnsName: host: [test.www.example.com] matches [.www.example.com]",
- "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]",
- "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]",
- "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
- "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
- NULL
-};
-
-static int is_exception(const char *msg)
-{
- const char *const *p;
- for (p = exceptions; *p; ++p)
- if (strcmp(msg, *p) == 0)
- return 1;
- return 0;
-}
-
-static int set_cn(X509 *crt, ...)
-{
- int ret = 0;
- X509_NAME *n = NULL;
- va_list ap;
- va_start(ap, crt);
- n = X509_NAME_new();
- if (n == NULL)
- goto out;
- while (1) {
- int nid;
- const char *name;
- nid = va_arg(ap, int);
- if (nid == 0)
- break;
- name = va_arg(ap, const char *);
- if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC,
- (unsigned char *)name, -1, -1, 1))
- goto out;
- }
- if (!X509_set_subject_name(crt, n))
- goto out;
- ret = 1;
- out:
- X509_NAME_free(n);
- va_end(ap);
- return ret;
-}
-
-/*-
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
- int nid, int crit, ASN1_OCTET_STRING *data);
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-*/
-
-static int set_altname(X509 *crt, ...)
-{
- int ret = 0;
- GENERAL_NAMES *gens = NULL;
- GENERAL_NAME *gen = NULL;
- ASN1_IA5STRING *ia5 = NULL;
- va_list ap;
- va_start(ap, crt);
- gens = sk_GENERAL_NAME_new_null();
- if (gens == NULL)
- goto out;
- while (1) {
- int type;
- const char *name;
- type = va_arg(ap, int);
- if (type == 0)
- break;
- name = va_arg(ap, const char *);
-
- gen = GENERAL_NAME_new();
- if (gen == NULL)
- goto out;
- ia5 = ASN1_IA5STRING_new();
- if (ia5 == NULL)
- goto out;
- if (!ASN1_STRING_set(ia5, name, -1))
- goto out;
- switch (type) {
- case GEN_EMAIL:
- case GEN_DNS:
- GENERAL_NAME_set0_value(gen, type, ia5);
- ia5 = NULL;
- break;
- default:
- abort();
- }
- sk_GENERAL_NAME_push(gens, gen);
- gen = NULL;
- }
- if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0))
- goto out;
- ret = 1;
- out:
- ASN1_IA5STRING_free(ia5);
- GENERAL_NAME_free(gen);
- GENERAL_NAMES_free(gens);
- va_end(ap);
- return ret;
-}
-
-static int set_cn1(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_commonName, name, 0);
-}
-
-static int set_cn_and_email(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_commonName, name,
- NID_pkcs9_emailAddress, "dummy@example.com", 0);
-}
-
-static int set_cn2(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_commonName, "dummy value",
- NID_commonName, name, 0);
-}
-
-static int set_cn3(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_commonName, name,
- NID_commonName, "dummy value", 0);
-}
-
-static int set_email1(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_pkcs9_emailAddress, name, 0);
-}
-
-static int set_email2(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com",
- NID_pkcs9_emailAddress, name, 0);
-}
-
-static int set_email3(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_pkcs9_emailAddress, name,
- NID_pkcs9_emailAddress, "dummy@example.com", 0);
-}
-
-static int set_email_and_cn(X509 *crt, const char *name)
-{
- return set_cn(crt, NID_pkcs9_emailAddress, name,
- NID_commonName, "www.example.org", 0);
-}
-
-static int set_altname_dns(X509 *crt, const char *name)
-{
- return set_altname(crt, GEN_DNS, name, 0);
-}
-
-static int set_altname_email(X509 *crt, const char *name)
-{
- return set_altname(crt, GEN_EMAIL, name, 0);
-}
-
-struct set_name_fn {
- int (*fn) (X509 *, const char *);
- const char *name;
- int host;
- int email;
-};
-
-static const struct set_name_fn name_fns[] = {
- {set_cn1, "set CN", 1, 0},
- {set_cn2, "set CN", 1, 0},
- {set_cn3, "set CN", 1, 0},
- {set_cn_and_email, "set CN", 1, 0},
- {set_email1, "set emailAddress", 0, 1},
- {set_email2, "set emailAddress", 0, 1},
- {set_email3, "set emailAddress", 0, 1},
- {set_email_and_cn, "set emailAddress", 0, 1},
- {set_altname_dns, "set dnsName", 1, 0},
- {set_altname_email, "set rfc822Name", 0, 1},
- {NULL, NULL, 0}
-};
-
-static X509 *make_cert()
-{
- X509 *ret = NULL;
- X509 *crt = NULL;
- X509_NAME *issuer = NULL;
- crt = X509_new();
- if (crt == NULL)
- goto out;
- if (!X509_set_version(crt, 3))
- goto out;
- ret = crt;
- crt = NULL;
- out:
- X509_NAME_free(issuer);
- return ret;
-}
-
-static int errors;
-
-static void check_message(const struct set_name_fn *fn, const char *op,
- const char *nameincert, int match, const char *name)
-{
- char msg[1024];
- if (match < 0)
- return;
- BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]",
- fn->name, op, nameincert,
- match ? "matches" : "does not match", name);
- if (is_exception(msg))
- return;
- puts(msg);
- ++errors;
-}
-
-static void run_cert(X509 *crt, const char *nameincert,
- const struct set_name_fn *fn)
-{
- const char *const *pname = names;
- while (*pname) {
- int samename = strcasecmp(nameincert, *pname) == 0;
- size_t namelen = strlen(*pname);
- char *name = malloc(namelen);
- int match, ret;
- memcpy(name, *pname, namelen);
-
- ret = X509_check_host(crt, name, namelen, 0, NULL);
- match = -1;
- if (ret < 0) {
- fprintf(stderr, "internal error in X509_check_host");
- ++errors;
- } else if (fn->host) {
- if (ret == 1 && !samename)
- match = 1;
- if (ret == 0 && samename)
- match = 0;
- } else if (ret == 1)
- match = 1;
- check_message(fn, "host", nameincert, match, *pname);
-
- ret = X509_check_host(crt, name, namelen,
- X509_CHECK_FLAG_NO_WILDCARDS, NULL);
- match = -1;
- if (ret < 0) {
- fprintf(stderr, "internal error in X509_check_host");
- ++errors;
- } else if (fn->host) {
- if (ret == 1 && !samename)
- match = 1;
- if (ret == 0 && samename)
- match = 0;
- } else if (ret == 1)
- match = 1;
- check_message(fn, "host-no-wildcards", nameincert, match, *pname);
-
- ret = X509_check_email(crt, name, namelen, 0);
- match = -1;
- if (fn->email) {
- if (ret && !samename)
- match = 1;
- if (!ret && samename && strchr(nameincert, '@') != NULL)
- match = 0;
- } else if (ret)
- match = 1;
- check_message(fn, "email", nameincert, match, *pname);
- ++pname;
- free(name);
- }
-}
-
-int main(void)
-{
- const struct set_name_fn *pfn = name_fns;
- while (pfn->name) {
- const char *const *pname = names;
- while (*pname) {
- X509 *crt = make_cert();
- if (crt == NULL) {
- fprintf(stderr, "make_cert failed\n");
- return 1;
- }
- if (!pfn->fn(crt, *pname)) {
- fprintf(stderr, "X509 name setting failed\n");
- return 1;
- }
- run_cert(crt, *pname, pfn);
- X509_free(crt);
- ++pname;
- }
- ++pfn;
- }
- return errors > 0 ? 1 : 0;
-}
+++ /dev/null
-/* x509v3.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_X509V3_H
-# define HEADER_X509V3_H
-
-# include <openssl/bio.h>
-# include <openssl/x509.h>
-# include <openssl/conf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_SYS_WIN32
-/* Under Win32 these are defined in wincrypt.h */
-# undef X509_NAME
-# undef X509_EXTENSIONS
-# endif
-
-/* Forward reference */
-struct v3_ext_method;
-struct v3_ext_ctx;
-
-/* Useful typedefs */
-
-typedef void *(*X509V3_EXT_NEW)(void);
-typedef void (*X509V3_EXT_FREE) (void *);
-typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
-typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) *
- (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
- STACK_OF(CONF_VALUE) *extlist);
-typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx,
- STACK_OF(CONF_VALUE) *values);
-typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
- void *ext);
-typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx, const char *str);
-typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
- BIO *out, int indent);
-typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx, const char *str);
-
-/* V3 extension structure */
-
-struct v3_ext_method {
- int ext_nid;
- int ext_flags;
-/* If this is set the following four fields are ignored */
- ASN1_ITEM_EXP *it;
-/* Old style ASN1 calls */
- X509V3_EXT_NEW ext_new;
- X509V3_EXT_FREE ext_free;
- X509V3_EXT_D2I d2i;
- X509V3_EXT_I2D i2d;
-/* The following pair is used for string extensions */
- X509V3_EXT_I2S i2s;
- X509V3_EXT_S2I s2i;
-/* The following pair is used for multi-valued extensions */
- X509V3_EXT_I2V i2v;
- X509V3_EXT_V2I v2i;
-/* The following are used for raw extensions */
- X509V3_EXT_I2R i2r;
- X509V3_EXT_R2I r2i;
- void *usr_data; /* Any extension specific data */
-};
-
-typedef struct X509V3_CONF_METHOD_st {
- char *(*get_string) (void *db, char *section, char *value);
- STACK_OF(CONF_VALUE) *(*get_section) (void *db, char *section);
- void (*free_string) (void *db, char *string);
- void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
-} X509V3_CONF_METHOD;
-
-/* Context specific info */
-struct v3_ext_ctx {
-# define CTX_TEST 0x1
-# define X509V3_CTX_REPLACE 0x2
- int flags;
- X509 *issuer_cert;
- X509 *subject_cert;
- X509_REQ *subject_req;
- X509_CRL *crl;
- X509V3_CONF_METHOD *db_meth;
- void *db;
-/* Maybe more here */
-};
-
-typedef struct v3_ext_method X509V3_EXT_METHOD;
-
-DECLARE_STACK_OF(X509V3_EXT_METHOD)
-
-/* ext_flags values */
-# define X509V3_EXT_DYNAMIC 0x1
-# define X509V3_EXT_CTX_DEP 0x2
-# define X509V3_EXT_MULTILINE 0x4
-
-typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
-
-typedef struct BASIC_CONSTRAINTS_st {
- int ca;
- ASN1_INTEGER *pathlen;
-} BASIC_CONSTRAINTS;
-
-typedef struct PKEY_USAGE_PERIOD_st {
- ASN1_GENERALIZEDTIME *notBefore;
- ASN1_GENERALIZEDTIME *notAfter;
-} PKEY_USAGE_PERIOD;
-
-typedef struct otherName_st {
- ASN1_OBJECT *type_id;
- ASN1_TYPE *value;
-} OTHERNAME;
-
-typedef struct EDIPartyName_st {
- ASN1_STRING *nameAssigner;
- ASN1_STRING *partyName;
-} EDIPARTYNAME;
-
-typedef struct GENERAL_NAME_st {
-# define GEN_OTHERNAME 0
-# define GEN_EMAIL 1
-# define GEN_DNS 2
-# define GEN_X400 3
-# define GEN_DIRNAME 4
-# define GEN_EDIPARTY 5
-# define GEN_URI 6
-# define GEN_IPADD 7
-# define GEN_RID 8
- int type;
- union {
- char *ptr;
- OTHERNAME *otherName; /* otherName */
- ASN1_IA5STRING *rfc822Name;
- ASN1_IA5STRING *dNSName;
- ASN1_TYPE *x400Address;
- X509_NAME *directoryName;
- EDIPARTYNAME *ediPartyName;
- ASN1_IA5STRING *uniformResourceIdentifier;
- ASN1_OCTET_STRING *iPAddress;
- ASN1_OBJECT *registeredID;
- /* Old names */
- ASN1_OCTET_STRING *ip; /* iPAddress */
- X509_NAME *dirn; /* dirn */
- ASN1_IA5STRING *ia5; /* rfc822Name, dNSName,
- * uniformResourceIdentifier */
- ASN1_OBJECT *rid; /* registeredID */
- ASN1_TYPE *other; /* x400Address */
- } d;
-} GENERAL_NAME;
-
-typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-
-typedef struct ACCESS_DESCRIPTION_st {
- ASN1_OBJECT *method;
- GENERAL_NAME *location;
-} ACCESS_DESCRIPTION;
-
-typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
-
-typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
-
-DECLARE_STACK_OF(GENERAL_NAME)
-
-DECLARE_STACK_OF(ACCESS_DESCRIPTION)
-
-typedef struct DIST_POINT_NAME_st {
- int type;
- union {
- GENERAL_NAMES *fullname;
- STACK_OF(X509_NAME_ENTRY) *relativename;
- } name;
-/* If relativename then this contains the full distribution point name */
- X509_NAME *dpname;
-} DIST_POINT_NAME;
-/* All existing reasons */
-# define CRLDP_ALL_REASONS 0x807f
-
-# define CRL_REASON_NONE -1
-# define CRL_REASON_UNSPECIFIED 0
-# define CRL_REASON_KEY_COMPROMISE 1
-# define CRL_REASON_CA_COMPROMISE 2
-# define CRL_REASON_AFFILIATION_CHANGED 3
-# define CRL_REASON_SUPERSEDED 4
-# define CRL_REASON_CESSATION_OF_OPERATION 5
-# define CRL_REASON_CERTIFICATE_HOLD 6
-# define CRL_REASON_REMOVE_FROM_CRL 8
-# define CRL_REASON_PRIVILEGE_WITHDRAWN 9
-# define CRL_REASON_AA_COMPROMISE 10
-
-struct DIST_POINT_st {
- DIST_POINT_NAME *distpoint;
- ASN1_BIT_STRING *reasons;
- GENERAL_NAMES *CRLissuer;
- int dp_reasons;
-};
-
-typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
-
-DECLARE_STACK_OF(DIST_POINT)
-
-struct AUTHORITY_KEYID_st {
- ASN1_OCTET_STRING *keyid;
- GENERAL_NAMES *issuer;
- ASN1_INTEGER *serial;
-};
-
-/* Strong extranet structures */
-
-typedef struct SXNET_ID_st {
- ASN1_INTEGER *zone;
- ASN1_OCTET_STRING *user;
-} SXNETID;
-
-DECLARE_STACK_OF(SXNETID)
-
-typedef struct SXNET_st {
- ASN1_INTEGER *version;
- STACK_OF(SXNETID) *ids;
-} SXNET;
-
-typedef struct NOTICEREF_st {
- ASN1_STRING *organization;
- STACK_OF(ASN1_INTEGER) *noticenos;
-} NOTICEREF;
-
-typedef struct USERNOTICE_st {
- NOTICEREF *noticeref;
- ASN1_STRING *exptext;
-} USERNOTICE;
-
-typedef struct POLICYQUALINFO_st {
- ASN1_OBJECT *pqualid;
- union {
- ASN1_IA5STRING *cpsuri;
- USERNOTICE *usernotice;
- ASN1_TYPE *other;
- } d;
-} POLICYQUALINFO;
-
-DECLARE_STACK_OF(POLICYQUALINFO)
-
-typedef struct POLICYINFO_st {
- ASN1_OBJECT *policyid;
- STACK_OF(POLICYQUALINFO) *qualifiers;
-} POLICYINFO;
-
-typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
-
-DECLARE_STACK_OF(POLICYINFO)
-
-typedef struct POLICY_MAPPING_st {
- ASN1_OBJECT *issuerDomainPolicy;
- ASN1_OBJECT *subjectDomainPolicy;
-} POLICY_MAPPING;
-
-DECLARE_STACK_OF(POLICY_MAPPING)
-
-typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
-
-typedef struct GENERAL_SUBTREE_st {
- GENERAL_NAME *base;
- ASN1_INTEGER *minimum;
- ASN1_INTEGER *maximum;
-} GENERAL_SUBTREE;
-
-DECLARE_STACK_OF(GENERAL_SUBTREE)
-
-struct NAME_CONSTRAINTS_st {
- STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
- STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
-};
-
-typedef struct POLICY_CONSTRAINTS_st {
- ASN1_INTEGER *requireExplicitPolicy;
- ASN1_INTEGER *inhibitPolicyMapping;
-} POLICY_CONSTRAINTS;
-
-/* Proxy certificate structures, see RFC 3820 */
-typedef struct PROXY_POLICY_st {
- ASN1_OBJECT *policyLanguage;
- ASN1_OCTET_STRING *policy;
-} PROXY_POLICY;
-
-typedef struct PROXY_CERT_INFO_EXTENSION_st {
- ASN1_INTEGER *pcPathLengthConstraint;
- PROXY_POLICY *proxyPolicy;
-} PROXY_CERT_INFO_EXTENSION;
-
-DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
-DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
-
-struct ISSUING_DIST_POINT_st {
- DIST_POINT_NAME *distpoint;
- int onlyuser;
- int onlyCA;
- ASN1_BIT_STRING *onlysomereasons;
- int indirectCRL;
- int onlyattr;
-};
-
-/* Values in idp_flags field */
-/* IDP present */
-# define IDP_PRESENT 0x1
-/* IDP values inconsistent */
-# define IDP_INVALID 0x2
-/* onlyuser true */
-# define IDP_ONLYUSER 0x4
-/* onlyCA true */
-# define IDP_ONLYCA 0x8
-/* onlyattr true */
-# define IDP_ONLYATTR 0x10
-/* indirectCRL true */
-# define IDP_INDIRECT 0x20
-/* onlysomereasons present */
-# define IDP_REASONS 0x40
-
-# define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
-",name:", val->name, ",value:", val->value);
-
-# define X509V3_set_ctx_test(ctx) \
- X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
-# define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
-
-# define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
- 0,0,0,0, \
- 0,0, \
- (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
- (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
- NULL, NULL, \
- table}
-
-# define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
- 0,0,0,0, \
- (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
- (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
- 0,0,0,0, \
- NULL}
-
-# define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
-
-/* X509_PURPOSE stuff */
-
-# define EXFLAG_BCONS 0x1
-# define EXFLAG_KUSAGE 0x2
-# define EXFLAG_XKUSAGE 0x4
-# define EXFLAG_NSCERT 0x8
-
-# define EXFLAG_CA 0x10
-/* Really self issued not necessarily self signed */
-# define EXFLAG_SI 0x20
-# define EXFLAG_V1 0x40
-# define EXFLAG_INVALID 0x80
-# define EXFLAG_SET 0x100
-# define EXFLAG_CRITICAL 0x200
-# define EXFLAG_PROXY 0x400
-
-# define EXFLAG_INVALID_POLICY 0x800
-# define EXFLAG_FRESHEST 0x1000
-/* Self signed */
-# define EXFLAG_SS 0x2000
-
-# define KU_DIGITAL_SIGNATURE 0x0080
-# define KU_NON_REPUDIATION 0x0040
-# define KU_KEY_ENCIPHERMENT 0x0020
-# define KU_DATA_ENCIPHERMENT 0x0010
-# define KU_KEY_AGREEMENT 0x0008
-# define KU_KEY_CERT_SIGN 0x0004
-# define KU_CRL_SIGN 0x0002
-# define KU_ENCIPHER_ONLY 0x0001
-# define KU_DECIPHER_ONLY 0x8000
-
-# define NS_SSL_CLIENT 0x80
-# define NS_SSL_SERVER 0x40
-# define NS_SMIME 0x20
-# define NS_OBJSIGN 0x10
-# define NS_SSL_CA 0x04
-# define NS_SMIME_CA 0x02
-# define NS_OBJSIGN_CA 0x01
-# define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
-
-# define XKU_SSL_SERVER 0x1
-# define XKU_SSL_CLIENT 0x2
-# define XKU_SMIME 0x4
-# define XKU_CODE_SIGN 0x8
-# define XKU_SGC 0x10
-# define XKU_OCSP_SIGN 0x20
-# define XKU_TIMESTAMP 0x40
-# define XKU_DVCS 0x80
-# define XKU_ANYEKU 0x100
-
-# define X509_PURPOSE_DYNAMIC 0x1
-# define X509_PURPOSE_DYNAMIC_NAME 0x2
-
-typedef struct x509_purpose_st {
- int purpose;
- int trust; /* Default trust ID */
- int flags;
- int (*check_purpose) (const struct x509_purpose_st *, const X509 *, int);
- char *name;
- char *sname;
- void *usr_data;
-} X509_PURPOSE;
-
-# define X509_PURPOSE_SSL_CLIENT 1
-# define X509_PURPOSE_SSL_SERVER 2
-# define X509_PURPOSE_NS_SSL_SERVER 3
-# define X509_PURPOSE_SMIME_SIGN 4
-# define X509_PURPOSE_SMIME_ENCRYPT 5
-# define X509_PURPOSE_CRL_SIGN 6
-# define X509_PURPOSE_ANY 7
-# define X509_PURPOSE_OCSP_HELPER 8
-# define X509_PURPOSE_TIMESTAMP_SIGN 9
-
-# define X509_PURPOSE_MIN 1
-# define X509_PURPOSE_MAX 9
-
-/* Flags for X509V3_EXT_print() */
-
-# define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
-/* Return error for unknown extensions */
-# define X509V3_EXT_DEFAULT 0
-/* Print error for unknown extensions */
-# define X509V3_EXT_ERROR_UNKNOWN (1L << 16)
-/* ASN1 parse unknown extensions */
-# define X509V3_EXT_PARSE_UNKNOWN (2L << 16)
-/* BIO_dump unknown extensions */
-# define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
-
-/* Flags for X509V3_add1_i2d */
-
-# define X509V3_ADD_OP_MASK 0xfL
-# define X509V3_ADD_DEFAULT 0L
-# define X509V3_ADD_APPEND 1L
-# define X509V3_ADD_REPLACE 2L
-# define X509V3_ADD_REPLACE_EXISTING 3L
-# define X509V3_ADD_KEEP_EXISTING 4L
-# define X509V3_ADD_DELETE 5L
-# define X509V3_ADD_SILENT 0x10
-
-DECLARE_STACK_OF(X509_PURPOSE)
-
-DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
-
-DECLARE_ASN1_FUNCTIONS(SXNET)
-DECLARE_ASN1_FUNCTIONS(SXNETID)
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
- int userlen);
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user,
- int userlen);
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
-
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
-
-DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
-GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
-int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
-
-ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
-STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- ASN1_BIT_STRING *bits,
- STACK_OF(CONF_VALUE) *extlist);
-char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
-ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str);
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
- GENERAL_NAME *gen,
- STACK_OF(CONF_VALUE) *ret);
-int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- GENERAL_NAMES *gen,
- STACK_OF(CONF_VALUE) *extlist);
-GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-DECLARE_ASN1_FUNCTIONS(OTHERNAME)
-DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
-int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
-void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
-void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
-int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
- ASN1_OBJECT *oid, ASN1_TYPE *value);
-int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
- ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- ASN1_OCTET_STRING *ia5);
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str);
-
-DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a);
-
-DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-DECLARE_ASN1_FUNCTIONS(POLICYINFO)
-DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
-DECLARE_ASN1_FUNCTIONS(USERNOTICE)
-DECLARE_ASN1_FUNCTIONS(NOTICEREF)
-
-DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
-DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
-
-int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
-
-int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
-
-DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-
-DECLARE_ASN1_ITEM(POLICY_MAPPING)
-DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
-DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
-
-DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
-DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
-
-DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
-DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
-
-DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
-DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
-
-GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
- const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, int gen_type, char *value,
- int is_nc);
-
-# ifdef HEADER_CONF_H
-GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, CONF_VALUE *cnf);
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
- const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, CONF_VALUE *cnf,
- int is_nc);
-void X509V3_conf_free(CONF_VALUE *val);
-
-X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
- char *value);
-X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
- char *value);
-int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
- STACK_OF(X509_EXTENSION) **sk);
-int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
- X509 *cert);
-int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
- X509_REQ *req);
-int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
- X509_CRL *crl);
-
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
- X509V3_CTX *ctx, int ext_nid,
- char *value);
-X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
- char *name, char *value);
-int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
- char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
- char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
- char *section, X509_CRL *crl);
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
-# endif
-
-char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, char *section);
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
- X509_REQ *req, X509_CRL *crl, int flags);
-
-int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_bool(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
- STACK_OF(CONF_VALUE) **extlist);
-char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
- ASN1_ENUMERATED *aint);
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-void X509V3_EXT_cleanup(void);
-
-const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
-const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
-int X509V3_add_standard_extensions(void);
-STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
- int *idx);
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
- int crit, unsigned long flags);
-
-char *hex_to_string(const unsigned char *buffer, long len);
-unsigned char *string_to_hex(const char *str, long *len);
-int name_cmp(const char *name, const char *cmp);
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
- int ml);
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
- int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-int X509V3_extensions_print(BIO *out, char *title,
- STACK_OF(X509_EXTENSION) *exts,
- unsigned long flag, int indent);
-
-int X509_check_ca(X509 *x);
-int X509_check_purpose(X509 *x, int id, int ca);
-int X509_supported_extension(X509_EXTENSION *ex);
-int X509_PURPOSE_set(int *p, int purpose);
-int X509_check_issued(X509 *issuer, X509 *subject);
-int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
-int X509_PURPOSE_get_count(void);
-X509_PURPOSE *X509_PURPOSE_get0(int idx);
-int X509_PURPOSE_get_by_sname(char *sname);
-int X509_PURPOSE_get_by_id(int id);
-int X509_PURPOSE_add(int id, int trust, int flags,
- int (*ck) (const X509_PURPOSE *, const X509 *, int),
- char *name, char *sname, void *arg);
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
-void X509_PURPOSE_cleanup(void);
-int X509_PURPOSE_get_id(X509_PURPOSE *);
-
-STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
-STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
-void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
-STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
-/* Flags for X509_check_* functions */
-
-/*
- * Always check subject name for host match even if subject alt names present
- */
-# define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1
-/* Disable wildcard matching for dnsName fields and common name. */
-# define X509_CHECK_FLAG_NO_WILDCARDS 0x2
-/* Wildcards must not match a partial label. */
-# define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
-/* Allow (non-partial) wildcards to match multiple labels. */
-# define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
-/* Constraint verifier subdomain patterns to match a single labels. */
-# define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
-/*
- * Match reference identifiers starting with "." to any sub-domain.
- * This is a non-public flag, turned on implicitly when the subject
- * reference identity is a DNS name.
- */
-# define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
-
-int X509_check_host(X509 *x, const char *chk, size_t chklen,
- unsigned int flags, char **peername);
-int X509_check_email(X509 *x, const char *chk, size_t chklen,
- unsigned int flags);
-int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
- unsigned int flags);
-int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
-
-ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
-ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
-int a2i_ipadd(unsigned char *ipout, const char *ipasc);
-int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
- unsigned long chtype);
-
-void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
-DECLARE_STACK_OF(X509_POLICY_NODE)
-
-typedef struct ASRange_st {
- ASN1_INTEGER *min, *max;
-} ASRange;
-
-# define ASIdOrRange_id 0
-# define ASIdOrRange_range 1
-
-typedef struct ASIdOrRange_st {
- int type;
- union {
- ASN1_INTEGER *id;
- ASRange *range;
- } u;
-} ASIdOrRange;
-
-typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
-DECLARE_STACK_OF(ASIdOrRange)
-
-# define ASIdentifierChoice_inherit 0
-# define ASIdentifierChoice_asIdsOrRanges 1
-
-typedef struct ASIdentifierChoice_st {
- int type;
- union {
- ASN1_NULL *inherit;
- ASIdOrRanges *asIdsOrRanges;
- } u;
-} ASIdentifierChoice;
-
-typedef struct ASIdentifiers_st {
- ASIdentifierChoice *asnum, *rdi;
-} ASIdentifiers;
-
-DECLARE_ASN1_FUNCTIONS(ASRange)
-DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
-DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
-DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
-
-typedef struct IPAddressRange_st {
- ASN1_BIT_STRING *min, *max;
-} IPAddressRange;
-
-# define IPAddressOrRange_addressPrefix 0
-# define IPAddressOrRange_addressRange 1
-
-typedef struct IPAddressOrRange_st {
- int type;
- union {
- ASN1_BIT_STRING *addressPrefix;
- IPAddressRange *addressRange;
- } u;
-} IPAddressOrRange;
-
-typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
-DECLARE_STACK_OF(IPAddressOrRange)
-
-# define IPAddressChoice_inherit 0
-# define IPAddressChoice_addressesOrRanges 1
-
-typedef struct IPAddressChoice_st {
- int type;
- union {
- ASN1_NULL *inherit;
- IPAddressOrRanges *addressesOrRanges;
- } u;
-} IPAddressChoice;
-
-typedef struct IPAddressFamily_st {
- ASN1_OCTET_STRING *addressFamily;
- IPAddressChoice *ipAddressChoice;
-} IPAddressFamily;
-
-typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
-DECLARE_STACK_OF(IPAddressFamily)
-
-DECLARE_ASN1_FUNCTIONS(IPAddressRange)
-DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
-DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
-DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
-
-/*
- * API tag for elements of the ASIdentifer SEQUENCE.
- */
-# define V3_ASID_ASNUM 0
-# define V3_ASID_RDI 1
-
-/*
- * AFI values, assigned by IANA. It'd be nice to make the AFI
- * handling code totally generic, but there are too many little things
- * that would need to be defined for other address families for it to
- * be worth the trouble.
- */
-# define IANA_AFI_IPV4 1
-# define IANA_AFI_IPV6 2
-
-/*
- * Utilities to construct and extract values from RFC3779 extensions,
- * since some of the encodings (particularly for IP address prefixes
- * and ranges) are a bit tedious to work with directly.
- */
-int v3_asid_add_inherit(ASIdentifiers *asid, int which);
-int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
- ASN1_INTEGER *min, ASN1_INTEGER *max);
-int v3_addr_add_inherit(IPAddrBlocks *addr,
- const unsigned afi, const unsigned *safi);
-int v3_addr_add_prefix(IPAddrBlocks *addr,
- const unsigned afi, const unsigned *safi,
- unsigned char *a, const int prefixlen);
-int v3_addr_add_range(IPAddrBlocks *addr,
- const unsigned afi, const unsigned *safi,
- unsigned char *min, unsigned char *max);
-unsigned v3_addr_get_afi(const IPAddressFamily *f);
-int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
- unsigned char *min, unsigned char *max,
- const int length);
-
-/*
- * Canonical forms.
- */
-int v3_asid_is_canonical(ASIdentifiers *asid);
-int v3_addr_is_canonical(IPAddrBlocks *addr);
-int v3_asid_canonize(ASIdentifiers *asid);
-int v3_addr_canonize(IPAddrBlocks *addr);
-
-/*
- * Tests for inheritance and containment.
- */
-int v3_asid_inherits(ASIdentifiers *asid);
-int v3_addr_inherits(IPAddrBlocks *addr);
-int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
-int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
-
-/*
- * Check whether RFC 3779 extensions nest properly in chains.
- */
-int v3_asid_validate_path(X509_STORE_CTX *);
-int v3_addr_validate_path(X509_STORE_CTX *);
-int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
- ASIdentifiers *ext, int allow_inheritance);
-int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
- IPAddrBlocks *ext, int allow_inheritance);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509V3_strings(void);
-
-/* Error codes for the X509V3 functions. */
-
-/* Function codes. */
-# define X509V3_F_A2I_GENERAL_NAME 164
-# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161
-# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162
-# define X509V3_F_COPY_EMAIL 122
-# define X509V3_F_COPY_ISSUER 123
-# define X509V3_F_DO_DIRNAME 144
-# define X509V3_F_DO_EXT_CONF 124
-# define X509V3_F_DO_EXT_I2D 135
-# define X509V3_F_DO_EXT_NCONF 151
-# define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
-# define X509V3_F_GNAMES_FROM_SECTNAME 156
-# define X509V3_F_HEX_TO_STRING 111
-# define X509V3_F_I2S_ASN1_ENUMERATED 121
-# define X509V3_F_I2S_ASN1_IA5STRING 149
-# define X509V3_F_I2S_ASN1_INTEGER 120
-# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
-# define X509V3_F_NOTICE_SECTION 132
-# define X509V3_F_NREF_NOS 133
-# define X509V3_F_POLICY_SECTION 131
-# define X509V3_F_PROCESS_PCI_VALUE 150
-# define X509V3_F_R2I_CERTPOL 130
-# define X509V3_F_R2I_PCI 155
-# define X509V3_F_S2I_ASN1_IA5STRING 100
-# define X509V3_F_S2I_ASN1_INTEGER 108
-# define X509V3_F_S2I_ASN1_OCTET_STRING 112
-# define X509V3_F_S2I_ASN1_SKEY_ID 114
-# define X509V3_F_S2I_SKEY_ID 115
-# define X509V3_F_SET_DIST_POINT_NAME 158
-# define X509V3_F_STRING_TO_HEX 113
-# define X509V3_F_SXNET_ADD_ID_ASC 125
-# define X509V3_F_SXNET_ADD_ID_INTEGER 126
-# define X509V3_F_SXNET_ADD_ID_ULONG 127
-# define X509V3_F_SXNET_GET_ID_ASC 128
-# define X509V3_F_SXNET_GET_ID_ULONG 129
-# define X509V3_F_V2I_ASIDENTIFIERS 163
-# define X509V3_F_V2I_ASN1_BIT_STRING 101
-# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
-# define X509V3_F_V2I_AUTHORITY_KEYID 119
-# define X509V3_F_V2I_BASIC_CONSTRAINTS 102
-# define X509V3_F_V2I_CRLD 134
-# define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
-# define X509V3_F_V2I_GENERAL_NAMES 118
-# define X509V3_F_V2I_GENERAL_NAME_EX 117
-# define X509V3_F_V2I_IDP 157
-# define X509V3_F_V2I_IPADDRBLOCKS 159
-# define X509V3_F_V2I_ISSUER_ALT 153
-# define X509V3_F_V2I_NAME_CONSTRAINTS 147
-# define X509V3_F_V2I_POLICY_CONSTRAINTS 146
-# define X509V3_F_V2I_POLICY_MAPPINGS 145
-# define X509V3_F_V2I_SUBJECT_ALT 154
-# define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160
-# define X509V3_F_V3_GENERIC_EXTENSION 116
-# define X509V3_F_X509V3_ADD1_I2D 140
-# define X509V3_F_X509V3_ADD_VALUE 105
-# define X509V3_F_X509V3_EXT_ADD 104
-# define X509V3_F_X509V3_EXT_ADD_ALIAS 106
-# define X509V3_F_X509V3_EXT_CONF 107
-# define X509V3_F_X509V3_EXT_I2D 136
-# define X509V3_F_X509V3_EXT_NCONF 152
-# define X509V3_F_X509V3_GET_SECTION 142
-# define X509V3_F_X509V3_GET_STRING 143
-# define X509V3_F_X509V3_GET_VALUE_BOOL 110
-# define X509V3_F_X509V3_PARSE_LIST 109
-# define X509V3_F_X509_PURPOSE_ADD 137
-# define X509V3_F_X509_PURPOSE_SET 141
-
-/* Reason codes. */
-# define X509V3_R_BAD_IP_ADDRESS 118
-# define X509V3_R_BAD_OBJECT 119
-# define X509V3_R_BN_DEC2BN_ERROR 100
-# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
-# define X509V3_R_DIRNAME_ERROR 149
-# define X509V3_R_DISTPOINT_ALREADY_SET 160
-# define X509V3_R_DUPLICATE_ZONE_ID 133
-# define X509V3_R_ERROR_CONVERTING_ZONE 131
-# define X509V3_R_ERROR_CREATING_EXTENSION 144
-# define X509V3_R_ERROR_IN_EXTENSION 128
-# define X509V3_R_EXPECTED_A_SECTION_NAME 137
-# define X509V3_R_EXTENSION_EXISTS 145
-# define X509V3_R_EXTENSION_NAME_ERROR 115
-# define X509V3_R_EXTENSION_NOT_FOUND 102
-# define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103
-# define X509V3_R_EXTENSION_VALUE_ERROR 116
-# define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
-# define X509V3_R_ILLEGAL_HEX_DIGIT 113
-# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
-# define X509V3_R_INVALID_MULTIPLE_RDNS 161
-# define X509V3_R_INVALID_ASNUMBER 162
-# define X509V3_R_INVALID_ASRANGE 163
-# define X509V3_R_INVALID_BOOLEAN_STRING 104
-# define X509V3_R_INVALID_EXTENSION_STRING 105
-# define X509V3_R_INVALID_INHERITANCE 165
-# define X509V3_R_INVALID_IPADDRESS 166
-# define X509V3_R_INVALID_NAME 106
-# define X509V3_R_INVALID_NULL_ARGUMENT 107
-# define X509V3_R_INVALID_NULL_NAME 108
-# define X509V3_R_INVALID_NULL_VALUE 109
-# define X509V3_R_INVALID_NUMBER 140
-# define X509V3_R_INVALID_NUMBERS 141
-# define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
-# define X509V3_R_INVALID_OPTION 138
-# define X509V3_R_INVALID_POLICY_IDENTIFIER 134
-# define X509V3_R_INVALID_PROXY_POLICY_SETTING 153
-# define X509V3_R_INVALID_PURPOSE 146
-# define X509V3_R_INVALID_SAFI 164
-# define X509V3_R_INVALID_SECTION 135
-# define X509V3_R_INVALID_SYNTAX 143
-# define X509V3_R_ISSUER_DECODE_ERROR 126
-# define X509V3_R_MISSING_VALUE 124
-# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
-# define X509V3_R_NO_CONFIG_DATABASE 136
-# define X509V3_R_NO_ISSUER_CERTIFICATE 121
-# define X509V3_R_NO_ISSUER_DETAILS 127
-# define X509V3_R_NO_POLICY_IDENTIFIER 139
-# define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
-# define X509V3_R_NO_PUBLIC_KEY 114
-# define X509V3_R_NO_SUBJECT_DETAILS 125
-# define X509V3_R_ODD_NUMBER_OF_DIGITS 112
-# define X509V3_R_OPERATION_NOT_DEFINED 148
-# define X509V3_R_OTHERNAME_ERROR 147
-# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
-# define X509V3_R_POLICY_PATH_LENGTH 156
-# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
-# define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
-# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
-# define X509V3_R_SECTION_NOT_FOUND 150
-# define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
-# define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
-# define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
-# define X509V3_R_UNKNOWN_EXTENSION 129
-# define X509V3_R_UNKNOWN_EXTENSION_NAME 130
-# define X509V3_R_UNKNOWN_OPTION 120
-# define X509V3_R_UNSUPPORTED_OPTION 117
-# define X509V3_R_UNSUPPORTED_TYPE 167
-# define X509V3_R_USER_TOO_LONG 132
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* e_os2.h */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef HEADER_E_OS2_H
-# define HEADER_E_OS2_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/******************************************************************************
- * Detect operating systems. This probably needs completing.
- * The result is that at least one OPENSSL_SYS_os macro should be defined.
- * However, if none is defined, Unix is assumed.
- **/
-
-# define OPENSSL_SYS_UNIX
-
-/* ---------------------- NetWare ----------------------------------------- */
-# if defined(NETWARE) && !defined(OPENSSL_SYS_NETWARE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_NETWARE
-# endif
-
-/* --------------------- Microsoft operating systems ---------------------- */
-
-/*
- * Note that MSDOS actually denotes 32-bit environments running on top of
- * MS-DOS, such as DJGPP one.
- */
-# if defined(OPENSSL_SYS_MSDOS)
-# undef OPENSSL_SYS_UNIX
-# endif
-
-/*
- * For 32 bit environment, there seems to be the CygWin environment and then
- * all the others that try to do the same thing Microsoft does...
- */
-# if defined(OPENSSL_SYS_UWIN)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN32_UWIN
-# else
-# if defined(__CYGWIN__) || defined(OPENSSL_SYS_CYGWIN)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN32_CYGWIN
-# else
-# if defined(_WIN32) || defined(OPENSSL_SYS_WIN32)
-# undef OPENSSL_SYS_UNIX
-# if !defined(OPENSSL_SYS_WIN32)
-# define OPENSSL_SYS_WIN32
-# endif
-# endif
-# if defined(OPENSSL_SYS_WINNT)
-# undef OPENSSL_SYS_UNIX
-# endif
-# if defined(OPENSSL_SYS_WINCE)
-# undef OPENSSL_SYS_UNIX
-# endif
-# endif
-# endif
-
-/* Anything that tries to look like Microsoft is "Windows" */
-# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_SYS_MSDOS
-# define OPENSSL_SYS_MSDOS
-# endif
-# endif
-
-/*
- * DLL settings. This part is a bit tough, because it's up to the
- * application implementor how he or she will link the application, so it
- * requires some macro to be used.
- */
-# ifdef OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_OPT_WINDLL
-# if defined(_WINDLL) /* This is used when building OpenSSL to
- * indicate that DLL linkage should be used */
-# define OPENSSL_OPT_WINDLL
-# endif
-# endif
-# endif
-
-/* ------------------------------- OpenVMS -------------------------------- */
-# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYS_VMS)
-# if !defined(OPENSSL_SYS_VMS)
-# undef OPENSSL_SYS_UNIX
-# endif
-# define OPENSSL_SYS_VMS
-# if defined(__DECC)
-# define OPENSSL_SYS_VMS_DECC
-# elif defined(__DECCXX)
-# define OPENSSL_SYS_VMS_DECC
-# define OPENSSL_SYS_VMS_DECCXX
-# else
-# define OPENSSL_SYS_VMS_NODECC
-# endif
-# endif
-
-/* -------------------------------- OS/2 ---------------------------------- */
-# if defined(__EMX__) || defined(__OS2__)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_OS2
-# endif
-
-/* -------------------------------- Unix ---------------------------------- */
-# ifdef OPENSSL_SYS_UNIX
-# if defined(linux) || defined(__linux__) && !defined(OPENSSL_SYS_LINUX)
-# define OPENSSL_SYS_LINUX
-# endif
-# if defined(_AIX) && !defined(OPENSSL_SYS_AIX)
-# define OPENSSL_SYS_AIX
-# endif
-# endif
-
-/* -------------------------------- VOS ----------------------------------- */
-# if defined(__VOS__) && !defined(OPENSSL_SYS_VOS)
-# define OPENSSL_SYS_VOS
-# ifdef __HPPA__
-# define OPENSSL_SYS_VOS_HPPA
-# endif
-# ifdef __IA32__
-# define OPENSSL_SYS_VOS_IA32
-# endif
-# endif
-
-/**
- * That's it for OS-specific stuff
- *****************************************************************************/
-
-/* Specials for I/O an exit */
-# ifdef OPENSSL_SYS_MSDOS
-# define OPENSSL_UNISTD_IO <io.h>
-# define OPENSSL_DECLARE_EXIT extern void exit(int);
-# else
-# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
-# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
-# endif
-
-/*-
- * Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
- * certain global symbols that, with some compilers under VMS, have to be
- * defined and declared explicitely with globaldef and globalref.
- * Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
- * DLL exports and imports for compilers under Win32. These are a little
- * more complicated to use. Basically, for any library that exports some
- * global variables, the following code must be present in the header file
- * that declares them, before OPENSSL_EXTERN is used:
- *
- * #ifdef SOME_BUILD_FLAG_MACRO
- * # undef OPENSSL_EXTERN
- * # define OPENSSL_EXTERN OPENSSL_EXPORT
- * #endif
- *
- * The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
- * have some generally sensible values, and for OPENSSL_EXTERN to have the
- * value OPENSSL_IMPORT.
- */
-
-# if defined(OPENSSL_SYS_VMS_NODECC)
-# define OPENSSL_EXPORT globalref
-# define OPENSSL_IMPORT globalref
-# define OPENSSL_GLOBAL globaldef
-# elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
-# define OPENSSL_EXPORT extern __declspec(dllexport)
-# define OPENSSL_IMPORT extern __declspec(dllimport)
-# define OPENSSL_GLOBAL
-# else
-# define OPENSSL_EXPORT extern
-# define OPENSSL_IMPORT extern
-# define OPENSSL_GLOBAL
-# endif
-# define OPENSSL_EXTERN OPENSSL_IMPORT
-
-/*-
- * Macros to allow global variables to be reached through function calls when
- * required (if a shared library version requires it, for example.
- * The way it's done allows definitions like this:
- *
- * // in foobar.c
- * OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
- * // in foobar.h
- * OPENSSL_DECLARE_GLOBAL(int,foobar);
- * #define foobar OPENSSL_GLOBAL_REF(foobar)
- */
-# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
- type *_shadow_##name(void) \
- { static type _hide_##name=value; return &_hide_##name; }
-# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
-# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
-# else
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
-# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
-# define OPENSSL_GLOBAL_REF(name) _shadow_##name
-# endif
-
-# ifdef OPENSSL_SYS_MSDOS
-# define ossl_ssize_t long
-# endif
-
-# if defined(__ultrix) && !defined(ssize_t)
-# define ossl_ssize_t int
-# endif
-
-# ifndef ossl_ssize_t
-# define ossl_ssize_t ssize_t
-# endif
-
-# ifdef DEBUG_UNUSED
-# define __owur __attribute__((__warn_unused_result__))
-# else
-# define __owur
-# endif
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* vim: set fileencoding=ascii : Charset: ASCII */
-/* test/gostr2814789t.c */
-/* ====================================================================
- * Copyright (c) 2012 Crypto-Pro, Ltd., Serguei E. Leontiev,
- * lse@cryptopro.ru
- *
- * This file is distributed under the same license as OpenSSL
- * ====================================================================
- */
-#include <stdio.h>
-
-#if defined(OPENSSL_NO_ENGINE) || defined(OPENSSL_NO_GOST)
-int main(int argc, char *argv[])
-{
- printf("No GOST 28147-89 support\n");
- return 0;
-}
-#else
-
-# include <stdlib.h>
-# include <string.h>
-# include <openssl/conf.h>
-# include <openssl/crypto.h>
-# include <openssl/engine.h>
-# include <openssl/err.h>
-# include <openssl/evp.h>
-# include <openssl/hmac.h>
-# include <openssl/obj_mac.h>
-
-# define CCGOST_ID "gost"
-
-# include "../engines/ccgost/gost89.h"
-
-# define G89_MAX_TC_LEN (2048)
-# define G89_BLOCK_LEN (8)
-
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-typedef unsigned __int64 u64;
-# define U64(C) C##UI64
-# define FMT64 "%I64u"
-# elif defined(__arch64__)
-typedef unsigned long u64;
-# define U64(C) C##UL
-# define FMT64 "%lu"
-# else
-typedef unsigned long long u64;
-# define U64(C) C##ULL
-# define FMT64 "%llu"
-# endif
-# if defined(__MINGW32__)
-# undef FMT64
-# define FMT64 "%I64u"
-# endif
-
-typedef enum g89_mode_ {
- G89_ECB,
- G89_CFB,
- G89_CNT,
- G89_IMIT
-} g89_mode;
-
-typedef struct g89_tc_ {
- u64 ullLen; /* ullLen > G89_MAX_TC_LEN */
- /* Clear text ullLen */
- /* of zero bytes */
- const byte bIn[G89_MAX_TC_LEN]; /* Clear text, when */
- /* ullLen <= G89_MAX_TC_LEN */
- const char *szParamSet; /* S-Box ID */
- const char *szDerive; /* String for derive bRawKey */
- const byte bRawKey[EVP_MAX_KEY_LENGTH];
- g89_mode gMode; /* Mode of encryption or MAC */
- const byte bIV[EVP_MAX_IV_LENGTH]; /* IV for CFB or CNT mode */
- const byte bOut[G89_MAX_TC_LEN]; /* Cipher text for ECB/CFB/CNT */
- /*
- * mode, when ullLen <= G89_MAX_TC_LEN; Last 16 byte of cipher text for
- * ECB/CFB/CNT, when ullLen > G89_MAX_TC_LEN; 4 byte MAC for imitovstavka
- */
-} g89_tc;
-
-const g89_tc tcs[] = {
- /*
- * GOST R 34.11-94 Test cases
- */
- { /* see p. A.3.1 [GOSTR341194], p. 7.3.1
- * [ENG-GOSTR341194] */
- /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */
- /* Iteration 1, K[1], see Errata for RFC 5831 */
- 8,
- {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- "id-GostR3410-94-TestParamSet",
- NULL,
- {
- 0x54, 0x6d, 0x20, 0x33, 0x68, 0x65, 0x6c, 0x32,
- 0x69, 0x73, 0x65, 0x20, 0x73, 0x73, 0x6e, 0x62,
- 0x20, 0x61, 0x67, 0x79, 0x69, 0x67, 0x74, 0x74,
- 0x73, 0x65, 0x68, 0x65, 0x20, 0x2c, 0x3d, 0x73},
- G89_ECB,
- {0},
- {
- 0x1b, 0x0b, 0xbc, 0x32, 0xce, 0xbc, 0xab, 0x42}
- },
- { /* see p. A.3.1 [GOSTR341194], p. 7.3.1
- * [ENG-GOSTR341194] */
- /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */
- /* Iteration 1, K[4] */
- 8,
- {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- "id-GostR3410-94-TestParamSet",
- NULL,
- {
- 0xec, 0x0a, 0x8b, 0xa1, 0x5e, 0xc0, 0x04, 0xa8,
- 0xba, 0xc5, 0x0c, 0xac, 0x0c, 0x62, 0x1d, 0xee,
- 0xe1, 0xc7, 0xb8, 0xe7, 0x00, 0x7a, 0xe2, 0xec,
- 0xf2, 0x73, 0x1b, 0xff, 0x4e, 0x80, 0xe2, 0xa0},
- G89_ECB,
- {0},
- {
- 0x2d, 0x56, 0x2a, 0x0d, 0x19, 0x04, 0x86, 0xe7}
- },
- { /* see p. A.3.1 [GOSTR341194], p. 7.3.1
- * [ENG-GOSTR341194] */
- /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */
- /* Iteration 2, K[1] */
- 8,
- {
- 0x34, 0xc0, 0x15, 0x33, 0xe3, 0x7d, 0x1c, 0x56},
- "id-GostR3410-94-TestParamSet",
- NULL,
- {
- 0x34, 0x87, 0x24, 0xa4, 0xc1, 0xa6, 0x76, 0x67,
- 0x15, 0x3d, 0xde, 0x59, 0x33, 0x88, 0x42, 0x50,
- 0xe3, 0x24, 0x8c, 0x65, 0x7d, 0x41, 0x3b, 0x8c,
- 0x1c, 0x9c, 0xa0, 0x9a, 0x56, 0xd9, 0x68, 0xcf},
- G89_ECB,
- {0},
- {
- 0x86, 0x3e, 0x78, 0xdd, 0x2d, 0x60, 0xd1, 0x3c}
- },
- /*
- * id-Gost28147-89-CryptoPro-A-ParamSet (1.2.643.2.2.31.1)
- * Test cases
- */
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 16,
- {
- 0x74, 0x3d, 0x76, 0xf9, 0x1b, 0xee, 0x35, 0x3c,
- 0xa2, 0x5c, 0x3b, 0x10, 0xeb, 0x64, 0xcf, 0xf5},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testecb1",
- {
- 0xbb, 0xf1, 0xed, 0xd3, 0x20, 0xaf, 0x8a, 0x62,
- 0x8e, 0x11, 0xc8, 0xa9, 0x51, 0xcc, 0xbe, 0x81,
- 0x47, 0x7b, 0x41, 0xa1, 0x6a, 0xf6, 0x7f, 0x05,
- 0xe8, 0x51, 0x2f, 0x9e, 0x01, 0xf8, 0xcf, 0x49},
- G89_ECB,
- {0},
- {
- 0xc3, 0x73, 0x90, 0x95, 0x35, 0x58, 0x08, 0x63,
- 0xcb, 0x68, 0x85, 0x96, 0x77, 0xe8, 0xfb, 0xa9}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 16,
- {
- 0xd2, 0xfd, 0xf8, 0x3a, 0xc1, 0xb4, 0x39, 0x23,
- 0x2e, 0xaa, 0xcc, 0x98, 0x0a, 0x02, 0xda, 0x33},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testcfb1",
- {
- 0x8d, 0x5a, 0x2c, 0x83, 0xa7, 0xc7, 0x0a, 0x61,
- 0xd6, 0x1b, 0x34, 0xb5, 0x1f, 0xdf, 0x42, 0x68,
- 0x66, 0x71, 0xa3, 0x5d, 0x87, 0x4c, 0xfd, 0x84,
- 0x99, 0x36, 0x63, 0xb6, 0x1e, 0xd6, 0x0d, 0xad},
- G89_CFB,
- {
- 0x46, 0x60, 0x6f, 0x0d, 0x88, 0x34, 0x23, 0x5a},
- {
- 0x88, 0xb7, 0x75, 0x16, 0x74, 0xa5, 0xee, 0x2d,
- 0x14, 0xfe, 0x91, 0x67, 0xd0, 0x5c, 0xcc, 0x40}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 16,
- {
- 0x90, 0xa2, 0x39, 0x66, 0xae, 0x01, 0xb9, 0xa3,
- 0x52, 0x4e, 0xc8, 0xed, 0x6c, 0xdd, 0x88, 0x30},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testcnt1",
- {
- 0x59, 0x9f, 0x84, 0xba, 0xc3, 0xf3, 0xd2, 0xf1,
- 0x60, 0xe1, 0xe3, 0xf2, 0x6a, 0x96, 0x1a, 0xf9,
- 0x9c, 0x48, 0xb2, 0x4e, 0xbc, 0xbb, 0xbf, 0x7c,
- 0xd8, 0xf3, 0xac, 0xcd, 0x96, 0x8d, 0x28, 0x6a},
- G89_CNT,
- {
- 0x8d, 0xaf, 0xa8, 0xd1, 0x58, 0xed, 0x05, 0x8d},
- {
- 0x6e, 0x72, 0x62, 0xcc, 0xe3, 0x59, 0x36, 0x90,
- 0x83, 0x3a, 0xfe, 0xa9, 0x1b, 0xc9, 0xbe, 0xce}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 16,
- {
- 0xb5, 0xa1, 0xf0, 0xe3, 0xce, 0x2f, 0x02, 0x1d,
- 0x67, 0x61, 0x94, 0x34, 0x5c, 0x41, 0xe3, 0x6e},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testimit1",
- {
- 0x9d, 0x05, 0xb7, 0x9e, 0x90, 0xca, 0xd0, 0x0a,
- 0x2c, 0xda, 0xd2, 0x2e, 0xf4, 0xe8, 0x6f, 0x5c,
- 0xf5, 0xdc, 0x37, 0x68, 0x19, 0x85, 0xb3, 0xbf,
- 0xaa, 0x18, 0xc1, 0xc3, 0x05, 0x0a, 0x91, 0xa2},
- G89_IMIT,
- {0},
- {
- 0xf8, 0x1f, 0x08, 0xa3}
- },
- /*
- * Other paramsets and key meshing test cases.
- */
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 1039,
- {
- 0x8c, 0x9c, 0x44, 0x35, 0xfb, 0xe9, 0xa5, 0xa3,
- 0xa0, 0xae, 0x28, 0x56, 0x91, 0x10, 0x8e, 0x1e,
- 0xd2, 0xbb, 0x18, 0x53, 0x81, 0x27, 0x0d, 0xa6,
- 0x68, 0x59, 0x36, 0xc5, 0x81, 0x62, 0x9a, 0x8e,
- 0x7d, 0x50, 0xf1, 0x6f, 0x97, 0x62, 0x29, 0xec,
- 0x80, 0x51, 0xe3, 0x7d, 0x6c, 0xc4, 0x07, 0x95,
- 0x28, 0x63, 0xdc, 0xb4, 0xb9, 0x2d, 0xb8, 0x13,
- 0xb1, 0x05, 0xb5, 0xf9, 0xeb, 0x75, 0x37, 0x4e,
- 0xf7, 0xbf, 0x51, 0xf1, 0x98, 0x86, 0x43, 0xc4,
- 0xe4, 0x3d, 0x3e, 0xa7, 0x62, 0xec, 0x41, 0x59,
- 0xe0, 0xbd, 0xfb, 0xb6, 0xfd, 0xec, 0xe0, 0x77,
- 0x13, 0xd2, 0x59, 0x90, 0xa1, 0xb8, 0x97, 0x6b,
- 0x3d, 0x8b, 0x7d, 0xfc, 0x9d, 0xca, 0x82, 0x73,
- 0x32, 0x70, 0x0a, 0x74, 0x03, 0xc6, 0x0c, 0x26,
- 0x7f, 0x56, 0xf0, 0x9d, 0xb2, 0xeb, 0x71, 0x40,
- 0xd7, 0xc3, 0xb1, 0xa7, 0xc5, 0x1e, 0x20, 0x17,
- 0xb3, 0x50, 0x1d, 0x8a, 0x6e, 0x19, 0xcb, 0xbe,
- 0x20, 0x86, 0x2b, 0xd6, 0x1c, 0xfd, 0xb4, 0xb7,
- 0x5d, 0x9a, 0xb3, 0xe3, 0x7d, 0x15, 0x7a, 0x35,
- 0x01, 0x9f, 0x5d, 0x65, 0x89, 0x4b, 0x34, 0xc6,
- 0xf4, 0x81, 0x3f, 0x78, 0x30, 0xcf, 0xe9, 0x15,
- 0x90, 0x9a, 0xf9, 0xde, 0xba, 0x63, 0xd0, 0x19,
- 0x14, 0x66, 0x3c, 0xb9, 0xa4, 0xb2, 0x84, 0x94,
- 0x02, 0xcf, 0xce, 0x20, 0xcf, 0x76, 0xe7, 0xc5,
- 0x48, 0xf7, 0x69, 0x3a, 0x5d, 0xec, 0xaf, 0x41,
- 0xa7, 0x12, 0x64, 0x83, 0xf5, 0x99, 0x1e, 0x9e,
- 0xb2, 0xab, 0x86, 0x16, 0x00, 0x23, 0x8e, 0xe6,
- 0xd9, 0x80, 0x0b, 0x6d, 0xc5, 0x93, 0xe2, 0x5c,
- 0x8c, 0xd8, 0x5e, 0x5a, 0xae, 0x4a, 0x85, 0xfd,
- 0x76, 0x01, 0xea, 0x30, 0xf3, 0x78, 0x34, 0x10,
- 0x72, 0x51, 0xbc, 0x9f, 0x76, 0xce, 0x1f, 0xd4,
- 0x8f, 0x33, 0x50, 0x34, 0xc7, 0x4d, 0x7b, 0xcf,
- 0x91, 0x63, 0x7d, 0x82, 0x9e, 0xa1, 0x23, 0x45,
- 0xf5, 0x45, 0xac, 0x98, 0x7a, 0x48, 0xff, 0x64,
- 0xd5, 0x59, 0x47, 0xde, 0x2b, 0x3f, 0xfa, 0xec,
- 0x50, 0xe0, 0x81, 0x60, 0x8b, 0xc3, 0xfc, 0x80,
- 0x98, 0x17, 0xc7, 0xa3, 0xc2, 0x57, 0x3d, 0xab,
- 0x91, 0x67, 0xf5, 0xc4, 0xab, 0x92, 0xc8, 0xd6,
- 0x3b, 0x6b, 0x3f, 0xff, 0x15, 0x6b, 0xcf, 0x53,
- 0x65, 0x02, 0xf1, 0x74, 0xca, 0xa9, 0xbe, 0x24,
- 0xd2, 0xf0, 0xb7, 0x26, 0xa8, 0xd7, 0x6d, 0xed,
- 0x90, 0x36, 0x7b, 0x3e, 0x41, 0xa9, 0x7f, 0xa3,
- 0x1b, 0xf4, 0x43, 0xc5, 0x51, 0xbe, 0x28, 0x59,
- 0xe9, 0x45, 0x26, 0x49, 0x38, 0x32, 0xf8, 0xf3,
- 0x92, 0x6e, 0x30, 0xcc, 0xb0, 0xa0, 0xf9, 0x01,
- 0x14, 0xc8, 0xba, 0xd9, 0xf0, 0x2a, 0x29, 0xe2,
- 0x52, 0x9a, 0x76, 0x95, 0x3a, 0x16, 0x32, 0xec,
- 0xf4, 0x10, 0xec, 0xee, 0x47, 0x00, 0x70, 0x19,
- 0xe4, 0x72, 0x35, 0x66, 0x44, 0x53, 0x2d, 0xa2,
- 0xf3, 0xaa, 0x7e, 0x8a, 0x33, 0x13, 0xcd, 0xc8,
- 0xbf, 0x0e, 0x40, 0x90, 0x00, 0xe4, 0x42, 0xc3,
- 0x09, 0x84, 0xe1, 0x66, 0x17, 0xa2, 0xaf, 0x03,
- 0xab, 0x6b, 0xa1, 0xec, 0xfb, 0x17, 0x72, 0x81,
- 0xfe, 0x9a, 0x9f, 0xf4, 0xb2, 0x33, 0x1f, 0xae,
- 0x0c, 0xd1, 0x6a, 0xae, 0x19, 0xb8, 0xaf, 0xec,
- 0xe3, 0xea, 0x00, 0xf8, 0xac, 0x87, 0x07, 0x5f,
- 0x6d, 0xb0, 0xac, 0x6b, 0x22, 0x48, 0x36, 0xbf,
- 0x22, 0x18, 0xb0, 0x03, 0x9f, 0x6c, 0x70, 0x45,
- 0x36, 0xf0, 0x6b, 0xc6, 0xc2, 0xa5, 0x72, 0x2c,
- 0xd8, 0xe0, 0x27, 0x3d, 0xec, 0x56, 0x07, 0x05,
- 0x7d, 0x83, 0xa1, 0x65, 0x7d, 0x41, 0x5b, 0xcd,
- 0x77, 0x24, 0xe5, 0xaa, 0x76, 0x47, 0xd0, 0x50,
- 0xf6, 0xe7, 0xb5, 0x59, 0x75, 0x31, 0x27, 0xef,
- 0xd8, 0xa6, 0x4e, 0x7f, 0xb8, 0x40, 0xb1, 0xdf,
- 0x53, 0x14, 0xed, 0xf1, 0x68, 0x5f, 0xfc, 0x3f,
- 0x02, 0xdb, 0x05, 0xeb, 0x31, 0xe4, 0x2c, 0x7f,
- 0x32, 0xb5, 0x70, 0x8e, 0x75, 0x85, 0xa4, 0x5c,
- 0x16, 0x23, 0x37, 0xf2, 0x10, 0x79, 0xcb, 0xdc,
- 0xf8, 0x1c, 0x25, 0xc2, 0xa1, 0x3d, 0x9c, 0x33,
- 0x6c, 0xed, 0xc3, 0xe7, 0xf3, 0x02, 0x87, 0x82,
- 0x4e, 0xfb, 0xac, 0xb3, 0x2d, 0xfc, 0xf8, 0x0d,
- 0x1d, 0x4a, 0x39, 0xd4, 0xb3, 0x09, 0xbb, 0xe9,
- 0x25, 0xc7, 0xec, 0x6a, 0x87, 0x72, 0x84, 0xed,
- 0x12, 0x60, 0x19, 0x64, 0xeb, 0x16, 0x2a, 0x5b,
- 0x10, 0x76, 0x27, 0xff, 0x7b, 0xe4, 0xae, 0xe5,
- 0xa4, 0x04, 0x02, 0x7f, 0xbb, 0x0a, 0xb5, 0xf4,
- 0x05, 0xa5, 0x56, 0x1c, 0x53, 0x31, 0x7a, 0x93,
- 0xba, 0x16, 0x15, 0xab, 0x62, 0x60, 0xfc, 0xde,
- 0x72, 0x36, 0x6e, 0x28, 0xaf, 0x98, 0x0d, 0xe6,
- 0xf4, 0xde, 0x60, 0xa7, 0x7e, 0x06, 0x07, 0x86,
- 0xf3, 0x94, 0xb6, 0x6d, 0x0d, 0x93, 0xa6, 0xbc,
- 0x60, 0x70, 0x33, 0xac, 0x3f, 0xa1, 0xa8, 0x4a,
- 0x20, 0x61, 0xb6, 0xb5, 0x43, 0xa3, 0x15, 0x5a,
- 0x00, 0xbe, 0x76, 0x98, 0x57, 0x72, 0xab, 0x7a,
- 0x0e, 0x18, 0x93, 0x82, 0x3a, 0x18, 0x78, 0x6e,
- 0x71, 0x7b, 0x78, 0x4f, 0x7e, 0x8c, 0xde, 0x7a,
- 0x62, 0xb5, 0x0a, 0x7c, 0x45, 0x1d, 0x16, 0xd5,
- 0xc3, 0x8c, 0x9b, 0x25, 0xb4, 0x50, 0x90, 0xcd,
- 0x96, 0x93, 0xad, 0x0f, 0xd4, 0x43, 0xcb, 0x49,
- 0x0f, 0xfc, 0x5a, 0x31, 0xf4, 0x19, 0xb7, 0xd4,
- 0xeb, 0x4d, 0x40, 0x58, 0xd0, 0x3b, 0xc8, 0xe0,
- 0x4a, 0x54, 0x2f, 0xdb, 0x22, 0xc3, 0x29, 0x7b,
- 0x40, 0x90, 0x61, 0x43, 0xd3, 0x7e, 0xe2, 0x30,
- 0x2b, 0x48, 0x3c, 0xce, 0x90, 0x93, 0xb1, 0x8b,
- 0x31, 0x96, 0x65, 0x6d, 0x57, 0x8b, 0x9d, 0x4d,
- 0x53, 0xf0, 0x83, 0x1c, 0xe5, 0xa1, 0x9d, 0x55,
- 0xe3, 0xbf, 0x7e, 0xca, 0x1a, 0x74, 0x66, 0x14,
- 0xcc, 0x47, 0x43, 0xd9, 0xbb, 0xef, 0x97, 0x7d,
- 0xb7, 0x6e, 0xff, 0xf1, 0x22, 0xf8, 0x10, 0x2d,
- 0x3f, 0xcd, 0x49, 0x96, 0xd9, 0x09, 0x11, 0xb8,
- 0x33, 0xd0, 0x23, 0x9a, 0xfa, 0x16, 0xcb, 0x50,
- 0x26, 0x57, 0x24, 0x5c, 0x0e, 0xba, 0xf0, 0x3f,
- 0x37, 0x2f, 0xa3, 0xf7, 0x18, 0x57, 0x48, 0x48,
- 0x95, 0xcf, 0xef, 0x87, 0x67, 0x2a, 0xe9, 0xb6,
- 0x8a, 0x21, 0x36, 0x7f, 0xff, 0x48, 0x6c, 0x46,
- 0x35, 0x57, 0xf2, 0xbc, 0x48, 0x67, 0x8f, 0x63,
- 0x23, 0x78, 0x11, 0x2b, 0xc2, 0x08, 0xde, 0x51,
- 0xe8, 0x8b, 0x92, 0x29, 0xf9, 0x9a, 0x9e, 0xad,
- 0xed, 0x0f, 0xeb, 0xa2, 0xd2, 0x40, 0x92, 0xd4,
- 0xde, 0x62, 0x95, 0x76, 0xfd, 0x6e, 0x3c, 0xbf,
- 0xc0, 0xd7, 0x0d, 0xe5, 0x1b, 0xa4, 0xc7, 0x18,
- 0xe1, 0x58, 0xa4, 0x56, 0xef, 0x2e, 0x17, 0x1b,
- 0x75, 0xcb, 0xbc, 0xf9, 0x2a, 0x95, 0x71, 0xa7,
- 0x1d, 0x7f, 0xe7, 0x73, 0x63, 0x05, 0x6b, 0x19,
- 0x4c, 0xf4, 0x22, 0x14, 0xc4, 0x59, 0x88, 0x66,
- 0x92, 0x86, 0x61, 0x5c, 0x6a, 0xae, 0xec, 0x58,
- 0xff, 0xc9, 0xf2, 0x44, 0xd4, 0xa2, 0xf5, 0x98,
- 0xeb, 0x5f, 0x09, 0xbc, 0x8a, 0xbf, 0x3c, 0xb4,
- 0x3e, 0xb1, 0x20, 0x05, 0x44, 0x96, 0x79, 0x0a,
- 0x40, 0x92, 0x7f, 0x9d, 0xd1, 0xaf, 0xbc, 0x90,
- 0x95, 0x0a, 0x81, 0xd4, 0xa7, 0xc6, 0xb8, 0xe0,
- 0xe4, 0x39, 0x30, 0x1d, 0x79, 0xc0, 0xe5, 0xfa,
- 0xb4, 0xe9, 0x63, 0xb4, 0x09, 0x72, 0x3b, 0x3e,
- 0xd9, 0xf6, 0xd9, 0x10, 0x21, 0x18, 0x7e, 0xe5,
- 0xad, 0x81, 0xd7, 0xd5, 0x82, 0xd0, 0x8c, 0x3b,
- 0x38, 0x95, 0xf8, 0x92, 0x01, 0xa9, 0x92, 0x00,
- 0x70, 0xd1, 0xa7, 0x88, 0x77, 0x1f, 0x3a, 0xeb,
- 0xb5, 0xe4, 0xf5, 0x9d, 0xc7, 0x37, 0x86, 0xb2,
- 0x12, 0x46, 0x34, 0x19, 0x72, 0x8c, 0xf5, 0x8c,
- 0xf6, 0x78, 0x98, 0xe0, 0x7c, 0xd3, 0xf4},
- "id-Gost28147-89-CryptoPro-B-ParamSet",
- "testcfb2",
- {
- 0x48, 0x0c, 0x74, 0x1b, 0x02, 0x6b, 0x55, 0xd5,
- 0xb6, 0x6d, 0xd7, 0x1d, 0x40, 0x48, 0x05, 0x6b,
- 0x6d, 0xeb, 0x3c, 0x29, 0x0f, 0x84, 0x80, 0x23,
- 0xee, 0x0d, 0x47, 0x77, 0xe3, 0xfe, 0x61, 0xc9},
- G89_CFB,
- {
- 0x1f, 0x3f, 0x82, 0x1e, 0x0d, 0xd8, 0x1e, 0x22},
- {
- 0x23, 0xc6, 0x7f, 0x20, 0xa1, 0x23, 0x58, 0xbc,
- 0x7b, 0x05, 0xdb, 0x21, 0x15, 0xcf, 0x96, 0x41,
- 0xc7, 0x88, 0xef, 0x76, 0x5c, 0x49, 0xdb, 0x42,
- 0xbf, 0xf3, 0xc0, 0xf5, 0xbd, 0x5d, 0xd9, 0x8e,
- 0xaf, 0x3d, 0xf4, 0xe4, 0xda, 0x88, 0xbd, 0xbc,
- 0x47, 0x5d, 0x76, 0x07, 0xc9, 0x5f, 0x54, 0x1d,
- 0x1d, 0x6a, 0xa1, 0x2e, 0x18, 0xd6, 0x60, 0x84,
- 0x02, 0x18, 0x37, 0x92, 0x92, 0x15, 0xab, 0x21,
- 0xee, 0x21, 0xcc, 0x71, 0x6e, 0x51, 0xd9, 0x2b,
- 0xcc, 0x81, 0x97, 0x3f, 0xeb, 0x45, 0x99, 0xb8,
- 0x1b, 0xda, 0xff, 0x90, 0xd3, 0x41, 0x06, 0x9c,
- 0x3f, 0xfb, 0xe4, 0xb2, 0xdc, 0xc9, 0x03, 0x0d,
- 0xa7, 0xae, 0xd7, 0x7d, 0x02, 0xb8, 0x32, 0xab,
- 0xf3, 0x65, 0xa3, 0x65, 0x6c, 0x4e, 0xe4, 0xa2,
- 0x5e, 0x9e, 0xee, 0xcd, 0xde, 0x79, 0x36, 0x6b,
- 0x1b, 0xe1, 0x3c, 0xdf, 0x10, 0xad, 0x4f, 0x02,
- 0xe1, 0x14, 0xaa, 0x09, 0xb4, 0x0b, 0x76, 0xeb,
- 0x69, 0x38, 0x20, 0x02, 0xcb, 0x8e, 0xc0, 0xdf,
- 0xca, 0x48, 0x74, 0xc3, 0x31, 0xad, 0x42, 0x2c,
- 0x51, 0x9b, 0xd0, 0x6a, 0xc1, 0x36, 0xd7, 0x21,
- 0xdf, 0xb0, 0x45, 0xba, 0xca, 0x7f, 0x35, 0x20,
- 0x28, 0xbb, 0xc1, 0x76, 0xfd, 0x43, 0x5d, 0x23,
- 0x7d, 0x31, 0x84, 0x1a, 0x97, 0x4d, 0x83, 0xaa,
- 0x7e, 0xf1, 0xc4, 0xe6, 0x83, 0xac, 0x0d, 0xef,
- 0xef, 0x3c, 0xa4, 0x7c, 0x48, 0xe4, 0xc8, 0xca,
- 0x0d, 0x7d, 0xea, 0x7c, 0x45, 0xd7, 0x73, 0x50,
- 0x25, 0x1d, 0x01, 0xc4, 0x02, 0x1a, 0xcd, 0xe0,
- 0x38, 0x5b, 0xa8, 0x5a, 0x16, 0x9a, 0x10, 0x59,
- 0x74, 0xd7, 0x19, 0xc6, 0xf3, 0xb5, 0x17, 0xf6,
- 0x59, 0x8d, 0x62, 0xaf, 0x44, 0xe8, 0xdc, 0xe9,
- 0xc1, 0x76, 0xf1, 0xd0, 0xbd, 0x29, 0xd7, 0xec,
- 0x1d, 0xac, 0x57, 0xdb, 0x1a, 0x3f, 0xd8, 0xf6,
- 0x6e, 0xb6, 0xe6, 0xdf, 0x36, 0xe7, 0x89, 0xce,
- 0x56, 0x35, 0x43, 0x1c, 0x7d, 0x57, 0x79, 0x0e,
- 0xd8, 0xf4, 0xd7, 0xa7, 0x0d, 0xc6, 0x8f, 0x91,
- 0x66, 0x67, 0x82, 0x0f, 0x49, 0xc9, 0xc5, 0x65,
- 0x81, 0xa1, 0x39, 0x5a, 0x53, 0x9f, 0x02, 0xa5,
- 0xd5, 0x36, 0x22, 0xa8, 0xa8, 0x1c, 0x37, 0x0e,
- 0x76, 0x46, 0xdf, 0xbd, 0x6a, 0xdb, 0xfc, 0x1b,
- 0xbd, 0x10, 0xb8, 0xb1, 0xbc, 0x72, 0x4c, 0x58,
- 0x4a, 0xda, 0x6d, 0x66, 0x00, 0xda, 0x7a, 0x66,
- 0xa0, 0xe7, 0x3b, 0x39, 0xa3, 0xf7, 0x05, 0x07,
- 0xfa, 0x21, 0x4b, 0xc7, 0x94, 0xc0, 0xd3, 0x7b,
- 0x19, 0x02, 0x5d, 0x4a, 0x10, 0xf1, 0xc2, 0x0f,
- 0x19, 0x68, 0x27, 0xc7, 0x7d, 0xbf, 0x55, 0x03,
- 0x57, 0x7d, 0xaf, 0x77, 0xae, 0x80, 0x2f, 0x7a,
- 0xe6, 0x1f, 0x4b, 0xdc, 0x15, 0x18, 0xc0, 0x62,
- 0xa1, 0xe8, 0xd9, 0x1c, 0x9e, 0x8c, 0x96, 0x39,
- 0xc1, 0xc4, 0x88, 0xf7, 0x0c, 0xe1, 0x04, 0x84,
- 0x68, 0x51, 0xce, 0xf1, 0x90, 0xda, 0x7f, 0x76,
- 0xc8, 0xc0, 0x88, 0xef, 0x8e, 0x15, 0x25, 0x3e,
- 0x7b, 0xe4, 0x79, 0xb5, 0x66, 0x2d, 0x9c, 0xd1,
- 0x13, 0xda, 0xd0, 0xd5, 0x46, 0xd5, 0x8d, 0x46,
- 0x18, 0x07, 0xee, 0xd8, 0xc9, 0x64, 0xe3, 0xbe,
- 0x0e, 0x68, 0x27, 0x09, 0x96, 0x26, 0xf6, 0xe2,
- 0x19, 0x61, 0x3f, 0xf4, 0x58, 0x27, 0x0a, 0xeb,
- 0xce, 0x7c, 0xb6, 0x68, 0x92, 0xe7, 0x12, 0x3b,
- 0x31, 0xd4, 0x48, 0xdf, 0x35, 0x8d, 0xf4, 0x86,
- 0x42, 0x2a, 0x15, 0x4b, 0xe8, 0x19, 0x1f, 0x26,
- 0x65, 0x9b, 0xa8, 0xda, 0x4b, 0x79, 0x1f, 0x8e,
- 0xe6, 0x13, 0x7e, 0x49, 0x8f, 0xc1, 0xce, 0xdc,
- 0x5e, 0x64, 0x74, 0xce, 0x02, 0x78, 0xe0, 0xcf,
- 0xa0, 0xed, 0x5e, 0x31, 0x74, 0xd1, 0xd0, 0xb4,
- 0xee, 0x70, 0x19, 0x14, 0x3c, 0x8f, 0x16, 0xa6,
- 0xcf, 0x12, 0x93, 0x15, 0x88, 0xeb, 0x91, 0x65,
- 0x76, 0x98, 0xfd, 0xa1, 0x94, 0x30, 0xba, 0x43,
- 0x62, 0x65, 0x40, 0x04, 0x77, 0x9e, 0xd6, 0xab,
- 0x8b, 0x0d, 0x93, 0x80, 0x50, 0x5f, 0xa2, 0x76,
- 0x20, 0xa7, 0xd6, 0x9c, 0x27, 0x15, 0x27, 0xbc,
- 0xa5, 0x5a, 0xbf, 0xe9, 0x92, 0x82, 0x05, 0xa8,
- 0x41, 0xe9, 0xb5, 0x60, 0xd5, 0xc0, 0xd7, 0x4b,
- 0xad, 0x38, 0xb2, 0xe9, 0xd1, 0xe5, 0x51, 0x5f,
- 0x24, 0x78, 0x24, 0x9a, 0x23, 0xd2, 0xc2, 0x48,
- 0xbd, 0x0e, 0xf1, 0x37, 0x72, 0x91, 0x87, 0xb0,
- 0x4e, 0xbd, 0x99, 0x6b, 0x2c, 0x01, 0xb6, 0x79,
- 0x69, 0xec, 0x0c, 0xed, 0xe5, 0x3f, 0x50, 0x64,
- 0x7c, 0xb9, 0xdd, 0xe1, 0x92, 0x81, 0xb5, 0xd0,
- 0xcb, 0x17, 0x83, 0x86, 0x8b, 0xea, 0x4f, 0x93,
- 0x08, 0xbc, 0x22, 0x0c, 0xef, 0xe8, 0x0d, 0xf5,
- 0x9e, 0x23, 0xe1, 0xf9, 0xb7, 0x6b, 0x45, 0x0b,
- 0xcb, 0xa9, 0xb6, 0x4d, 0x28, 0x25, 0xba, 0x3e,
- 0x86, 0xf2, 0x75, 0x47, 0x5d, 0x9d, 0x6b, 0xf6,
- 0x8a, 0x05, 0x58, 0x73, 0x3d, 0x00, 0xde, 0xfd,
- 0x69, 0xb1, 0x61, 0x16, 0xf5, 0x2e, 0xb0, 0x9f,
- 0x31, 0x6a, 0x00, 0xb9, 0xef, 0x71, 0x63, 0x47,
- 0xa3, 0xca, 0xe0, 0x40, 0xa8, 0x7e, 0x02, 0x04,
- 0xfe, 0xe5, 0xce, 0x48, 0x73, 0xe3, 0x94, 0xcf,
- 0xe2, 0xff, 0x29, 0x7e, 0xf6, 0x32, 0xbb, 0xb7,
- 0x55, 0x12, 0x21, 0x7a, 0x9c, 0x75, 0x04, 0x0c,
- 0xb4, 0x7c, 0xb0, 0x3d, 0x40, 0xb3, 0x11, 0x9a,
- 0x7a, 0x9a, 0x13, 0xfb, 0x77, 0xa7, 0x51, 0x68,
- 0xf7, 0x05, 0x47, 0x3b, 0x0f, 0x52, 0x5c, 0xe6,
- 0xc2, 0x99, 0x3a, 0x37, 0x54, 0x5c, 0x4f, 0x2b,
- 0xa7, 0x01, 0x08, 0x74, 0xbc, 0x91, 0xe3, 0xe2,
- 0xfe, 0x65, 0x94, 0xfd, 0x3d, 0x18, 0xe0, 0xf0,
- 0x62, 0xed, 0xc2, 0x10, 0x82, 0x9c, 0x58, 0x7f,
- 0xb2, 0xa3, 0x87, 0x8a, 0x74, 0xd9, 0xc1, 0xfb,
- 0x84, 0x28, 0x17, 0xc7, 0x2b, 0xcb, 0x53, 0x1f,
- 0x4e, 0x8a, 0x82, 0xfc, 0xb4, 0x3f, 0xc1, 0x47,
- 0x25, 0xf3, 0x21, 0xdc, 0x4c, 0x2d, 0x08, 0xfa,
- 0xe7, 0x0f, 0x03, 0xa9, 0x68, 0xde, 0x6b, 0x41,
- 0xa0, 0xf9, 0x41, 0x6c, 0x57, 0x4d, 0x3a, 0x0e,
- 0xea, 0x51, 0xca, 0x9f, 0x97, 0x11, 0x7d, 0xf6,
- 0x8e, 0x88, 0x63, 0x67, 0xc9, 0x65, 0x13, 0xca,
- 0x38, 0xed, 0x35, 0xbe, 0xf4, 0x27, 0xa9, 0xfc,
- 0xa9, 0xe6, 0xc3, 0x40, 0x86, 0x08, 0x39, 0x72,
- 0x37, 0xee, 0xb2, 0x87, 0x09, 0x96, 0xb7, 0x40,
- 0x87, 0x36, 0x92, 0xc1, 0x5d, 0x6a, 0x2c, 0x43,
- 0xca, 0x25, 0xc8, 0x35, 0x37, 0x2d, 0xb5, 0xa9,
- 0x27, 0x44, 0x50, 0xf2, 0x6d, 0x22, 0x75, 0x41,
- 0x77, 0x2a, 0xdb, 0xb1, 0x8c, 0x6d, 0x05, 0xe8,
- 0xc9, 0x99, 0xc7, 0x08, 0xf9, 0x14, 0x8f, 0x78,
- 0xa9, 0x8f, 0xc2, 0x5a, 0x7a, 0x65, 0xc5, 0xd8,
- 0x86, 0xbb, 0x72, 0x69, 0x6b, 0x6b, 0x45, 0x83,
- 0x5b, 0xb1, 0xf7, 0xcd, 0x16, 0x73, 0xee, 0xe9,
- 0x80, 0x85, 0xfe, 0x8e, 0xe1, 0xae, 0x53, 0x8f,
- 0xde, 0xbe, 0x48, 0x8b, 0x59, 0xef, 0xf6, 0x7e,
- 0xd8, 0xb5, 0xa8, 0x47, 0xc0, 0x4e, 0x15, 0x58,
- 0xca, 0xd3, 0x2f, 0xf8, 0x6c, 0xa6, 0x3d, 0x78,
- 0x4d, 0x7a, 0x54, 0xd6, 0x10, 0xe5, 0xcc, 0x05,
- 0xe2, 0x29, 0xb5, 0x86, 0x07, 0x39, 0x7d, 0x78,
- 0x8e, 0x5a, 0x8f, 0x83, 0x4c, 0xe7, 0x3d, 0x68,
- 0x3e, 0xe5, 0x02, 0xe6, 0x64, 0x4f, 0x5e, 0xb4,
- 0x49, 0x77, 0xf0, 0xc0, 0xfa, 0x6f, 0xc8, 0xfb,
- 0x9f, 0x84, 0x6f, 0x55, 0xfb, 0x30, 0x5e, 0x89,
- 0x93, 0xa9, 0xf3, 0xa6, 0xa3, 0xd7, 0x26, 0xbb,
- 0xd8, 0xa8, 0xd9, 0x95, 0x1d, 0xfe, 0xfc, 0xd7,
- 0xa8, 0x93, 0x66, 0x2f, 0x04, 0x53, 0x06, 0x64,
- 0x7f, 0x31, 0x29, 0xae, 0xb7, 0x9f, 0xba, 0xc4,
- 0x6d, 0x68, 0xd1, 0x24, 0x32, 0xf4, 0x11}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 4,
- {
- 0x07, 0x9c, 0x91, 0xbe},
- "id-Gost28147-89-CryptoPro-C-ParamSet",
- "testcfb3",
- {
- 0x77, 0xc3, 0x45, 0x8e, 0xf6, 0x42, 0xe7, 0x04,
- 0x8e, 0xfc, 0x08, 0xe4, 0x70, 0x96, 0xd6, 0x05,
- 0x93, 0x59, 0x02, 0x6d, 0x6f, 0x97, 0xca, 0xe9,
- 0xcf, 0x89, 0x44, 0x4b, 0xde, 0x6c, 0x22, 0x1d},
- G89_CFB,
- {
- 0x43, 0x7c, 0x3e, 0x8e, 0x2f, 0x2a, 0x00, 0x98},
- {
- 0x19, 0x35, 0x81, 0x34}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 9,
- {
- 0x2f, 0x31, 0xd8, 0x83, 0xb4, 0x20, 0xe8, 0x6e,
- 0xda},
- "id-Gost28147-89-CryptoPro-D-ParamSet",
- "testcfb4",
- {
- 0x38, 0x9f, 0xe8, 0x37, 0xff, 0x9c, 0x5d, 0x29,
- 0xfc, 0x48, 0x55, 0xa0, 0x87, 0xea, 0xe8, 0x40,
- 0x20, 0x87, 0x5b, 0xb2, 0x01, 0x15, 0x55, 0xa7,
- 0xe3, 0x2d, 0xcb, 0x3d, 0xd6, 0x59, 0x04, 0x73},
- G89_CFB,
- {
- 0xc5, 0xa2, 0xd2, 0x1f, 0x2f, 0xdf, 0xb8, 0xeb},
- {
- 0x6d, 0xa4, 0xed, 0x40, 0x08, 0x88, 0x71, 0xad,
- 0x16}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 5242880 + 8,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test5Mcfb",
- {
- 0x61, 0x58, 0x44, 0x5a, 0x41, 0xf6, 0xc7, 0x0f,
- 0x6b, 0xdb, 0x51, 0x91, 0x6a, 0xf6, 0x81, 0x30,
- 0x8c, 0xa7, 0x98, 0xdd, 0x38, 0x35, 0x8a, 0x60,
- 0x85, 0xb4, 0xf0, 0xf9, 0x43, 0xa2, 0x7d, 0x9a},
- G89_CFB,
- {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {
- 0x1c, 0x16, 0xa0, 0xe9, 0x63, 0x94, 0xfe, 0x38,
- 0x37, 0xa7, 0x9b, 0x70, 0x25, 0x2e, 0xd6, 0x00}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- U64(4294967296) + 16,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test4Gcfb",
- {
- 0xae, 0x57, 0xa2, 0xdd, 0xa4, 0xef, 0x4f, 0x96,
- 0xb8, 0x94, 0xa5, 0xd1, 0x1b, 0xc8, 0x9b, 0x42,
- 0xa5, 0x24, 0xcc, 0x89, 0x5c, 0xb8, 0x92, 0x52,
- 0xc1, 0x12, 0x6a, 0xb0, 0x9a, 0x26, 0xe8, 0x06},
- G89_CFB,
- {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {
- 0x2e, 0x62, 0xb0, 0x2e, 0xc7, 0x87, 0x4b, 0x29,
- 0x33, 0x16, 0x6b, 0xb4, 0xd6, 0x61, 0x66, 0xd9}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 1037,
- {
- 0x3d, 0x0b, 0x69, 0xf7, 0xa8, 0xe4, 0xfc, 0x99,
- 0x22, 0x2e, 0xee, 0xd1, 0x63, 0x12, 0xfe, 0xa8,
- 0x9d, 0xcb, 0x6c, 0x4d, 0x48, 0x8c, 0xe8, 0xbd,
- 0x8b, 0x60, 0xf1, 0xbf, 0x7b, 0xe3, 0x79, 0xd5,
- 0x2b, 0x25, 0x97, 0x13, 0xef, 0x35, 0xda, 0xf4,
- 0xbc, 0x77, 0xce, 0xea, 0xe9, 0x3f, 0xa4, 0xb6,
- 0x01, 0xd5, 0x73, 0x29, 0x58, 0xda, 0xd7, 0x67,
- 0x17, 0xac, 0xe4, 0x75, 0x2f, 0x57, 0x23, 0xac,
- 0x96, 0x21, 0xc7, 0x62, 0x2d, 0xf7, 0x32, 0xb5,
- 0x44, 0x5f, 0x72, 0xb1, 0x5f, 0xba, 0x1b, 0x1e,
- 0xdb, 0x4a, 0x09, 0x8c, 0x92, 0x61, 0xa2, 0xb0,
- 0x49, 0x68, 0xe5, 0xb3, 0xa2, 0x8f, 0x13, 0x4b,
- 0xf5, 0x4d, 0x84, 0xda, 0xab, 0xa0, 0xb6, 0xd1,
- 0x5a, 0x63, 0x19, 0xe8, 0xa2, 0x09, 0xf6, 0x76,
- 0x6f, 0x9b, 0x48, 0x0a, 0x15, 0x5d, 0xb7, 0x20,
- 0x21, 0x9a, 0x2e, 0xb9, 0x6d, 0xfa, 0x1e, 0xc2,
- 0x0e, 0xef, 0x15, 0xab, 0x59, 0x01, 0xfe, 0x43,
- 0x90, 0xf2, 0x62, 0xca, 0x4a, 0x9a, 0x48, 0x38,
- 0xab, 0x6f, 0x9d, 0x21, 0xb3, 0xad, 0xa7, 0x60,
- 0x46, 0xe3, 0xef, 0xd0, 0xe3, 0x1d, 0xc5, 0xe1,
- 0xb8, 0xa1, 0xe2, 0x99, 0x20, 0xc5, 0x76, 0xcc,
- 0xaa, 0x8a, 0xa9, 0x45, 0x55, 0xa0, 0x78, 0x00,
- 0x64, 0xde, 0xcf, 0x5b, 0xdf, 0x26, 0x48, 0xcd,
- 0xba, 0x8a, 0xb5, 0xfb, 0xfd, 0x4a, 0xd5, 0xc4,
- 0xe0, 0x43, 0xa6, 0x71, 0x90, 0xa4, 0x8b, 0xca,
- 0x2e, 0x88, 0x7b, 0xac, 0xb2, 0xdc, 0xf2, 0x01,
- 0xcb, 0xda, 0x6e, 0x91, 0x27, 0x28, 0x44, 0x88,
- 0x9a, 0xd2, 0x12, 0xf1, 0xa6, 0xf5, 0xb7, 0x61,
- 0xce, 0x79, 0x62, 0x52, 0x3c, 0xe6, 0x14, 0x73,
- 0xd1, 0x41, 0x92, 0x50, 0xbd, 0xdc, 0x3b, 0xd0,
- 0xa7, 0x11, 0x8c, 0x3a, 0xe4, 0x2d, 0xf2, 0x52,
- 0xd3, 0x2f, 0x7c, 0x8e, 0x54, 0x90, 0x4e, 0x23,
- 0xae, 0xb3, 0xa0, 0xf3, 0x25, 0x7e, 0x66, 0xaa,
- 0x0f, 0x6f, 0x81, 0x72, 0x77, 0xbb, 0xd3, 0x47,
- 0xe8, 0x05, 0xff, 0xe1, 0x5b, 0xc9, 0x37, 0x50,
- 0x33, 0x49, 0x17, 0xaf, 0xab, 0x1d, 0xe1, 0x15,
- 0xf2, 0xe5, 0x98, 0x5e, 0x2d, 0x05, 0x1f, 0x0d,
- 0x55, 0x97, 0xed, 0xff, 0x5e, 0xe0, 0x0f, 0xc3,
- 0x9c, 0xbd, 0x82, 0xc2, 0x06, 0xbe, 0x45, 0x66,
- 0xae, 0x33, 0xbe, 0x28, 0x48, 0xe9, 0x2d, 0x1a,
- 0xe6, 0x65, 0x8e, 0xdf, 0x76, 0x03, 0x73, 0x4b,
- 0xc0, 0x80, 0x71, 0xf9, 0xac, 0xba, 0xa0, 0xb0,
- 0x19, 0x1a, 0x0a, 0xd4, 0x35, 0x12, 0x88, 0x76,
- 0x05, 0x75, 0x8f, 0x7c, 0xb5, 0xf0, 0x19, 0x75,
- 0x6d, 0x05, 0xcb, 0x0d, 0xbc, 0x8d, 0xe9, 0xf0,
- 0xd4, 0xdb, 0x3c, 0x3c, 0x29, 0x8e, 0x2c, 0x32,
- 0x1d, 0xf7, 0xb6, 0x49, 0xcf, 0xdb, 0x63, 0xee,
- 0x3c, 0xfa, 0x33, 0x73, 0x6f, 0xe4, 0x97, 0x4e,
- 0x2f, 0xc9, 0x4c, 0x5c, 0x65, 0xfe, 0xea, 0xfb,
- 0xc6, 0xdd, 0xc1, 0x1c, 0x47, 0x3f, 0xf4, 0x50,
- 0x2f, 0xde, 0x1b, 0x5b, 0x0b, 0x16, 0xca, 0xb6,
- 0x46, 0x44, 0xf2, 0xc1, 0x0d, 0xa1, 0x1d, 0xa6,
- 0xdb, 0xf0, 0x3d, 0xb1, 0x6c, 0x05, 0x31, 0x85,
- 0x8e, 0x74, 0xae, 0xf2, 0x39, 0x26, 0xf7, 0xc1,
- 0xe7, 0x4c, 0xdd, 0x9d, 0x40, 0xb8, 0xf3, 0xc5,
- 0xc2, 0x16, 0x64, 0x6b, 0xaa, 0xdb, 0x4b, 0x82,
- 0x5c, 0xd3, 0x02, 0xd3, 0x8f, 0x26, 0x79, 0x8d,
- 0xb0, 0x78, 0x70, 0x19, 0x58, 0x0c, 0xb4, 0x31,
- 0x88, 0x44, 0x1c, 0x91, 0x6f, 0xf4, 0x52, 0x39,
- 0xa8, 0xf5, 0xc0, 0x1b, 0xfe, 0xf2, 0x0e, 0x4b,
- 0xac, 0x0a, 0xc2, 0x7e, 0x9c, 0x9b, 0xeb, 0x5d,
- 0x4e, 0x4f, 0x42, 0xd8, 0x71, 0x0a, 0x97, 0x27,
- 0x03, 0x14, 0x96, 0xa6, 0x3d, 0x04, 0xea, 0x9f,
- 0x14, 0x14, 0x27, 0x4c, 0xd9, 0xa2, 0x89, 0x5f,
- 0x65, 0x4a, 0xe1, 0x9d, 0x2c, 0xb8, 0xf8, 0xd4,
- 0x8f, 0x2a, 0x57, 0x36, 0xcc, 0x06, 0x9c, 0x2c,
- 0xc5, 0x13, 0x16, 0xdf, 0xfc, 0xae, 0x22, 0x16,
- 0xa8, 0x2b, 0x71, 0x6f, 0x1d, 0xb3, 0x47, 0x54,
- 0x3f, 0x2d, 0x0a, 0x68, 0x9f, 0x2e, 0xf6, 0x90,
- 0xd8, 0xa1, 0x21, 0x09, 0xd4, 0x97, 0xb9, 0x7b,
- 0x7f, 0x9b, 0x6a, 0xed, 0xd1, 0xf0, 0xe3, 0xb6,
- 0x28, 0xc7, 0x62, 0x82, 0x00, 0xc9, 0x38, 0xa1,
- 0x82, 0x78, 0xce, 0x87, 0xc8, 0x53, 0xac, 0x4f,
- 0x2e, 0x31, 0xb9, 0x50, 0x7f, 0x36, 0x00, 0x4a,
- 0x32, 0xe6, 0xd8, 0xbb, 0x59, 0x45, 0x0e, 0x91,
- 0x1b, 0x38, 0xa9, 0xbc, 0xb9, 0x5e, 0x6c, 0x6a,
- 0x9c, 0x03, 0x01, 0x1c, 0xde, 0xe8, 0x1f, 0x1e,
- 0xe3, 0xde, 0x25, 0xa2, 0x56, 0x79, 0xe1, 0xbd,
- 0x58, 0xc4, 0x93, 0xe6, 0xd0, 0x8a, 0x4d, 0x08,
- 0xab, 0xf7, 0xaa, 0xc3, 0x7d, 0xc1, 0xee, 0x68,
- 0x37, 0xbc, 0x78, 0x0b, 0x19, 0x68, 0x2b, 0x2b,
- 0x2e, 0x6d, 0xc4, 0x6f, 0xaa, 0x3b, 0xc6, 0x19,
- 0xcb, 0xf1, 0x58, 0xb9, 0x60, 0x85, 0x45, 0xae,
- 0x52, 0x97, 0xba, 0x24, 0x32, 0x13, 0x72, 0x16,
- 0x6e, 0x7b, 0xc1, 0x98, 0xac, 0xb1, 0xed, 0xb4,
- 0xcc, 0x6c, 0xcf, 0x45, 0xfc, 0x50, 0x89, 0x80,
- 0x8e, 0x7a, 0xa4, 0xd3, 0x64, 0x50, 0x63, 0x37,
- 0xc9, 0x6c, 0xf1, 0xc4, 0x3d, 0xfb, 0xde, 0x5a,
- 0x5c, 0xa8, 0x21, 0x35, 0xe6, 0x2e, 0x8c, 0x2a,
- 0x3c, 0x12, 0x17, 0x79, 0x9a, 0x0d, 0x2e, 0x79,
- 0xeb, 0x67, 0x1f, 0x2b, 0xf8, 0x6e, 0xca, 0xc1,
- 0xfa, 0x45, 0x18, 0x9e, 0xdf, 0x6a, 0xe6, 0xcb,
- 0xe9, 0x5c, 0xc3, 0x09, 0xaf, 0x93, 0x58, 0x13,
- 0xbf, 0x90, 0x84, 0x87, 0x75, 0xd6, 0x82, 0x28,
- 0x8d, 0xe7, 0x2f, 0xa3, 0xfb, 0x97, 0x74, 0x2a,
- 0x73, 0x04, 0x82, 0x06, 0x76, 0x69, 0xb1, 0x0b,
- 0x19, 0xfc, 0xae, 0xb3, 0xdd, 0x2a, 0xe5, 0xc1,
- 0x05, 0xd8, 0x80, 0x95, 0x22, 0x90, 0x71, 0xfc,
- 0xc2, 0x92, 0x42, 0xfd, 0xf1, 0x70, 0xb4, 0x68,
- 0x88, 0xa4, 0x9e, 0x0a, 0x24, 0x40, 0x13, 0xc8,
- 0xa2, 0x56, 0x4f, 0x39, 0xe6, 0x06, 0xf1, 0xdc,
- 0xf5, 0x13, 0x0e, 0xad, 0x9c, 0x8b, 0xaf, 0xe9,
- 0xe3, 0x88, 0x72, 0xff, 0xa0, 0x6d, 0xda, 0x08,
- 0x70, 0xb9, 0x2e, 0x83, 0xc5, 0xbb, 0x32, 0xa5,
- 0x74, 0xc7, 0xfb, 0x7b, 0x76, 0xaf, 0x02, 0xbb,
- 0x2b, 0xb8, 0x5e, 0x65, 0x02, 0xfe, 0x0e, 0xa0,
- 0x99, 0xce, 0x01, 0x3b, 0x35, 0xe1, 0xb0, 0x22,
- 0xe5, 0x94, 0xbd, 0xdd, 0x8e, 0xbb, 0xf6, 0x75,
- 0xbf, 0xbf, 0xee, 0x7a, 0xb1, 0x58, 0xb4, 0x81,
- 0xb8, 0x39, 0x3e, 0xb6, 0x1e, 0xde, 0xda, 0x1b,
- 0xd5, 0xf7, 0xdd, 0x7d, 0x65, 0x9c, 0xaa, 0x56,
- 0x93, 0xb8, 0xaf, 0x48, 0x53, 0xc7, 0x22, 0xe4,
- 0x1c, 0xdf, 0xe9, 0x79, 0xb4, 0x20, 0x89, 0xcc,
- 0x2a, 0x79, 0x2c, 0x09, 0xbe, 0x78, 0xcf, 0xcc,
- 0xf2, 0x90, 0xd6, 0x65, 0xc5, 0x29, 0xfc, 0xda,
- 0x69, 0xfc, 0xc0, 0xd6, 0x70, 0x99, 0x61, 0x3f,
- 0x60, 0x02, 0xd8, 0x12, 0x22, 0xc8, 0x34, 0xc6,
- 0x3b, 0xb3, 0xc2, 0x33, 0xa1, 0x5c, 0x8f, 0x4c,
- 0xd1, 0x52, 0x72, 0xf2, 0x42, 0x05, 0x8e, 0x18,
- 0x1f, 0x16, 0xda, 0xb8, 0x53, 0xa1, 0x5f, 0x01,
- 0x32, 0x1b, 0x90, 0xb3, 0x53, 0x9b, 0xd0, 0x85,
- 0x61, 0x2d, 0x17, 0xed, 0x0a, 0xa4, 0xa5, 0x27,
- 0x09, 0x75, 0x7c, 0xbc, 0x30, 0xf7, 0x5e, 0x59,
- 0x9a, 0x07, 0x96, 0x84, 0x28, 0x86, 0x4b, 0xa7,
- 0x22, 0x35, 0x28, 0xc7, 0xed, 0x0d, 0xc3, 0xce,
- 0x98, 0xcc, 0x2d, 0xec, 0xd4, 0x98, 0x09, 0x8e,
- 0x52, 0x5f, 0x2b, 0x9a, 0x13, 0xbe, 0x99, 0x16,
- 0x73, 0xd1, 0x1f, 0x81, 0xe5, 0xa2, 0x08, 0x78,
- 0xcb, 0x0c, 0x20, 0xd4, 0xa5, 0xea, 0x4b, 0x5b,
- 0x95, 0x5a, 0x92, 0x9a, 0x52},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testcnt2",
- {
- 0x1b, 0x5d, 0xdb, 0x77, 0xcf, 0xf9, 0xec, 0x95,
- 0x5e, 0xcc, 0x67, 0x9f, 0x5d, 0x28, 0xad, 0x4a,
- 0x27, 0xf4, 0x32, 0xc6, 0xb2, 0xcb, 0xb1, 0x45,
- 0x6a, 0x88, 0x14, 0x0c, 0x9b, 0x9b, 0x5f, 0x48},
- G89_CNT,
- {
- 0x71, 0x58, 0x8c, 0xe1, 0x55, 0xf4, 0xf6, 0xb3},
- {
- 0x8e, 0xcd, 0x8f, 0xc8, 0xac, 0xe1, 0x15, 0x48,
- 0x2d, 0xae, 0x24, 0x8a, 0xc7, 0xfb, 0xba, 0x0f,
- 0x1d, 0x8a, 0x95, 0xa2, 0x43, 0xef, 0xcb, 0xdc,
- 0x59, 0x57, 0xa7, 0xc7, 0x0e, 0xe3, 0xe2, 0xb9,
- 0x0d, 0x86, 0x29, 0x62, 0xcb, 0x83, 0x4d, 0x07,
- 0x0c, 0x40, 0xd4, 0x7b, 0x2e, 0xca, 0xba, 0xbf,
- 0x4a, 0x60, 0x3b, 0x31, 0x98, 0xc8, 0x88, 0x47,
- 0xd9, 0x82, 0xab, 0xfc, 0x8f, 0x48, 0xe2, 0x46,
- 0xab, 0xd3, 0xa1, 0xab, 0x8a, 0x05, 0x22, 0x8c,
- 0xf4, 0xec, 0x9a, 0x1e, 0x76, 0xab, 0x1a, 0x60,
- 0xd9, 0x25, 0x6b, 0xb8, 0x56, 0xe5, 0xb2, 0xea,
- 0x10, 0xf3, 0x62, 0x04, 0x32, 0x5e, 0xaa, 0x3b,
- 0x7b, 0x57, 0xbc, 0x3b, 0x8b, 0x43, 0x47, 0xf2,
- 0xd5, 0x03, 0x7e, 0x51, 0x01, 0xff, 0x77, 0x28,
- 0xca, 0x90, 0xa3, 0xfe, 0x7e, 0x2e, 0x70, 0x16,
- 0x75, 0x18, 0x44, 0xf0, 0x1b, 0x85, 0x05, 0xea,
- 0xe3, 0x21, 0xf7, 0x26, 0x86, 0x76, 0x3c, 0x67,
- 0x9d, 0xfc, 0xbc, 0x10, 0x7f, 0x77, 0xe4, 0xed,
- 0xd3, 0x12, 0xf8, 0x83, 0x00, 0x1f, 0x4b, 0x92,
- 0x95, 0x92, 0x5c, 0xf3, 0x5a, 0xf3, 0xb7, 0xd0,
- 0xa9, 0x5f, 0xf2, 0x18, 0xc4, 0x66, 0x62, 0xc1,
- 0x84, 0x0e, 0x66, 0xe8, 0x80, 0x7d, 0x1f, 0xf0,
- 0xba, 0x01, 0x9b, 0x71, 0xae, 0x93, 0xcc, 0x27,
- 0x54, 0x34, 0x9a, 0xbd, 0xca, 0xee, 0x52, 0x09,
- 0x92, 0x9d, 0xb0, 0xd5, 0xd9, 0xba, 0x2f, 0xb9,
- 0x96, 0xdc, 0xfa, 0xbd, 0xce, 0xea, 0x1a, 0x7b,
- 0x9a, 0x1d, 0x13, 0xa7, 0x11, 0xe2, 0x9a, 0x64,
- 0xf6, 0xd3, 0xee, 0xc6, 0x33, 0xb7, 0x6e, 0xef,
- 0x25, 0x9e, 0x1e, 0x7c, 0xe3, 0x1f, 0x2c, 0x6e,
- 0xa9, 0xc0, 0xf8, 0xc1, 0xbf, 0x3b, 0xf8, 0x34,
- 0x03, 0x9b, 0xa1, 0x40, 0x5b, 0x0c, 0x3c, 0x09,
- 0x66, 0x9d, 0x63, 0xe2, 0xe2, 0x04, 0x8f, 0x06,
- 0x84, 0x74, 0x68, 0xb2, 0x5c, 0x3b, 0x4c, 0xad,
- 0x0b, 0x3f, 0x03, 0xb3, 0x07, 0x8a, 0x64, 0xa7,
- 0x36, 0x56, 0x26, 0x39, 0x66, 0xda, 0xe9, 0x6d,
- 0x1b, 0xd5, 0x88, 0xe8, 0x5c, 0xaf, 0x5a, 0x4c,
- 0x49, 0xf7, 0xf5, 0xb7, 0x78, 0xf0, 0xde, 0xec,
- 0xcd, 0x16, 0x23, 0x9e, 0x8c, 0x13, 0xbe, 0x6b,
- 0x6f, 0x9b, 0x07, 0xe5, 0xbb, 0xcc, 0x3a, 0x1b,
- 0x6f, 0x43, 0xdf, 0xff, 0x46, 0x2a, 0xae, 0x47,
- 0x19, 0x18, 0x9a, 0x25, 0x09, 0xc9, 0x24, 0x40,
- 0x0c, 0x4b, 0xa7, 0xda, 0x5e, 0x0d, 0xee, 0xfa,
- 0x62, 0x45, 0x8e, 0xcc, 0x2f, 0x23, 0x08, 0x1d,
- 0x92, 0xf0, 0xfe, 0x82, 0x0f, 0xd7, 0x11, 0x60,
- 0x7e, 0x0b, 0x0b, 0x75, 0xf4, 0xf5, 0x3b, 0xc0,
- 0xa4, 0xe8, 0x72, 0xa5, 0xb6, 0xfa, 0x5a, 0xad,
- 0x5a, 0x4f, 0x39, 0xb5, 0xa2, 0x12, 0x96, 0x0a,
- 0x32, 0x84, 0xb2, 0xa1, 0x06, 0x68, 0x56, 0x57,
- 0x97, 0xa3, 0x7b, 0x22, 0x61, 0x76, 0x5d, 0x30,
- 0x1a, 0x31, 0xab, 0x99, 0x06, 0xc5, 0x1a, 0x96,
- 0xcf, 0xcf, 0x14, 0xff, 0xb2, 0xc4, 0xcc, 0x2b,
- 0xbf, 0x0c, 0x9d, 0x91, 0x8f, 0x79, 0x5b, 0xbc,
- 0xa9, 0x6b, 0x91, 0x6a, 0xb4, 0x93, 0x5c, 0x7b,
- 0x5d, 0xc2, 0x8a, 0x75, 0xc0, 0xc1, 0x08, 0xfa,
- 0x99, 0xf9, 0x4d, 0x5e, 0x0c, 0x06, 0x64, 0x60,
- 0xa9, 0x01, 0x4a, 0x34, 0x0f, 0x33, 0x84, 0x95,
- 0x69, 0x30, 0xc1, 0x1c, 0x36, 0xf8, 0xfc, 0x30,
- 0x23, 0xb2, 0x71, 0xe5, 0x52, 0x4d, 0x12, 0x1a,
- 0xc9, 0xbe, 0xee, 0xc9, 0xcb, 0x01, 0x85, 0xf3,
- 0xdb, 0x30, 0xf9, 0x41, 0xa9, 0x40, 0xb0, 0x06,
- 0x29, 0x77, 0xcd, 0xc5, 0xec, 0x58, 0x02, 0x48,
- 0x83, 0x53, 0x44, 0x6a, 0xd2, 0xca, 0x05, 0xd8,
- 0x5a, 0x08, 0xeb, 0xa9, 0xf4, 0xe6, 0xc7, 0x9d,
- 0xd5, 0x7b, 0x74, 0x0b, 0x31, 0xb7, 0xa5, 0x57,
- 0x7c, 0x7a, 0xfd, 0x1a, 0x0e, 0xd7, 0x97, 0x41,
- 0xbf, 0xdd, 0xc6, 0x19, 0x6c, 0x77, 0x8c, 0x18,
- 0x52, 0x57, 0x83, 0xba, 0x71, 0x25, 0xee, 0x39,
- 0xbb, 0xe2, 0x43, 0xa0, 0x14, 0xdc, 0x0e, 0x84,
- 0xb4, 0x2b, 0xde, 0x3e, 0xe5, 0x36, 0xb7, 0xa2,
- 0x92, 0x98, 0x05, 0xb8, 0x96, 0xe5, 0xd0, 0x8c,
- 0x08, 0x93, 0x35, 0xc2, 0x81, 0xe0, 0xfc, 0x59,
- 0x71, 0xe2, 0x44, 0x49, 0x5d, 0xda, 0xfb, 0x9c,
- 0xaa, 0x70, 0x9f, 0x43, 0xa8, 0xa5, 0xd9, 0x67,
- 0xd9, 0x8f, 0xa3, 0x1e, 0xbe, 0x0e, 0xec, 0xdf,
- 0x12, 0x2b, 0x6a, 0xe7, 0x1c, 0x12, 0x17, 0xe7,
- 0xc4, 0x6d, 0x50, 0xc9, 0x52, 0x7a, 0xd5, 0xe8,
- 0x7f, 0xbc, 0x07, 0x15, 0xac, 0xdb, 0x93, 0x66,
- 0xb1, 0xf0, 0xa7, 0x7b, 0x2f, 0xe9, 0xec, 0xd0,
- 0x47, 0x69, 0x59, 0x87, 0xf1, 0x4c, 0x3e, 0x4b,
- 0x9b, 0x11, 0x79, 0x13, 0xe4, 0x96, 0xf6, 0x56,
- 0x04, 0x6e, 0x0b, 0x33, 0xfc, 0x40, 0xf6, 0xc7,
- 0xc1, 0x43, 0xb1, 0xbf, 0x0e, 0xb3, 0x87, 0xfd,
- 0x0b, 0x1c, 0x63, 0x46, 0x3a, 0xd3, 0xa0, 0x17,
- 0x59, 0x25, 0x94, 0x6c, 0x9c, 0x3d, 0x0c, 0x81,
- 0xce, 0x82, 0x72, 0x42, 0x28, 0xf9, 0x37, 0x6a,
- 0x6d, 0xe4, 0x12, 0xf4, 0x21, 0xaa, 0xf7, 0xfe,
- 0x27, 0x55, 0x40, 0x1a, 0x14, 0xc3, 0x39, 0x5b,
- 0xbf, 0x63, 0xc2, 0x5f, 0x10, 0x1f, 0x14, 0x25,
- 0xd0, 0xce, 0xf3, 0x14, 0x48, 0x13, 0xa5, 0x0b,
- 0x4d, 0x38, 0xcf, 0x0d, 0x34, 0xc0, 0x0a, 0x11,
- 0xb4, 0xb5, 0x72, 0xc8, 0x4b, 0xc2, 0x6f, 0xe7,
- 0x9d, 0x93, 0xf7, 0xdf, 0xb8, 0x43, 0x72, 0x7e,
- 0xda, 0x3e, 0x20, 0x1f, 0xbc, 0x21, 0x2a, 0xce,
- 0x00, 0xfa, 0x96, 0x9f, 0x3d, 0xe5, 0x88, 0x96,
- 0xef, 0x29, 0x84, 0xdf, 0x6c, 0x1c, 0x96, 0xd8,
- 0x58, 0x47, 0xaa, 0x92, 0xf3, 0x07, 0xe5, 0xfb,
- 0xaf, 0xea, 0x95, 0x7e, 0x0b, 0x71, 0xcd, 0x81,
- 0x0f, 0xb7, 0x0a, 0x59, 0x8f, 0x31, 0x4d, 0xd1,
- 0xc3, 0xf3, 0x2f, 0x70, 0x5c, 0x59, 0x18, 0x97,
- 0xaf, 0x77, 0x95, 0x5e, 0xaf, 0x40, 0x06, 0x12,
- 0x81, 0x61, 0x86, 0x08, 0x4e, 0xbc, 0x89, 0x46,
- 0x07, 0x2e, 0x5b, 0x10, 0xaa, 0x12, 0xf0, 0xa7,
- 0x84, 0xe2, 0x9a, 0x08, 0xf1, 0xde, 0x59, 0xe3,
- 0x0e, 0x47, 0x4b, 0xff, 0xc3, 0xc9, 0x18, 0xaf,
- 0x95, 0x9c, 0x67, 0x2a, 0xde, 0x8a, 0x7a, 0x99,
- 0x04, 0xc4, 0xb8, 0x97, 0x4c, 0x04, 0x29, 0x71,
- 0x05, 0xda, 0xb3, 0xd6, 0xdb, 0x6c, 0x71, 0xe6,
- 0xe8, 0x03, 0xbf, 0x94, 0x7d, 0xde, 0x3d, 0xc8,
- 0x44, 0xfa, 0x7d, 0x62, 0xb4, 0x36, 0x03, 0xee,
- 0x36, 0x52, 0x64, 0xb4, 0x85, 0x6d, 0xd5, 0x78,
- 0xf0, 0x6f, 0x67, 0x2d, 0x0e, 0xe0, 0x2c, 0x88,
- 0x9b, 0x55, 0x19, 0x29, 0x40, 0xf6, 0x8c, 0x12,
- 0xbb, 0x2c, 0x83, 0x96, 0x40, 0xc0, 0x36, 0xf5,
- 0x77, 0xff, 0x70, 0x8c, 0x75, 0x92, 0x0b, 0xad,
- 0x05, 0x9b, 0x7e, 0xa2, 0xfc, 0xa9, 0xd1, 0x64,
- 0x76, 0x82, 0x13, 0xba, 0x22, 0x5e, 0x33, 0x0e,
- 0x26, 0x70, 0xa9, 0xbe, 0x74, 0x28, 0xf5, 0xe2,
- 0xc4, 0x96, 0xee, 0x3a, 0xbc, 0x97, 0xa6, 0x2c,
- 0x2a, 0xe0, 0x64, 0x8d, 0x35, 0xc6, 0x1a, 0xca,
- 0xf4, 0x92, 0xfa, 0xc3, 0xf1, 0x1f, 0x98, 0xe4,
- 0x43, 0x88, 0x69, 0x3a, 0x09, 0xbf, 0x63, 0xe5,
- 0x96, 0x29, 0x0b, 0x9b, 0x62, 0x23, 0x14, 0x8a,
- 0x95, 0xe4, 0x1c, 0x5c, 0x0a, 0xa9, 0xc5, 0xb9,
- 0x6f, 0x4f, 0x2b, 0x25, 0x6f, 0x74, 0x1e, 0x18,
- 0xd5, 0xfe, 0x27, 0x7d, 0x3f, 0x6e, 0x55, 0x2c,
- 0x67, 0xe6, 0xde, 0xb5, 0xcc, 0xc0, 0x2d, 0xff,
- 0xc4, 0xe4, 0x06, 0x21, 0xa5, 0xc8, 0xd3, 0xd6,
- 0x6c, 0xa1, 0xc3, 0xfb, 0x88, 0x92, 0xb1, 0x1d,
- 0x90, 0xe1, 0x35, 0x05, 0x9b, 0x29, 0x6d, 0xba,
- 0xf1, 0xf4, 0x1e, 0x23, 0x2e}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 5242880 + 8,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test5Mcnt",
- {
- 0x07, 0x52, 0x65, 0xe7, 0xca, 0xa3, 0xca, 0x45,
- 0xcf, 0x3a, 0x05, 0x1d, 0x38, 0x03, 0x53, 0x0c,
- 0x22, 0x31, 0xba, 0x99, 0x4f, 0x9b, 0x6a, 0x1b,
- 0x7e, 0x09, 0x9d, 0x4e, 0xb5, 0xc9, 0x84, 0x2e},
- G89_CNT,
- {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {
- 0x3d, 0x05, 0x07, 0x57, 0xc0, 0x75, 0x89, 0x97,
- 0xd6, 0x94, 0x49, 0x11, 0x1d, 0xd0, 0x91, 0xee}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- U64(4294967296) + 16,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test4Gcnt",
- {
- 0x75, 0xa3, 0x3c, 0xae, 0x03, 0x6b, 0x10, 0xdb,
- 0xc1, 0x56, 0x50, 0x89, 0x03, 0xd2, 0x9f, 0x91,
- 0xee, 0xe8, 0x64, 0x1d, 0x43, 0xf2, 0x4e, 0xf8,
- 0xf2, 0x6c, 0xed, 0xda, 0x8f, 0xe4, 0x88, 0xe9},
- G89_CNT,
- {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
- {
- 0xfa, 0x6c, 0x96, 0x78, 0xe2, 0xf8, 0xdd, 0xaa,
- 0x67, 0x5a, 0xc9, 0x5d, 0x57, 0xf1, 0xbd, 0x99}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 1035,
- {
- 0xd6, 0xcf, 0x31, 0x96, 0x9c, 0xa1, 0xfb, 0xd6,
- 0x8d, 0xa3, 0xdd, 0x01, 0xd9, 0x88, 0xc0, 0x2f,
- 0xbc, 0x46, 0xc7, 0x3a, 0xe4, 0x21, 0x86, 0x96,
- 0x8d, 0xe2, 0xca, 0xb6, 0x37, 0xa2, 0xe1, 0xa8,
- 0x7e, 0xa7, 0x79, 0x2e, 0xa4, 0x56, 0x75, 0x7f,
- 0x3e, 0x55, 0x8b, 0x43, 0xae, 0x65, 0xdf, 0xaa,
- 0x42, 0xb6, 0x00, 0xa6, 0x61, 0x03, 0x0d, 0xd3,
- 0x41, 0x02, 0x27, 0x23, 0x95, 0x79, 0x9b, 0x34,
- 0x81, 0xa9, 0x86, 0xb5, 0xa7, 0x90, 0xe2, 0xae,
- 0xc4, 0x2f, 0xc3, 0x8e, 0x32, 0x56, 0x13, 0xfa,
- 0x4d, 0x4e, 0x9f, 0x15, 0x75, 0x7e, 0x74, 0xdc,
- 0x32, 0x2d, 0xee, 0x4d, 0x67, 0x70, 0x9f, 0x62,
- 0xb9, 0xc4, 0xdb, 0x24, 0x84, 0xcc, 0x16, 0x7b,
- 0xda, 0x22, 0xf7, 0xc5, 0xf3, 0x93, 0x35, 0x73,
- 0xc6, 0x03, 0x1c, 0x77, 0xa5, 0xf2, 0x76, 0x56,
- 0xb4, 0x95, 0xd4, 0x7e, 0x0d, 0x20, 0xc6, 0x6e,
- 0xee, 0x8f, 0x25, 0x48, 0xff, 0x7e, 0x01, 0x3a,
- 0xb4, 0x1f, 0xaa, 0x35, 0xc0, 0x33, 0x58, 0x9c,
- 0xb5, 0xba, 0x65, 0x4b, 0xd3, 0x51, 0x14, 0xec,
- 0x61, 0xce, 0xe4, 0xba, 0x49, 0xba, 0x39, 0x32,
- 0xab, 0xce, 0x81, 0x72, 0xce, 0xab, 0xed, 0xd4,
- 0xd2, 0x19, 0x87, 0x85, 0x92, 0xfa, 0x64, 0x34,
- 0xd8, 0x86, 0xf4, 0x8a, 0x08, 0x3c, 0xde, 0xee,
- 0x97, 0x92, 0x92, 0x69, 0xba, 0x9b, 0x5f, 0x7a,
- 0x03, 0xc1, 0x5d, 0x43, 0x02, 0x8c, 0xbe, 0xd2,
- 0x46, 0x72, 0x81, 0x40, 0x7d, 0x68, 0x98, 0x45,
- 0x0b, 0x54, 0x27, 0x1c, 0xaf, 0x80, 0x42, 0xe4,
- 0xd5, 0xd4, 0xe4, 0xa2, 0x98, 0x07, 0x8f, 0x03,
- 0xf5, 0x2c, 0x8c, 0x88, 0xca, 0x5a, 0xde, 0xe4,
- 0x9f, 0xb1, 0x5f, 0x82, 0xff, 0x20, 0x67, 0x52,
- 0x85, 0x84, 0x4f, 0xc8, 0xfe, 0xa7, 0x9e, 0xae,
- 0x1c, 0xfa, 0xb8, 0x75, 0xd3, 0xf7, 0x9f, 0x0d,
- 0xda, 0x2d, 0xe6, 0xcc, 0x86, 0x6b, 0xa4, 0x14,
- 0x65, 0xc3, 0xf9, 0x15, 0xbc, 0x87, 0xf5, 0xae,
- 0x8c, 0x10, 0xd4, 0xce, 0x5b, 0x9c, 0xe2, 0xdd,
- 0x42, 0x03, 0x09, 0x87, 0x47, 0xed, 0x5d, 0xd0,
- 0x7a, 0x69, 0x4c, 0xfa, 0x43, 0x7d, 0xbf, 0x07,
- 0x85, 0x6a, 0xee, 0x68, 0xe6, 0x7a, 0x57, 0xb2,
- 0x20, 0x8d, 0x80, 0xf2, 0x91, 0x6f, 0x5c, 0x07,
- 0x8c, 0xe4, 0x6a, 0x49, 0x90, 0x85, 0x8b, 0x77,
- 0x29, 0x56, 0x1c, 0x5e, 0xa9, 0x3f, 0xab, 0x8b,
- 0x79, 0xa3, 0x6f, 0x6b, 0x34, 0xcb, 0x61, 0xf6,
- 0xe6, 0x92, 0xd1, 0x48, 0x9e, 0x11, 0xa2, 0x82,
- 0xc0, 0x4e, 0x23, 0xd2, 0x15, 0x0d, 0x8d, 0xff,
- 0xfa, 0x17, 0x9d, 0x81, 0xb8, 0xbc, 0xd7, 0x5b,
- 0x08, 0x81, 0x20, 0x40, 0xc0, 0x3c, 0x06, 0x8b,
- 0x1a, 0x88, 0x0b, 0x4b, 0x7b, 0x31, 0xf5, 0xd4,
- 0x4e, 0x09, 0xd1, 0x4d, 0x0d, 0x7f, 0x45, 0xd1,
- 0x09, 0x35, 0xba, 0xce, 0x65, 0xdd, 0xf2, 0xb8,
- 0xfb, 0x7a, 0xbc, 0xc4, 0x4b, 0xc8, 0x75, 0xda,
- 0x6b, 0xce, 0x3d, 0xe8, 0x94, 0xcc, 0x23, 0x6f,
- 0xb0, 0x3b, 0x4f, 0x7d, 0x07, 0xb9, 0x0f, 0x62,
- 0x92, 0x7e, 0xda, 0x70, 0x50, 0xce, 0xd3, 0x28,
- 0x12, 0x11, 0x00, 0xeb, 0x8d, 0x63, 0x70, 0x78,
- 0xa8, 0x7b, 0x76, 0xab, 0xc6, 0x40, 0xc0, 0x4e,
- 0x80, 0xdd, 0xf0, 0xfe, 0x83, 0x72, 0x56, 0x4c,
- 0x09, 0x4c, 0xf1, 0x72, 0x72, 0x86, 0x26, 0x31,
- 0xc3, 0xc2, 0xdc, 0x8e, 0xc7, 0xf4, 0x35, 0xec,
- 0x17, 0x06, 0x63, 0x47, 0x49, 0x88, 0x47, 0xaf,
- 0xb3, 0x38, 0x4f, 0x7e, 0x44, 0x95, 0xb5, 0xbb,
- 0x1d, 0xbd, 0x5a, 0x91, 0x5b, 0xd0, 0x1a, 0xdf,
- 0x0d, 0x0b, 0x50, 0xd8, 0xe2, 0x0e, 0xc5, 0x00,
- 0x2d, 0x5b, 0x29, 0x19, 0xaa, 0x2b, 0x64, 0xc5,
- 0x40, 0x31, 0x48, 0x11, 0xbc, 0x04, 0xd1, 0xcf,
- 0x6d, 0xf9, 0xa5, 0x2f, 0x4a, 0xc9, 0x82, 0xfa,
- 0x59, 0xe1, 0xfc, 0xab, 0x1c, 0x33, 0x26, 0x0a,
- 0x5f, 0xef, 0xf2, 0x06, 0xd8, 0xd3, 0x7e, 0x16,
- 0x58, 0x16, 0x78, 0x73, 0xae, 0xba, 0xeb, 0xe5,
- 0x3d, 0xb2, 0x0a, 0xb3, 0x32, 0x2d, 0x14, 0xa4,
- 0xfa, 0x3f, 0x1f, 0x43, 0xf9, 0x7b, 0xa9, 0x43,
- 0x98, 0x18, 0x94, 0x07, 0x07, 0xe5, 0x19, 0x34,
- 0xa8, 0x16, 0x5f, 0x71, 0x67, 0xaa, 0x29, 0xe5,
- 0xfa, 0xf0, 0x83, 0x06, 0x1d, 0x9d, 0xfc, 0xfe,
- 0xfe, 0x8c, 0xb5, 0xb2, 0xa9, 0xe7, 0xa0, 0x40,
- 0x60, 0xb6, 0x71, 0x9e, 0xab, 0x5b, 0x83, 0xb9,
- 0x0c, 0x2b, 0x58, 0x23, 0x80, 0x09, 0x9e, 0x5d,
- 0x94, 0x7d, 0x40, 0x76, 0xa9, 0x16, 0x96, 0x9e,
- 0x83, 0xe0, 0x0d, 0xec, 0xa0, 0xec, 0x76, 0x2a,
- 0xb7, 0xa0, 0xff, 0xb8, 0x50, 0x4c, 0x5b, 0xc6,
- 0x8b, 0x0a, 0x65, 0x2e, 0xfe, 0xb4, 0x40, 0x9a,
- 0x01, 0xd8, 0xc6, 0xa3, 0xab, 0x99, 0xa2, 0xc5,
- 0x0c, 0x08, 0xc4, 0xb7, 0xee, 0x4d, 0x1d, 0xc4,
- 0x08, 0x15, 0xd0, 0xdb, 0xaa, 0x63, 0x4f, 0x31,
- 0xeb, 0x14, 0x97, 0x43, 0xbd, 0xc1, 0x94, 0x08,
- 0xe6, 0xde, 0x43, 0x9f, 0x95, 0x0b, 0x96, 0x7e,
- 0x7f, 0x3c, 0x68, 0xba, 0x6f, 0xc4, 0xc9, 0x35,
- 0x2b, 0xc4, 0x0e, 0xda, 0x1f, 0x91, 0x68, 0x64,
- 0x63, 0x34, 0x73, 0xbe, 0x57, 0x75, 0xb9, 0xed,
- 0xf7, 0x2d, 0x3b, 0x05, 0x21, 0x93, 0x28, 0x48,
- 0x96, 0x95, 0x97, 0xa0, 0xd2, 0x7d, 0x78, 0xbb,
- 0x6a, 0x49, 0x8f, 0x76, 0x55, 0x74, 0x63, 0xb9,
- 0xc5, 0x36, 0x12, 0x25, 0xbf, 0x03, 0x82, 0x8f,
- 0xf0, 0xf6, 0x80, 0xbb, 0x33, 0xb4, 0xf4, 0x17,
- 0x27, 0x1c, 0xf3, 0x4c, 0x10, 0xa3, 0xe4, 0xd1,
- 0x55, 0xd9, 0x68, 0x21, 0x4e, 0x5a, 0x83, 0x67,
- 0xbf, 0xf8, 0x3c, 0x7d, 0x4e, 0x62, 0xd3, 0x28,
- 0xa7, 0x26, 0x6f, 0xe9, 0xee, 0xc2, 0x0b, 0x2d,
- 0x03, 0x84, 0xb1, 0xff, 0xd6, 0x68, 0x1f, 0xb6,
- 0xf2, 0xe4, 0x0f, 0xda, 0x2d, 0xee, 0x5f, 0x6e,
- 0x21, 0xc8, 0xe1, 0xfc, 0xad, 0x6b, 0x0e, 0x04,
- 0x7d, 0xaf, 0xc2, 0x3b, 0xa5, 0x68, 0x9b, 0x0c,
- 0xf3, 0x56, 0xf3, 0xda, 0x8d, 0xc8, 0x7d, 0x39,
- 0xdc, 0xd5, 0x99, 0xc6, 0x01, 0x10, 0xce, 0x42,
- 0x1b, 0xac, 0x48, 0xdc, 0x97, 0x78, 0x0a, 0xec,
- 0xb3, 0x8f, 0x47, 0x35, 0xa3, 0x6a, 0x64, 0xb2,
- 0x8e, 0x63, 0x69, 0x22, 0x66, 0xae, 0x2e, 0xe0,
- 0x88, 0xf9, 0x40, 0x3c, 0xc9, 0xa2, 0x57, 0x61,
- 0xf6, 0xad, 0xf0, 0xdc, 0x90, 0x56, 0x3f, 0x06,
- 0x9b, 0x7d, 0xbd, 0xc2, 0x81, 0x02, 0xab, 0xb8,
- 0x15, 0x09, 0x88, 0x4a, 0xff, 0x2f, 0x31, 0xbf,
- 0x5e, 0xfa, 0x6a, 0x7e, 0xf6, 0xc5, 0xa7, 0xf7,
- 0xd5, 0xab, 0x55, 0xac, 0xae, 0x0d, 0x8c, 0x8d,
- 0x7f, 0x4b, 0x25, 0xbb, 0x32, 0xff, 0x11, 0x33,
- 0x2e, 0x37, 0x37, 0x69, 0x96, 0x15, 0x17, 0xb1,
- 0x17, 0x49, 0xe0, 0x9a, 0x9c, 0xd9, 0x5b, 0x8d,
- 0x58, 0xa3, 0x1d, 0x92, 0x87, 0xf8, 0x80, 0xb9,
- 0xbd, 0x5a, 0xec, 0x40, 0xe1, 0x00, 0x33, 0x60,
- 0xe4, 0x86, 0x16, 0x6d, 0x61, 0x81, 0xf2, 0x28,
- 0x6a, 0xa7, 0xce, 0x3f, 0x95, 0xae, 0x43, 0xca,
- 0xe1, 0x3f, 0x81, 0x74, 0x7e, 0x1c, 0x47, 0x17,
- 0x95, 0xc6, 0x60, 0xda, 0x74, 0x77, 0xd9, 0x9f,
- 0xfa, 0x92, 0xb4, 0xbe, 0xe1, 0x23, 0x98, 0x18,
- 0x95, 0x63, 0x03, 0x13, 0x4c, 0x1a, 0x2d, 0x41,
- 0xcd, 0xe4, 0x84, 0xf7, 0xe6, 0x38, 0xef, 0xff,
- 0x95, 0xb2, 0xe8, 0x7c, 0x8f, 0x58, 0xb5, 0xb5,
- 0xed, 0x27, 0x7f, 0x3c, 0x18, 0xab, 0xbe, 0x7f,
- 0x4f, 0xe2, 0x35, 0x15, 0x71, 0xb7, 0x6f, 0x85,
- 0x38, 0x9b, 0x88, 0xf6, 0x9c, 0x8d, 0x43, 0xb5,
- 0x58, 0x9e, 0xf2, 0xd1, 0x96, 0xbe, 0xb7, 0xad,
- 0x1a, 0xa0, 0x98},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testimit2",
- {
- 0x80, 0xd9, 0xa0, 0xdc, 0x21, 0xf9, 0x30, 0x40,
- 0x75, 0xfe, 0x49, 0x1b, 0x9e, 0x71, 0x90, 0x91,
- 0x78, 0x88, 0x21, 0x60, 0x39, 0xe7, 0xc9, 0x2b,
- 0xfb, 0x55, 0x1d, 0xf4, 0xdd, 0x2b, 0x0a, 0x01},
- G89_IMIT,
- {0},
- {
- 0x90, 0xf2, 0x11, 0x9a}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 10,
- {
- 0x1d, 0xeb, 0xe6, 0x79, 0x0a, 0x59, 0x00, 0xe6,
- 0x8e, 0x5c},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testimit3",
- {
- 0xa9, 0xb6, 0x37, 0xcc, 0x6d, 0x9b, 0x2f, 0x25,
- 0xb0, 0xdf, 0x47, 0x04, 0x50, 0x68, 0xb0, 0x27,
- 0x41, 0x27, 0x58, 0x6a, 0xbd, 0x0a, 0x6e, 0x50,
- 0x2f, 0xc6, 0xfc, 0xc0, 0x3e, 0x29, 0x42, 0xa5},
- G89_IMIT,
- {0},
- {
- 0x31, 0x7c, 0x16, 0xe4}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 6,
- {
- 0xef, 0x06, 0x8f, 0x14, 0xc9, 0x04},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testimit4",
- {
- 0xb0, 0x6c, 0x48, 0x23, 0x0a, 0x6e, 0xf4, 0xec,
- 0x27, 0x98, 0x01, 0x23, 0xa7, 0xd8, 0xbf, 0x60,
- 0x89, 0xef, 0xad, 0xe8, 0x8f, 0x79, 0x14, 0x8c,
- 0x18, 0x5c, 0x9a, 0xda, 0xef, 0x0b, 0xdd, 0xa0},
- G89_IMIT,
- {0},
- {
- 0xe9, 0x72, 0xae, 0xbf}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 16,
- {
- 0x02, 0xf8, 0xec, 0x2b, 0x4d, 0x1f, 0xbc, 0x7c,
- 0x6e, 0x47, 0xe3, 0x87, 0x22, 0x75, 0x41, 0xa7},
- "id-Gost28147-89-CryptoPro-B-ParamSet",
- "testimit5",
- {
- 0x33, 0xd3, 0xef, 0x01, 0x19, 0x95, 0x0e, 0x15,
- 0xa1, 0x69, 0x75, 0xae, 0x56, 0x27, 0x17, 0x79,
- 0x63, 0x47, 0xab, 0x62, 0x9d, 0x4a, 0xf0, 0x34,
- 0xd3, 0x1e, 0x69, 0x74, 0xec, 0x31, 0x48, 0xfc},
- G89_IMIT,
- {0},
- {
- 0xf5, 0x55, 0x1f, 0x28}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 8,
- {
- 0xf3, 0xb2, 0x29, 0xd2, 0x7a, 0x37, 0x03, 0x12},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testimit6",
- {
- 0x42, 0x35, 0x81, 0x91, 0x0b, 0xa9, 0x99, 0xff,
- 0xd9, 0x43, 0xf8, 0xc6, 0x19, 0x55, 0x1f, 0x2f,
- 0x2d, 0x45, 0x40, 0x20, 0x1e, 0x1d, 0x32, 0x7a,
- 0xb1, 0x07, 0x6b, 0x4f, 0x45, 0x90, 0xd9, 0x80},
- G89_IMIT,
- {0},
- {
- 0x6e, 0x15, 0xfa, 0xe8}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 0,
- {
- 0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "testimit7",
- {
- 0x26, 0xcb, 0xb9, 0xf0, 0x0c, 0x62, 0x9f, 0xaa,
- 0x4a, 0x1d, 0xb6, 0x30, 0x09, 0x01, 0x56, 0x89,
- 0x66, 0xd4, 0xe4, 0x0e, 0xfe, 0xf6, 0x10, 0x6b,
- 0x6c, 0xe8, 0x04, 0x3a, 0xe3, 0x61, 0x4b, 0x19},
- G89_IMIT,
- {0},
- {
- 0x00, 0x00, 0x00, 0x00}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 5242880,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test5Mimit",
- {
- 0xaa, 0x85, 0x84, 0xcd, 0x65, 0x28, 0xe1, 0xdb,
- 0xb8, 0x20, 0x19, 0x43, 0xe0, 0x36, 0x35, 0x10,
- 0x19, 0xc3, 0x70, 0x5b, 0x27, 0xc1, 0x9d, 0x84,
- 0x75, 0xa3, 0xc6, 0x49, 0x46, 0x8f, 0x7c, 0x4e},
- G89_IMIT,
- {0},
- {
- 0x2a, 0xe6, 0x23, 0xc6}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- 3221225472U + 16,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test3Gimit1",
- {
- 0xd5, 0xda, 0xfe, 0x06, 0x60, 0xdc, 0xf0, 0xb3,
- 0x49, 0x5a, 0x02, 0x59, 0xc8, 0x2e, 0x4a, 0x2b,
- 0xcc, 0x9b, 0x98, 0x04, 0xb7, 0xf2, 0x78, 0xb7,
- 0xce, 0xa3, 0xf2, 0xdb, 0x9e, 0xa8, 0x49, 0x1d},
- G89_IMIT,
- {0},
- {
- 0xcc, 0x46, 0x67, 0xe4}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- U64(4) * 1024 * 1024 * 1024,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test4Gimit3",
- {
- 0x0d, 0xf1, 0xa8, 0x7f, 0x57, 0x03, 0x44, 0xcc,
- 0xdb, 0x20, 0xde, 0xed, 0x85, 0x50, 0x38, 0xda,
- 0xc9, 0x44, 0xec, 0x2c, 0x0d, 0x66, 0xb7, 0xdc,
- 0x17, 0x14, 0x55, 0x95, 0x33, 0x6e, 0x43, 0x3e},
- G89_IMIT,
- {0},
- {
- 0xb7, 0x21, 0x2e, 0x48}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- U64(4) * 1024 * 1024 * 1024 + 4,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test4Gimit1",
- {
- 0x0c, 0xf3, 0xe9, 0xb0, 0x28, 0x3b, 0x9f, 0x8b,
- 0xe3, 0x82, 0xb9, 0xa2, 0xa6, 0xbd, 0x80, 0xd2,
- 0xcd, 0xfa, 0x3f, 0xf7, 0x90, 0xa7, 0x55, 0x06,
- 0x9b, 0x7a, 0x58, 0xee, 0xe7, 0xf1, 0x9d, 0xbe},
- G89_IMIT,
- {0},
- {
- 0xda, 0x15, 0x10, 0x73}
- },
- { /* Calculated by libcapi10, CryptoPro CSP
- * 3.6R2, Mac OSX */
- U64(4) * 1024 * 1024 * 1024 + 10,
- {0},
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- "test4Gimit2",
- {
- 0x97, 0x1a, 0x42, 0x22, 0xfa, 0x07, 0xb2, 0xca,
- 0xf9, 0xd2, 0x34, 0x5a, 0x92, 0xb1, 0x1f, 0x6b,
- 0x53, 0xf8, 0xaf, 0xed, 0x9a, 0x73, 0xc4, 0x38,
- 0xd7, 0x7d, 0x25, 0x81, 0x00, 0x0d, 0xd4, 0x29},
- G89_IMIT,
- {0},
- {
- 0x52, 0xaa, 0x22, 0xb4}
- }
-};
-
-int main(int argc, char *argv[])
-{
- unsigned int t;
- u64 ullMaxLen = 6 * 1000 * 1000;
- int ignore = 0;
- ENGINE *impl = NULL;
- EVP_MD_CTX mctx;
- EVP_CIPHER_CTX ectx;
- EVP_PKEY *mac_key;
- byte bDerive[EVP_MAX_KEY_LENGTH];
- byte bTest[G89_MAX_TC_LEN];
- byte bTest1[G89_MAX_TC_LEN];
- u64 ullLeft;
- static const byte bZB[40 * 1024 * 1024] = { 0 };
- static byte bTS[40 * 1024 * 1024] = { 0 };
- unsigned int mdl = 0;
- int enlu = 0;
- int enlf = 0;
- size_t siglen;
- size_t l = 0;
-
- const EVP_MD *md_gost94 = NULL;
- const EVP_CIPHER *cp_g89cfb = NULL;
- const EVP_CIPHER *cp_g89cnt = NULL;
- const EVP_CIPHER *ctype = NULL;
- const EVP_MD *md_g89imit = NULL;
-
- long lErrLine;
- CONF *pConfig = NCONF_new(NULL);
- BIO *bpConf;
- char sConf[] =
- "openssl_conf = openssl_def\n"
- "\n"
- "[openssl_def]\n"
- "engines = engine_section\n"
- "\n"
- "[engine_section]\n"
- "gost = gost_section\n"
- "\n" "[gost_section]\n" "default_algorithms = ALL\n" "\n";
-
- printf("Testing GOST 28147-89 ");
-
- if (1 < argc) {
- if (1 != sscanf(argv[1], FMT64, &ullMaxLen) ||
- (2 < argc ? 1 != sscanf(argv[2], "%d", &ignore) : 0)) {
- fflush(NULL);
- fprintf(stderr, "Usage: %s [maxlen [ignore-error]]\n", argv[0]);
- return 1;
- }
- }
-
- /*
- * ccgost engine test on GostR3411_94_CryptoProParamSet
- */
- ERR_load_crypto_strings();
- ENGINE_load_builtin_engines();
- OPENSSL_load_builtin_modules();
-
- bpConf = BIO_new_mem_buf(sConf, -1);
- if (!NCONF_load_bio(pConfig, bpConf, &lErrLine)) {
- fflush(NULL);
- fprintf(stderr, "NCONF_load_bio: ErrLine=%ld: %s\n",
- lErrLine, ERR_error_string(ERR_get_error(), NULL));
- return 4;
- }
- BIO_free(bpConf);
-
- if (!CONF_modules_load(pConfig, NULL, 0)) {
- fflush(NULL);
- fprintf(stderr, "CONF_modules_load: %s\n",
- ERR_error_string(ERR_get_error(), NULL));
- return 5;
- }
-
- /* Test load engine */
- if (NULL == (impl = ENGINE_by_id(CCGOST_ID))) {
- fflush(NULL);
- fprintf(stderr, "Can't load engine id \"" CCGOST_ID "\"\n");
- if (!ignore) {
- return 6;
- }
- }
- if (NULL == (md_gost94 = EVP_get_digestbyname(SN_id_GostR3411_94))) {
- fflush(NULL);
- fprintf(stderr, "\"" SN_id_GostR3411_94 "\" - not found\n");
- if (!ignore) {
- return 7;
- }
- }
- if (NULL == (cp_g89cfb = EVP_get_cipherbyname(SN_id_Gost28147_89))) {
- fflush(NULL);
- fprintf(stderr, "\"" SN_id_Gost28147_89 "\" - not found\n");
- if (!ignore) {
- return 8;
- }
- }
- if (NULL == (cp_g89cnt = EVP_get_cipherbyname(SN_gost89_cnt))) {
- fflush(NULL);
- fprintf(stderr, "\"" SN_gost89_cnt "\" - not found\n");
- if (!ignore) {
- return 9;
- }
- }
- if (NULL == (md_g89imit = EVP_get_digestbyname(SN_id_Gost28147_89_MAC))) {
- fflush(NULL);
- fprintf(stderr, "\"" SN_id_Gost28147_89_MAC "\" - not found\n");
- if (!ignore) {
- return 10;
- }
- }
-
- /* Test cases */
- for (t = 0; t < sizeof(tcs) / sizeof(tcs[0]); t++) {
- if (NULL == tcs[t].szDerive) {
- continue;
- }
- memset(bDerive, 0x3c, sizeof(bDerive));
- mdl = sizeof(bDerive);
- EVP_Digest(tcs[t].szDerive, strlen(tcs[t].szDerive),
- bDerive, &mdl, md_gost94, impl);
- if (0 != memcmp(tcs[t].bRawKey, bDerive, mdl)) {
- fflush(NULL);
- fprintf(stderr, "Engine test t=%d " "derive key error.\n", t);
- if (!ignore) {
- return 12;
- }
- }
- if (ullMaxLen < tcs[t].ullLen) {
- continue;
- }
- memset(bTest, 0xa5, sizeof(bTest));
- memset(bTest1, 0x5a, sizeof(bTest1));
- if (!ENGINE_ctrl_cmd_string(impl,
- "CRYPT_PARAMS", tcs[t].szParamSet, 0)) {
- fflush(NULL);
- fprintf(stderr, "ENGINE_ctrl_cmd_string: %s\n",
- ERR_error_string(ERR_get_error(), NULL));
- return 11;
- }
- switch (tcs[t].gMode) {
- case G89_ECB:
- /* OpenSSL/ccgost not implemented GOST 28147-89 ECB */
- continue;
- case G89_CFB:
- ctype = cp_g89cfb;
- goto engine_cipher_check;
- case G89_CNT:
- if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet",
- tcs[t].szParamSet)) {
- /*
- * ccgost engine can't change S-Box for gost-cnt
- */
- continue;
- }
- ctype = cp_g89cnt;
- engine_cipher_check:
- EVP_CIPHER_CTX_init(&ectx);
- EVP_EncryptInit_ex(&ectx, ctype, impl, bDerive, tcs[t].bIV);
- if (G89_MAX_TC_LEN >= tcs[t].ullLen) {
- enlu = sizeof(bTest);
- EVP_EncryptUpdate(&ectx, bTest, &enlu,
- tcs[t].bIn, (int)tcs[t].ullLen);
- l = (size_t)tcs[t].ullLen;
- } else {
- for (ullLeft = tcs[t].ullLen;
- ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) {
- printf("B");
- fflush(NULL);
- enlu = sizeof(bTS);
- EVP_EncryptUpdate(&ectx, bTS, &enlu, bZB, sizeof(bZB));
- }
- printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen);
- fflush(NULL);
- EVP_EncryptUpdate(&ectx, bTS, &enlu, bZB, (int)ullLeft);
- memcpy(bTest, &bTS[enlu - 16], 16);
- enlu = (int)tcs[t].ullLen;
- l = 16;
- }
- enlf = sizeof(bTest1);
- EVP_EncryptFinal_ex(&ectx, bTest1, &enlf);
- EVP_CIPHER_CTX_cleanup(&ectx);
- break;
- case G89_IMIT:
- if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet",
- tcs[t].szParamSet)) {
- /*
- * ccgost engine can't change S-Box for gost-mac
- */
- continue;
- }
- EVP_MD_CTX_init(&mctx);
- mac_key = EVP_PKEY_new_mac_key(NID_id_Gost28147_89_MAC, NULL,
- bDerive, mdl);
- EVP_DigestSignInit(&mctx, NULL, md_g89imit, impl, mac_key);
- if (G89_MAX_TC_LEN >= tcs[t].ullLen) {
- EVP_DigestSignUpdate(&mctx, tcs[t].bIn,
- (unsigned int)tcs[t].ullLen);
- } else {
- for (ullLeft = tcs[t].ullLen;
- ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) {
- printf("B");
- fflush(NULL);
- EVP_DigestSignUpdate(&mctx, bZB, sizeof(bZB));
- }
- printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen);
- fflush(NULL);
- EVP_DigestSignUpdate(&mctx, bZB, (unsigned int)ullLeft);
- }
- siglen = 4;
- OPENSSL_assert(EVP_DigestSignFinal(&mctx, bTest, &siglen));
- EVP_MD_CTX_cleanup(&mctx);
- enlu = (int)tcs[t].ullLen;
- enlf = 0;
- l = siglen;
- break;
- }
- if ((int)tcs[t].ullLen != enlu || 0 != enlf ||
- 0 != memcmp(tcs[t].bOut, bTest, l)) {
- fflush(NULL);
- fprintf(stderr, "\nEngine test t=%d len=" FMT64
- " failed.\n", t, tcs[t].ullLen);
- if (!ignore) {
- return 13;
- }
- } else {
- printf(".");
- fflush(NULL);
- }
- }
-
- printf(" passed\n");
- fflush(NULL);
-
- return EXIT_SUCCESS;
-}
-#endif
--- /dev/null
+/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_AES_H
+# define HEADER_AES_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_AES
+# error AES is disabled.
+# endif
+
+# include <stddef.h>
+
+# define AES_ENCRYPT 1
+# define AES_DECRYPT 0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+# define AES_MAXNR 14
+# define AES_BLOCK_SIZE 16
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+struct aes_key_st {
+# ifdef AES_LONG
+ unsigned long rd_key[4 * (AES_MAXNR + 1)];
+# else
+ unsigned int rd_key[4 * (AES_MAXNR + 1)];
+# endif
+ int rounds;
+};
+typedef struct aes_key_st AES_KEY;
+
+const char *AES_options(void);
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+
+void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key, const int enc);
+void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
+void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num);
+/* NB: the IV is _two_ blocks long */
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
+/* NB: the IV is _four_ blocks long */
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ const AES_KEY *key2, const unsigned char *ivec,
+ const int enc);
+
+int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, unsigned int inlen);
+int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, unsigned int inlen);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* !HEADER_AES_H */
--- /dev/null
+/* crypto/asn1/asn1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_H
+# define HEADER_ASN1_H
+
+# include <time.h>
+# include <openssl/e_os2.h>
+# include <openssl/bio.h>
+# include <openssl/stack.h>
+# include <openssl/safestack.h>
+
+# include <openssl/symhacks.h>
+
+# include <openssl/ossl_typ.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# endif
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define V_ASN1_UNIVERSAL 0x00
+# define V_ASN1_APPLICATION 0x40
+# define V_ASN1_CONTEXT_SPECIFIC 0x80
+# define V_ASN1_PRIVATE 0xc0
+
+# define V_ASN1_CONSTRUCTED 0x20
+# define V_ASN1_PRIMITIVE_TAG 0x1f
+# define V_ASN1_PRIMATIVE_TAG 0x1f
+
+# define V_ASN1_APP_CHOOSE -2/* let the recipient choose */
+# define V_ASN1_OTHER -3/* used in ASN1_TYPE */
+# define V_ASN1_ANY -4/* used in ASN1 template code */
+
+# define V_ASN1_NEG 0x100/* negative flag */
+
+# define V_ASN1_UNDEF -1
+# define V_ASN1_EOC 0
+# define V_ASN1_BOOLEAN 1 /**/
+# define V_ASN1_INTEGER 2
+# define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
+# define V_ASN1_BIT_STRING 3
+# define V_ASN1_OCTET_STRING 4
+# define V_ASN1_NULL 5
+# define V_ASN1_OBJECT 6
+# define V_ASN1_OBJECT_DESCRIPTOR 7
+# define V_ASN1_EXTERNAL 8
+# define V_ASN1_REAL 9
+# define V_ASN1_ENUMERATED 10
+# define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
+# define V_ASN1_UTF8STRING 12
+# define V_ASN1_SEQUENCE 16
+# define V_ASN1_SET 17
+# define V_ASN1_NUMERICSTRING 18 /**/
+# define V_ASN1_PRINTABLESTRING 19
+# define V_ASN1_T61STRING 20
+# define V_ASN1_TELETEXSTRING 20/* alias */
+# define V_ASN1_VIDEOTEXSTRING 21 /**/
+# define V_ASN1_IA5STRING 22
+# define V_ASN1_UTCTIME 23
+# define V_ASN1_GENERALIZEDTIME 24 /**/
+# define V_ASN1_GRAPHICSTRING 25 /**/
+# define V_ASN1_ISO64STRING 26 /**/
+# define V_ASN1_VISIBLESTRING 26/* alias */
+# define V_ASN1_GENERALSTRING 27 /**/
+# define V_ASN1_UNIVERSALSTRING 28 /**/
+# define V_ASN1_BMPSTRING 30
+/* For use with d2i_ASN1_type_bytes() */
+# define B_ASN1_NUMERICSTRING 0x0001
+# define B_ASN1_PRINTABLESTRING 0x0002
+# define B_ASN1_T61STRING 0x0004
+# define B_ASN1_TELETEXSTRING 0x0004
+# define B_ASN1_VIDEOTEXSTRING 0x0008
+# define B_ASN1_IA5STRING 0x0010
+# define B_ASN1_GRAPHICSTRING 0x0020
+# define B_ASN1_ISO64STRING 0x0040
+# define B_ASN1_VISIBLESTRING 0x0040
+# define B_ASN1_GENERALSTRING 0x0080
+# define B_ASN1_UNIVERSALSTRING 0x0100
+# define B_ASN1_OCTET_STRING 0x0200
+# define B_ASN1_BIT_STRING 0x0400
+# define B_ASN1_BMPSTRING 0x0800
+# define B_ASN1_UNKNOWN 0x1000
+# define B_ASN1_UTF8STRING 0x2000
+# define B_ASN1_UTCTIME 0x4000
+# define B_ASN1_GENERALIZEDTIME 0x8000
+# define B_ASN1_SEQUENCE 0x10000
+/* For use with ASN1_mbstring_copy() */
+# define MBSTRING_FLAG 0x1000
+# define MBSTRING_UTF8 (MBSTRING_FLAG)
+# define MBSTRING_ASC (MBSTRING_FLAG|1)
+# define MBSTRING_BMP (MBSTRING_FLAG|2)
+# define MBSTRING_UNIV (MBSTRING_FLAG|4)
+# define SMIME_OLDMIME 0x400
+# define SMIME_CRLFEOL 0x800
+# define SMIME_STREAM 0x1000
+ struct X509_algor_st;
+DECLARE_STACK_OF(X509_ALGOR)
+
+/*
+ * We MUST make sure that, except for constness, asn1_ctx_st and
+ * asn1_const_ctx are exactly the same. Fortunately, as soon as the old ASN1
+ * parsing macros are gone, we can throw this away as well...
+ */
+typedef struct asn1_ctx_st {
+ unsigned char *p; /* work char pointer */
+ int eos; /* end of sequence read for indefinite
+ * encoding */
+ int error; /* error code to use when returning an error */
+ int inf; /* constructed if 0x20, indefinite is 0x21 */
+ int tag; /* tag from last 'get object' */
+ int xclass; /* class from last 'get object' */
+ long slen; /* length of last 'get object' */
+ unsigned char *max; /* largest value of p allowed */
+ unsigned char *q; /* temporary variable */
+ unsigned char **pp; /* variable */
+ int line; /* used in error processing */
+} ASN1_CTX;
+
+typedef struct asn1_const_ctx_st {
+ const unsigned char *p; /* work char pointer */
+ int eos; /* end of sequence read for indefinite
+ * encoding */
+ int error; /* error code to use when returning an error */
+ int inf; /* constructed if 0x20, indefinite is 0x21 */
+ int tag; /* tag from last 'get object' */
+ int xclass; /* class from last 'get object' */
+ long slen; /* length of last 'get object' */
+ const unsigned char *max; /* largest value of p allowed */
+ const unsigned char *q; /* temporary variable */
+ const unsigned char **pp; /* variable */
+ int line; /* used in error processing */
+} ASN1_const_CTX;
+
+# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
+/*
+ * This indicates that the ASN1_STRING is not a real value but just a place
+ * holder for the location where indefinite length constructed data should be
+ * inserted in the memory buffer
+ */
+# define ASN1_STRING_FLAG_NDEF 0x010
+
+/*
+ * This flag is used by the CMS code to indicate that a string is not
+ * complete and is a place holder for content when it had all been accessed.
+ * The flag will be reset when content has been written to it.
+ */
+
+# define ASN1_STRING_FLAG_CONT 0x020
+/*
+ * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+ * type.
+ */
+# define ASN1_STRING_FLAG_MSTRING 0x040
+/* This is the base type that holds just about everything :-) */
+struct asn1_string_st {
+ int length;
+ int type;
+ unsigned char *data;
+ /*
+ * The value of the following field depends on the type being held. It
+ * is mostly being used for BIT_STRING so if the input data has a
+ * non-zero 'unused bits' value, it will be handled correctly
+ */
+ long flags;
+};
+
+/*
+ * ASN1_ENCODING structure: this is used to save the received encoding of an
+ * ASN1 type. This is useful to get round problems with invalid encodings
+ * which can break signatures.
+ */
+
+typedef struct ASN1_ENCODING_st {
+ unsigned char *enc; /* DER encoding */
+ long len; /* Length of encoding */
+ int modified; /* set to 1 if 'enc' is invalid */
+} ASN1_ENCODING;
+
+/* Used with ASN1 LONG type: if a long is set to this it is omitted */
+# define ASN1_LONG_UNDEF 0x7fffffffL
+
+# define STABLE_FLAGS_MALLOC 0x01
+/*
+ * A zero passed to ASN1_STRING_TABLE_new_add for the flags is interpreted
+ * as "don't change" and STABLE_FLAGS_MALLOC is always set. By setting
+ * STABLE_FLAGS_MALLOC only we can clear the existing value. Use the alias
+ * STABLE_FLAGS_CLEAR to reflect this.
+ */
+# define STABLE_FLAGS_CLEAR STABLE_FLAGS_MALLOC
+# define STABLE_NO_MASK 0x02
+# define DIRSTRING_TYPE \
+ (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
+# define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
+
+typedef struct asn1_string_table_st {
+ int nid;
+ long minsize;
+ long maxsize;
+ unsigned long mask;
+ unsigned long flags;
+} ASN1_STRING_TABLE;
+
+DECLARE_STACK_OF(ASN1_STRING_TABLE)
+
+/* size limits: this stuff is taken straight from RFC2459 */
+
+# define ub_name 32768
+# define ub_common_name 64
+# define ub_locality_name 128
+# define ub_state_name 128
+# define ub_organization_name 64
+# define ub_organization_unit_name 64
+# define ub_title 64
+# define ub_email_address 128
+
+/*
+ * Declarations for template structures: for full definitions see asn1t.h
+ */
+typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
+typedef struct ASN1_TLC_st ASN1_TLC;
+/* This is just an opaque pointer */
+typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+/* Declare ASN1 functions: the implement macro in in asn1t.h */
+
+# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
+
+# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
+
+# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+ type *d2i_##name(type **a, const unsigned char **in, long len); \
+ int i2d_##name(type *a, unsigned char **out); \
+ DECLARE_ASN1_ITEM(itname)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+ type *d2i_##name(type **a, const unsigned char **in, long len); \
+ int i2d_##name(const type *a, unsigned char **out); \
+ DECLARE_ASN1_ITEM(name)
+
+# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+ int i2d_##name##_NDEF(name *a, unsigned char **out);
+
+# define DECLARE_ASN1_FUNCTIONS_const(name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ type *name##_new(void); \
+ void name##_free(type *a);
+
+# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+ DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+
+# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+ int fname##_print_ctx(BIO *out, stname *x, int indent, \
+ const ASN1_PCTX *pctx);
+
+# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+# define I2D_OF(type) int (*)(type *,unsigned char **)
+# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+
+# define CHECKED_D2I_OF(type, d2i) \
+ ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
+# define CHECKED_I2D_OF(type, i2d) \
+ ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
+# define CHECKED_NEW_OF(type, xnew) \
+ ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
+# define CHECKED_PTR_OF(type, p) \
+ ((void*) (1 ? p : (type*)0))
+# define CHECKED_PPTR_OF(type, p) \
+ ((void**) (1 ? p : (type**)0))
+
+# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
+# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+
+TYPEDEF_D2I2D_OF(void);
+
+/*-
+ * The following macros and typedefs allow an ASN1_ITEM
+ * to be embedded in a structure and referenced. Since
+ * the ASN1_ITEM pointers need to be globally accessible
+ * (possibly from shared libraries) they may exist in
+ * different forms. On platforms that support it the
+ * ASN1_ITEM structure itself will be globally exported.
+ * Other platforms will export a function that returns
+ * an ASN1_ITEM pointer.
+ *
+ * To handle both cases transparently the macros below
+ * should be used instead of hard coding an ASN1_ITEM
+ * pointer in a structure.
+ *
+ * The structure will look like this:
+ *
+ * typedef struct SOMETHING_st {
+ * ...
+ * ASN1_ITEM_EXP *iptr;
+ * ...
+ * } SOMETHING;
+ *
+ * It would be initialised as e.g.:
+ *
+ * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
+ *
+ * and the actual pointer extracted with:
+ *
+ * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
+ *
+ * Finally an ASN1_ITEM pointer can be extracted from an
+ * appropriate reference with: ASN1_ITEM_rptr(X509). This
+ * would be used when a function takes an ASN1_ITEM * argument.
+ *
+ */
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+/* ASN1_ITEM pointer exported type */
+typedef const ASN1_ITEM ASN1_ITEM_EXP;
+
+/* Macro to obtain ASN1_ITEM pointer from exported type */
+# define ASN1_ITEM_ptr(iptr) (iptr)
+
+/* Macro to include ASN1_ITEM pointer from base type */
+# define ASN1_ITEM_ref(iptr) (&(iptr##_it))
+
+# define ASN1_ITEM_rptr(ref) (&(ref##_it))
+
+# define DECLARE_ASN1_ITEM(name) \
+ OPENSSL_EXTERN const ASN1_ITEM name##_it;
+
+# else
+
+/*
+ * Platforms that can't easily handle shared global variables are declared as
+ * functions returning ASN1_ITEM pointers.
+ */
+
+/* ASN1_ITEM pointer exported type */
+typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
+
+/* Macro to obtain ASN1_ITEM pointer from exported type */
+# define ASN1_ITEM_ptr(iptr) (iptr())
+
+/* Macro to include ASN1_ITEM pointer from base type */
+# define ASN1_ITEM_ref(iptr) (iptr##_it)
+
+# define ASN1_ITEM_rptr(ref) (ref##_it())
+
+# define DECLARE_ASN1_ITEM(name) \
+ const ASN1_ITEM * name##_it(void);
+
+# endif
+
+/* Parameters used by ASN1_STRING_print_ex() */
+
+/*
+ * These determine which characters to escape: RFC2253 special characters,
+ * control characters and MSB set characters
+ */
+
+# define ASN1_STRFLGS_ESC_2253 1
+# define ASN1_STRFLGS_ESC_CTRL 2
+# define ASN1_STRFLGS_ESC_MSB 4
+
+/*
+ * This flag determines how we do escaping: normally RC2253 backslash only,
+ * set this to use backslash and quote.
+ */
+
+# define ASN1_STRFLGS_ESC_QUOTE 8
+
+/* These three flags are internal use only. */
+
+/* Character is a valid PrintableString character */
+# define CHARTYPE_PRINTABLESTRING 0x10
+/* Character needs escaping if it is the first character */
+# define CHARTYPE_FIRST_ESC_2253 0x20
+/* Character needs escaping if it is the last character */
+# define CHARTYPE_LAST_ESC_2253 0x40
+
+/*
+ * NB the internal flags are safely reused below by flags handled at the top
+ * level.
+ */
+
+/*
+ * If this is set we convert all character strings to UTF8 first
+ */
+
+# define ASN1_STRFLGS_UTF8_CONVERT 0x10
+
+/*
+ * If this is set we don't attempt to interpret content: just assume all
+ * strings are 1 byte per character. This will produce some pretty odd
+ * looking output!
+ */
+
+# define ASN1_STRFLGS_IGNORE_TYPE 0x20
+
+/* If this is set we include the string type in the output */
+# define ASN1_STRFLGS_SHOW_TYPE 0x40
+
+/*
+ * This determines which strings to display and which to 'dump' (hex dump of
+ * content octets or DER encoding). We can only dump non character strings or
+ * everything. If we don't dump 'unknown' they are interpreted as character
+ * strings with 1 octet per character and are subject to the usual escaping
+ * options.
+ */
+
+# define ASN1_STRFLGS_DUMP_ALL 0x80
+# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
+
+/*
+ * These determine what 'dumping' does, we can dump the content octets or the
+ * DER encoding: both use the RFC2253 #XXXXX notation.
+ */
+
+# define ASN1_STRFLGS_DUMP_DER 0x200
+
+/*
+ * All the string flags consistent with RFC2253, escaping control characters
+ * isn't essential in RFC2253 but it is advisable anyway.
+ */
+
+# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
+ ASN1_STRFLGS_ESC_CTRL | \
+ ASN1_STRFLGS_ESC_MSB | \
+ ASN1_STRFLGS_UTF8_CONVERT | \
+ ASN1_STRFLGS_DUMP_UNKNOWN | \
+ ASN1_STRFLGS_DUMP_DER)
+
+DECLARE_STACK_OF(ASN1_INTEGER)
+
+DECLARE_STACK_OF(ASN1_GENERALSTRING)
+
+typedef struct asn1_type_st {
+ int type;
+ union {
+ char *ptr;
+ ASN1_BOOLEAN boolean;
+ ASN1_STRING *asn1_string;
+ ASN1_OBJECT *object;
+ ASN1_INTEGER *integer;
+ ASN1_ENUMERATED *enumerated;
+ ASN1_BIT_STRING *bit_string;
+ ASN1_OCTET_STRING *octet_string;
+ ASN1_PRINTABLESTRING *printablestring;
+ ASN1_T61STRING *t61string;
+ ASN1_IA5STRING *ia5string;
+ ASN1_GENERALSTRING *generalstring;
+ ASN1_BMPSTRING *bmpstring;
+ ASN1_UNIVERSALSTRING *universalstring;
+ ASN1_UTCTIME *utctime;
+ ASN1_GENERALIZEDTIME *generalizedtime;
+ ASN1_VISIBLESTRING *visiblestring;
+ ASN1_UTF8STRING *utf8string;
+ /*
+ * set and sequence are left complete and still contain the set or
+ * sequence bytes
+ */
+ ASN1_STRING *set;
+ ASN1_STRING *sequence;
+ ASN1_VALUE *asn1_value;
+ } value;
+} ASN1_TYPE;
+
+DECLARE_STACK_OF(ASN1_TYPE)
+
+typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+typedef struct NETSCAPE_X509_st {
+ ASN1_OCTET_STRING *header;
+ X509 *cert;
+} NETSCAPE_X509;
+
+/* This is used to contain a list of bit names */
+typedef struct BIT_STRING_BITNAME_st {
+ int bitnum;
+ const char *lname;
+ const char *sname;
+} BIT_STRING_BITNAME;
+
+# define B_ASN1_TIME \
+ B_ASN1_UTCTIME | \
+ B_ASN1_GENERALIZEDTIME
+
+# define B_ASN1_PRINTABLE \
+ B_ASN1_NUMERICSTRING| \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_T61STRING| \
+ B_ASN1_IA5STRING| \
+ B_ASN1_BIT_STRING| \
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING|\
+ B_ASN1_SEQUENCE|\
+ B_ASN1_UNKNOWN
+
+# define B_ASN1_DIRECTORYSTRING \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_TELETEXSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_UTF8STRING
+
+# define B_ASN1_DISPLAYTEXT \
+ B_ASN1_IA5STRING| \
+ B_ASN1_VISIBLESTRING| \
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING
+
+DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+
+int ASN1_TYPE_get(ASN1_TYPE *a);
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t);
+void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+
+ASN1_OBJECT *ASN1_OBJECT_new(void);
+void ASN1_OBJECT_free(ASN1_OBJECT *a);
+int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
+ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+ long length);
+
+DECLARE_ASN1_ITEM(ASN1_OBJECT)
+
+DECLARE_STACK_OF(ASN1_OBJECT)
+
+ASN1_STRING *ASN1_STRING_new(void);
+void ASN1_STRING_free(ASN1_STRING *a);
+void ASN1_STRING_clear_free(ASN1_STRING *a);
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
+ASN1_STRING *ASN1_STRING_type_new(int type);
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
+ /*
+ * Since this is used to store all sorts of things, via macros, for now,
+ * make its data void *
+ */
+int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
+int ASN1_STRING_length(const ASN1_STRING *x);
+void ASN1_STRING_length_set(ASN1_STRING *x, int n);
+int ASN1_STRING_type(ASN1_STRING *x);
+unsigned char *ASN1_STRING_data(ASN1_STRING *x);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
+int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
+int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n);
+int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a,
+ const unsigned char *flags, int flags_len);
+
+int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
+ BIT_STRING_BITNAME *tbl, int indent);
+int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
+int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
+ BIT_STRING_BITNAME *tbl);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+ long length);
+ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+ int offset_day, long offset_sec);
+int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+ time_t t);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+ time_t t, int offset_day,
+ long offset_sec);
+int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
+int ASN1_TIME_diff(int *pday, int *psec,
+ const ASN1_TIME *from, const ASN1_TIME *to);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
+ const ASN1_OCTET_STRING *b);
+int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
+ int len);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
+int UTF8_putc(unsigned char *str, int len, unsigned long value);
+
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
+
+ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+ int offset_day, long offset_sec);
+int ASN1_TIME_check(const ASN1_TIME *t);
+ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME
+ **out);
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
+int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
+int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
+int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a);
+int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
+int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
+int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
+
+int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
+ const char *sn, const char *ln);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
+ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
+
+/* General */
+/* given a string, return the correct type, max is the maximum length */
+int ASN1_PRINTABLE_type(const unsigned char *s, int max);
+
+unsigned long ASN1_tag2bit(int tag);
+/* PARSING */
+int asn1_Finish(ASN1_CTX *c);
+int asn1_const_Finish(ASN1_const_CTX *c);
+
+/* SPECIALS */
+int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
+ int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p, long len);
+int ASN1_const_check_infinite_end(const unsigned char **p, long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+ int tag, int xclass);
+int ASN1_put_eoc(unsigned char **pp);
+int ASN1_object_size(int constructed, int length, int tag);
+
+/* Used to implement other functions */
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
+
+# define ASN1_dup_of(type,i2d,d2i,x) \
+ ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
+ CHECKED_D2I_OF(type, d2i), \
+ CHECKED_PTR_OF(type, x)))
+
+# define ASN1_dup_of_const(type,i2d,d2i,x) \
+ ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
+ CHECKED_D2I_OF(type, d2i), \
+ CHECKED_PTR_OF(const type, x)))
+
+void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
+
+/* ASN1 alloc/free macros for when a type is only used internally */
+
+# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+# define M_ASN1_free_of(x, type) \
+ ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+
+# ifndef OPENSSL_NO_STDIO
+void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
+
+# define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+ ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
+ CHECKED_D2I_OF(type, d2i), \
+ in, \
+ CHECKED_PPTR_OF(type, x)))
+
+void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
+int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
+
+# define ASN1_i2d_fp_of(type,i2d,out,x) \
+ (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
+ out, \
+ CHECKED_PTR_OF(type, x)))
+
+# define ASN1_i2d_fp_of_const(type,i2d,out,x) \
+ (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
+ out, \
+ CHECKED_PTR_OF(const type, x)))
+
+int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
+int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
+# endif
+
+int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
+
+void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
+
+# define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+ ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
+ CHECKED_D2I_OF(type, d2i), \
+ in, \
+ CHECKED_PPTR_OF(type, x)))
+
+void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
+int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x);
+
+# define ASN1_i2d_bio_of(type,i2d,out,x) \
+ (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
+ out, \
+ CHECKED_PTR_OF(type, x)))
+
+# define ASN1_i2d_bio_of_const(type,i2d,out,x) \
+ (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
+ out, \
+ CHECKED_PTR_OF(const type, x)))
+
+int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
+int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
+int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
+int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
+int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+ unsigned char *buf, int off);
+int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
+int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
+ int dump);
+const char *ASN1_tag2str(int tag);
+
+/* Used to load and write netscape format cert */
+
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
+
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+
+int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
+int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
+int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
+ unsigned char *data, int len);
+int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
+ unsigned char *data, int max_len);
+
+void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
+
+ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
+ ASN1_OCTET_STRING **oct);
+
+void ASN1_STRING_set_default_mask(unsigned long mask);
+int ASN1_STRING_set_default_mask_asc(const char *p);
+unsigned long ASN1_STRING_get_default_mask(void);
+int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
+ int inform, unsigned long mask);
+int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
+ int inform, unsigned long mask,
+ long minsize, long maxsize);
+
+ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
+ const unsigned char *in, int inlen,
+ int inform, int nid);
+ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
+int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
+void ASN1_STRING_TABLE_cleanup(void);
+
+/* ASN1 template functions */
+
+/* Old API compatible functions */
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
+ long len, const ASN1_ITEM *it);
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
+int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
+ const ASN1_ITEM *it);
+
+void ASN1_add_oid_module(void);
+void ASN1_add_stable_module(void);
+
+ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
+ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
+int ASN1_str2mask(const char *str, unsigned long *pmask);
+
+/* ASN1 Print flags */
+
+/* Indicate missing OPTIONAL fields */
+# define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
+/* Mark start and end of SEQUENCE */
+# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
+/* Mark start and end of SEQUENCE/SET OF */
+# define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
+/* Show the ASN1 type of primitives */
+# define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
+/* Don't show ASN1 type of ANY */
+# define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
+/* Don't show ASN1 type of MSTRINGs */
+# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
+/* Don't show field names in SEQUENCE */
+# define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
+/* Show structure names of each SEQUENCE field */
+# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
+/* Don't show structure name even at top level */
+# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+ const ASN1_ITEM *it, const ASN1_PCTX *pctx);
+ASN1_PCTX *ASN1_PCTX_new(void);
+void ASN1_PCTX_free(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
+
+ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx));
+void ASN1_SCTX_free(ASN1_SCTX *p);
+const ASN1_ITEM *ASN1_SCTX_get_item(ASN1_SCTX *p);
+const ASN1_TEMPLATE *ASN1_SCTX_get_template(ASN1_SCTX *p);
+unsigned long ASN1_SCTX_get_flags(ASN1_SCTX *p);
+void ASN1_SCTX_set_app_data(ASN1_SCTX *p, void *data);
+void *ASN1_SCTX_get_app_data(ASN1_SCTX *p);
+
+BIO_METHOD *BIO_f_asn1(void);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const ASN1_ITEM *it);
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const char *hdr, const ASN1_ITEM *it);
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
+int SMIME_text(BIO *in, BIO *out);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ASN1_strings(void);
+
+/* Error codes for the ASN1 functions. */
+
+/* Function codes. */
+# define ASN1_F_A2D_ASN1_OBJECT 100
+# define ASN1_F_A2I_ASN1_ENUMERATED 101
+# define ASN1_F_A2I_ASN1_INTEGER 102
+# define ASN1_F_A2I_ASN1_STRING 103
+# define ASN1_F_APPEND_EXP 176
+# define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
+# define ASN1_F_ASN1_CB 177
+# define ASN1_F_ASN1_CHECK_TLEN 104
+# define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
+# define ASN1_F_ASN1_COLLECT 106
+# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
+# define ASN1_F_ASN1_D2I_FP 109
+# define ASN1_F_ASN1_D2I_READ_BIO 107
+# define ASN1_F_ASN1_DIGEST 184
+# define ASN1_F_ASN1_DO_ADB 110
+# define ASN1_F_ASN1_DUP 111
+# define ASN1_F_ASN1_ENUMERATED_SET 112
+# define ASN1_F_ASN1_ENUMERATED_TO_BN 113
+# define ASN1_F_ASN1_EX_C2I 204
+# define ASN1_F_ASN1_FIND_END 190
+# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
+# define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
+# define ASN1_F_ASN1_GENERATE_V3 178
+# define ASN1_F_ASN1_GET_OBJECT 114
+# define ASN1_F_ASN1_HEADER_NEW 115
+# define ASN1_F_ASN1_I2D_BIO 116
+# define ASN1_F_ASN1_I2D_FP 117
+# define ASN1_F_ASN1_INTEGER_SET 118
+# define ASN1_F_ASN1_INTEGER_TO_BN 119
+# define ASN1_F_ASN1_ITEM_D2I_FP 206
+# define ASN1_F_ASN1_ITEM_DUP 191
+# define ASN1_F_ASN1_ITEM_EX_NEW 121
+# define ASN1_F_ASN1_ITEM_EX_D2I 120
+# define ASN1_F_ASN1_ITEM_I2D_BIO 192
+# define ASN1_F_ASN1_ITEM_I2D_FP 193
+# define ASN1_F_ASN1_ITEM_PACK 198
+# define ASN1_F_ASN1_ITEM_SIGN 195
+# define ASN1_F_ASN1_ITEM_SIGN_CTX 220
+# define ASN1_F_ASN1_ITEM_UNPACK 199
+# define ASN1_F_ASN1_ITEM_VERIFY 197
+# define ASN1_F_ASN1_MBSTRING_NCOPY 122
+# define ASN1_F_ASN1_OBJECT_NEW 123
+# define ASN1_F_ASN1_OUTPUT_DATA 214
+# define ASN1_F_ASN1_PACK_STRING 124
+# define ASN1_F_ASN1_PCTX_NEW 205
+# define ASN1_F_ASN1_PKCS5_PBE_SET 125
+# define ASN1_F_ASN1_SCTX_NEW 221
+# define ASN1_F_ASN1_SEQ_PACK 126
+# define ASN1_F_ASN1_SEQ_UNPACK 127
+# define ASN1_F_ASN1_SIGN 128
+# define ASN1_F_ASN1_STR2TYPE 179
+# define ASN1_F_ASN1_STRING_SET 186
+# define ASN1_F_ASN1_STRING_TABLE_ADD 129
+# define ASN1_F_ASN1_STRING_TYPE_NEW 130
+# define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
+# define ASN1_F_ASN1_TEMPLATE_NEW 133
+# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
+# define ASN1_F_ASN1_TIME_ADJ 217
+# define ASN1_F_ASN1_TIME_SET 175
+# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
+# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
+# define ASN1_F_ASN1_UNPACK_STRING 136
+# define ASN1_F_ASN1_UTCTIME_ADJ 218
+# define ASN1_F_ASN1_UTCTIME_SET 187
+# define ASN1_F_ASN1_VERIFY 137
+# define ASN1_F_B64_READ_ASN1 209
+# define ASN1_F_B64_WRITE_ASN1 210
+# define ASN1_F_BIO_NEW_NDEF 208
+# define ASN1_F_BITSTR_CB 180
+# define ASN1_F_BN_TO_ASN1_ENUMERATED 138
+# define ASN1_F_BN_TO_ASN1_INTEGER 139
+# define ASN1_F_C2I_ASN1_BIT_STRING 189
+# define ASN1_F_C2I_ASN1_INTEGER 194
+# define ASN1_F_C2I_ASN1_OBJECT 196
+# define ASN1_F_COLLECT_DATA 140
+# define ASN1_F_D2I_ASN1_BIT_STRING 141
+# define ASN1_F_D2I_ASN1_BOOLEAN 142
+# define ASN1_F_D2I_ASN1_BYTES 143
+# define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
+# define ASN1_F_D2I_ASN1_HEADER 145
+# define ASN1_F_D2I_ASN1_INTEGER 146
+# define ASN1_F_D2I_ASN1_OBJECT 147
+# define ASN1_F_D2I_ASN1_SET 148
+# define ASN1_F_D2I_ASN1_TYPE_BYTES 149
+# define ASN1_F_D2I_ASN1_UINTEGER 150
+# define ASN1_F_D2I_ASN1_UTCTIME 151
+# define ASN1_F_D2I_AUTOPRIVATEKEY 207
+# define ASN1_F_D2I_NETSCAPE_RSA 152
+# define ASN1_F_D2I_NETSCAPE_RSA_2 153
+# define ASN1_F_D2I_PRIVATEKEY 154
+# define ASN1_F_D2I_PUBLICKEY 155
+# define ASN1_F_D2I_RSA_NET 200
+# define ASN1_F_D2I_RSA_NET_2 201
+# define ASN1_F_D2I_X509 156
+# define ASN1_F_D2I_X509_CINF 157
+# define ASN1_F_D2I_X509_PKEY 159
+# define ASN1_F_DO_TCREATE 222
+# define ASN1_F_I2D_ASN1_BIO_STREAM 211
+# define ASN1_F_I2D_ASN1_SET 188
+# define ASN1_F_I2D_ASN1_TIME 160
+# define ASN1_F_I2D_DSA_PUBKEY 161
+# define ASN1_F_I2D_EC_PUBKEY 181
+# define ASN1_F_I2D_PRIVATEKEY 163
+# define ASN1_F_I2D_PUBLICKEY 164
+# define ASN1_F_I2D_RSA_NET 162
+# define ASN1_F_I2D_RSA_PUBKEY 165
+# define ASN1_F_LONG_C2I 166
+# define ASN1_F_OID_MODULE_INIT 174
+# define ASN1_F_PARSE_TAGGING 182
+# define ASN1_F_PKCS5_PBE2_SET_IV 167
+# define ASN1_F_PKCS5_PBE_SET 202
+# define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
+# define ASN1_F_PKCS5_PBKDF2_SET 219
+# define ASN1_F_SMIME_READ_ASN1 212
+# define ASN1_F_SMIME_TEXT 213
+# define ASN1_F_STBL_MODULE_INIT 223
+# define ASN1_F_X509_CINF_NEW 168
+# define ASN1_F_X509_CRL_ADD0_REVOKED 169
+# define ASN1_F_X509_INFO_NEW 170
+# define ASN1_F_X509_NAME_ENCODE 203
+# define ASN1_F_X509_NAME_EX_D2I 158
+# define ASN1_F_X509_NAME_EX_NEW 171
+# define ASN1_F_X509_NEW 172
+# define ASN1_F_X509_PKEY_NEW 173
+
+/* Reason codes. */
+# define ASN1_R_ADDING_OBJECT 171
+# define ASN1_R_ASN1_PARSE_ERROR 203
+# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
+# define ASN1_R_AUX_ERROR 100
+# define ASN1_R_BAD_CLASS 101
+# define ASN1_R_BAD_OBJECT_HEADER 102
+# define ASN1_R_BAD_PASSWORD_READ 103
+# define ASN1_R_BAD_TAG 104
+# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
+# define ASN1_R_BN_LIB 105
+# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
+# define ASN1_R_BUFFER_TOO_SMALL 107
+# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
+# define ASN1_R_CONTEXT_NOT_INITIALISED 217
+# define ASN1_R_DATA_IS_WRONG 109
+# define ASN1_R_DECODE_ERROR 110
+# define ASN1_R_DECODING_ERROR 111
+# define ASN1_R_DEPTH_EXCEEDED 174
+# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
+# define ASN1_R_ENCODE_ERROR 112
+# define ASN1_R_ERROR_GETTING_TIME 173
+# define ASN1_R_ERROR_LOADING_SECTION 172
+# define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
+# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
+# define ASN1_R_EXPECTING_AN_INTEGER 115
+# define ASN1_R_EXPECTING_AN_OBJECT 116
+# define ASN1_R_EXPECTING_A_BOOLEAN 117
+# define ASN1_R_EXPECTING_A_TIME 118
+# define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
+# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
+# define ASN1_R_FIELD_MISSING 121
+# define ASN1_R_FIRST_NUM_TOO_LARGE 122
+# define ASN1_R_HEADER_TOO_LONG 123
+# define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
+# define ASN1_R_ILLEGAL_BOOLEAN 176
+# define ASN1_R_ILLEGAL_CHARACTERS 124
+# define ASN1_R_ILLEGAL_FORMAT 177
+# define ASN1_R_ILLEGAL_HEX 178
+# define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
+# define ASN1_R_ILLEGAL_INTEGER 180
+# define ASN1_R_ILLEGAL_NESTED_TAGGING 181
+# define ASN1_R_ILLEGAL_NULL 125
+# define ASN1_R_ILLEGAL_NULL_VALUE 182
+# define ASN1_R_ILLEGAL_OBJECT 183
+# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
+# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
+# define ASN1_R_ILLEGAL_TAGGED_ANY 127
+# define ASN1_R_ILLEGAL_TIME_VALUE 184
+# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
+# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
+# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
+# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
+# define ASN1_R_INVALID_DIGIT 130
+# define ASN1_R_INVALID_MIME_TYPE 205
+# define ASN1_R_INVALID_MODIFIER 186
+# define ASN1_R_INVALID_NUMBER 187
+# define ASN1_R_INVALID_OBJECT_ENCODING 216
+# define ASN1_R_INVALID_SEPARATOR 131
+# define ASN1_R_INVALID_STRING_TABLE_VALUE 218
+# define ASN1_R_INVALID_TIME_FORMAT 132
+# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
+# define ASN1_R_INVALID_UTF8STRING 134
+# define ASN1_R_INVALID_VALUE 219
+# define ASN1_R_IV_TOO_LARGE 135
+# define ASN1_R_LENGTH_ERROR 136
+# define ASN1_R_LIST_ERROR 188
+# define ASN1_R_MIME_NO_CONTENT_TYPE 206
+# define ASN1_R_MIME_PARSE_ERROR 207
+# define ASN1_R_MIME_SIG_PARSE_ERROR 208
+# define ASN1_R_MISSING_EOC 137
+# define ASN1_R_MISSING_SECOND_NUMBER 138
+# define ASN1_R_MISSING_VALUE 189
+# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
+# define ASN1_R_MSTRING_WRONG_TAG 140
+# define ASN1_R_NESTED_ASN1_STRING 197
+# define ASN1_R_NON_HEX_CHARACTERS 141
+# define ASN1_R_NOT_ASCII_FORMAT 190
+# define ASN1_R_NOT_ENOUGH_DATA 142
+# define ASN1_R_NO_CONTENT_TYPE 209
+# define ASN1_R_NO_DEFAULT_DIGEST 201
+# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
+# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
+# define ASN1_R_NO_MULTIPART_BOUNDARY 211
+# define ASN1_R_NO_SIG_CONTENT_TYPE 212
+# define ASN1_R_NULL_IS_WRONG_LENGTH 144
+# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
+# define ASN1_R_ODD_NUMBER_OF_CHARS 145
+# define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
+# define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
+# define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
+# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
+# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
+# define ASN1_R_SHORT_LINE 150
+# define ASN1_R_SIG_INVALID_MIME_TYPE 213
+# define ASN1_R_STREAMING_NOT_SUPPORTED 202
+# define ASN1_R_STRING_TOO_LONG 151
+# define ASN1_R_STRING_TOO_SHORT 152
+# define ASN1_R_TAG_VALUE_TOO_HIGH 153
+# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
+# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
+# define ASN1_R_TOO_LONG 155
+# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
+# define ASN1_R_TYPE_NOT_PRIMITIVE 195
+# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
+# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
+# define ASN1_R_UNEXPECTED_EOC 159
+# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
+# define ASN1_R_UNKNOWN_FORMAT 160
+# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
+# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
+# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
+# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
+# define ASN1_R_UNKNOWN_TAG 194
+# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
+# define ASN1_R_UNSUPPORTED_CIPHER 165
+# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
+# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
+# define ASN1_R_UNSUPPORTED_TYPE 196
+# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
+# define ASN1_R_WRONG_TAG 168
+# define ASN1_R_WRONG_TYPE 169
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/asn1/asn1_mac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_MAC_H
+# define HEADER_ASN1_MAC_H
+
+# include <openssl/asn1.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifndef ASN1_MAC_ERR_LIB
+# define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
+# endif
+
+# define ASN1_MAC_H_err(f,r,line) \
+ ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
+
+# define M_ASN1_D2I_vars(a,type,func) \
+ ASN1_const_CTX c; \
+ type ret=NULL; \
+ \
+ c.pp=(const unsigned char **)pp; \
+ c.q= *(const unsigned char **)pp; \
+ c.error=ERR_R_NESTED_ASN1_ERROR; \
+ if ((a == NULL) || ((*a) == NULL)) \
+ { if ((ret=(type)func()) == NULL) \
+ { c.line=__LINE__; goto err; } } \
+ else ret=(*a);
+
+# define M_ASN1_D2I_Init() \
+ c.p= *(const unsigned char **)pp; \
+ c.max=(length == 0)?0:(c.p+length);
+
+# define M_ASN1_D2I_Finish_2(a) \
+ if (!asn1_const_Finish(&c)) \
+ { c.line=__LINE__; goto err; } \
+ *(const unsigned char **)pp=c.p; \
+ if (a != NULL) (*a)=ret; \
+ return(ret);
+
+# define M_ASN1_D2I_Finish(a,func,e) \
+ M_ASN1_D2I_Finish_2(a); \
+err:\
+ ASN1_MAC_H_err((e),c.error,c.line); \
+ asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+ return(NULL)
+
+# define M_ASN1_D2I_start_sequence() \
+ if (!asn1_GetSequence(&c,&length)) \
+ { c.line=__LINE__; goto err; }
+/* Begin reading ASN1 without a surrounding sequence */
+# define M_ASN1_D2I_begin() \
+ c.slen = length;
+
+/* End reading ASN1 with no check on length */
+# define M_ASN1_D2I_Finish_nolen(a, func, e) \
+ *pp=c.p; \
+ if (a != NULL) (*a)=ret; \
+ return(ret); \
+err:\
+ ASN1_MAC_H_err((e),c.error,c.line); \
+ asn1_add_error(*pp,(int)(c.q- *pp)); \
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+ return(NULL)
+
+# define M_ASN1_D2I_end_sequence() \
+ (((c.inf&1) == 0)?(c.slen <= 0): \
+ (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
+
+/* Don't use this with d2i_ASN1_BOOLEAN() */
+# define M_ASN1_D2I_get(b, func) \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) == NULL) \
+ {c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
+
+/* Don't use this with d2i_ASN1_BOOLEAN() */
+# define M_ASN1_D2I_get_x(type,b,func) \
+ c.q=c.p; \
+ if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
+ {c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
+
+/* use this instead () */
+# define M_ASN1_D2I_get_int(b,func) \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) < 0) \
+ {c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_opt(b,func,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+ == (V_ASN1_UNIVERSAL|(type)))) \
+ { \
+ M_ASN1_D2I_get(b,func); \
+ }
+
+# define M_ASN1_D2I_get_int_opt(b,func,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+ == (V_ASN1_UNIVERSAL|(type)))) \
+ { \
+ M_ASN1_D2I_get_int(b,func); \
+ }
+
+# define M_ASN1_D2I_get_imp(b,func, type) \
+ M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) == NULL) \
+ {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
+ c.slen-=(c.p-c.q);\
+ M_ASN1_next_prev=_tmp;
+
+# define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
+ (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
+ { \
+ unsigned char _tmp = M_ASN1_next; \
+ M_ASN1_D2I_get_imp(b,func, type);\
+ }
+
+# define M_ASN1_D2I_get_set(r,func,free_func) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func, \
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+# define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
+ M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+# define M_ASN1_D2I_get_set_opt(r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
+ { M_ASN1_D2I_get_set(r,func,free_func); }
+
+# define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
+ { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
+
+# define M_ASN1_I2D_len_SET_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_len_SET(a,f);
+
+# define M_ASN1_I2D_put_SET_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SET(a,f);
+
+# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQUENCE(a,f);
+
+# define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
+
+# define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
+ if ((c.slen != 0) && \
+ (M_ASN1_next == \
+ (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+ { \
+ M_ASN1_D2I_get_imp_set(b,func,free_func,\
+ tag,V_ASN1_CONTEXT_SPECIFIC); \
+ }
+
+# define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
+ if ((c.slen != 0) && \
+ (M_ASN1_next == \
+ (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+ { \
+ M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
+ tag,V_ASN1_CONTEXT_SPECIFIC); \
+ }
+
+# define M_ASN1_D2I_get_seq(r,func,free_func) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func,\
+ V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+# define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
+ M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
+ V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+
+# define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+ { M_ASN1_D2I_get_seq(r,func,free_func); }
+
+# define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+ { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
+
+# define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func,\
+ x,V_ASN1_CONTEXT_SPECIFIC);
+
+# define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
+ M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
+ x,V_ASN1_CONTEXT_SPECIFIC);
+
+# define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
+ (void (*)())free_func,a,b) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
+ free_func,a,b) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_set_strings(r,func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
+ if ((c.slen != 0L) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+ Tlen = c.slen - (c.p - c.q) - 2; \
+ if (func(&(r),&c.p,Tlen) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+ Tlen = c.slen - (c.p - c.q); \
+ if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
+ { c.error=ERR_R_MISSING_ASN1_EOS; \
+ c.line=__LINE__; goto err; } \
+ }\
+ c.slen-=(c.p-c.q); \
+ }
+
+# define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
+ if ((c.slen != 0) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+ Tlen = c.slen - (c.p - c.q) - 2; \
+ if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
+ (void (*)())free_func, \
+ b,V_ASN1_UNIVERSAL) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+ Tlen = c.slen - (c.p - c.q); \
+ if(!ASN1_check_infinite_end(&c.p, Tlen)) \
+ { c.error=ERR_R_MISSING_ASN1_EOS; \
+ c.line=__LINE__; goto err; } \
+ }\
+ c.slen-=(c.p-c.q); \
+ }
+
+# define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
+ if ((c.slen != 0) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+ Tlen = c.slen - (c.p - c.q) - 2; \
+ if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
+ free_func,b,V_ASN1_UNIVERSAL) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+ Tlen = c.slen - (c.p - c.q); \
+ if(!ASN1_check_infinite_end(&c.p, Tlen)) \
+ { c.error=ERR_R_MISSING_ASN1_EOS; \
+ c.line=__LINE__; goto err; } \
+ }\
+ c.slen-=(c.p-c.q); \
+ }
+
+/* New macros */
+# define M_ASN1_New_Malloc(ret,type) \
+ if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
+ { c.line=__LINE__; goto err2; }
+
+# define M_ASN1_New(arg,func) \
+ if (((arg)=func()) == NULL) return(NULL)
+
+# define M_ASN1_New_Error(a) \
+/*- err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
+ return(NULL);*/ \
+ err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
+ return(NULL)
+
+/*
+ * BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, some
+ * macros that use ASN1_const_CTX still insist on writing in the input
+ * stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. Please? --
+ * Richard Levitte
+ */
+# define M_ASN1_next (*((unsigned char *)(c.p)))
+# define M_ASN1_next_prev (*((unsigned char *)(c.q)))
+
+/*************************************************/
+
+# define M_ASN1_I2D_vars(a) int r=0,ret=0; \
+ unsigned char *p; \
+ if (a == NULL) return(0)
+
+/* Length Macros */
+# define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
+# define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
+
+# define M_ASN1_I2D_len_SET(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
+
+# define M_ASN1_I2D_len_SET_type(type,a,f) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
+ V_ASN1_UNIVERSAL,IS_SET);
+
+# define M_ASN1_I2D_len_SEQUENCE(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
+ V_ASN1_UNIVERSAL,IS_SEQUENCE)
+
+# define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_len_SEQUENCE(a,f);
+
+# define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
+
+# define M_ASN1_I2D_len_IMP_SET(a,f,x) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
+ if (a != NULL)\
+ { \
+ v=f(a,NULL); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+# define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+# define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+# define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
+ V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+/* Put Macros */
+# define M_ASN1_I2D_put(a,f) f(a,&p)
+
+# define M_ASN1_I2D_put_IMP_opt(a,f,t) \
+ if (a != NULL) \
+ { \
+ unsigned char *q=p; \
+ f(a,&p); \
+ *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
+ }
+
+# define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
+ V_ASN1_UNIVERSAL,IS_SET)
+# define M_ASN1_I2D_put_SET_type(type,a,f) \
+ i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
+# define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+ V_ASN1_CONTEXT_SPECIFIC,IS_SET)
+# define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
+ i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
+# define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+ V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
+
+# define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
+ V_ASN1_UNIVERSAL,IS_SEQUENCE)
+
+# define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
+ i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE)
+
+# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQUENCE(a,f);
+
+# define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SET); }
+
+# define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SET); }
+
+# define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE); }
+
+# define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE); }
+
+# define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
+ if (a != NULL) \
+ { \
+ ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
+ f(a,&p); \
+ }
+
+# define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
+ }
+
+# define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
+ }
+
+# define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE); \
+ }
+
+# define M_ASN1_I2D_seq_total() \
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
+ if (pp == NULL) return(r); \
+ p= *pp; \
+ ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+
+# define M_ASN1_I2D_INF_seq_start(tag,ctx) \
+ *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
+ *(p++)=0x80
+
+# define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
+
+# define M_ASN1_I2D_finish() *pp=p; \
+ return(r);
+
+int asn1_GetSequence(ASN1_const_CTX *c, long *length);
+void asn1_add_error(const unsigned char *address, int offset);
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* asn1t.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ASN1T_H
+# define HEADER_ASN1T_H
+
+# include <stddef.h>
+# include <openssl/e_os2.h>
+# include <openssl/asn1.h>
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+/* ASN1 template defines, structures and functions */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
+# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
+
+/* Macros for start and end of ASN1_ITEM definition */
+
+# define ASN1_ITEM_start(itname) \
+ OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
+
+# define ASN1_ITEM_end(itname) \
+ };
+
+# else
+
+/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
+# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
+
+/* Macros for start and end of ASN1_ITEM definition */
+
+# define ASN1_ITEM_start(itname) \
+ const ASN1_ITEM * itname##_it(void) \
+ { \
+ static const ASN1_ITEM local_it = {
+
+# define ASN1_ITEM_end(itname) \
+ }; \
+ return &local_it; \
+ }
+
+# endif
+
+/* Macros to aid ASN1 template writing */
+
+# define ASN1_ITEM_TEMPLATE(tname) \
+ static const ASN1_TEMPLATE tname##_item_tt
+
+# define ASN1_ITEM_TEMPLATE_END(tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_PRIMITIVE,\
+ -1,\
+ &tname##_item_tt,\
+ 0,\
+ NULL,\
+ 0,\
+ #tname \
+ ASN1_ITEM_end(tname)
+
+/* This is a ASN1 type which just embeds a template */
+
+/*-
+ * This pair helps declare a SEQUENCE. We can do:
+ *
+ * ASN1_SEQUENCE(stname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END(stname)
+ *
+ * This will produce an ASN1_ITEM called stname_it
+ * for a structure called stname.
+ *
+ * If you want the same structure but a different
+ * name then use:
+ *
+ * ASN1_SEQUENCE(itname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END_name(stname, itname)
+ *
+ * This will create an item called itname_it using
+ * a structure called stname.
+ */
+
+# define ASN1_SEQUENCE(tname) \
+ static const ASN1_TEMPLATE tname##_seq_tt[]
+
+# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+
+# define ASN1_SEQUENCE_END_name(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+# define ASN1_NDEF_SEQUENCE(tname) \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+ ASN1_SEQUENCE_cb(tname, cb)
+
+# define ASN1_SEQUENCE_cb(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_BROKEN_SEQUENCE(tname) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_ref(tname, cb, lck) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_enc(tname, enc, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_NDEF_SEQUENCE_END(tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(tname),\
+ #tname \
+ ASN1_ITEM_end(tname)
+
+# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+
+# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+# define ASN1_SEQUENCE_END_ref(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+/*-
+ * This pair helps declare a CHOICE type. We can do:
+ *
+ * ASN1_CHOICE(chname) = {
+ * ... CHOICE options ...
+ * ASN1_CHOICE_END(chname)
+ *
+ * This will produce an ASN1_ITEM called chname_it
+ * for a structure called chname. The structure
+ * definition must look like this:
+ * typedef struct {
+ * int type;
+ * union {
+ * ASN1_SOMETHING *opt1;
+ * ASN1_SOMEOTHER *opt2;
+ * } value;
+ * } chname;
+ *
+ * the name of the selector must be 'type'.
+ * to use an alternative selector name use the
+ * ASN1_CHOICE_END_selector() version.
+ */
+
+# define ASN1_CHOICE(tname) \
+ static const ASN1_TEMPLATE tname##_ch_tt[]
+
+# define ASN1_CHOICE_cb(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+ ASN1_CHOICE(tname)
+
+# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+
+# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+
+# define ASN1_CHOICE_END_selector(stname, tname, selname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+# define ASN1_CHOICE_END_cb(stname, tname, selname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+/* This helps with the template wrapper form of ASN1_ITEM */
+
+# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+ (flags), (tag), 0,\
+ #name, ASN1_ITEM_ref(type) }
+
+/* These help with SEQUENCE or CHOICE components */
+
+/* used to declare other types */
+
+# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+ (flags), (tag), offsetof(stname, field),\
+ #field, ASN1_ITEM_ref(type) }
+
+/* implicit and explicit helper macros */
+
+# define ASN1_IMP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
+
+# define ASN1_EXP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
+
+/* Any defined by macros: the field used is in the table itself */
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
+# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
+# else
+# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
+# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
+# endif
+/* Plain simple type */
+# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+
+/* OPTIONAL simple type */
+# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* IMPLICIT tagged simple type */
+# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+
+/* IMPLICIT tagged OPTIONAL simple type */
+# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* Same as above but EXPLICIT */
+
+# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* SEQUENCE OF type */
+# define ASN1_SEQUENCE_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+
+/* OPTIONAL SEQUENCE OF */
+# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Same as above but for SET OF */
+
+# define ASN1_SET_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+
+# define ASN1_SET_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
+
+# define ASN1_IMP_SET_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+# define ASN1_EXP_SET_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+/* EXPLICIT using indefinite length constructed form */
+# define ASN1_NDEF_EXP(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+
+/* EXPLICIT OPTIONAL using indefinite length constructed form */
+# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
+
+/* Macros for the ASN1_ADB structure */
+
+# define ASN1_ADB(name) \
+ static const ASN1_ADB_TABLE name##_adbtbl[]
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+ ;\
+ static const ASN1_ADB name##_adb = {\
+ flags,\
+ offsetof(name, field),\
+ app_table,\
+ name##_adbtbl,\
+ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+ def,\
+ none\
+ }
+
+# else
+
+# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+ ;\
+ static const ASN1_ITEM *name##_adb(void) \
+ { \
+ static const ASN1_ADB internal_adb = \
+ {\
+ flags,\
+ offsetof(name, field),\
+ app_table,\
+ name##_adbtbl,\
+ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+ def,\
+ none\
+ }; \
+ return (const ASN1_ITEM *) &internal_adb; \
+ } \
+ void dummy_function(void)
+
+# endif
+
+# define ADB_ENTRY(val, template) {val, template}
+
+# define ASN1_ADB_TEMPLATE(name) \
+ static const ASN1_TEMPLATE name##_tt
+
+/*
+ * This is the ASN1 template structure that defines a wrapper round the
+ * actual type. It determines the actual position of the field in the value
+ * structure, various flags such as OPTIONAL and the field name.
+ */
+
+struct ASN1_TEMPLATE_st {
+ unsigned long flags; /* Various flags */
+ long tag; /* tag, not used if no tagging */
+ unsigned long offset; /* Offset of this field in structure */
+# ifndef NO_ASN1_FIELD_NAMES
+ const char *field_name; /* Field name */
+# endif
+ ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
+};
+
+/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
+
+# define ASN1_TEMPLATE_item(t) (t->item_ptr)
+# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
+
+typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
+typedef struct ASN1_ADB_st ASN1_ADB;
+
+struct ASN1_ADB_st {
+ unsigned long flags; /* Various flags */
+ unsigned long offset; /* Offset of selector field */
+ STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
+ const ASN1_ADB_TABLE *tbl; /* Table of possible types */
+ long tblcount; /* Number of entries in tbl */
+ const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
+ const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
+};
+
+struct ASN1_ADB_TABLE_st {
+ long value; /* NID for an object or value for an int */
+ const ASN1_TEMPLATE tt; /* item for this value */
+};
+
+/* template flags */
+
+/* Field is optional */
+# define ASN1_TFLG_OPTIONAL (0x1)
+
+/* Field is a SET OF */
+# define ASN1_TFLG_SET_OF (0x1 << 1)
+
+/* Field is a SEQUENCE OF */
+# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
+
+/*
+ * Special case: this refers to a SET OF that will be sorted into DER order
+ * when encoded *and* the corresponding STACK will be modified to match the
+ * new order.
+ */
+# define ASN1_TFLG_SET_ORDER (0x3 << 1)
+
+/* Mask for SET OF or SEQUENCE OF */
+# define ASN1_TFLG_SK_MASK (0x3 << 1)
+
+/*
+ * These flags mean the tag should be taken from the tag field. If EXPLICIT
+ * then the underlying type is used for the inner tag.
+ */
+
+/* IMPLICIT tagging */
+# define ASN1_TFLG_IMPTAG (0x1 << 3)
+
+/* EXPLICIT tagging, inner tag from underlying type */
+# define ASN1_TFLG_EXPTAG (0x2 << 3)
+
+# define ASN1_TFLG_TAG_MASK (0x3 << 3)
+
+/* context specific IMPLICIT */
+# define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
+
+/* context specific EXPLICIT */
+# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
+
+/*
+ * If tagging is in force these determine the type of tag to use. Otherwise
+ * the tag is determined by the underlying type. These values reflect the
+ * actual octet format.
+ */
+
+/* Universal tag */
+# define ASN1_TFLG_UNIVERSAL (0x0<<6)
+/* Application tag */
+# define ASN1_TFLG_APPLICATION (0x1<<6)
+/* Context specific tag */
+# define ASN1_TFLG_CONTEXT (0x2<<6)
+/* Private tag */
+# define ASN1_TFLG_PRIVATE (0x3<<6)
+
+# define ASN1_TFLG_TAG_CLASS (0x3<<6)
+
+/*
+ * These are for ANY DEFINED BY type. In this case the 'item' field points to
+ * an ASN1_ADB structure which contains a table of values to decode the
+ * relevant type
+ */
+
+# define ASN1_TFLG_ADB_MASK (0x3<<8)
+
+# define ASN1_TFLG_ADB_OID (0x1<<8)
+
+# define ASN1_TFLG_ADB_INT (0x1<<9)
+
+/*
+ * This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
+ * indefinite length constructed encoding to be used if required.
+ */
+
+# define ASN1_TFLG_NDEF (0x1<<11)
+
+/* This is the actual ASN1 item itself */
+
+struct ASN1_ITEM_st {
+ char itype; /* The item type, primitive, SEQUENCE, CHOICE
+ * or extern */
+ long utype; /* underlying type */
+ const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
+ * the contents */
+ long tcount; /* Number of templates if SEQUENCE or CHOICE */
+ const void *funcs; /* functions that handle this type */
+ long size; /* Structure size (usually) */
+# ifndef NO_ASN1_FIELD_NAMES
+ const char *sname; /* Structure name */
+# endif
+};
+
+/*-
+ * These are values for the itype field and
+ * determine how the type is interpreted.
+ *
+ * For PRIMITIVE types the underlying type
+ * determines the behaviour if items is NULL.
+ *
+ * Otherwise templates must contain a single
+ * template and the type is treated in the
+ * same way as the type specified in the template.
+ *
+ * For SEQUENCE types the templates field points
+ * to the members, the size field is the
+ * structure size.
+ *
+ * For CHOICE types the templates field points
+ * to each possible member (typically a union)
+ * and the 'size' field is the offset of the
+ * selector.
+ *
+ * The 'funcs' field is used for application
+ * specific functions.
+ *
+ * The EXTERN type uses a new style d2i/i2d.
+ * The new style should be used where possible
+ * because it avoids things like the d2i IMPLICIT
+ * hack.
+ *
+ * MSTRING is a multiple string type, it is used
+ * for a CHOICE of character strings where the
+ * actual strings all occupy an ASN1_STRING
+ * structure. In this case the 'utype' field
+ * has a special meaning, it is used as a mask
+ * of acceptable types using the B_ASN1 constants.
+ *
+ * NDEF_SEQUENCE is the same as SEQUENCE except
+ * that it will use indefinite length constructed
+ * encoding if requested.
+ *
+ */
+
+# define ASN1_ITYPE_PRIMITIVE 0x0
+
+# define ASN1_ITYPE_SEQUENCE 0x1
+
+# define ASN1_ITYPE_CHOICE 0x2
+
+# define ASN1_ITYPE_EXTERN 0x4
+
+# define ASN1_ITYPE_MSTRING 0x5
+
+# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
+
+/*
+ * Cache for ASN1 tag and length, so we don't keep re-reading it for things
+ * like CHOICE
+ */
+
+struct ASN1_TLC_st {
+ char valid; /* Values below are valid */
+ int ret; /* return value */
+ long plen; /* length */
+ int ptag; /* class value */
+ int pclass; /* class value */
+ int hdrlen; /* header length */
+};
+
+/* Typedefs for ASN1 function pointers */
+
+typedef ASN1_VALUE *ASN1_new_func(void);
+typedef void ASN1_free_func(ASN1_VALUE *a);
+typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
+ long length);
+typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
+
+typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
+
+typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
+typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
+ int indent, const char *fname,
+ const ASN1_PCTX *pctx);
+
+typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
+ int *putype, const ASN1_ITEM *it);
+typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
+ int len, int utype, char *free_cont,
+ const ASN1_ITEM *it);
+typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
+ const ASN1_ITEM *it, int indent,
+ const ASN1_PCTX *pctx);
+
+typedef struct ASN1_EXTERN_FUNCS_st {
+ void *app_data;
+ ASN1_ex_new_func *asn1_ex_new;
+ ASN1_ex_free_func *asn1_ex_free;
+ ASN1_ex_free_func *asn1_ex_clear;
+ ASN1_ex_d2i *asn1_ex_d2i;
+ ASN1_ex_i2d *asn1_ex_i2d;
+ ASN1_ex_print_func *asn1_ex_print;
+} ASN1_EXTERN_FUNCS;
+
+typedef struct ASN1_PRIMITIVE_FUNCS_st {
+ void *app_data;
+ unsigned long flags;
+ ASN1_ex_new_func *prim_new;
+ ASN1_ex_free_func *prim_free;
+ ASN1_ex_free_func *prim_clear;
+ ASN1_primitive_c2i *prim_c2i;
+ ASN1_primitive_i2c *prim_i2c;
+ ASN1_primitive_print *prim_print;
+} ASN1_PRIMITIVE_FUNCS;
+
+/*
+ * This is the ASN1_AUX structure: it handles various miscellaneous
+ * requirements. For example the use of reference counts and an informational
+ * callback. The "informational callback" is called at various points during
+ * the ASN1 encoding and decoding. It can be used to provide minor
+ * customisation of the structures used. This is most useful where the
+ * supplied routines *almost* do the right thing but need some extra help at
+ * a few points. If the callback returns zero then it is assumed a fatal
+ * error has occurred and the main operation should be abandoned. If major
+ * changes in the default behaviour are required then an external type is
+ * more appropriate.
+ */
+
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
+ void *exarg);
+
+typedef struct ASN1_AUX_st {
+ void *app_data;
+ int flags;
+ int ref_offset; /* Offset of reference value */
+ int ref_lock; /* Lock type to use */
+ ASN1_aux_cb *asn1_cb;
+ int enc_offset; /* Offset of ASN1_ENCODING structure */
+} ASN1_AUX;
+
+/* For print related callbacks exarg points to this structure */
+typedef struct ASN1_PRINT_ARG_st {
+ BIO *out;
+ int indent;
+ const ASN1_PCTX *pctx;
+} ASN1_PRINT_ARG;
+
+/* For streaming related callbacks exarg points to this structure */
+typedef struct ASN1_STREAM_ARG_st {
+ /* BIO to stream through */
+ BIO *out;
+ /* BIO with filters appended */
+ BIO *ndef_bio;
+ /* Streaming I/O boundary */
+ unsigned char **boundary;
+} ASN1_STREAM_ARG;
+
+/* Flags in ASN1_AUX */
+
+/* Use a reference count */
+# define ASN1_AFLG_REFCOUNT 1
+/* Save the encoding of structure (useful for signatures) */
+# define ASN1_AFLG_ENCODING 2
+/* The Sequence length is invalid */
+# define ASN1_AFLG_BROKEN 4
+
+/* operation values for asn1_cb */
+
+# define ASN1_OP_NEW_PRE 0
+# define ASN1_OP_NEW_POST 1
+# define ASN1_OP_FREE_PRE 2
+# define ASN1_OP_FREE_POST 3
+# define ASN1_OP_D2I_PRE 4
+# define ASN1_OP_D2I_POST 5
+# define ASN1_OP_I2D_PRE 6
+# define ASN1_OP_I2D_POST 7
+# define ASN1_OP_PRINT_PRE 8
+# define ASN1_OP_PRINT_POST 9
+# define ASN1_OP_STREAM_PRE 10
+# define ASN1_OP_STREAM_POST 11
+# define ASN1_OP_DETACHED_PRE 12
+# define ASN1_OP_DETACHED_POST 13
+
+/* Macro to implement a primitive type */
+# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
+ ASN1_ITEM_start(itname) \
+ ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
+ ASN1_ITEM_end(itname)
+
+/* Macro to implement a multi string type */
+# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
+ ASN1_ITEM_start(itname) \
+ ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
+ ASN1_ITEM_end(itname)
+
+# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+ ASN1_ITEM_start(sname) \
+ ASN1_ITYPE_EXTERN, \
+ tag, \
+ NULL, \
+ 0, \
+ &fptrs, \
+ 0, \
+ #sname \
+ ASN1_ITEM_end(sname)
+
+/* Macro to implement standard functions in terms of ASN1_ITEM structures */
+
+# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+
+# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+ pre stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+ } \
+ pre void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+ }
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+ stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+ } \
+ void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+ }
+
+# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+ } \
+ int i2d_##fname(stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+ }
+
+# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
+ int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
+ }
+
+/*
+ * This includes evil casts to remove const: they will go away when full ASN1
+ * constification is done.
+ */
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+ } \
+ int i2d_##fname(const stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+ }
+
+# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+ stname * stname##_dup(stname *x) \
+ { \
+ return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+ }
+
+# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+ IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+ int fname##_print_ctx(BIO *out, stname *x, int indent, \
+ const ASN1_PCTX *pctx) \
+ { \
+ return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+ ASN1_ITEM_rptr(itname), pctx); \
+ }
+
+# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+ IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+/* external definitions for primitive types */
+
+DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
+DECLARE_ASN1_ITEM(CBIGNUM)
+DECLARE_ASN1_ITEM(BIGNUM)
+DECLARE_ASN1_ITEM(LONG)
+DECLARE_ASN1_ITEM(ZLONG)
+
+DECLARE_STACK_OF(ASN1_VALUE)
+
+/* Functions used internally by the ASN1 code */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/bio/bio.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BIO_H
+# define HEADER_BIO_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+# include <stdarg.h>
+
+# include <openssl/crypto.h>
+
+# ifndef OPENSSL_NO_SCTP
+# ifndef OPENSSL_SYS_VMS
+# include <stdint.h>
+# else
+# include <inttypes.h>
+# endif
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* These are the 'types' of BIOs */
+# define BIO_TYPE_NONE 0
+# define BIO_TYPE_MEM (1|0x0400)
+# define BIO_TYPE_FILE (2|0x0400)
+
+# define BIO_TYPE_FD (4|0x0400|0x0100)
+# define BIO_TYPE_SOCKET (5|0x0400|0x0100)
+# define BIO_TYPE_NULL (6|0x0400)
+# define BIO_TYPE_SSL (7|0x0200)
+# define BIO_TYPE_MD (8|0x0200)/* passive filter */
+# define BIO_TYPE_BUFFER (9|0x0200)/* filter */
+# define BIO_TYPE_CIPHER (10|0x0200)/* filter */
+# define BIO_TYPE_BASE64 (11|0x0200)/* filter */
+# define BIO_TYPE_CONNECT (12|0x0400|0x0100)/* socket - connect */
+# define BIO_TYPE_ACCEPT (13|0x0400|0x0100)/* socket for accept */
+# define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
+# define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NULL_FILTER (17|0x0200)
+# define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
+# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
+# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
+# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
+# ifndef OPENSSL_NO_SCTP
+# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
+# endif
+# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
+# define BIO_TYPE_COMP (23|0x0200)/* filter */
+
+# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
+# define BIO_TYPE_FILTER 0x0200
+# define BIO_TYPE_SOURCE_SINK 0x0400
+
+/*
+ * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ */
+# define BIO_NOCLOSE 0x00
+# define BIO_CLOSE 0x01
+
+/*
+ * These are used in the following macros and are passed to BIO_ctrl()
+ */
+# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
+# define BIO_CTRL_EOF 2/* opt - are we at the eof */
+# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
+# define BIO_CTRL_SET 4/* man - set the 'IO' type */
+# define BIO_CTRL_GET 5/* man - get the 'IO' type */
+# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
+# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
+# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
+# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
+# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
+# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
+# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
+# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
+/* callback is int cb(BIO *bio,state,ret); */
+# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
+# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
+
+# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
+
+/* dgram BIO stuff */
+# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
+# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
+ * socket to be passed in */
+# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
+# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
+
+# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
+
+/* #ifdef IP_MTU_DISCOVER */
+# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
+/* #endif */
+
+# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
+# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
+# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
+# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
+ * want to use this if asking
+ * the kernel fails */
+
+# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
+ * exceed in the previous write
+ * operation */
+
+# define BIO_CTRL_DGRAM_GET_PEER 46
+# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
+
+# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
+ * to adjust socket timeouts */
+# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
+
+# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP stuff */
+# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
+# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
+# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
+# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
+# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
+# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
+# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
+# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
+# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
+# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
+# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
+# endif
+
+/* modifiers */
+# define BIO_FP_READ 0x02
+# define BIO_FP_WRITE 0x04
+# define BIO_FP_APPEND 0x08
+# define BIO_FP_TEXT 0x10
+
+# define BIO_FLAGS_READ 0x01
+# define BIO_FLAGS_WRITE 0x02
+# define BIO_FLAGS_IO_SPECIAL 0x04
+# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+# define BIO_FLAGS_SHOULD_RETRY 0x08
+# ifndef BIO_FLAGS_UPLINK
+/*
+ * "UPLINK" flag denotes file descriptors provided by application. It
+ * defaults to 0, as most platforms don't require UPLINK interface.
+ */
+# define BIO_FLAGS_UPLINK 0
+# endif
+
+/* Used in BIO_gethostbyname() */
+# define BIO_GHBN_CTRL_HITS 1
+# define BIO_GHBN_CTRL_MISSES 2
+# define BIO_GHBN_CTRL_CACHE_SIZE 3
+# define BIO_GHBN_CTRL_GET_ENTRY 4
+# define BIO_GHBN_CTRL_FLUSH 5
+
+/* Mostly used in the SSL BIO */
+/*-
+ * Not used anymore
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
+ * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
+ */
+
+# define BIO_FLAGS_BASE64_NO_NL 0x100
+
+/*
+ * This is used with memory BIOs: it means we shouldn't free up or change the
+ * data in any way.
+ */
+# define BIO_FLAGS_MEM_RDONLY 0x200
+
+typedef struct bio_st BIO;
+
+void BIO_set_flags(BIO *b, int flags);
+int BIO_test_flags(const BIO *b, int flags);
+void BIO_clear_flags(BIO *b, int flags);
+
+# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+# define BIO_set_retry_special(b) \
+ BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_read(b) \
+ BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_write(b) \
+ BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+
+/* These are normally used internally in BIOs */
+# define BIO_clear_retry_flags(b) \
+ BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_get_retry_flags(b) \
+ BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+
+/* These should be used by the application to tell why we should retry */
+# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
+# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
+# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
+# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+
+/*
+ * The next three are used in conjunction with the BIO_should_io_special()
+ * condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
+ * *reason); will walk the BIO stack and return the 'reason' for the special
+ * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
+ * the code.
+ */
+/*
+ * Returned from the SSL bio when the certificate retrieval code had an error
+ */
+# define BIO_RR_SSL_X509_LOOKUP 0x01
+/* Returned from the connect BIO when a connect would have blocked */
+# define BIO_RR_CONNECT 0x02
+/* Returned from the accept BIO when an accept would have blocked */
+# define BIO_RR_ACCEPT 0x03
+
+/* These are passed by the BIO callback */
+# define BIO_CB_FREE 0x01
+# define BIO_CB_READ 0x02
+# define BIO_CB_WRITE 0x03
+# define BIO_CB_PUTS 0x04
+# define BIO_CB_GETS 0x05
+# define BIO_CB_CTRL 0x06
+
+/*
+ * The callback is called before and after the underling operation, The
+ * BIO_CB_RETURN flag indicates if it is after the call
+ */
+# define BIO_CB_RETURN 0x80
+# define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
+# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
+# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+
+long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
+ int, long, long);
+void BIO_set_callback(BIO *b,
+ long (*callback) (struct bio_st *, int, const char *,
+ int, long, long));
+char *BIO_get_callback_arg(const BIO *b);
+void BIO_set_callback_arg(BIO *b, char *arg);
+
+const char *BIO_method_name(const BIO *b);
+int BIO_method_type(const BIO *b);
+
+typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
+ long);
+
+typedef struct bio_method_st {
+ int type;
+ const char *name;
+ int (*bwrite) (BIO *, const char *, int);
+ int (*bread) (BIO *, char *, int);
+ int (*bputs) (BIO *, const char *);
+ int (*bgets) (BIO *, char *, int);
+ long (*ctrl) (BIO *, int, long, void *);
+ int (*create) (BIO *);
+ int (*destroy) (BIO *);
+ long (*callback_ctrl) (BIO *, int, bio_info_cb *);
+} BIO_METHOD;
+
+struct bio_st {
+ BIO_METHOD *method;
+ /* bio, mode, argp, argi, argl, ret */
+ long (*callback) (struct bio_st *, int, const char *, int, long, long);
+ char *cb_arg; /* first argument for the callback */
+ int init;
+ int shutdown;
+ int flags; /* extra storage */
+ int retry_reason;
+ int num;
+ void *ptr;
+ struct bio_st *next_bio; /* used by filter BIOs */
+ struct bio_st *prev_bio; /* used by filter BIOs */
+ int references;
+ unsigned long num_read;
+ unsigned long num_write;
+ CRYPTO_EX_DATA ex_data;
+};
+
+DECLARE_STACK_OF(BIO)
+
+typedef struct bio_f_buffer_ctx_struct {
+ /*-
+ * Buffers are setup like this:
+ *
+ * <---------------------- size ----------------------->
+ * +---------------------------------------------------+
+ * | consumed | remaining | free space |
+ * +---------------------------------------------------+
+ * <-- off --><------- len ------->
+ */
+ /*- BIO *bio; *//*
+ * this is now in the BIO struct
+ */
+ int ibuf_size; /* how big is the input buffer */
+ int obuf_size; /* how big is the output buffer */
+ char *ibuf; /* the char array */
+ int ibuf_len; /* how many bytes are in it */
+ int ibuf_off; /* write/read offset */
+ char *obuf; /* the char array */
+ int obuf_len; /* how many bytes are in it */
+ int obuf_off; /* write/read offset */
+} BIO_F_BUFFER_CTX;
+
+/* Prefix and suffix callback in ASN1 BIO */
+typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
+ void *parg);
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP parameter structs */
+struct bio_dgram_sctp_sndinfo {
+ uint16_t snd_sid;
+ uint16_t snd_flags;
+ uint32_t snd_ppid;
+ uint32_t snd_context;
+};
+
+struct bio_dgram_sctp_rcvinfo {
+ uint16_t rcv_sid;
+ uint16_t rcv_ssn;
+ uint16_t rcv_flags;
+ uint32_t rcv_ppid;
+ uint32_t rcv_tsn;
+ uint32_t rcv_cumtsn;
+ uint32_t rcv_context;
+};
+
+struct bio_dgram_sctp_prinfo {
+ uint16_t pr_policy;
+ uint32_t pr_value;
+};
+# endif
+
+/* connect BIO stuff */
+# define BIO_CONN_S_BEFORE 1
+# define BIO_CONN_S_GET_IP 2
+# define BIO_CONN_S_GET_PORT 3
+# define BIO_CONN_S_CREATE_SOCKET 4
+# define BIO_CONN_S_CONNECT 5
+# define BIO_CONN_S_OK 6
+# define BIO_CONN_S_BLOCKED_CONNECT 7
+# define BIO_CONN_S_NBIO 8
+/*
+ * #define BIO_CONN_get_param_hostname BIO_ctrl
+ */
+
+# define BIO_C_SET_CONNECT 100
+# define BIO_C_DO_STATE_MACHINE 101
+# define BIO_C_SET_NBIO 102
+# define BIO_C_SET_PROXY_PARAM 103
+# define BIO_C_SET_FD 104
+# define BIO_C_GET_FD 105
+# define BIO_C_SET_FILE_PTR 106
+# define BIO_C_GET_FILE_PTR 107
+# define BIO_C_SET_FILENAME 108
+# define BIO_C_SET_SSL 109
+# define BIO_C_GET_SSL 110
+# define BIO_C_SET_MD 111
+# define BIO_C_GET_MD 112
+# define BIO_C_GET_CIPHER_STATUS 113
+# define BIO_C_SET_BUF_MEM 114
+# define BIO_C_GET_BUF_MEM_PTR 115
+# define BIO_C_GET_BUFF_NUM_LINES 116
+# define BIO_C_SET_BUFF_SIZE 117
+# define BIO_C_SET_ACCEPT 118
+# define BIO_C_SSL_MODE 119
+# define BIO_C_GET_MD_CTX 120
+# define BIO_C_GET_PROXY_PARAM 121
+# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
+# define BIO_C_GET_CONNECT 123
+# define BIO_C_GET_ACCEPT 124
+# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
+# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
+# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
+# define BIO_C_FILE_SEEK 128
+# define BIO_C_GET_CIPHER_CTX 129
+# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
+ * value */
+# define BIO_C_SET_BIND_MODE 131
+# define BIO_C_GET_BIND_MODE 132
+# define BIO_C_FILE_TELL 133
+# define BIO_C_GET_SOCKS 134
+# define BIO_C_SET_SOCKS 135
+
+# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
+# define BIO_C_GET_WRITE_BUF_SIZE 137
+# define BIO_C_MAKE_BIO_PAIR 138
+# define BIO_C_DESTROY_BIO_PAIR 139
+# define BIO_C_GET_WRITE_GUARANTEE 140
+# define BIO_C_GET_READ_REQUEST 141
+# define BIO_C_SHUTDOWN_WR 142
+# define BIO_C_NREAD0 143
+# define BIO_C_NREAD 144
+# define BIO_C_NWRITE0 145
+# define BIO_C_NWRITE 146
+# define BIO_C_RESET_READ_REQUEST 147
+# define BIO_C_SET_MD_CTX 148
+
+# define BIO_C_SET_PREFIX 149
+# define BIO_C_GET_PREFIX 150
+# define BIO_C_SET_SUFFIX 151
+# define BIO_C_GET_SUFFIX 152
+
+# define BIO_C_SET_EX_ARG 153
+# define BIO_C_GET_EX_ARG 154
+
+# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
+# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
+
+/* BIO_s_connect() and BIO_s_socks4a_connect() */
+# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+# define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
+# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
+# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
+# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
+# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
+# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
+
+# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+
+/* BIO_s_accept_socket() */
+# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
+/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
+# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
+
+# define BIO_BIND_NORMAL 0
+# define BIO_BIND_REUSEADDR_IF_UNUSED 1
+# define BIO_BIND_REUSEADDR 2
+# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
+# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
+
+# define BIO_do_connect(b) BIO_do_handshake(b)
+# define BIO_do_accept(b) BIO_do_handshake(b)
+# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+/* BIO_s_proxy_client() */
+# define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
+# define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
+/* BIO_set_nbio(b,n) */
+# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
+/* BIO *BIO_get_filter_bio(BIO *bio); */
+# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
+# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
+
+# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
+# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
+# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
+
+# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
+# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
+
+# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
+# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
+
+/*
+ * name is cast to lose const, but might be better to route through a
+ * function so we can do it safely
+ */
+# ifdef CONST_STRICT
+/*
+ * If you are wondering why this isn't defined, its because CONST_STRICT is
+ * purely a compile-time kludge to allow const to be checked.
+ */
+int BIO_read_filename(BIO *b, const char *name);
+# else
+# define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ,(char *)name)
+# endif
+# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_WRITE,name)
+# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_APPEND,name)
+# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
+
+/*
+ * WARNING WARNING, this ups the reference count on the read bio of the SSL
+ * structure. This is because the ssl read BIO is now pointed to by the
+ * next_bio field in the bio. So when you free the BIO, make sure you are
+ * doing a BIO_free_all() to catch the underlying BIO.
+ */
+# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+# define BIO_set_ssl_renegotiate_bytes(b,num) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+# define BIO_get_num_renegotiates(b) \
+ BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
+# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
+
+/* defined in evp.h */
+/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
+
+# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
+# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
+# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
+# define BIO_set_mem_eof_return(b,v) \
+ BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
+
+/* For the BIO_f_buffer() type */
+# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+
+/* Don't use the next one unless you know what you are doing :-) */
+# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
+
+# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+/* ...pending macros have inappropriate return type */
+size_t BIO_ctrl_pending(BIO *b);
+size_t BIO_ctrl_wpending(BIO *b);
+# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
+ cbp)
+# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
+
+/* For the BIO_f_buffer() type */
+# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+
+/* For BIO_s_bio() */
+# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
+# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
+# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
+/* macros with inappropriate type -- but ...pending macros use int too: */
+# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
+# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
+size_t BIO_ctrl_get_write_guarantee(BIO *b);
+size_t BIO_ctrl_get_read_request(BIO *b);
+int BIO_ctrl_reset_read_request(BIO *b);
+
+/* ctrl macros for dgram */
+# define BIO_ctrl_dgram_connect(b,peer) \
+ (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
+# define BIO_ctrl_set_connected(b, state, peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
+# define BIO_dgram_recv_timedout(b) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
+# define BIO_dgram_send_timedout(b) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
+# define BIO_dgram_get_peer(b,peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
+# define BIO_dgram_set_peer(b,peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
+# define BIO_dgram_get_mtu_overhead(b) \
+ (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
+
+/* These two aren't currently implemented */
+/* int BIO_get_ex_num(BIO *bio); */
+/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
+int BIO_set_ex_data(BIO *bio, int idx, void *data);
+void *BIO_get_ex_data(BIO *bio, int idx);
+int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+unsigned long BIO_number_read(BIO *bio);
+unsigned long BIO_number_written(BIO *bio);
+
+/* For BIO_f_asn1() */
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+ asn1_ps_func *prefix_free);
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+ asn1_ps_func **pprefix_free);
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+ asn1_ps_func *suffix_free);
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+ asn1_ps_func **psuffix_free);
+
+# ifndef OPENSSL_NO_STDIO
+BIO_METHOD *BIO_s_file(void);
+BIO *BIO_new_file(const char *filename, const char *mode);
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+# define BIO_s_file_internal BIO_s_file
+# endif
+BIO *BIO_new(BIO_METHOD *type);
+int BIO_set(BIO *a, BIO_METHOD *type);
+int BIO_free(BIO *a);
+void BIO_vfree(BIO *a);
+int BIO_read(BIO *b, void *data, int len);
+int BIO_gets(BIO *bp, char *buf, int size);
+int BIO_write(BIO *b, const void *data, int len);
+int BIO_puts(BIO *bp, const char *buf);
+int BIO_indent(BIO *b, int indent, int max);
+long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+long BIO_callback_ctrl(BIO *b, int cmd,
+ void (*fp) (struct bio_st *, int, const char *, int,
+ long, long));
+char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+BIO *BIO_push(BIO *b, BIO *append);
+BIO *BIO_pop(BIO *b);
+void BIO_free_all(BIO *a);
+BIO *BIO_find_type(BIO *b, int bio_type);
+BIO *BIO_next(BIO *b);
+BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+int BIO_get_retry_reason(BIO *bio);
+BIO *BIO_dup_chain(BIO *in);
+
+int BIO_nread0(BIO *bio, char **buf);
+int BIO_nread(BIO *bio, char **buf, int num);
+int BIO_nwrite0(BIO *bio, char **buf);
+int BIO_nwrite(BIO *bio, char **buf, int num);
+
+long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+ long argl, long ret);
+
+BIO_METHOD *BIO_s_mem(void);
+BIO *BIO_new_mem_buf(void *buf, int len);
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_connect(void);
+BIO_METHOD *BIO_s_accept(void);
+BIO_METHOD *BIO_s_fd(void);
+# ifndef OPENSSL_SYS_OS2
+BIO_METHOD *BIO_s_log(void);
+# endif
+BIO_METHOD *BIO_s_bio(void);
+BIO_METHOD *BIO_s_null(void);
+BIO_METHOD *BIO_f_null(void);
+BIO_METHOD *BIO_f_buffer(void);
+# ifdef OPENSSL_SYS_VMS
+BIO_METHOD *BIO_f_linebuffer(void);
+# endif
+BIO_METHOD *BIO_f_nbio_test(void);
+# ifndef OPENSSL_NO_DGRAM
+BIO_METHOD *BIO_s_datagram(void);
+# ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void);
+# endif
+# endif
+
+/* BIO_METHOD *BIO_f_ber(void); */
+
+int BIO_sock_should_retry(int i);
+int BIO_sock_non_fatal_error(int error);
+int BIO_dgram_non_fatal_error(int error);
+
+int BIO_fd_should_retry(int i);
+int BIO_fd_non_fatal_error(int error);
+int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const char *s, int len);
+int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const char *s, int len, int indent);
+int BIO_dump(BIO *b, const char *bytes, int len);
+int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
+# ifndef OPENSSL_NO_STDIO
+int BIO_dump_fp(FILE *fp, const char *s, int len);
+int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
+# endif
+int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
+ int datalen);
+
+struct hostent *BIO_gethostbyname(const char *name);
+/*-
+ * We might want a thread-safe interface too:
+ * struct hostent *BIO_gethostbyname_r(const char *name,
+ * struct hostent *result, void *buffer, size_t buflen);
+ * or something similar (caller allocates a struct hostent,
+ * pointed to by "result", and additional buffer space for the various
+ * substructures; if the buffer does not suffice, NULL is returned
+ * and an appropriate error code is set).
+ */
+int BIO_sock_error(int sock);
+int BIO_socket_ioctl(int fd, long type, void *arg);
+int BIO_socket_nbio(int fd, int mode);
+int BIO_get_port(const char *str, unsigned short *port_ptr);
+int BIO_get_host_ip(const char *str, unsigned char *ip);
+int BIO_get_accept_socket(char *host_port, int mode);
+int BIO_accept(int sock, char **ip_port);
+int BIO_sock_init(void);
+void BIO_sock_cleanup(void);
+int BIO_set_tcp_ndelay(int sock, int turn_on);
+
+BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_dgram(int fd, int close_flag);
+# ifndef OPENSSL_NO_SCTP
+BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+int BIO_dgram_is_sctp(BIO *bio);
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications) (BIO *bio,
+ void
+ *context,
+ void *buf),
+ void *context);
+int BIO_dgram_sctp_wait_for_dry(BIO *b);
+int BIO_dgram_sctp_msg_waiting(BIO *b);
+# endif
+BIO *BIO_new_fd(int fd, int close_flag);
+BIO *BIO_new_connect(const char *host_port);
+BIO *BIO_new_accept(const char *host_port);
+
+int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
+ BIO **bio2, size_t writebuf2);
+/*
+ * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+ * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+ * value.
+ */
+
+void BIO_copy_next_retry(BIO *b);
+
+/*
+ * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
+ */
+
+# ifdef __GNUC__
+# define __bio_h__attr__ __attribute__
+# else
+# define __bio_h__attr__(x)
+# endif
+int BIO_printf(BIO *bio, const char *format, ...)
+__bio_h__attr__((__format__(__printf__, 2, 3)));
+int BIO_vprintf(BIO *bio, const char *format, va_list args)
+__bio_h__attr__((__format__(__printf__, 2, 0)));
+int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+__bio_h__attr__((__format__(__printf__, 3, 4)));
+int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
+__bio_h__attr__((__format__(__printf__, 3, 0)));
+# undef __bio_h__attr__
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BIO_strings(void);
+
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+# define BIO_F_ACPT_STATE 100
+# define BIO_F_BIO_ACCEPT 101
+# define BIO_F_BIO_BER_GET_HEADER 102
+# define BIO_F_BIO_CALLBACK_CTRL 131
+# define BIO_F_BIO_CTRL 103
+# define BIO_F_BIO_GETHOSTBYNAME 120
+# define BIO_F_BIO_GETS 104
+# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
+# define BIO_F_BIO_GET_HOST_IP 106
+# define BIO_F_BIO_GET_PORT 107
+# define BIO_F_BIO_MAKE_PAIR 121
+# define BIO_F_BIO_NEW 108
+# define BIO_F_BIO_NEW_FILE 109
+# define BIO_F_BIO_NEW_MEM_BUF 126
+# define BIO_F_BIO_NREAD 123
+# define BIO_F_BIO_NREAD0 124
+# define BIO_F_BIO_NWRITE 125
+# define BIO_F_BIO_NWRITE0 122
+# define BIO_F_BIO_PUTS 110
+# define BIO_F_BIO_READ 111
+# define BIO_F_BIO_SOCK_INIT 112
+# define BIO_F_BIO_WRITE 113
+# define BIO_F_BUFFER_CTRL 114
+# define BIO_F_CONN_CTRL 127
+# define BIO_F_CONN_STATE 115
+# define BIO_F_DGRAM_SCTP_READ 132
+# define BIO_F_DGRAM_SCTP_WRITE 133
+# define BIO_F_FILE_CTRL 116
+# define BIO_F_FILE_READ 130
+# define BIO_F_LINEBUFFER_CTRL 129
+# define BIO_F_MEM_READ 128
+# define BIO_F_MEM_WRITE 117
+# define BIO_F_SSL_NEW 118
+# define BIO_F_WSASTARTUP 119
+
+/* Reason codes. */
+# define BIO_R_ACCEPT_ERROR 100
+# define BIO_R_BAD_FOPEN_MODE 101
+# define BIO_R_BAD_HOSTNAME_LOOKUP 102
+# define BIO_R_BROKEN_PIPE 124
+# define BIO_R_CONNECT_ERROR 103
+# define BIO_R_EOF_ON_MEMORY_BIO 127
+# define BIO_R_ERROR_SETTING_NBIO 104
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
+# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+# define BIO_R_INVALID_ARGUMENT 125
+# define BIO_R_INVALID_IP_ADDRESS 108
+# define BIO_R_IN_USE 123
+# define BIO_R_KEEPALIVE 109
+# define BIO_R_NBIO_CONNECT_ERROR 110
+# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
+# define BIO_R_NO_HOSTNAME_SPECIFIED 112
+# define BIO_R_NO_PORT_DEFINED 113
+# define BIO_R_NO_PORT_SPECIFIED 114
+# define BIO_R_NO_SUCH_FILE 128
+# define BIO_R_NULL_PARAMETER 115
+# define BIO_R_TAG_MISMATCH 116
+# define BIO_R_UNABLE_TO_BIND_SOCKET 117
+# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
+# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
+# define BIO_R_UNINITIALIZED 120
+# define BIO_R_UNSUPPORTED_METHOD 121
+# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
+# define BIO_R_WSASTARTUP 122
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/bf/blowfish.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BLOWFISH_H
+# define HEADER_BLOWFISH_H
+
+# include <openssl/e_os2.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_BF
+# error BF is disabled.
+# endif
+
+# define BF_ENCRYPT 1
+# define BF_DECRYPT 0
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! BF_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define BF_LONG unsigned int
+
+# define BF_ROUNDS 16
+# define BF_BLOCK 8
+
+typedef struct bf_key_st {
+ BF_LONG P[BF_ROUNDS + 2];
+ BF_LONG S[4 * 256];
+} BF_KEY;
+
+void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+void BF_decrypt(BF_LONG *data, const BF_KEY *key);
+
+void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const BF_KEY *key, int enc);
+void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+ const BF_KEY *schedule, unsigned char *ivec, int enc);
+void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num, int enc);
+void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num);
+const char *BF_options(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/bn/bn.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the Eric Young open source
+ * license provided above.
+ *
+ * The binary polynomial arithmetic software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#ifndef HEADER_BN_H
+# define HEADER_BN_H
+
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h> /* FILE */
+# endif
+# include <openssl/ossl_typ.h>
+# include <openssl/crypto.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * These preprocessor symbols control various aspects of the bignum headers
+ * and library code. They're not defined by any "normal" configuration, as
+ * they are intended for development and testing purposes. NB: defining all
+ * three can be useful for debugging application code as well as openssl
+ * itself. BN_DEBUG - turn on various debugging alterations to the bignum
+ * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
+ * mismanagement of bignum internals. You must also define BN_DEBUG.
+ */
+/* #define BN_DEBUG */
+/* #define BN_DEBUG_RAND */
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+# define BN_MUL_COMBA
+# define BN_SQR_COMBA
+# define BN_RECURSION
+# endif
+
+/*
+ * This next option uses the C libraries (2 word)/(1 word) function. If it is
+ * not defined, I use my C version (which is slower). The reason for this
+ * flag is that when the particular C compiler library routine is used, and
+ * the library is linked with a different compiler, the library is missing.
+ * This mostly happens when the library is built with gcc and then linked
+ * using normal cc. This would be a common occurrence because gcc normally
+ * produces code that is 2 times faster than system compilers for the big
+ * number stuff. For machines with only one compiler (or shared libraries),
+ * this should be on. Again this in only really a problem on machines using
+ * "long long's", are 32bit, and are not using my assembler code.
+ */
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
+ defined(OPENSSL_SYS_WIN32) || defined(linux)
+# ifndef BN_DIV2W
+# define BN_DIV2W
+# endif
+# endif
+
+/*
+ * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
+ * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
+ */
+# ifdef SIXTY_FOUR_BIT_LONG
+# define BN_ULLONG unsigned long long
+# define BN_ULONG unsigned long
+# define BN_LONG long
+# define BN_BITS 128
+# define BN_BYTES 8
+# define BN_BITS2 64
+# define BN_BITS4 32
+# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
+# define BN_MASK2 (0xffffffffffffffffL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000L)
+# define BN_MASK2h1 (0xffffffff80000000L)
+# define BN_TBIT (0x8000000000000000L)
+# define BN_DEC_CONV (10000000000000000000UL)
+# define BN_DEC_FMT1 "%lu"
+# define BN_DEC_FMT2 "%019lu"
+# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%lX"
+# define BN_HEX_FMT2 "%016lX"
+# endif
+
+/*
+ * This is where the long long data type is 64 bits, but long is 32. For
+ * machines where there are 64bit registers, this is the mode to use. IRIX,
+ * on R4000 and above should use this mode, along with the relevant assembler
+ * code :-). Do NOT define BN_LLONG.
+ */
+# ifdef SIXTY_FOUR_BIT
+# undef BN_LLONG
+# undef BN_ULLONG
+# define BN_ULONG unsigned long long
+# define BN_LONG long long
+# define BN_BITS 128
+# define BN_BYTES 8
+# define BN_BITS2 64
+# define BN_BITS4 32
+# define BN_MASK2 (0xffffffffffffffffLL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000LL)
+# define BN_MASK2h1 (0xffffffff80000000LL)
+# define BN_TBIT (0x8000000000000000LL)
+# define BN_DEC_CONV (10000000000000000000ULL)
+# define BN_DEC_FMT1 "%llu"
+# define BN_DEC_FMT2 "%019llu"
+# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%llX"
+# define BN_HEX_FMT2 "%016llX"
+# endif
+
+# ifdef THIRTY_TWO_BIT
+# ifdef BN_LLONG
+# if defined(_WIN32) && !defined(__GNUC__)
+# define BN_ULLONG unsigned __int64
+# define BN_MASK (0xffffffffffffffffI64)
+# else
+# define BN_ULLONG unsigned long long
+# define BN_MASK (0xffffffffffffffffLL)
+# endif
+# endif
+# define BN_ULONG unsigned int
+# define BN_LONG int
+# define BN_BITS 64
+# define BN_BYTES 4
+# define BN_BITS2 32
+# define BN_BITS4 16
+# define BN_MASK2 (0xffffffffL)
+# define BN_MASK2l (0xffff)
+# define BN_MASK2h1 (0xffff8000L)
+# define BN_MASK2h (0xffff0000L)
+# define BN_TBIT (0x80000000L)
+# define BN_DEC_CONV (1000000000L)
+# define BN_DEC_FMT1 "%u"
+# define BN_DEC_FMT2 "%09u"
+# define BN_DEC_NUM 9
+# define BN_HEX_FMT1 "%X"
+# define BN_HEX_FMT2 "%08X"
+# endif
+
+# define BN_DEFAULT_BITS 1280
+
+# define BN_FLG_MALLOCED 0x01
+# define BN_FLG_STATIC_DATA 0x02
+
+/*
+ * avoid leaking exponent information through timing,
+ * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+ * BN_div() will call BN_div_no_branch,
+ * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+ */
+# define BN_FLG_CONSTTIME 0x04
+
+# ifdef OPENSSL_USE_DEPRECATED
+/* deprecated name for the flag */
+# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
+/*
+ * avoid leaking exponent information through timings
+ * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
+ */
+# endif
+
+# ifdef OPENSSL_USE_DEPRECATED
+# define BN_FLG_FREE 0x8000
+ /* used for debuging */
+# endif
+
+void BN_set_flags(BIGNUM *b, int n);
+int BN_get_flags(const BIGNUM *b, int n);
+
+/*
+ * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+ * two BIGNUMs cannot not be used in parallel!)
+ */
+void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int n);
+
+/* Wrapper function to make using BN_GENCB easier, */
+int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+BN_GENCB *BN_GENCB_new(void);
+void BN_GENCB_free(BN_GENCB *cb);
+
+/* Populate a BN_GENCB structure with an "old"-style callback */
+void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback) (int, int, void *),
+ void *cb_arg);
+
+/* Populate a BN_GENCB structure with a "new"-style callback */
+void BN_GENCB_set(BN_GENCB *gencb, int (*callback) (int, int, BN_GENCB *),
+ void *cb_arg);
+
+void *BN_GENCB_get_arg(BN_GENCB *cb);
+
+# define BN_prime_checks 0 /* default: select number of iterations based
+ * on the size of the number */
+
+/*
+ * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
+ * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
+ * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
+ * original paper: Damgaard, Landrock, Pomerance: Average case error
+ * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
+ * 177-194)
+ */
+# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
+ (b) >= 850 ? 3 : \
+ (b) >= 650 ? 4 : \
+ (b) >= 550 ? 5 : \
+ (b) >= 450 ? 6 : \
+ (b) >= 400 ? 7 : \
+ (b) >= 350 ? 8 : \
+ (b) >= 300 ? 9 : \
+ (b) >= 250 ? 12 : \
+ (b) >= 200 ? 15 : \
+ (b) >= 150 ? 18 : \
+ /* b >= 100 */ 27)
+
+# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+
+int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
+int BN_is_zero(const BIGNUM *a);
+int BN_is_one(const BIGNUM *a);
+int BN_is_word(const BIGNUM *a, const BN_ULONG w);
+int BN_is_odd(const BIGNUM *a);
+
+# define BN_one(a) (BN_set_word((a),1))
+
+void BN_zero_ex(BIGNUM *a);
+
+# ifndef OPENSSL_USE_DEPRECATED
+# define BN_zero(a) BN_zero_ex(a)
+# else
+# define BN_zero(a) (BN_set_word((a),0))
+# endif
+
+const BIGNUM *BN_value_one(void);
+char *BN_options(void);
+BN_CTX *BN_CTX_new(void);
+void BN_CTX_free(BN_CTX *c);
+void BN_CTX_start(BN_CTX *ctx);
+BIGNUM *BN_CTX_get(BN_CTX *ctx);
+void BN_CTX_end(BN_CTX *ctx);
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_num_bits(const BIGNUM *a);
+int BN_num_bits_word(BN_ULONG l);
+int BN_security_bits(int L, int N);
+BIGNUM *BN_new(void);
+void BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
+void BN_swap(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
+/** BN_set_negative sets sign of a BIGNUM
+ * \param b pointer to the BIGNUM object
+ * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
+ */
+void BN_set_negative(BIGNUM *b, int n);
+/** BN_is_negative returns 1 if the BIGNUM is negative
+ * \param a pointer to the BIGNUM object
+ * \return 1 if a < 0 and 0 otherwise
+ */
+int BN_is_negative(const BIGNUM *b);
+
+int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+ BN_CTX *ctx);
+# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
+int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
+
+BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+int BN_mul_word(BIGNUM *a, BN_ULONG w);
+int BN_add_word(BIGNUM *a, BN_ULONG w);
+int BN_sub_word(BIGNUM *a, BN_ULONG w);
+int BN_set_word(BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_get_word(const BIGNUM *a);
+
+int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+void BN_free(BIGNUM *a);
+int BN_is_bit_set(const BIGNUM *a, int n);
+int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_lshift1(BIGNUM *r, const BIGNUM *a);
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
+ const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
+ BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+
+int BN_mask_bits(BIGNUM *a, int n);
+# ifndef OPENSSL_NO_STDIO
+int BN_print_fp(FILE *fp, const BIGNUM *a);
+# endif
+# ifdef HEADER_BIO_H
+int BN_print(BIO *fp, const BIGNUM *a);
+# else
+int BN_print(void *fp, const BIGNUM *a);
+# endif
+int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
+int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_rshift1(BIGNUM *r, const BIGNUM *a);
+void BN_clear(BIGNUM *a);
+BIGNUM *BN_dup(const BIGNUM *a);
+int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
+int BN_set_bit(BIGNUM *a, int n);
+int BN_clear_bit(BIGNUM *a, int n);
+char *BN_bn2hex(const BIGNUM *a);
+char *BN_bn2dec(const BIGNUM *a);
+int BN_hex2bn(BIGNUM **a, const char *str);
+int BN_dec2bn(BIGNUM **a, const char *str);
+int BN_asc2bn(BIGNUM **a, const char *str);
+int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
+ * -2 for
+ * error */
+BIGNUM *BN_mod_inverse(BIGNUM *ret,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+BIGNUM *BN_mod_sqrt(BIGNUM *ret,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+
+void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+
+/* Deprecated versions */
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
+ const BIGNUM *add,
+ const BIGNUM *rem,
+ void (*callback) (int, int,
+ void *),
+ void *cb_arg));
+DECLARE_DEPRECATED(int
+ BN_is_prime(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg));
+DECLARE_DEPRECATED(int
+ BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg,
+ int do_trial_division));
+# endif /* defined(OPENSSL_USE_DEPRECATED) */
+
+/* Newer versions */
+int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+ const BIGNUM *rem, BN_GENCB *cb);
+int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+ int do_trial_division, BN_GENCB *cb);
+
+int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
+
+int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+ const BIGNUM *Xp, const BIGNUM *Xp1,
+ const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
+ BN_GENCB *cb);
+int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
+ BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
+ BN_CTX *ctx, BN_GENCB *cb);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void);
+int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ BN_MONT_CTX *mont, BN_CTX *ctx);
+int BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
+ BN_CTX *ctx);
+int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
+ BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
+BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+ const BIGNUM *mod, BN_CTX *ctx);
+
+/* BN_BLINDING flags */
+# define BN_BLINDING_NO_UPDATE 0x00000001
+# define BN_BLINDING_NO_RECREATE 0x00000002
+
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
+void BN_BLINDING_free(BN_BLINDING *b);
+int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+ BN_CTX *);
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(unsigned long
+ BN_BLINDING_get_thread_id(const BN_BLINDING *));
+DECLARE_DEPRECATED(void
+ BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long));
+# endif
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
+unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+ const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+ int (*bn_mod_exp) (BIGNUM *r,
+ const BIGNUM *a,
+ const BIGNUM *p,
+ const BIGNUM *m,
+ BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx),
+ BN_MONT_CTX *m_ctx);
+
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(void BN_set_params(int mul, int high, int low, int mont));
+DECLARE_DEPRECATED(int BN_get_params(int which)); /* 0, mul, 1 high, 2 low, 3
+ * mont */
+# endif
+
+BN_RECP_CTX *BN_RECP_CTX_new(void);
+void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
+int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
+int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_EC2M
+
+/*
+ * Functions for arithmetic over binary polynomials represented by BIGNUMs.
+ * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
+ * ignored. Note that input arguments are not const so that their bit arrays
+ * can be expanded to the appropriate size if needed.
+ */
+
+/*
+ * r = a + b
+ */
+int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+/*
+ * r=a mod p
+ */
+int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+/*-
+ * Some functions allow for representation of the irreducible polynomials
+ * as an unsigned int[], say p. The irreducible f(t) is then of the form:
+ * t^p[0] + t^p[1] + ... + t^p[k]
+ * where m = p[0] > p[1] > ... > p[k] = 0.
+ */
+/* r = a mod p */
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
+ BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
+ BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
+
+# endif
+
+/*
+ * faster mod functions for the 'NIST primes' 0 <= a < p^2
+ */
+int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+const BIGNUM *BN_get0_nist_prime_192(void);
+const BIGNUM *BN_get0_nist_prime_224(void);
+const BIGNUM *BN_get0_nist_prime_256(void);
+const BIGNUM *BN_get0_nist_prime_384(void);
+const BIGNUM *BN_get0_nist_prime_521(void);
+
+int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
+ const BIGNUM *field, BN_CTX *ctx);
+
+int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
+ const BIGNUM *priv, const unsigned char *message,
+ size_t message_len, BN_CTX *ctx);
+
+/* Primes from RFC 2409 */
+BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
+BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
+
+/* Primes from RFC 3526 */
+BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
+
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BN_strings(void);
+
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+# define BN_F_BNRAND 127
+# define BN_F_BN_BLINDING_CONVERT_EX 100
+# define BN_F_BN_BLINDING_CREATE_PARAM 128
+# define BN_F_BN_BLINDING_INVERT_EX 101
+# define BN_F_BN_BLINDING_NEW 102
+# define BN_F_BN_BLINDING_UPDATE 103
+# define BN_F_BN_BN2DEC 104
+# define BN_F_BN_BN2HEX 105
+# define BN_F_BN_COMPUTE_WNAF 142
+# define BN_F_BN_CTX_GET 116
+# define BN_F_BN_CTX_NEW 106
+# define BN_F_BN_CTX_START 129
+# define BN_F_BN_DIV 107
+# define BN_F_BN_DIV_NO_BRANCH 138
+# define BN_F_BN_DIV_RECP 130
+# define BN_F_BN_EXP 123
+# define BN_F_BN_EXPAND2 108
+# define BN_F_BN_EXPAND_INTERNAL 120
+# define BN_F_BN_GENCB_NEW 143
+# define BN_F_BN_GENERATE_DSA_NONCE 140
+# define BN_F_BN_GENERATE_PRIME_EX 141
+# define BN_F_BN_GF2M_MOD 131
+# define BN_F_BN_GF2M_MOD_EXP 132
+# define BN_F_BN_GF2M_MOD_MUL 133
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
+# define BN_F_BN_GF2M_MOD_SQR 136
+# define BN_F_BN_GF2M_MOD_SQRT 137
+# define BN_F_BN_MOD_EXP2_MONT 118
+# define BN_F_BN_MOD_EXP_MONT 109
+# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
+# define BN_F_BN_MOD_EXP_MONT_WORD 117
+# define BN_F_BN_MOD_EXP_RECP 125
+# define BN_F_BN_MOD_EXP_SIMPLE 126
+# define BN_F_BN_MOD_INVERSE 110
+# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
+# define BN_F_BN_MOD_LSHIFT_QUICK 119
+# define BN_F_BN_MOD_MUL_RECIPROCAL 111
+# define BN_F_BN_MOD_SQRT 121
+# define BN_F_BN_MPI2BN 112
+# define BN_F_BN_NEW 113
+# define BN_F_BN_RAND 114
+# define BN_F_BN_RAND_RANGE 122
+# define BN_F_BN_USUB 115
+
+/* Reason codes. */
+# define BN_R_ARG2_LT_ARG3 100
+# define BN_R_BAD_RECIPROCAL 101
+# define BN_R_BIGNUM_TOO_LONG 114
+# define BN_R_BITS_TOO_SMALL 118
+# define BN_R_CALLED_WITH_EVEN_MODULUS 102
+# define BN_R_DIV_BY_ZERO 103
+# define BN_R_ENCODING_ERROR 104
+# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
+# define BN_R_INPUT_NOT_REDUCED 110
+# define BN_R_INVALID_LENGTH 106
+# define BN_R_INVALID_RANGE 115
+# define BN_R_NOT_A_SQUARE 111
+# define BN_R_NOT_INITIALIZED 107
+# define BN_R_NO_INVERSE 108
+# define BN_R_NO_SOLUTION 116
+# define BN_R_PRIVATE_KEY_TOO_LARGE 117
+# define BN_R_P_IS_NOT_PRIME 112
+# define BN_R_TOO_MANY_ITERATIONS 113
+# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/buffer/buffer.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BUFFER_H
+# define HEADER_BUFFER_H
+
+# include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <stddef.h>
+
+# if !defined(NO_SYS_TYPES_H)
+# include <sys/types.h>
+# endif
+
+/* Already declared in ossl_typ.h */
+/* typedef struct buf_mem_st BUF_MEM; */
+
+struct buf_mem_st {
+ size_t length; /* current number of bytes */
+ char *data;
+ size_t max; /* size of buffer */
+};
+
+BUF_MEM *BUF_MEM_new(void);
+void BUF_MEM_free(BUF_MEM *a);
+size_t BUF_MEM_grow(BUF_MEM *str, size_t len);
+size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+size_t BUF_strnlen(const char *str, size_t maxlen);
+char *BUF_strdup(const char *str);
+char *BUF_strndup(const char *str, size_t siz);
+void *BUF_memdup(const void *data, size_t siz);
+void BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
+
+/* safe string functions */
+size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
+size_t BUF_strlcat(char *dst, const char *src, size_t siz);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BUF_strings(void);
+
+/* Error codes for the BUF functions. */
+
+/* Function codes. */
+# define BUF_F_BUF_MEMDUP 103
+# define BUF_F_BUF_MEM_GROW 100
+# define BUF_F_BUF_MEM_GROW_CLEAN 105
+# define BUF_F_BUF_MEM_NEW 101
+# define BUF_F_BUF_STRDUP 102
+# define BUF_F_BUF_STRNDUP 104
+
+/* Reason codes. */
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_CAMELLIA_H
+# define HEADER_CAMELLIA_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_CAMELLIA
+# error CAMELLIA is disabled.
+# endif
+
+# include <stddef.h>
+
+# define CAMELLIA_ENCRYPT 1
+# define CAMELLIA_DECRYPT 0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+
+# define CAMELLIA_BLOCK_SIZE 16
+# define CAMELLIA_TABLE_BYTE_LEN 272
+# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
+
+typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
+ * with WORD */
+
+struct camellia_key_st {
+ union {
+ double d; /* ensures 64-bit align */
+ KEY_TABLE_TYPE rd_key;
+ } u;
+ int grand_rounds;
+};
+typedef struct camellia_key_st CAMELLIA_KEY;
+
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key);
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key);
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key, const int enc);
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, const int enc);
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num);
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+ unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+ unsigned int *num);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* !HEADER_Camellia_H */
--- /dev/null
+/* crypto/cast/cast.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CAST_H
+# define HEADER_CAST_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_CAST
+# error CAST is disabled.
+# endif
+
+# define CAST_ENCRYPT 1
+# define CAST_DECRYPT 0
+
+# define CAST_LONG unsigned int
+
+# define CAST_BLOCK 8
+# define CAST_KEY_LENGTH 16
+
+typedef struct cast_key_st {
+ CAST_LONG data[32];
+ int short_key; /* Use reduced rounds for short key */
+} CAST_KEY;
+
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
+void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const CAST_KEY *key, int enc);
+void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
+void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
+void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *ks, unsigned char *iv,
+ int enc);
+void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *schedule,
+ unsigned char *ivec, int *num, int enc);
+void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *schedule,
+ unsigned char *ivec, int *num);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/cmac/cmac.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMAC_H
+# define HEADER_CMAC_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/evp.h>
+
+/* Opaque */
+typedef struct CMAC_CTX_st CMAC_CTX;
+
+CMAC_CTX *CMAC_CTX_new(void);
+void CMAC_CTX_cleanup(CMAC_CTX *ctx);
+void CMAC_CTX_free(CMAC_CTX *ctx);
+EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
+int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
+
+int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
+ const EVP_CIPHER *cipher, ENGINE *impl);
+int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
+int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
+int CMAC_resume(CMAC_CTX *ctx);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/cms/cms.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMS_H
+# define HEADER_CMS_H
+
+# include <openssl/x509.h>
+
+# ifdef OPENSSL_NO_CMS
+# error CMS is disabled.
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct CMS_ContentInfo_st CMS_ContentInfo;
+typedef struct CMS_SignerInfo_st CMS_SignerInfo;
+typedef struct CMS_CertificateChoices CMS_CertificateChoices;
+typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
+typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;
+typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
+typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
+
+DECLARE_STACK_OF(CMS_SignerInfo)
+DECLARE_STACK_OF(GENERAL_NAMES)
+DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+# define CMS_SIGNERINFO_ISSUER_SERIAL 0
+# define CMS_SIGNERINFO_KEYIDENTIFIER 1
+
+# define CMS_RECIPINFO_NONE -1
+# define CMS_RECIPINFO_TRANS 0
+# define CMS_RECIPINFO_AGREE 1
+# define CMS_RECIPINFO_KEK 2
+# define CMS_RECIPINFO_PASS 3
+# define CMS_RECIPINFO_OTHER 4
+
+/* S/MIME related flags */
+
+# define CMS_TEXT 0x1
+# define CMS_NOCERTS 0x2
+# define CMS_NO_CONTENT_VERIFY 0x4
+# define CMS_NO_ATTR_VERIFY 0x8
+# define CMS_NOSIGS \
+ (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
+# define CMS_NOINTERN 0x10
+# define CMS_NO_SIGNER_CERT_VERIFY 0x20
+# define CMS_NOVERIFY 0x20
+# define CMS_DETACHED 0x40
+# define CMS_BINARY 0x80
+# define CMS_NOATTR 0x100
+# define CMS_NOSMIMECAP 0x200
+# define CMS_NOOLDMIMETYPE 0x400
+# define CMS_CRLFEOL 0x800
+# define CMS_STREAM 0x1000
+# define CMS_NOCRL 0x2000
+# define CMS_PARTIAL 0x4000
+# define CMS_REUSE_DIGEST 0x8000
+# define CMS_USE_KEYID 0x10000
+# define CMS_DEBUG_DECRYPT 0x20000
+# define CMS_KEY_PARAM 0x40000
+# define CMS_ASCIICRLF 0x80000
+
+const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
+
+BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
+int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
+
+ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
+int CMS_is_detached(CMS_ContentInfo *cms);
+int CMS_set_detached(CMS_ContentInfo *cms, int detached);
+
+# ifdef HEADER_PEM_H
+DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
+# endif
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
+CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
+int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
+
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+ int flags);
+CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
+int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
+ unsigned int flags);
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ unsigned int flags);
+
+CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
+ X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, unsigned int flags);
+
+int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+
+int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+ unsigned int flags);
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+ unsigned int flags);
+
+int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+ const unsigned char *key, size_t keylen,
+ BIO *dcont, BIO *out, unsigned int flags);
+
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ size_t keylen, unsigned int flags);
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+ const unsigned char *key, size_t keylen);
+
+int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+ X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+ STACK_OF(X509) *certs,
+ X509_STORE *store, unsigned int flags);
+
+STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, unsigned int flags);
+
+int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
+ BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
+int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
+ unsigned char *key, size_t keylen,
+ unsigned char *id, size_t idlen);
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+ unsigned char *pass, ossl_ssize_t passlen);
+
+STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+ X509 *recip, unsigned int flags);
+int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
+ EVP_PKEY **pk, X509 **recip,
+ X509_ALGOR **palg);
+int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno);
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+ unsigned char *key, size_t keylen,
+ unsigned char *id, size_t idlen,
+ ASN1_GENERALIZEDTIME *date,
+ ASN1_OBJECT *otherTypeId,
+ ASN1_TYPE *otherType);
+
+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+ X509_ALGOR **palg,
+ ASN1_OCTET_STRING **pid,
+ ASN1_GENERALIZEDTIME **pdate,
+ ASN1_OBJECT **potherid,
+ ASN1_TYPE **pothertype);
+
+int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+ unsigned char *key, size_t keylen);
+
+int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+ const unsigned char *id, size_t idlen);
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+ unsigned char *pass,
+ ossl_ssize_t passlen);
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+ int iter, int wrap_nid,
+ int pbe_nid,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
+ const EVP_CIPHER *kekciph);
+
+int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+ unsigned int flags);
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+
+CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
+int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
+int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+int CMS_SignedData_init(CMS_ContentInfo *cms);
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+ X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
+ unsigned int flags);
+EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
+EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
+STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+ unsigned int flags);
+void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
+ X509 **signer, X509_ALGOR **pdig,
+ X509_ALGOR **psig);
+ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
+
+int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
+int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
+ int algnid, int keysize);
+int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
+
+int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
+int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+ int lastpos);
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int type,
+ const void *bytes, int len);
+int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
+ int nid, int type,
+ const void *bytes, int len);
+int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
+ const char *attrname, int type,
+ const void *bytes, int len);
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+ int lastpos, int type);
+
+int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
+int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+ int lastpos);
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int type,
+ const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
+ int nid, int type,
+ const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
+ const char *attrname, int type,
+ const void *bytes, int len);
+void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+ int lastpos, int type);
+
+# ifdef HEADER_X509V3_H
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+ int allorfirst,
+ STACK_OF(GENERAL_NAMES)
+ *receiptList, STACK_OF(GENERAL_NAMES)
+ *receiptsTo);
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+ ASN1_STRING **pcid,
+ int *pallorfirst,
+ STACK_OF(GENERAL_NAMES) **plist,
+ STACK_OF(GENERAL_NAMES) **prto);
+# endif
+int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
+ X509_ALGOR **palg,
+ ASN1_OCTET_STRING **pukm);
+STACK_OF(CMS_RecipientEncryptedKey)
+*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
+
+int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
+ X509_ALGOR **pubalg,
+ ASN1_BIT_STRING **pubkey,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno);
+
+int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
+
+int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
+ ASN1_OCTET_STRING **keyid,
+ ASN1_GENERALIZEDTIME **tm,
+ CMS_OtherKeyAttribute **other,
+ X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
+ X509 *cert);
+int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
+EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
+ CMS_RecipientInfo *ri,
+ CMS_RecipientEncryptedKey *rek);
+
+int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
+ ASN1_OCTET_STRING *ukm, int keylen);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CMS_strings(void);
+
+/* Error codes for the CMS functions. */
+
+/* Function codes. */
+# define CMS_F_CHECK_CONTENT 99
+# define CMS_F_CMS_ADD0_CERT 164
+# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
+# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
+# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
+# define CMS_F_CMS_ADD1_SIGNER 102
+# define CMS_F_CMS_ADD1_SIGNINGTIME 103
+# define CMS_F_CMS_COMPRESS 104
+# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
+# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
+# define CMS_F_CMS_COPY_CONTENT 107
+# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
+# define CMS_F_CMS_DATA 109
+# define CMS_F_CMS_DATAFINAL 110
+# define CMS_F_CMS_DATAINIT 111
+# define CMS_F_CMS_DECRYPT 112
+# define CMS_F_CMS_DECRYPT_SET1_KEY 113
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
+# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
+# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
+# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
+# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
+# define CMS_F_CMS_DIGEST_VERIFY 118
+# define CMS_F_CMS_ENCODE_RECEIPT 161
+# define CMS_F_CMS_ENCRYPT 119
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
+# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
+# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
+# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
+# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
+# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
+# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
+# define CMS_F_CMS_ENV_ASN1_CTRL 171
+# define CMS_F_CMS_FINAL 127
+# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
+# define CMS_F_CMS_GET0_CONTENT 129
+# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
+# define CMS_F_CMS_GET0_ENVELOPED 131
+# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
+# define CMS_F_CMS_GET0_SIGNED 133
+# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
+# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
+# define CMS_F_CMS_RECEIPT_VERIFY 160
+# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
+# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
+# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
+# define CMS_F_CMS_SD_ASN1_CTRL 170
+# define CMS_F_CMS_SET1_IAS 176
+# define CMS_F_CMS_SET1_KEYID 177
+# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
+# define CMS_F_CMS_SET_DETACHED 147
+# define CMS_F_CMS_SIGN 148
+# define CMS_F_CMS_SIGNED_DATA_INIT 149
+# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
+# define CMS_F_CMS_SIGNERINFO_SIGN 151
+# define CMS_F_CMS_SIGNERINFO_VERIFY 152
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
+# define CMS_F_CMS_SIGN_RECEIPT 163
+# define CMS_F_CMS_STREAM 155
+# define CMS_F_CMS_UNCOMPRESS 156
+# define CMS_F_CMS_VERIFY 157
+
+/* Reason codes. */
+# define CMS_R_ADD_SIGNER_ERROR 99
+# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
+# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
+# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
+# define CMS_R_CIPHER_INITIALISATION_ERROR 101
+# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
+# define CMS_R_CMS_DATAFINAL_ERROR 103
+# define CMS_R_CMS_LIB 104
+# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
+# define CMS_R_CONTENT_NOT_FOUND 105
+# define CMS_R_CONTENT_TYPE_MISMATCH 171
+# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
+# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
+# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
+# define CMS_R_CONTENT_VERIFY_ERROR 109
+# define CMS_R_CTRL_ERROR 110
+# define CMS_R_CTRL_FAILURE 111
+# define CMS_R_DECRYPT_ERROR 112
+# define CMS_R_DIGEST_ERROR 161
+# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
+# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
+# define CMS_R_ERROR_SETTING_KEY 115
+# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
+# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
+# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
+# define CMS_R_INVALID_KEY_LENGTH 118
+# define CMS_R_MD_BIO_INIT_ERROR 119
+# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
+# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
+# define CMS_R_MSGSIGDIGEST_ERROR 172
+# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
+# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
+# define CMS_R_NEED_ONE_SIGNER 164
+# define CMS_R_NOT_A_SIGNED_RECEIPT 165
+# define CMS_R_NOT_ENCRYPTED_DATA 122
+# define CMS_R_NOT_KEK 123
+# define CMS_R_NOT_KEY_AGREEMENT 181
+# define CMS_R_NOT_KEY_TRANSPORT 124
+# define CMS_R_NOT_PWRI 177
+# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
+# define CMS_R_NO_CIPHER 126
+# define CMS_R_NO_CONTENT 127
+# define CMS_R_NO_CONTENT_TYPE 173
+# define CMS_R_NO_DEFAULT_DIGEST 128
+# define CMS_R_NO_DIGEST_SET 129
+# define CMS_R_NO_KEY 130
+# define CMS_R_NO_KEY_OR_CERT 174
+# define CMS_R_NO_MATCHING_DIGEST 131
+# define CMS_R_NO_MATCHING_RECIPIENT 132
+# define CMS_R_NO_MATCHING_SIGNATURE 166
+# define CMS_R_NO_MSGSIGDIGEST 167
+# define CMS_R_NO_PASSWORD 178
+# define CMS_R_NO_PRIVATE_KEY 133
+# define CMS_R_NO_PUBLIC_KEY 134
+# define CMS_R_NO_RECEIPT_REQUEST 168
+# define CMS_R_NO_SIGNERS 135
+# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
+# define CMS_R_RECEIPT_DECODE_ERROR 169
+# define CMS_R_RECIPIENT_ERROR 137
+# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
+# define CMS_R_SIGNFINAL_ERROR 139
+# define CMS_R_SMIME_TEXT_ERROR 140
+# define CMS_R_STORE_INIT_ERROR 141
+# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
+# define CMS_R_TYPE_NOT_DATA 143
+# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
+# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
+# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
+# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
+# define CMS_R_UNKNOWN_CIPHER 148
+# define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
+# define CMS_R_UNKNOWN_ID 150
+# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
+# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
+# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
+# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
+# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
+# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
+# define CMS_R_UNSUPPORTED_TYPE 156
+# define CMS_R_UNWRAP_ERROR 157
+# define CMS_R_UNWRAP_FAILURE 180
+# define CMS_R_VERIFICATION_FAILURE 158
+# define CMS_R_WRAP_ERROR 159
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+
+#ifndef HEADER_COMP_H
+# define HEADER_COMP_H
+
+# include <openssl/crypto.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct comp_ctx_st COMP_CTX;
+
+typedef struct comp_method_st {
+ int type; /* NID for compression library */
+ const char *name; /* A text string to identify the library */
+ int (*init) (COMP_CTX *ctx);
+ void (*finish) (COMP_CTX *ctx);
+ int (*compress) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+ int (*expand) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+ /*
+ * The following two do NOTHING, but are kept for backward compatibility
+ */
+ long (*ctrl) (void);
+ long (*callback_ctrl) (void);
+} COMP_METHOD;
+
+struct comp_ctx_st {
+ COMP_METHOD *meth;
+ unsigned long compress_in;
+ unsigned long compress_out;
+ unsigned long expand_in;
+ unsigned long expand_out;
+ CRYPTO_EX_DATA ex_data;
+};
+
+COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
+void COMP_CTX_free(COMP_CTX *ctx);
+int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+COMP_METHOD *COMP_rle(void);
+COMP_METHOD *COMP_zlib(void);
+void COMP_zlib_cleanup(void);
+
+# ifdef HEADER_BIO_H
+# ifdef ZLIB
+BIO_METHOD *BIO_f_zlib(void);
+# endif
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_COMP_strings(void);
+
+/* Error codes for the COMP functions. */
+
+/* Function codes. */
+# define COMP_F_BIO_ZLIB_FLUSH 99
+# define COMP_F_BIO_ZLIB_NEW 100
+# define COMP_F_BIO_ZLIB_READ 101
+# define COMP_F_BIO_ZLIB_WRITE 102
+
+/* Reason codes. */
+# define COMP_R_ZLIB_DEFLATE_ERROR 99
+# define COMP_R_ZLIB_INFLATE_ERROR 100
+# define COMP_R_ZLIB_NOT_SUPPORTED 101
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/conf/conf.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CONF_H
+# define HEADER_CONF_H
+
+# include <openssl/bio.h>
+# include <openssl/lhash.h>
+# include <openssl/stack.h>
+# include <openssl/safestack.h>
+# include <openssl/e_os2.h>
+
+# include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct {
+ char *section;
+ char *name;
+ char *value;
+} CONF_VALUE;
+
+DECLARE_STACK_OF(CONF_VALUE)
+DECLARE_LHASH_OF(CONF_VALUE);
+
+struct conf_st;
+struct conf_method_st;
+typedef struct conf_method_st CONF_METHOD;
+
+struct conf_method_st {
+ const char *name;
+ CONF *(*create) (CONF_METHOD *meth);
+ int (*init) (CONF *conf);
+ int (*destroy) (CONF *conf);
+ int (*destroy_data) (CONF *conf);
+ int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+ int (*dump) (const CONF *conf, BIO *bp);
+ int (*is_number) (const CONF *conf, char c);
+ int (*to_int) (const CONF *conf, char c);
+ int (*load) (CONF *conf, const char *name, long *eline);
+};
+
+/* Module definitions */
+
+typedef struct conf_imodule_st CONF_IMODULE;
+typedef struct conf_module_st CONF_MODULE;
+
+DECLARE_STACK_OF(CONF_MODULE)
+DECLARE_STACK_OF(CONF_IMODULE)
+
+/* DSO module function typedefs */
+typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
+typedef void conf_finish_func (CONF_IMODULE *md);
+
+# define CONF_MFLAGS_IGNORE_ERRORS 0x1
+# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
+# define CONF_MFLAGS_SILENT 0x4
+# define CONF_MFLAGS_NO_DSO 0x8
+# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
+# define CONF_MFLAGS_DEFAULT_SECTION 0x20
+
+int CONF_set_default_method(CONF_METHOD *meth);
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+ long *eline);
+# ifndef OPENSSL_NO_STDIO
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+ long *eline);
+# endif
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+ long *eline);
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+ const char *section);
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
+
+void OPENSSL_config(const char *config_name);
+void OPENSSL_no_config(void);
+
+/*
+ * New conf code. The semantics are different from the functions above. If
+ * that wasn't the case, the above functions would have been replaced
+ */
+
+struct conf_st {
+ CONF_METHOD *meth;
+ void *meth_data;
+ LHASH_OF(CONF_VALUE) *data;
+};
+
+CONF *NCONF_new(CONF_METHOD *meth);
+CONF_METHOD *NCONF_default(void);
+CONF_METHOD *NCONF_WIN32(void);
+void NCONF_free(CONF *conf);
+void NCONF_free_data(CONF *conf);
+
+int NCONF_load(CONF *conf, const char *file, long *eline);
+# ifndef OPENSSL_NO_STDIO
+int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
+# endif
+int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
+STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
+ const char *section);
+char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
+int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
+ long *result);
+int NCONF_dump_fp(const CONF *conf, FILE *out);
+int NCONF_dump_bio(const CONF *conf, BIO *out);
+
+#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
+
+/* Module functions */
+
+int CONF_modules_load(const CONF *cnf, const char *appname,
+ unsigned long flags);
+int CONF_modules_load_file(const char *filename, const char *appname,
+ unsigned long flags);
+void CONF_modules_unload(int all);
+void CONF_modules_finish(void);
+void CONF_modules_free(void);
+int CONF_module_add(const char *name, conf_init_func *ifunc,
+ conf_finish_func *ffunc);
+
+const char *CONF_imodule_get_name(const CONF_IMODULE *md);
+const char *CONF_imodule_get_value(const CONF_IMODULE *md);
+void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
+void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
+CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
+unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
+void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
+void *CONF_module_get_usr_data(CONF_MODULE *pmod);
+void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
+
+char *CONF_get1_default_config_file(void);
+
+int CONF_parse_list(const char *list, int sep, int nospc,
+ int (*list_cb) (const char *elem, int len, void *usr),
+ void *arg);
+
+void OPENSSL_load_builtin_modules(void);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CONF_strings(void);
+
+/* Error codes for the CONF functions. */
+
+/* Function codes. */
+# define CONF_F_CONF_DUMP_FP 104
+# define CONF_F_CONF_LOAD 100
+# define CONF_F_CONF_LOAD_BIO 102
+# define CONF_F_CONF_LOAD_FP 103
+# define CONF_F_CONF_MODULES_LOAD 116
+# define CONF_F_CONF_PARSE_LIST 119
+# define CONF_F_DEF_LOAD 120
+# define CONF_F_DEF_LOAD_BIO 121
+# define CONF_F_MODULE_INIT 115
+# define CONF_F_MODULE_LOAD_DSO 117
+# define CONF_F_MODULE_RUN 118
+# define CONF_F_NCONF_DUMP_BIO 105
+# define CONF_F_NCONF_DUMP_FP 106
+# define CONF_F_NCONF_GET_NUMBER 107
+# define CONF_F_NCONF_GET_NUMBER_E 112
+# define CONF_F_NCONF_GET_SECTION 108
+# define CONF_F_NCONF_GET_STRING 109
+# define CONF_F_NCONF_LOAD 113
+# define CONF_F_NCONF_LOAD_BIO 110
+# define CONF_F_NCONF_LOAD_FP 114
+# define CONF_F_NCONF_NEW 111
+# define CONF_F_STR_COPY 101
+
+/* Reason codes. */
+# define CONF_R_ERROR_LOADING_DSO 110
+# define CONF_R_LIST_CANNOT_BE_NULL 115
+# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+# define CONF_R_MISSING_EQUAL_SIGN 101
+# define CONF_R_MISSING_FINISH_FUNCTION 111
+# define CONF_R_MISSING_INIT_FUNCTION 112
+# define CONF_R_MODULE_INITIALIZATION_ERROR 109
+# define CONF_R_NO_CLOSE_BRACE 102
+# define CONF_R_NO_CONF 105
+# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
+# define CONF_R_NO_SECTION 107
+# define CONF_R_NO_SUCH_FILE 114
+# define CONF_R_NO_VALUE 108
+# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
+# define CONF_R_UNKNOWN_MODULE_NAME 113
+# define CONF_R_VARIABLE_HAS_NO_VALUE 104
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* conf_api.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CONF_API_H
+# define HEADER_CONF_API_H
+
+# include <openssl/lhash.h>
+# include <openssl/conf.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Up until OpenSSL 0.9.5a, this was new_section */
+CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
+/* Up until OpenSSL 0.9.5a, this was get_section */
+CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
+/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
+STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
+ const char *section);
+
+int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
+char *_CONF_get_string(const CONF *conf, const char *section,
+ const char *name);
+long _CONF_get_number(const CONF *conf, const char *section,
+ const char *name);
+
+int _CONF_new_data(CONF *conf);
+void _CONF_free_data(CONF *conf);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/crypto.h */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_CRYPTO_H
+# define HEADER_CRYPTO_H
+
+# include <stdlib.h>
+# include <time.h>
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+
+# include <openssl/stack.h>
+# include <openssl/safestack.h>
+# include <openssl/opensslv.h>
+# include <openssl/ossl_typ.h>
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+/*
+ * Resolve problems on some operating systems with symbol names that clash
+ * one way or another
+ */
+# include <openssl/symhacks.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Backward compatibility to SSLeay */
+/*
+ * This is more to be used to check the correct DLL is being used in the MS
+ * world.
+ */
+# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
+# define SSLEAY_VERSION 0
+/* #define SSLEAY_OPTIONS 1 no longer supported */
+# define SSLEAY_CFLAGS 2
+# define SSLEAY_BUILT_ON 3
+# define SSLEAY_PLATFORM 4
+# define SSLEAY_DIR 5
+
+/* A generic structure to pass assorted data in a expandable way */
+typedef struct openssl_item_st {
+ int code;
+ void *value; /* Not used for flag attributes */
+ size_t value_size; /* Max size of value for output, length for
+ * input */
+ size_t *value_length; /* Returned length of value for output */
+} OPENSSL_ITEM;
+
+/*
+ * When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
+ * names in cryptlib.c
+ */
+
+# define CRYPTO_LOCK_ERR 1
+# define CRYPTO_LOCK_EX_DATA 2
+# define CRYPTO_LOCK_X509 3
+# define CRYPTO_LOCK_X509_INFO 4
+# define CRYPTO_LOCK_X509_PKEY 5
+# define CRYPTO_LOCK_X509_CRL 6
+# define CRYPTO_LOCK_X509_REQ 7
+# define CRYPTO_LOCK_DSA 8
+# define CRYPTO_LOCK_RSA 9
+# define CRYPTO_LOCK_EVP_PKEY 10
+# define CRYPTO_LOCK_X509_STORE 11
+# define CRYPTO_LOCK_SSL_CTX 12
+# define CRYPTO_LOCK_SSL_CERT 13
+# define CRYPTO_LOCK_SSL_SESSION 14
+# define CRYPTO_LOCK_SSL_SESS_CERT 15
+# define CRYPTO_LOCK_SSL 16
+# define CRYPTO_LOCK_SSL_METHOD 17
+# define CRYPTO_LOCK_RAND 18
+# define CRYPTO_LOCK_RAND2 19
+# define CRYPTO_LOCK_MALLOC 20
+# define CRYPTO_LOCK_BIO 21
+# define CRYPTO_LOCK_GETHOSTBYNAME 22
+# define CRYPTO_LOCK_GETSERVBYNAME 23
+# define CRYPTO_LOCK_READDIR 24
+# define CRYPTO_LOCK_RSA_BLINDING 25
+# define CRYPTO_LOCK_DH 26
+# define CRYPTO_LOCK_MALLOC2 27
+# define CRYPTO_LOCK_DSO 28
+# define CRYPTO_LOCK_DYNLOCK 29
+# define CRYPTO_LOCK_ENGINE 30
+# define CRYPTO_LOCK_UI 31
+# define CRYPTO_LOCK_ECDSA 32
+# define CRYPTO_LOCK_EC 33
+# define CRYPTO_LOCK_ECDH 34
+# define CRYPTO_LOCK_BN 35
+# define CRYPTO_LOCK_EC_PRE_COMP 36
+# define CRYPTO_LOCK_STORE 37
+# define CRYPTO_LOCK_COMP 38
+# define CRYPTO_LOCK_FIPS 39
+# define CRYPTO_LOCK_FIPS2 40
+# define CRYPTO_NUM_LOCKS 41
+
+# define CRYPTO_LOCK 1
+# define CRYPTO_UNLOCK 2
+# define CRYPTO_READ 4
+# define CRYPTO_WRITE 8
+
+# ifndef OPENSSL_NO_LOCKING
+# ifndef CRYPTO_w_lock
+# define CRYPTO_w_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+# define CRYPTO_w_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+# define CRYPTO_r_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+# define CRYPTO_r_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+# define CRYPTO_add(addr,amount,type) \
+ CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
+# endif
+# else
+# define CRYPTO_w_lock(a)
+# define CRYPTO_w_unlock(a)
+# define CRYPTO_r_lock(a)
+# define CRYPTO_r_unlock(a)
+# define CRYPTO_add(a,b,c) ((*(a))+=(b))
+# endif
+
+/*
+ * Some applications as well as some parts of OpenSSL need to allocate and
+ * deallocate locks in a dynamic fashion. The following typedef makes this
+ * possible in a type-safe manner.
+ */
+/* struct CRYPTO_dynlock_value has to be defined by the application. */
+typedef struct {
+ int references;
+ struct CRYPTO_dynlock_value *data;
+} CRYPTO_dynlock;
+
+/*
+ * The following can be used to detect memory leaks in the SSLeay library. It
+ * used, it turns on malloc checking
+ */
+
+# define CRYPTO_MEM_CHECK_OFF 0x0/* an enume */
+# define CRYPTO_MEM_CHECK_ON 0x1/* a bit */
+# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
+# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
+
+/*
+ * The following are bit values to turn on or off options connected to the
+ * malloc checking functionality
+ */
+
+/* Adds time to the memory checking information */
+# define V_CRYPTO_MDEBUG_TIME 0x1/* a bit */
+/* Adds thread number to the memory checking information */
+# define V_CRYPTO_MDEBUG_THREAD 0x2/* a bit */
+
+# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
+
+/* predec of the BIO type */
+typedef struct bio_st BIO_dummy;
+
+struct crypto_ex_data_st {
+ STACK_OF(void) *sk;
+ /* gcc is screwing up this data structure :-( */
+ int dummy;
+};
+DECLARE_STACK_OF(void)
+
+/*
+ * This stuff is basically class callback functions The current classes are
+ * SSL_CTX, SSL, SSL_SESSION, and a few more
+ */
+
+typedef struct crypto_ex_data_func_st {
+ long argl; /* Arbitary long */
+ void *argp; /* Arbitary void * */
+ CRYPTO_EX_new *new_func;
+ CRYPTO_EX_free *free_func;
+ CRYPTO_EX_dup *dup_func;
+} CRYPTO_EX_DATA_FUNCS;
+
+DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
+
+/*
+ * Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
+ * entry.
+ */
+
+# define CRYPTO_EX_INDEX_BIO 0
+# define CRYPTO_EX_INDEX_SSL 1
+# define CRYPTO_EX_INDEX_SSL_CTX 2
+# define CRYPTO_EX_INDEX_SSL_SESSION 3
+# define CRYPTO_EX_INDEX_X509_STORE 4
+# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
+# define CRYPTO_EX_INDEX_RSA 6
+# define CRYPTO_EX_INDEX_DSA 7
+# define CRYPTO_EX_INDEX_DH 8
+# define CRYPTO_EX_INDEX_ENGINE 9
+# define CRYPTO_EX_INDEX_X509 10
+# define CRYPTO_EX_INDEX_UI 11
+# define CRYPTO_EX_INDEX_ECDSA 12
+# define CRYPTO_EX_INDEX_ECDH 13
+# define CRYPTO_EX_INDEX_COMP 14
+# define CRYPTO_EX_INDEX_STORE 15
+
+/*
+ * Dynamically assigned indexes start from this value (don't use directly,
+ * use via CRYPTO_ex_data_new_class).
+ */
+# define CRYPTO_EX_INDEX_USER 100
+
+/*
+ * This is the default callbacks, but we can have others as well: this is
+ * needed in Win32 where the application malloc and the library malloc may
+ * not be the same.
+ */
+# define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
+ malloc, realloc, free)
+
+# if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
+# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
+# define CRYPTO_MDEBUG
+# endif
+# endif
+
+/*
+ * Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
+ * is defined)
+ */
+# define CRYPTO_malloc_debug_init() do {\
+ CRYPTO_set_mem_debug_functions(\
+ CRYPTO_dbg_malloc,\
+ CRYPTO_dbg_realloc,\
+ CRYPTO_dbg_free,\
+ CRYPTO_dbg_set_options,\
+ CRYPTO_dbg_get_options);\
+ } while(0)
+
+int CRYPTO_mem_ctrl(int mode);
+int CRYPTO_is_mem_check_on(void);
+
+/* for applications */
+# define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
+# define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
+
+/* for library-internal use */
+# define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
+# define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
+# define is_MemCheck_on() CRYPTO_is_mem_check_on()
+
+# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
+# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)
+# define OPENSSL_realloc(addr,num) \
+ CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
+# define OPENSSL_realloc_clean(addr,old_num,num) \
+ CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
+# define OPENSSL_remalloc(addr,num) \
+ CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
+# define OPENSSL_freeFunc CRYPTO_free
+# define OPENSSL_free(addr) CRYPTO_free(addr)
+
+# define OPENSSL_malloc_locked(num) \
+ CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
+# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
+# define OPENSSL_MALLOC_MAX_NELEMS(type) (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
+
+const char *SSLeay_version(int type);
+unsigned long SSLeay(void);
+
+int OPENSSL_issetugid(void);
+
+/* An opaque type representing an implementation of "ex_data" support */
+typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
+/* Return an opaque pointer to the current "ex_data" implementation */
+const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
+/* Sets the "ex_data" implementation to be used (if it's not too late) */
+int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
+/* Get a new "ex_data" class, and return the corresponding "class_index" */
+int CRYPTO_ex_data_new_class(void);
+/* Within a given class, get/register a new index */
+int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
+ CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+/*
+ * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
+ * given class (invokes whatever per-class callbacks are applicable)
+ */
+int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
+ CRYPTO_EX_DATA *from);
+void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+/*
+ * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
+ * index (relative to the class type involved)
+ */
+int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
+void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
+/*
+ * This function cleans up all "ex_data" state. It mustn't be called under
+ * potential race-conditions.
+ */
+void CRYPTO_cleanup_all_ex_data(void);
+
+int CRYPTO_get_new_lockid(char *name);
+
+int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
+void CRYPTO_lock(int mode, int type, const char *file, int line);
+void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
+ const char *file, int line));
+void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
+ const char *file, int line);
+void CRYPTO_set_add_lock_callback(int (*func)
+ (int *num, int mount, int type,
+ const char *file, int line));
+int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
+ const char *file, int line);
+
+/* Don't use this structure directly. */
+typedef struct crypto_threadid_st {
+ void *ptr;
+ unsigned long val;
+} CRYPTO_THREADID;
+/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
+void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(void CRYPTO_set_id_callback(unsigned long (*func) (void)));
+/*
+ * mkdef.pl cannot handle this next one so not inside DECLARE_DEPRECATED,
+ * but still inside OPENSSL_USE_DEPRECATED
+ */
+unsigned long (*CRYPTO_get_id_callback(void)) (void);
+DECLARE_DEPRECATED(unsigned long CRYPTO_thread_id(void));
+# endif
+
+const char *CRYPTO_get_lock_name(int type);
+int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
+ int line);
+
+int CRYPTO_get_new_dynlockid(void);
+void CRYPTO_destroy_dynlockid(int i);
+struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
+void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
+ *(*dyn_create_function) (const char
+ *file,
+ int line));
+void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
+ (int mode,
+ struct CRYPTO_dynlock_value *l,
+ const char *file, int line));
+void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
+ (struct CRYPTO_dynlock_value *l,
+ const char *file, int line));
+struct CRYPTO_dynlock_value
+*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
+void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
+ struct CRYPTO_dynlock_value
+ *l, const char *file,
+ int line);
+void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
+ *l, const char *file,
+ int line);
+
+/*
+ * CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
+ * the latter last if you need different functions
+ */
+int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
+ void (*f) (void *));
+int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
+ void (*free_func) (void *));
+int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
+ void *(*r) (void *, size_t, const char *,
+ int), void (*f) (void *));
+int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
+ void (*free_func) (void *));
+int CRYPTO_set_mem_debug_functions(void (*m)
+ (void *, int, const char *, int, int),
+ void (*r) (void *, void *, int,
+ const char *, int, int),
+ void (*f) (void *, int), void (*so) (long),
+ long (*go) (void));
+void CRYPTO_get_mem_functions(void *(**m) (size_t),
+ void *(**r) (void *, size_t),
+ void (**f) (void *));
+void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
+ void (**f) (void *));
+void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
+ void *(**r) (void *, size_t, const char *,
+ int), void (**f) (void *));
+void CRYPTO_get_locked_mem_ex_functions(void
+ *(**m) (size_t, const char *, int),
+ void (**f) (void *));
+void CRYPTO_get_mem_debug_functions(void (**m)
+ (void *, int, const char *, int, int),
+ void (**r) (void *, void *, int,
+ const char *, int, int),
+ void (**f) (void *, int),
+ void (**so) (long), long (**go) (void));
+
+void *CRYPTO_malloc_locked(int num, const char *file, int line);
+void CRYPTO_free_locked(void *ptr);
+void *CRYPTO_malloc(int num, const char *file, int line);
+char *CRYPTO_strdup(const char *str, const char *file, int line);
+void CRYPTO_free(void *ptr);
+void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
+void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
+ int line);
+void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
+
+void OPENSSL_cleanse(void *ptr, size_t len);
+
+void CRYPTO_set_mem_debug_options(long bits);
+long CRYPTO_get_mem_debug_options(void);
+
+# define CRYPTO_push_info(info) \
+ CRYPTO_push_info_(info, __FILE__, __LINE__);
+int CRYPTO_push_info_(const char *info, const char *file, int line);
+int CRYPTO_pop_info(void);
+int CRYPTO_remove_all_info(void);
+
+/*
+ * Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
+ * used as default in CRYPTO_MDEBUG compilations):
+ */
+/*-
+ * The last argument has the following significance:
+ *
+ * 0: called before the actual memory allocation has taken place
+ * 1: called after the actual memory allocation has taken place
+ */
+void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
+ int before_p);
+void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
+ int line, int before_p);
+void CRYPTO_dbg_free(void *addr, int before_p);
+/*-
+ * Tell the debugging code about options. By default, the following values
+ * apply:
+ *
+ * 0: Clear all options.
+ * V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option.
+ * V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option.
+ * V_CRYPTO_MDEBUG_ALL (3): 1 + 2
+ */
+void CRYPTO_dbg_set_options(long bits);
+long CRYPTO_dbg_get_options(void);
+
+# ifndef OPENSSL_NO_STDIO
+void CRYPTO_mem_leaks_fp(FILE *);
+# endif
+void CRYPTO_mem_leaks(struct bio_st *bio);
+/* unsigned long order, char *file, int line, int num_bytes, char *addr */
+typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
+ void *);
+void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
+
+/* die if we have to */
+void OpenSSLDie(const char *file, int line, const char *assertion);
+# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
+
+unsigned int *OPENSSL_ia32cap_loc(void);
+# define OPENSSL_ia32cap ((OPENSSL_ia32cap_loc())[0])
+int OPENSSL_isservice(void);
+
+int FIPS_mode(void);
+int FIPS_mode_set(int r);
+
+void OPENSSL_init(void);
+
+/*
+ * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
+ * It takes an amount of time dependent on |len|, but independent of the
+ * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
+ * into a defined order as the return value when a != b is undefined, other
+ * than to be non-zero.
+ */
+int CRYPTO_memcmp(const void *a, const void *b, size_t len);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CRYPTO_strings(void);
+
+struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
+int OPENSSL_gmtime_diff(int *pday, int *psec,
+ const struct tm *from, const struct tm *to);
+
+/* Error codes for the CRYPTO functions. */
+
+/* Function codes. */
+# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
+# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
+# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
+# define CRYPTO_F_CRYPTO_SET_EX_DATA 102
+# define CRYPTO_F_DEF_ADD_INDEX 104
+# define CRYPTO_F_DEF_GET_CLASS 105
+# define CRYPTO_F_FIPS_MODE_SET 109
+# define CRYPTO_F_INT_DUP_EX_DATA 106
+# define CRYPTO_F_INT_FREE_EX_DATA 107
+# define CRYPTO_F_INT_NEW_EX_DATA 108
+
+/* Reason codes. */
+# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
+# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/des/des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_NEW_DES_H
+# define HEADER_NEW_DES_H
+
+# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
+ * (via openssl/opensslconf.h */
+
+# ifdef OPENSSL_NO_DES
+# error DES is disabled.
+# endif
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef unsigned char DES_cblock[8];
+typedef /* const */ unsigned char const_DES_cblock[8];
+/*
+ * With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
+ * const_DES_cblock * are incompatible pointer types.
+ */
+
+typedef struct DES_ks {
+ union {
+ DES_cblock cblock;
+ /*
+ * make sure things are correct size on machines with 8 byte longs
+ */
+ DES_LONG deslong[2];
+ } ks[16];
+} DES_key_schedule;
+
+# define DES_KEY_SZ (sizeof(DES_cblock))
+# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
+
+# define DES_ENCRYPT 1
+# define DES_DECRYPT 0
+
+# define DES_CBC_MODE 0
+# define DES_PCBC_MODE 1
+
+# define DES_ecb2_encrypt(i,o,k1,k2,e) \
+ DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
+# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
+OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
+# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
+
+const char *DES_options(void);
+void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, int enc);
+DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+ long length, DES_key_schedule *schedule,
+ const_DES_cblock *ivec);
+/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
+void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, const_DES_cblock *inw,
+ const_DES_cblock *outw, int enc);
+void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks, int enc);
+
+/*
+ * This is the DES encryption function that gets called by just about every
+ * other DES routine in the library. You should not use this function except
+ * to implement 'modes' of DES. I say this because the functions that call
+ * this routine do the conversion from 'char *' to long, and this needs to be
+ * done to make sure 'non-aligned' memory access do not occur. The
+ * characters are loaded 'little endian'. Data is a pointer to 2 unsigned
+ * long's and ks is the DES_key_schedule to use. enc, is non zero specifies
+ * encryption, zero if decryption.
+ */
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
+
+/*
+ * This functions is the same as DES_encrypt1() except that the DES initial
+ * permutation (IP) and final permutation (FP) have been left out. As for
+ * DES_encrypt1(), you should not use this function. It is used by the
+ * routines in the library that implement triple DES. IP() DES_encrypt2()
+ * DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
+ * DES_encrypt1() DES_encrypt1() except faster :-).
+ */
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, DES_cblock *ivec, int enc);
+void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num, int enc);
+void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
+ int numbits, long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc);
+void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num);
+int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+ DES_cblock *iv);
+int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
+ DES_cblock *iv);
+char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+char *DES_crypt(const char *buf, const char *salt);
+void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec);
+void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+ long length, int out_count, DES_cblock *seed);
+int DES_random_key(DES_cblock *ret);
+void DES_set_odd_parity(DES_cblock *key);
+int DES_check_key_parity(const_DES_cblock *key);
+int DES_is_weak_key(const_DES_cblock *key);
+/*
+ * DES_set_key (= set_key = DES_key_sched = key_sched) calls
+ * DES_set_key_checked if global variable DES_check_key is set,
+ * DES_set_key_unchecked otherwise.
+ */
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+void DES_string_to_key(const char *str, DES_cblock *key);
+void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num, int enc);
+void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num);
+
+int DES_read_password(DES_cblock *key, const char *prompt, int verify);
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
+ const char *prompt, int verify);
+
+# define DES_fixup_key_parity DES_set_odd_parity
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/dh/dh.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DH_H
+# define HEADER_DH_H
+
+# include <openssl/e_os2.h>
+
+# ifdef OPENSSL_NO_DH
+# error DH is disabled.
+# endif
+
+# include <openssl/bio.h>
+# include <openssl/ossl_typ.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# endif
+
+# ifndef OPENSSL_DH_MAX_MODULUS_BITS
+# define OPENSSL_DH_MAX_MODULUS_BITS 10000
+# endif
+
+# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
+
+# define DH_FLAG_CACHE_MONT_P 0x01
+
+/*
+ * new with 0.9.7h; the built-in DH
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+# define DH_FLAG_NO_EXP_CONSTTIME 0x02
+
+/*
+ * If this flag is set the DH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its reposibility to ensure the
+ * result is compliant.
+ */
+
+# define DH_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DH_FLAG_NON_FIPS_ALLOW 0x0400
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct dh_st DH; */
+/* typedef struct dh_method DH_METHOD; */
+
+struct dh_method {
+ const char *name;
+ /* Methods here */
+ int (*generate_key) (DH *dh);
+ int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ /* Can be null */
+ int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
+ const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx);
+ int (*init) (DH *dh);
+ int (*finish) (DH *dh);
+ int flags;
+ char *app_data;
+ /* If this is non-NULL, it will be used to generate parameters */
+ int (*generate_params) (DH *dh, int prime_len, int generator,
+ BN_GENCB *cb);
+};
+
+struct dh_st {
+ /*
+ * This first argument is used to pick up errors when a DH is passed
+ * instead of a EVP_PKEY
+ */
+ int pad;
+ int version;
+ BIGNUM *p;
+ BIGNUM *g;
+ long length; /* optional */
+ BIGNUM *pub_key; /* g^x */
+ BIGNUM *priv_key; /* x */
+ int flags;
+ BN_MONT_CTX *method_mont_p;
+ /* Place holders if we want to do X9.42 DH */
+ BIGNUM *q;
+ BIGNUM *j;
+ unsigned char *seed;
+ int seedlen;
+ BIGNUM *counter;
+ int references;
+ CRYPTO_EX_DATA ex_data;
+ const DH_METHOD *meth;
+ ENGINE *engine;
+};
+
+# define DH_GENERATOR_2 2
+/* #define DH_GENERATOR_3 3 */
+# define DH_GENERATOR_5 5
+
+/* DH_check error codes */
+# define DH_CHECK_P_NOT_PRIME 0x01
+# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
+# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
+# define DH_NOT_SUITABLE_GENERATOR 0x08
+# define DH_CHECK_Q_NOT_PRIME 0x10
+# define DH_CHECK_INVALID_Q_VALUE 0x20
+# define DH_CHECK_INVALID_J_VALUE 0x40
+
+/* DH_check_pub_key error codes */
+# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
+# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
+
+/*
+ * primes p where (p-1)/2 is prime too are called "safe"; we define this for
+ * backward compatibility:
+ */
+# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
+
+# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
+# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
+ (unsigned char *)(x))
+# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
+# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+DH *DHparams_dup(DH *);
+
+const DH_METHOD *DH_OpenSSL(void);
+
+void DH_set_default_method(const DH_METHOD *meth);
+const DH_METHOD *DH_get_default_method(void);
+int DH_set_method(DH *dh, const DH_METHOD *meth);
+DH *DH_new_method(ENGINE *engine);
+
+DH *DH_new(void);
+void DH_free(DH *dh);
+int DH_up_ref(DH *dh);
+int DH_size(const DH *dh);
+int DH_security_bits(const DH *dh);
+int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int DH_set_ex_data(DH *d, int idx, void *arg);
+void *DH_get_ex_data(DH *d, int idx);
+
+/* Deprecated version */
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(DH *DH_generate_parameters(int prime_len, int generator,
+ void (*callback) (int, int,
+ void *),
+ void *cb_arg));
+# endif /* defined(OPENSSL_USE_DEPRECATED) */
+
+/* New version */
+int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
+ BN_GENCB *cb);
+
+int DH_check(const DH *dh, int *codes);
+int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
+int DH_generate_key(DH *dh);
+int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
+int i2d_DHparams(const DH *a, unsigned char **pp);
+DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
+int i2d_DHxparams(const DH *a, unsigned char **pp);
+# ifndef OPENSSL_NO_STDIO
+int DHparams_print_fp(FILE *fp, const DH *x);
+# endif
+int DHparams_print(BIO *bp, const DH *x);
+
+/* RFC 5114 parameters */
+DH *DH_get_1024_160(void);
+DH *DH_get_2048_224(void);
+DH *DH_get_2048_256(void);
+
+/* RFC2631 KDF */
+int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ ASN1_OBJECT *key_oid,
+ const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+
+# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
+
+# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
+
+# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
+
+# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
+
+# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
+# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
+
+/* KDF types */
+# define EVP_PKEY_DH_KDF_NONE 1
+# define EVP_PKEY_DH_KDF_X9_42 2
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_DH_strings(void);
+
+/* Error codes for the DH functions. */
+
+/* Function codes. */
+# define DH_F_COMPUTE_KEY 102
+# define DH_F_DHPARAMS_PRINT_FP 101
+# define DH_F_DH_BUILTIN_GENPARAMS 106
+# define DH_F_DH_CMS_DECRYPT 114
+# define DH_F_DH_CMS_SET_PEERKEY 115
+# define DH_F_DH_CMS_SET_SHARED_INFO 116
+# define DH_F_DH_NEW_METHOD 105
+# define DH_F_DH_PARAM_DECODE 107
+# define DH_F_DH_PRIV_DECODE 110
+# define DH_F_DH_PRIV_ENCODE 111
+# define DH_F_DH_PUB_DECODE 108
+# define DH_F_DH_PUB_ENCODE 109
+# define DH_F_DO_DH_PRINT 100
+# define DH_F_GENERATE_KEY 103
+# define DH_F_GENERATE_PARAMETERS 104
+# define DH_F_PKEY_DH_DERIVE 112
+# define DH_F_PKEY_DH_KEYGEN 113
+
+/* Reason codes. */
+# define DH_R_BAD_GENERATOR 101
+# define DH_R_BN_DECODE_ERROR 109
+# define DH_R_BN_ERROR 106
+# define DH_R_DECODE_ERROR 104
+# define DH_R_INVALID_PUBKEY 102
+# define DH_R_KDF_PARAMETER_ERROR 112
+# define DH_R_KEYS_NOT_SET 108
+# define DH_R_KEY_SIZE_TOO_SMALL 110
+# define DH_R_MODULUS_TOO_LARGE 103
+# define DH_R_NO_PARAMETERS_SET 107
+# define DH_R_NO_PRIVATE_VALUE 100
+# define DH_R_PARAMETER_ENCODING_ERROR 105
+# define DH_R_PEER_KEY_ERROR 111
+# define DH_R_SHARED_INFO_ERROR 113
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/dsa/dsa.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * The DSS routines are based on patches supplied by
+ * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
+ * work and I have just tweaked them a little to fit into my
+ * stylistic vision for SSLeay :-) */
+
+#ifndef HEADER_DSA_H
+# define HEADER_DSA_H
+
+# include <openssl/e_os2.h>
+
+# ifdef OPENSSL_NO_DSA
+# error DSA is disabled.
+# endif
+
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/ossl_typ.h>
+
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+# endif
+# endif
+
+# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
+# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
+# endif
+
+# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
+
+# define DSA_FLAG_CACHE_MONT_P 0x01
+/*
+ * new with 0.9.7h; the built-in DSA implementation now uses constant time
+ * modular exponentiation for secret exponents by default. This flag causes
+ * the faster variable sliding window method to be used for all exponents.
+ */
+# define DSA_FLAG_NO_EXP_CONSTTIME 0x02
+
+/*
+ * If this flag is set the DSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its reposibility to ensure the
+ * result is compliant.
+ */
+
+# define DSA_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
+# define DSA_FLAG_FIPS_CHECKED 0x0800
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct dsa_st DSA; */
+/* typedef struct dsa_method DSA_METHOD; */
+
+typedef struct DSA_SIG_st {
+ BIGNUM *r;
+ BIGNUM *s;
+} DSA_SIG;
+
+struct dsa_method {
+ const char *name;
+ DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
+ int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+ int (*dsa_do_verify) (const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
+ int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
+ BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+ /* Can be null */
+ int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int (*init) (DSA *dsa);
+ int (*finish) (DSA *dsa);
+ int flags;
+ char *app_data;
+ /* If this is non-NULL, it is used to generate DSA parameters */
+ int (*dsa_paramgen) (DSA *dsa, int bits,
+ const unsigned char *seed, int seed_len,
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb);
+ /* If this is non-NULL, it is used to generate DSA keys */
+ int (*dsa_keygen) (DSA *dsa);
+};
+
+struct dsa_st {
+ /*
+ * This first variable is used to pick up errors where a DSA is passed
+ * instead of of a EVP_PKEY
+ */
+ int pad;
+ long version;
+ BIGNUM *p;
+ BIGNUM *q; /* == 20 */
+ BIGNUM *g;
+ BIGNUM *pub_key; /* y public key */
+ BIGNUM *priv_key; /* x private key */
+ BIGNUM *kinv; /* Signing pre-calc */
+ BIGNUM *r; /* Signing pre-calc */
+ int flags;
+ /* Normally used to cache montgomery values */
+ BN_MONT_CTX *method_mont_p;
+ int references;
+ CRYPTO_EX_DATA ex_data;
+ const DSA_METHOD *meth;
+ /* functional reference if 'meth' is ENGINE-provided */
+ ENGINE *engine;
+};
+
+# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+ (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+ (unsigned char *)(x))
+# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
+
+DSA *DSAparams_dup(DSA *x);
+DSA_SIG *DSA_SIG_new(void);
+void DSA_SIG_free(DSA_SIG *a);
+int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
+
+DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
+
+const DSA_METHOD *DSA_OpenSSL(void);
+
+void DSA_set_default_method(const DSA_METHOD *);
+const DSA_METHOD *DSA_get_default_method(void);
+int DSA_set_method(DSA *dsa, const DSA_METHOD *);
+
+DSA *DSA_new(void);
+DSA *DSA_new_method(ENGINE *engine);
+void DSA_free(DSA *r);
+/* "up" the DSA object's reference count */
+int DSA_up_ref(DSA *r);
+int DSA_size(const DSA *);
+int DSA_security_bits(const DSA *d);
+ /* next 4 return -1 on error */
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
+int DSA_sign(int type, const unsigned char *dgst, int dlen,
+ unsigned char *sig, unsigned int *siglen, DSA *dsa);
+int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
+ const unsigned char *sigbuf, int siglen, DSA *dsa);
+int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int DSA_set_ex_data(DSA *d, int idx, void *arg);
+void *DSA_get_ex_data(DSA *d, int idx);
+
+DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
+DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
+DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+
+/* Deprecated version */
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(DSA *DSA_generate_parameters(int bits,
+ unsigned char *seed,
+ int seed_len,
+ int *counter_ret,
+ unsigned long *h_ret, void
+ (*callback) (int, int,
+ void *),
+ void *cb_arg));
+# endif /* defined(OPENSSL_USE_DEPRECATED) */
+
+/* New version */
+int DSA_generate_parameters_ex(DSA *dsa, int bits,
+ const unsigned char *seed, int seed_len,
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb);
+
+int DSA_generate_key(DSA *a);
+int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+int i2d_DSAparams(const DSA *a, unsigned char **pp);
+
+int DSAparams_print(BIO *bp, const DSA *x);
+int DSA_print(BIO *bp, const DSA *x, int off);
+# ifndef OPENSSL_NO_STDIO
+int DSAparams_print_fp(FILE *fp, const DSA *x);
+int DSA_print_fp(FILE *bp, const DSA *x, int off);
+# endif
+
+# define DSS_prime_checks 50
+/*
+ * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
+ * Rabin-Miller
+ */
+# define DSA_is_prime(n, callback, cb_arg) \
+ BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
+
+# ifndef OPENSSL_NO_DH
+/*
+ * Convert DSA structure (key or just parameters) into DH structure (be
+ * careful to avoid small subgroup attacks when using this!)
+ */
+DH *DSA_dup_DH(const DSA *r);
+# endif
+
+# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_DSA_strings(void);
+
+/* Error codes for the DSA functions. */
+
+/* Function codes. */
+# define DSA_F_D2I_DSA_SIG 110
+# define DSA_F_DO_DSA_PRINT 104
+# define DSA_F_DSAPARAMS_PRINT 100
+# define DSA_F_DSAPARAMS_PRINT_FP 101
+# define DSA_F_DSA_BUILTIN_KEYGEN 124
+# define DSA_F_DSA_BUILTIN_PARAMGEN 125
+# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
+# define DSA_F_DSA_DO_SIGN 112
+# define DSA_F_DSA_DO_VERIFY 113
+# define DSA_F_DSA_NEW_METHOD 103
+# define DSA_F_DSA_PARAM_DECODE 119
+# define DSA_F_DSA_PRINT_FP 105
+# define DSA_F_DSA_PRIV_DECODE 115
+# define DSA_F_DSA_PRIV_ENCODE 116
+# define DSA_F_DSA_PUB_DECODE 117
+# define DSA_F_DSA_PUB_ENCODE 118
+# define DSA_F_DSA_SIGN 106
+# define DSA_F_DSA_SIGN_SETUP 107
+# define DSA_F_DSA_SIG_NEW 109
+# define DSA_F_DSA_SIG_PRINT 123
+# define DSA_F_DSA_VERIFY 108
+# define DSA_F_I2D_DSA_SIG 111
+# define DSA_F_OLD_DSA_PRIV_DECODE 122
+# define DSA_F_PKEY_DSA_CTRL 120
+# define DSA_F_PKEY_DSA_KEYGEN 121
+# define DSA_F_SIG_CB 114
+
+/* Reason codes. */
+# define DSA_R_BAD_Q_VALUE 102
+# define DSA_R_BN_DECODE_ERROR 108
+# define DSA_R_BN_ERROR 109
+# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
+# define DSA_R_DECODE_ERROR 104
+# define DSA_R_INVALID_DIGEST_TYPE 106
+# define DSA_R_INVALID_PARAMETERS 112
+# define DSA_R_KEY_SIZE_TOO_SMALL 111
+# define DSA_R_MISSING_PARAMETERS 101
+# define DSA_R_MODULUS_TOO_LARGE 103
+# define DSA_R_NEED_NEW_SETUP_VALUES 110
+# define DSA_R_NO_PARAMETERS_SET 107
+# define DSA_R_PARAMETER_ENCODING_ERROR 105
+# define DSA_R_Q_NOT_PRIME 113
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* dso.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DSO_H
+# define HEADER_DSO_H
+
+# include <openssl/crypto.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* These values are used as commands to DSO_ctrl() */
+# define DSO_CTRL_GET_FLAGS 1
+# define DSO_CTRL_SET_FLAGS 2
+# define DSO_CTRL_OR_FLAGS 3
+
+/*
+ * By default, DSO_load() will translate the provided filename into a form
+ * typical for the platform (more specifically the DSO_METHOD) using the
+ * dso_name_converter function of the method. Eg. win32 will transform "blah"
+ * into "blah.dll", and dlfcn will transform it into "libblah.so". The
+ * behaviour can be overriden by setting the name_converter callback in the
+ * DSO object (using DSO_set_name_converter()). This callback could even
+ * utilise the DSO_METHOD's converter too if it only wants to override
+ * behaviour for one or two possible DSO methods. However, the following flag
+ * can be set in a DSO to prevent *any* native name-translation at all - eg.
+ * if the caller has prompted the user for a path to a driver library so the
+ * filename should be interpreted as-is.
+ */
+# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
+/*
+ * An extra flag to give if only the extension should be added as
+ * translation. This is obviously only of importance on Unix and other
+ * operating systems where the translation also may prefix the name with
+ * something, like 'lib', and ignored everywhere else. This flag is also
+ * ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
+ */
+# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
+
+/*
+ * The following flag controls the translation of symbol names to upper case.
+ * This is currently only being implemented for OpenVMS.
+ */
+# define DSO_FLAG_UPCASE_SYMBOL 0x10
+
+/*
+ * This flag loads the library with public symbols. Meaning: The exported
+ * symbols of this library are public to all libraries loaded after this
+ * library. At the moment only implemented in unix.
+ */
+# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
+
+typedef void (*DSO_FUNC_TYPE) (void);
+
+typedef struct dso_st DSO;
+
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that transform filenames. They are passed a DSO structure
+ * pointer (or NULL if they are to be used independently of a DSO object) and
+ * a filename to transform. They should either return NULL (if there is an
+ * error condition) or a newly allocated string containing the transformed
+ * form that the caller will need to free with OPENSSL_free() when done.
+ */
+typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that merge two file specifications. They are passed a DSO
+ * structure pointer (or NULL if they are to be used independently of a DSO
+ * object) and two file specifications to merge. They should either return
+ * NULL (if there is an error condition) or a newly allocated string
+ * containing the result of merging that the caller will need to free with
+ * OPENSSL_free() when done. Here, merging means that bits and pieces are
+ * taken from each of the file specifications and added together in whatever
+ * fashion that is sensible for the DSO method in question. The only rule
+ * that really applies is that if the two specification contain pieces of the
+ * same type, the copy from the first string takes priority. One could see
+ * it as the first specification is the one given by the user and the second
+ * being a bunch of defaults to add on if they're missing in the first.
+ */
+typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
+
+typedef struct dso_meth_st {
+ const char *name;
+ /*
+ * Loads a shared library, NB: new DSO_METHODs must ensure that a
+ * successful load populates the loaded_filename field, and likewise a
+ * successful unload OPENSSL_frees and NULLs it out.
+ */
+ int (*dso_load) (DSO *dso);
+ /* Unloads a shared library */
+ int (*dso_unload) (DSO *dso);
+ /* Binds a variable */
+ void *(*dso_bind_var) (DSO *dso, const char *symname);
+ /*
+ * Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
+ * be cast to the real function prototype by the caller. Platforms that
+ * don't have compatible representations for different prototypes (this
+ * is possible within ANSI C) are highly unlikely to have shared
+ * libraries at all, let alone a DSO_METHOD implemented for them.
+ */
+ DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
+ /*
+ * The generic (yuck) "ctrl()" function. NB: Negative return values
+ * (rather than zero) indicate errors.
+ */
+ long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
+ /*
+ * The default DSO_METHOD-specific function for converting filenames to a
+ * canonical native form.
+ */
+ DSO_NAME_CONVERTER_FUNC dso_name_converter;
+ /*
+ * The default DSO_METHOD-specific function for converting filenames to a
+ * canonical native form.
+ */
+ DSO_MERGER_FUNC dso_merger;
+ /* [De]Initialisation handlers. */
+ int (*init) (DSO *dso);
+ int (*finish) (DSO *dso);
+ /* Return pathname of the module containing location */
+ int (*pathbyaddr) (void *addr, char *path, int sz);
+ /* Perform global symbol lookup, i.e. among *all* modules */
+ void *(*globallookup) (const char *symname);
+} DSO_METHOD;
+
+/**********************************************************************/
+/* The low-level handle type used to refer to a loaded shared library */
+
+struct dso_st {
+ DSO_METHOD *meth;
+ /*
+ * Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
+ * anything but will need to cache the filename for use in the dso_bind
+ * handler. All in all, let each method control its own destiny.
+ * "Handles" and such go in a STACK.
+ */
+ STACK_OF(void) *meth_data;
+ int references;
+ int flags;
+ /*
+ * For use by applications etc ... use this for your bits'n'pieces, don't
+ * touch meth_data!
+ */
+ CRYPTO_EX_DATA ex_data;
+ /*
+ * If this callback function pointer is set to non-NULL, then it will be
+ * used in DSO_load() in place of meth->dso_name_converter. NB: This
+ * should normally set using DSO_set_name_converter().
+ */
+ DSO_NAME_CONVERTER_FUNC name_converter;
+ /*
+ * If this callback function pointer is set to non-NULL, then it will be
+ * used in DSO_load() in place of meth->dso_merger. NB: This should
+ * normally set using DSO_set_merger().
+ */
+ DSO_MERGER_FUNC merger;
+ /*
+ * This is populated with (a copy of) the platform-independent filename
+ * used for this DSO.
+ */
+ char *filename;
+ /*
+ * This is populated with (a copy of) the translated filename by which
+ * the DSO was actually loaded. It is NULL iff the DSO is not currently
+ * loaded. NB: This is here because the filename translation process may
+ * involve a callback being invoked more than once not only to convert to
+ * a platform-specific form, but also to try different filenames in the
+ * process of trying to perform a load. As such, this variable can be
+ * used to indicate (a) whether this DSO structure corresponds to a
+ * loaded library or not, and (b) the filename with which it was actually
+ * loaded.
+ */
+ char *loaded_filename;
+};
+
+DSO *DSO_new(void);
+DSO *DSO_new_method(DSO_METHOD *method);
+int DSO_free(DSO *dso);
+int DSO_flags(DSO *dso);
+int DSO_up_ref(DSO *dso);
+long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
+
+/*
+ * This function sets the DSO's name_converter callback. If it is non-NULL,
+ * then it will be used instead of the associated DSO_METHOD's function. If
+ * oldcb is non-NULL then it is set to the function pointer value being
+ * replaced. Return value is non-zero for success.
+ */
+int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
+ DSO_NAME_CONVERTER_FUNC *oldcb);
+/*
+ * These functions can be used to get/set the platform-independent filename
+ * used for a DSO. NB: set will fail if the DSO is already loaded.
+ */
+const char *DSO_get_filename(DSO *dso);
+int DSO_set_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's name_converter callback to translate a
+ * filename, or if the callback isn't set it will instead use the DSO_METHOD's
+ * converter. If "filename" is NULL, the "filename" in the DSO itself will be
+ * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
+ * simply duplicated. NB: This function is usually called from within a
+ * DSO_METHOD during the processing of a DSO_load() call, and is exposed so
+ * that caller-created DSO_METHODs can do the same thing. A non-NULL return
+ * value will need to be OPENSSL_free()'d.
+ */
+char *DSO_convert_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's merger callback to merge two file
+ * specifications, or if the callback isn't set it will instead use the
+ * DSO_METHOD's merger. A non-NULL return value will need to be
+ * OPENSSL_free()'d.
+ */
+char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
+/*
+ * If the DSO is currently loaded, this returns the filename that it was
+ * loaded under, otherwise it returns NULL. So it is also useful as a test as
+ * to whether the DSO is currently loaded. NB: This will not necessarily
+ * return the same value as DSO_convert_filename(dso, dso->filename), because
+ * the DSO_METHOD's load function may have tried a variety of filenames (with
+ * and/or without the aid of the converters) before settling on the one it
+ * actually loaded.
+ */
+const char *DSO_get_loaded_filename(DSO *dso);
+
+void DSO_set_default_method(DSO_METHOD *meth);
+DSO_METHOD *DSO_get_default_method(void);
+DSO_METHOD *DSO_get_method(DSO *dso);
+DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
+
+/*
+ * The all-singing all-dancing load function, you normally pass NULL for the
+ * first and third parameters. Use DSO_up and DSO_free for subsequent
+ * reference count handling. Any flags passed in will be set in the
+ * constructed DSO after its init() function but before the load operation.
+ * If 'dso' is non-NULL, 'flags' is ignored.
+ */
+DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
+
+/* This function binds to a variable inside a shared library. */
+void *DSO_bind_var(DSO *dso, const char *symname);
+
+/* This function binds to a function inside a shared library. */
+DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
+
+/*
+ * This method is the default, but will beg, borrow, or steal whatever method
+ * should be the default on any particular platform (including
+ * DSO_METH_null() if necessary).
+ */
+DSO_METHOD *DSO_METHOD_openssl(void);
+
+/*
+ * This method is defined for all platforms - if a platform has no DSO
+ * support then this will be the only method!
+ */
+DSO_METHOD *DSO_METHOD_null(void);
+
+/*
+ * If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
+ * dlclose, dlsym, etc) will be used and incorporated into this method. If
+ * not, this method will return NULL.
+ */
+DSO_METHOD *DSO_METHOD_dlfcn(void);
+
+/*
+ * If DSO_DL is defined, the standard dl.h-style functions (shl_load,
+ * shl_unload, shl_findsym, etc) will be used and incorporated into this
+ * method. If not, this method will return NULL.
+ */
+DSO_METHOD *DSO_METHOD_dl(void);
+
+/* If WIN32 is defined, use DLLs. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_win32(void);
+
+/* If VMS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_vms(void);
+
+/*
+ * This function writes null-terminated pathname of DSO module containing
+ * 'addr' into 'sz' large caller-provided 'path' and returns the number of
+ * characters [including trailing zero] written to it. If 'sz' is 0 or
+ * negative, 'path' is ignored and required amount of charachers [including
+ * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
+ * pathname of cryptolib itself is returned. Negative or zero return value
+ * denotes error.
+ */
+int DSO_pathbyaddr(void *addr, char *path, int sz);
+
+/*
+ * This function should be used with caution! It looks up symbols in *all*
+ * loaded modules and if module gets unloaded by somebody else attempt to
+ * dereference the pointer is doomed to have fatal consequences. Primary
+ * usage for this function is to probe *core* system functionality, e.g.
+ * check if getnameinfo(3) is available at run-time without bothering about
+ * OS-specific details such as libc.so.versioning or where does it actually
+ * reside: in libc itself or libsocket.
+ */
+void *DSO_global_lookup(const char *name);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_DSO_strings(void);
+
+/* Error codes for the DSO functions. */
+
+/* Function codes. */
+# define DSO_F_BEOS_BIND_FUNC 144
+# define DSO_F_BEOS_BIND_VAR 145
+# define DSO_F_BEOS_LOAD 146
+# define DSO_F_BEOS_NAME_CONVERTER 147
+# define DSO_F_BEOS_UNLOAD 148
+# define DSO_F_DLFCN_BIND_FUNC 100
+# define DSO_F_DLFCN_BIND_VAR 101
+# define DSO_F_DLFCN_LOAD 102
+# define DSO_F_DLFCN_MERGER 130
+# define DSO_F_DLFCN_NAME_CONVERTER 123
+# define DSO_F_DLFCN_UNLOAD 103
+# define DSO_F_DL_BIND_FUNC 104
+# define DSO_F_DL_BIND_VAR 105
+# define DSO_F_DL_LOAD 106
+# define DSO_F_DL_MERGER 131
+# define DSO_F_DL_NAME_CONVERTER 124
+# define DSO_F_DL_UNLOAD 107
+# define DSO_F_DSO_BIND_FUNC 108
+# define DSO_F_DSO_BIND_VAR 109
+# define DSO_F_DSO_CONVERT_FILENAME 126
+# define DSO_F_DSO_CTRL 110
+# define DSO_F_DSO_FREE 111
+# define DSO_F_DSO_GET_FILENAME 127
+# define DSO_F_DSO_GET_LOADED_FILENAME 128
+# define DSO_F_DSO_GLOBAL_LOOKUP 139
+# define DSO_F_DSO_LOAD 112
+# define DSO_F_DSO_MERGE 132
+# define DSO_F_DSO_NEW_METHOD 113
+# define DSO_F_DSO_PATHBYADDR 140
+# define DSO_F_DSO_SET_FILENAME 129
+# define DSO_F_DSO_SET_NAME_CONVERTER 122
+# define DSO_F_DSO_UP_REF 114
+# define DSO_F_GLOBAL_LOOKUP_FUNC 138
+# define DSO_F_PATHBYADDR 137
+# define DSO_F_VMS_BIND_SYM 115
+# define DSO_F_VMS_LOAD 116
+# define DSO_F_VMS_MERGER 133
+# define DSO_F_VMS_UNLOAD 117
+# define DSO_F_WIN32_BIND_FUNC 118
+# define DSO_F_WIN32_BIND_VAR 119
+# define DSO_F_WIN32_GLOBALLOOKUP 142
+# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
+# define DSO_F_WIN32_JOINER 135
+# define DSO_F_WIN32_LOAD 120
+# define DSO_F_WIN32_MERGER 134
+# define DSO_F_WIN32_NAME_CONVERTER 125
+# define DSO_F_WIN32_PATHBYADDR 141
+# define DSO_F_WIN32_SPLITTER 136
+# define DSO_F_WIN32_UNLOAD 121
+
+/* Reason codes. */
+# define DSO_R_CTRL_FAILED 100
+# define DSO_R_DSO_ALREADY_LOADED 110
+# define DSO_R_EMPTY_FILE_STRUCTURE 113
+# define DSO_R_FAILURE 114
+# define DSO_R_FILENAME_TOO_BIG 101
+# define DSO_R_FINISH_FAILED 102
+# define DSO_R_INCORRECT_FILE_SYNTAX 115
+# define DSO_R_LOAD_FAILED 103
+# define DSO_R_NAME_TRANSLATION_FAILED 109
+# define DSO_R_NO_FILENAME 111
+# define DSO_R_NO_FILE_SPECIFICATION 116
+# define DSO_R_NULL_HANDLE 104
+# define DSO_R_SET_FILENAME_FAILED 112
+# define DSO_R_STACK_ERROR 105
+# define DSO_R_SYM_FAILURE 106
+# define DSO_R_UNLOAD_FAILED 107
+# define DSO_R_UNSUPPORTED 108
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ssl/dtls1.h */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DTLS1_H
+# define HEADER_DTLS1_H
+
+# include <openssl/buffer.h>
+# include <openssl/pqueue.h>
+# ifdef OPENSSL_SYS_VMS
+# include <resource.h>
+# include <sys/timeb.h>
+# endif
+# ifdef OPENSSL_SYS_WIN32
+/* Needed for struct timeval */
+# include <winsock.h>
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
+# include <sys/timeval.h>
+# else
+# if defined(OPENSSL_SYS_VXWORKS)
+# include <sys/times.h>
+# else
+# include <sys/time.h>
+# endif
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define DTLS1_VERSION 0xFEFF
+# define DTLS1_2_VERSION 0xFEFD
+# define DTLS_MAX_VERSION DTLS1_2_VERSION
+# define DTLS1_VERSION_MAJOR 0xFE
+
+# define DTLS1_BAD_VER 0x0100
+
+/* Special value for method supporting multiple versions */
+# define DTLS_ANY_VERSION 0x1FFFF
+
+/* lengths of messages */
+# define DTLS1_COOKIE_LENGTH 256
+
+# define DTLS1_RT_HEADER_LENGTH 13
+
+# define DTLS1_HM_HEADER_LENGTH 12
+
+# define DTLS1_HM_BAD_FRAGMENT -2
+# define DTLS1_HM_FRAGMENT_RETRY -3
+
+# define DTLS1_CCS_HEADER_LENGTH 1
+
+# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+# define DTLS1_AL_HEADER_LENGTH 7
+# else
+# define DTLS1_AL_HEADER_LENGTH 2
+# endif
+
+
+/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
+# define DTLS1_TMO_READ_COUNT 2
+# define DTLS1_TMO_WRITE_COUNT 2
+
+# define DTLS1_TMO_ALERT_COUNT 12
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* e_os2.h */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+
+#ifndef HEADER_E_OS2_H
+# define HEADER_E_OS2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/******************************************************************************
+ * Detect operating systems. This probably needs completing.
+ * The result is that at least one OPENSSL_SYS_os macro should be defined.
+ * However, if none is defined, Unix is assumed.
+ **/
+
+# define OPENSSL_SYS_UNIX
+
+/* ---------------------- NetWare ----------------------------------------- */
+# if defined(NETWARE) && !defined(OPENSSL_SYS_NETWARE)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_NETWARE
+# endif
+
+/* --------------------- Microsoft operating systems ---------------------- */
+
+/*
+ * Note that MSDOS actually denotes 32-bit environments running on top of
+ * MS-DOS, such as DJGPP one.
+ */
+# if defined(OPENSSL_SYS_MSDOS)
+# undef OPENSSL_SYS_UNIX
+# endif
+
+/*
+ * For 32 bit environment, there seems to be the CygWin environment and then
+ * all the others that try to do the same thing Microsoft does...
+ */
+# if defined(OPENSSL_SYS_UWIN)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN32_UWIN
+# else
+# if defined(__CYGWIN__) || defined(OPENSSL_SYS_CYGWIN)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN32_CYGWIN
+# else
+# if defined(_WIN32) || defined(OPENSSL_SYS_WIN32)
+# undef OPENSSL_SYS_UNIX
+# if !defined(OPENSSL_SYS_WIN32)
+# define OPENSSL_SYS_WIN32
+# endif
+# endif
+# if defined(OPENSSL_SYS_WINNT)
+# undef OPENSSL_SYS_UNIX
+# endif
+# if defined(OPENSSL_SYS_WINCE)
+# undef OPENSSL_SYS_UNIX
+# endif
+# endif
+# endif
+
+/* Anything that tries to look like Microsoft is "Windows" */
+# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_SYS_MSDOS
+# define OPENSSL_SYS_MSDOS
+# endif
+# endif
+
+/*
+ * DLL settings. This part is a bit tough, because it's up to the
+ * application implementor how he or she will link the application, so it
+ * requires some macro to be used.
+ */
+# ifdef OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_OPT_WINDLL
+# if defined(_WINDLL) /* This is used when building OpenSSL to
+ * indicate that DLL linkage should be used */
+# define OPENSSL_OPT_WINDLL
+# endif
+# endif
+# endif
+
+/* ------------------------------- OpenVMS -------------------------------- */
+# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYS_VMS)
+# if !defined(OPENSSL_SYS_VMS)
+# undef OPENSSL_SYS_UNIX
+# endif
+# define OPENSSL_SYS_VMS
+# if defined(__DECC)
+# define OPENSSL_SYS_VMS_DECC
+# elif defined(__DECCXX)
+# define OPENSSL_SYS_VMS_DECC
+# define OPENSSL_SYS_VMS_DECCXX
+# else
+# define OPENSSL_SYS_VMS_NODECC
+# endif
+# endif
+
+/* -------------------------------- OS/2 ---------------------------------- */
+# if defined(__EMX__) || defined(__OS2__)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_OS2
+# endif
+
+/* -------------------------------- Unix ---------------------------------- */
+# ifdef OPENSSL_SYS_UNIX
+# if defined(linux) || defined(__linux__) && !defined(OPENSSL_SYS_LINUX)
+# define OPENSSL_SYS_LINUX
+# endif
+# if defined(_AIX) && !defined(OPENSSL_SYS_AIX)
+# define OPENSSL_SYS_AIX
+# endif
+# endif
+
+/* -------------------------------- VOS ----------------------------------- */
+# if defined(__VOS__) && !defined(OPENSSL_SYS_VOS)
+# define OPENSSL_SYS_VOS
+# ifdef __HPPA__
+# define OPENSSL_SYS_VOS_HPPA
+# endif
+# ifdef __IA32__
+# define OPENSSL_SYS_VOS_IA32
+# endif
+# endif
+
+/**
+ * That's it for OS-specific stuff
+ *****************************************************************************/
+
+/* Specials for I/O an exit */
+# ifdef OPENSSL_SYS_MSDOS
+# define OPENSSL_UNISTD_IO <io.h>
+# define OPENSSL_DECLARE_EXIT extern void exit(int);
+# else
+# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
+# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
+# endif
+
+/*-
+ * Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
+ * certain global symbols that, with some compilers under VMS, have to be
+ * defined and declared explicitely with globaldef and globalref.
+ * Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
+ * DLL exports and imports for compilers under Win32. These are a little
+ * more complicated to use. Basically, for any library that exports some
+ * global variables, the following code must be present in the header file
+ * that declares them, before OPENSSL_EXTERN is used:
+ *
+ * #ifdef SOME_BUILD_FLAG_MACRO
+ * # undef OPENSSL_EXTERN
+ * # define OPENSSL_EXTERN OPENSSL_EXPORT
+ * #endif
+ *
+ * The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
+ * have some generally sensible values, and for OPENSSL_EXTERN to have the
+ * value OPENSSL_IMPORT.
+ */
+
+# if defined(OPENSSL_SYS_VMS_NODECC)
+# define OPENSSL_EXPORT globalref
+# define OPENSSL_IMPORT globalref
+# define OPENSSL_GLOBAL globaldef
+# elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
+# define OPENSSL_EXPORT extern __declspec(dllexport)
+# define OPENSSL_IMPORT extern __declspec(dllimport)
+# define OPENSSL_GLOBAL
+# else
+# define OPENSSL_EXPORT extern
+# define OPENSSL_IMPORT extern
+# define OPENSSL_GLOBAL
+# endif
+# define OPENSSL_EXTERN OPENSSL_IMPORT
+
+/*-
+ * Macros to allow global variables to be reached through function calls when
+ * required (if a shared library version requires it, for example.
+ * The way it's done allows definitions like this:
+ *
+ * // in foobar.c
+ * OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
+ * // in foobar.h
+ * OPENSSL_DECLARE_GLOBAL(int,foobar);
+ * #define foobar OPENSSL_GLOBAL_REF(foobar)
+ */
+# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
+ type *_shadow_##name(void) \
+ { static type _hide_##name=value; return &_hide_##name; }
+# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
+# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
+# else
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
+# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
+# define OPENSSL_GLOBAL_REF(name) _shadow_##name
+# endif
+
+# ifdef OPENSSL_SYS_MSDOS
+# define ossl_ssize_t long
+# endif
+
+# if defined(__ultrix) && !defined(ssize_t)
+# define ossl_ssize_t int
+# endif
+
+# ifndef ossl_ssize_t
+# define ossl_ssize_t ssize_t
+# endif
+
+# ifdef DEBUG_UNUSED
+# define __owur __attribute__((__warn_unused_result__))
+# else
+# define __owur
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/ebcdic.h */
+
+#ifndef HEADER_EBCDIC_H
+# define HEADER_EBCDIC_H
+
+# include <sys/types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Avoid name clashes with other applications */
+# define os_toascii _openssl_os_toascii
+# define os_toebcdic _openssl_os_toebcdic
+# define ebcdic2ascii _openssl_ebcdic2ascii
+# define ascii2ebcdic _openssl_ascii2ebcdic
+
+extern const unsigned char os_toascii[256];
+extern const unsigned char os_toebcdic[256];
+void *ebcdic2ascii(void *dest, const void *srce, size_t count);
+void *ascii2ebcdic(void *dest, const void *srce, size_t count);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/ec/ec.h */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/**
+ * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
+ * \author Originally written by Bodo Moeller for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#ifndef HEADER_EC_H
+# define HEADER_EC_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_EC
+# error EC is disabled.
+# endif
+
+# include <openssl/asn1.h>
+# include <openssl/symhacks.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# endif
+
+# ifdef __cplusplus
+extern "C" {
+# elif defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
+# endif
+
+# ifndef OPENSSL_ECC_MAX_FIELD_BITS
+# define OPENSSL_ECC_MAX_FIELD_BITS 661
+# endif
+
+/** Enum for the point conversion form as defined in X9.62 (ECDSA)
+ * for the encoding of a elliptic curve point (x,y) */
+typedef enum {
+ /** the point is encoded as z||x, where the octet z specifies
+ * which solution of the quadratic equation y is */
+ POINT_CONVERSION_COMPRESSED = 2,
+ /** the point is encoded as z||x||y, where z is the octet 0x02 */
+ POINT_CONVERSION_UNCOMPRESSED = 4,
+ /** the point is encoded as z||x||y, where the octet z specifies
+ * which solution of the quadratic equation y is */
+ POINT_CONVERSION_HYBRID = 6
+} point_conversion_form_t;
+
+typedef struct ec_method_st EC_METHOD;
+
+typedef struct ec_group_st
+ /*-
+ EC_METHOD *meth;
+ -- field definition
+ -- curve coefficients
+ -- optional generator with associated information (order, cofactor)
+ -- optional extra data (precomputed table for fast computation of multiples of generator)
+ -- ASN1 stuff
+ */
+ EC_GROUP;
+
+typedef struct ec_point_st EC_POINT;
+
+/********************************************************************/
+/* EC_METHODs for curves over GF(p) */
+/********************************************************************/
+
+/** Returns the basic GFp ec methods which provides the basis for the
+ * optimized methods.
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_simple_method(void);
+
+/** Returns GFp methods using montgomery multiplication.
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_mont_method(void);
+
+/** Returns GFp methods using optimized methods for NIST recommended curves
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nist_method(void);
+
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# ifndef OPENSSL_SYS_WIN32
+/** Returns 64-bit optimized methods for nistp224
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp224_method(void);
+
+/** Returns 64-bit optimized methods for nistp256
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp256_method(void);
+
+/** Returns 64-bit optimized methods for nistp521
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp521_method(void);
+# endif
+# endif
+
+# ifndef OPENSSL_NO_EC2M
+/********************************************************************/
+/* EC_METHOD for curves over GF(2^m) */
+/********************************************************************/
+
+/** Returns the basic GF2m ec method
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GF2m_simple_method(void);
+
+# endif
+
+/********************************************************************/
+/* EC_GROUP functions */
+/********************************************************************/
+
+/** Creates a new EC_GROUP object
+ * \param meth EC_METHOD to use
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+
+/** Frees a EC_GROUP object
+ * \param group EC_GROUP object to be freed.
+ */
+void EC_GROUP_free(EC_GROUP *group);
+
+/** Clears and frees a EC_GROUP object
+ * \param group EC_GROUP object to be cleared and freed.
+ */
+void EC_GROUP_clear_free(EC_GROUP *group);
+
+/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
+ * \param dst destination EC_GROUP object
+ * \param src source EC_GROUP object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+
+/** Creates a new EC_GROUP object and copies the copies the content
+ * form src to the newly created EC_KEY object
+ * \param src source EC_GROUP object
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+/** Returns the EC_METHOD of the EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return EC_METHOD used in this EC_GROUP object.
+ */
+const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+/** Returns the field type of the EC_METHOD.
+ * \param meth EC_METHOD object
+ * \return NID of the underlying field type OID.
+ */
+int EC_METHOD_get_field_type(const EC_METHOD *meth);
+
+/** Sets the generator and it's order/cofactor of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \param generator EC_POINT object with the generator.
+ * \param order the order of the group generated by the generator.
+ * \param cofactor the index of the sub-group generated by the generator
+ * in the group of all points on the elliptic curve.
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+ const BIGNUM *order, const BIGNUM *cofactor);
+
+/** Returns the generator of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return the currently used generator (possibly NULL).
+ */
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+/** Returns the montgomery data for order(Generator)
+ * \param group EC_GROUP object
+ * \return the currently used generator (possibly NULL).
+*/
+BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group);
+
+/** Gets the order of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param order BIGNUM to which the order is copied
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+
+/** Gets the cofactor of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param cofactor BIGNUM to which the cofactor is copied
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
+ BN_CTX *ctx);
+
+/** Sets the name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \param nid NID of the curve name OID
+ */
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+
+/** Returns the curve name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \return NID of the curve name OID or 0 if not set.
+ */
+int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
+ point_conversion_form_t form);
+point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM for the prime number
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+ BIGNUM *b, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_EC2M
+/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the polynomial defining the underlying field
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM for the polynomial defining the underlying field
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+ BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Returns the number of bits needed to represent a field element
+ * \param group EC_GROUP object
+ * \return number of bits needed to represent a field element
+ */
+int EC_GROUP_get_degree(const EC_GROUP *group);
+
+/** Checks whether the parameter in the EC_GROUP define a valid ec group
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if group is a valid ec group and 0 otherwise
+ */
+int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+/** Checks whether the discriminant of the elliptic curve is zero or not
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if the discriminant is not zero and 0 otherwise
+ */
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+/** Compares two EC_GROUP objects
+ * \param a first EC_GROUP object
+ * \param b second EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 0 if both groups are equal and 1 otherwise
+ */
+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+/*
+ * EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
+ * choosing an appropriate EC_METHOD
+ */
+
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GFp (defined by the equation y^2 = x^3 + a*x + b)
+ * \param p BIGNUM with the prime number
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
+ * \param p BIGNUM with the polynomial defining the underlying field
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Creates a EC_GROUP object with a curve specified by a NID
+ * \param nid NID of the OID of the curve name
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+/********************************************************************/
+/* handling of internal curves */
+/********************************************************************/
+
+typedef struct {
+ int nid;
+ const char *comment;
+} EC_builtin_curve;
+
+/*
+ * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
+ * available curves or zero if a error occurred. In case r ist not zero
+ * nitems EC_builtin_curve structures are filled with the data of the first
+ * nitems internal groups
+ */
+size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
+
+const char *EC_curve_nid2nist(int nid);
+int EC_curve_nist2nid(const char *name);
+
+/********************************************************************/
+/* EC_POINT functions */
+/********************************************************************/
+
+/** Creates a new EC_POINT object for the specified EC_GROUP
+ * \param group EC_GROUP the underlying EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_new(const EC_GROUP *group);
+
+/** Frees a EC_POINT object
+ * \param point EC_POINT object to be freed
+ */
+void EC_POINT_free(EC_POINT *point);
+
+/** Clears and frees a EC_POINT object
+ * \param point EC_POINT object to be cleared and freed
+ */
+void EC_POINT_clear_free(EC_POINT *point);
+
+/** Copies EC_POINT object
+ * \param dst destination EC_POINT object
+ * \param src source EC_POINT object
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+
+/** Creates a new EC_POINT object and copies the content of the supplied
+ * EC_POINT
+ * \param src source EC_POINT object
+ * \param group underlying the EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+
+/** Returns the EC_METHOD used in EC_POINT object
+ * \param point EC_POINT object
+ * \return the EC_METHOD used
+ */
+const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+
+/** Sets a point to infinity (neutral element)
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT to set to infinity
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+
+/** Sets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param z BIGNUM with the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ const BIGNUM *y, const BIGNUM *z,
+ BN_CTX *ctx);
+
+/** Gets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param z BIGNUM for the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BIGNUM *z,
+ BN_CTX *ctx);
+
+/** Sets the affine coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y,
+ BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Sets the affine coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y,
+ BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx);
+# endif
+/** Encodes a EC_POINT object to a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param form point conversion form
+ * \param buf memory buffer for the result. If NULL the function returns
+ * required buffer size.
+ * \param len length of the memory buffer
+ * \param ctx BN_CTX object (optional)
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+ point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/** Decodes a EC_POINT from a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param buf memory buffer with the encoded ec point
+ * \param len length of the encoded ec point
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+ const unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/* other interfaces to point2oct/oct2point: */
+BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
+ point_conversion_form_t form, BIGNUM *, BN_CTX *);
+EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
+ EC_POINT *, BN_CTX *);
+char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
+ point_conversion_form_t form, BN_CTX *);
+EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
+ EC_POINT *, BN_CTX *);
+
+/********************************************************************/
+/* functions for doing EC_POINT arithmetic */
+/********************************************************************/
+
+/** Computes the sum of two EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = a + b)
+ * \param a EC_POINT object with the first summand
+ * \param b EC_POINT object with the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ const EC_POINT *b, BN_CTX *ctx);
+
+/** Computes the double of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = 2 * a)
+ * \param a EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ BN_CTX *ctx);
+
+/** Computes the inverse of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param a EC_POINT object to be inverted (it's used for the result as well)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+
+/** Checks whether the point is the neutral element of the group
+ * \param group the underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \return 1 if the point is the neutral element and 0 otherwise
+ */
+int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+
+/** Checks whether the point is on the curve
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT object to check
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if point if on the curve and 0 otherwise
+ */
+int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+ BN_CTX *ctx);
+
+/** Compares two EC_POINTs
+ * \param group underlying EC_GROUP object
+ * \param a first EC_POINT object
+ * \param b second EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 0 if both points are equal and a value != 0 otherwise
+ */
+int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
+ BN_CTX *ctx);
+
+int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+ EC_POINT *points[], BN_CTX *ctx);
+
+/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i]
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param num number futher summands
+ * \param p array of size num of EC_POINT objects
+ * \param m array of size num of BIGNUM objects
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+ size_t num, const EC_POINT *p[], const BIGNUM *m[],
+ BN_CTX *ctx);
+
+/** Computes r = generator * n + q * m
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param q EC_POINT object with the first factor of the second summand
+ * \param m BIGNUM with the second factor of the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+ const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+
+/** Stores multiples of generator for faster point multiplication
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+
+/** Reports whether a precomputation has been done
+ * \param group EC_GROUP object
+ * \return 1 if a pre-computation has been done and 0 otherwise
+ */
+int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+
+/********************************************************************/
+/* ASN1 stuff */
+/********************************************************************/
+
+/*
+ * EC_GROUP_get_basis_type() returns the NID of the basis type used to
+ * represent the field elements
+ */
+int EC_GROUP_get_basis_type(const EC_GROUP *);
+# ifndef OPENSSL_NO_EC2M
+int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+ unsigned int *k2, unsigned int *k3);
+# endif
+
+# define OPENSSL_EC_EXPLICIT_CURVE 0x000
+# define OPENSSL_EC_NAMED_CURVE 0x001
+
+typedef struct ecpk_parameters_st ECPKPARAMETERS;
+
+EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
+int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
+
+# define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
+# define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
+# define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
+ (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
+# define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
+ (unsigned char *)(x))
+
+int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+# ifndef OPENSSL_NO_STDIO
+int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+# endif
+
+/********************************************************************/
+/* EC_KEY functions */
+/********************************************************************/
+
+typedef struct ec_key_st EC_KEY;
+
+/* some values for the encoding_flag */
+# define EC_PKEY_NO_PARAMETERS 0x001
+# define EC_PKEY_NO_PUBKEY 0x002
+
+/* some values for the flags field */
+# define EC_FLAG_NON_FIPS_ALLOW 0x1
+# define EC_FLAG_FIPS_CHECKED 0x2
+
+/** Creates a new EC_KEY object.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new(void);
+
+int EC_KEY_get_flags(const EC_KEY *key);
+
+void EC_KEY_set_flags(EC_KEY *key, int flags);
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags);
+
+/** Creates a new EC_KEY object using a named curve as underlying
+ * EC_GROUP object.
+ * \param nid NID of the named curve.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new_by_curve_name(int nid);
+
+/** Frees a EC_KEY object.
+ * \param key EC_KEY object to be freed.
+ */
+void EC_KEY_free(EC_KEY *key);
+
+/** Copies a EC_KEY object.
+ * \param dst destination EC_KEY object
+ * \param src src EC_KEY object
+ * \return dst or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+
+/** Creates a new EC_KEY object and copies the content from src to it.
+ * \param src the source EC_KEY object
+ * \return newly created EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_dup(const EC_KEY *src);
+
+/** Increases the internal reference count of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_up_ref(EC_KEY *key);
+
+/** Returns the EC_GROUP object of a EC_KEY object
+ * \param key EC_KEY object
+ * \return the EC_GROUP object (possibly NULL).
+ */
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+
+/** Sets the EC_GROUP of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY
+ * object will use an own copy of the EC_GROUP).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+
+/** Returns the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return a BIGNUM with the private key (possibly NULL).
+ */
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+
+/** Sets the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param prv BIGNUM with the private key (note: the EC_KEY object
+ * will use an own copy of the BIGNUM).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+
+/** Returns the public key of a EC_KEY object.
+ * \param key the EC_KEY object
+ * \return a EC_POINT object with the public key (possibly NULL)
+ */
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+
+/** Sets the public key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param pub EC_POINT object with the public key (note: the EC_KEY object
+ * will use an own copy of the EC_POINT object).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+
+unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+/* functions to set/get method specific data */
+void *EC_KEY_get_key_method_data(EC_KEY *key,
+ void *(*dup_func) (void *),
+ void (*free_func) (void *),
+ void (*clear_free_func) (void *));
+/** Sets the key method data of an EC_KEY object, if none has yet been set.
+ * \param key EC_KEY object
+ * \param data opaque data to install.
+ * \param dup_func a function that duplicates |data|.
+ * \param free_func a function that frees |data|.
+ * \param clear_free_func a function that wipes and frees |data|.
+ * \return the previously set data pointer, or NULL if |data| was inserted.
+ */
+void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
+ void *(*dup_func) (void *),
+ void (*free_func) (void *),
+ void (*clear_free_func) (void *));
+/* wrapper functions for the underlying EC_GROUP object */
+void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+
+/** Creates a table of pre-computed multiples of the generator to
+ * accelerate further EC_KEY operations.
+ * \param key EC_KEY object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+
+/** Creates a new ec private (and optional a new public) key.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_generate_key(EC_KEY *key);
+
+/** Verifies that a private and/or public key is valid.
+ * \param key the EC_KEY object
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_check_key(const EC_KEY *key);
+
+/** Sets a public key from affine coordindates performing
+ * necessary NIST PKV tests.
+ * \param key the EC_KEY object
+ * \param x public key x coordinate
+ * \param y public key y coordinate
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+ BIGNUM *y);
+
+/********************************************************************/
+/* de- and encoding functions for SEC1 ECPrivateKey */
+/********************************************************************/
+
+/** Decodes a private key from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded private key
+ * \param len length of the DER encoded private key
+ * \return the decoded private key or NULL if an error occurred.
+ */
+EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a private key object and stores the result in a buffer.
+ * \param key the EC_KEY object to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC parameters */
+/********************************************************************/
+
+/** Decodes ec parameter from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded ec parameters
+ * \param len length of the DER encoded ec parameters
+ * \return a EC_KEY object with the decoded parameters or NULL if an error
+ * occurred.
+ */
+EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes ec parameter and stores the result in a buffer.
+ * \param key the EC_KEY object with ec parameters to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECParameters(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC public key */
+/* (octet string, not DER -- hence 'o2i' and 'i2o') */
+/********************************************************************/
+
+/** Decodes a ec public key from a octet string.
+ * \param key a pointer to a EC_KEY object which should be used
+ * \param in memory buffer with the encoded public key
+ * \param len length of the encoded public key
+ * \return EC_KEY object with decoded public key or NULL if an error
+ * occurred.
+ */
+EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a ec public key in an octet string.
+ * \param key the EC_KEY object with the public key
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred
+ */
+int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
+
+/** Prints out the ec parameters on human readable form.
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print(BIO *bp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+
+# ifndef OPENSSL_NO_STDIO
+/** Prints out the ec parameters on human readable form.
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+
+# endif
+
+# define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
+
+# ifndef __cplusplus
+# if defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
+# endif
+# endif
+
+# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
+
+# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
+
+# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
+
+# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
+
+# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
+/* KDF types */
+# define EVP_PKEY_ECDH_KDF_NONE 1
+# define EVP_PKEY_ECDH_KDF_X9_62 2
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_EC_strings(void);
+
+/* Error codes for the EC functions. */
+
+/* Function codes. */
+# define EC_F_BN_TO_FELEM 224
+# define EC_F_COMPUTE_WNAF 143
+# define EC_F_D2I_ECPARAMETERS 144
+# define EC_F_D2I_ECPKPARAMETERS 145
+# define EC_F_D2I_ECPRIVATEKEY 146
+# define EC_F_DO_EC_KEY_PRINT 221
+# define EC_F_ECDH_CMS_DECRYPT 238
+# define EC_F_ECDH_CMS_SET_SHARED_INFO 239
+# define EC_F_ECKEY_PARAM2TYPE 223
+# define EC_F_ECKEY_PARAM_DECODE 212
+# define EC_F_ECKEY_PRIV_DECODE 213
+# define EC_F_ECKEY_PRIV_ENCODE 214
+# define EC_F_ECKEY_PUB_DECODE 215
+# define EC_F_ECKEY_PUB_ENCODE 216
+# define EC_F_ECKEY_TYPE2PARAM 220
+# define EC_F_ECPARAMETERS_PRINT 147
+# define EC_F_ECPARAMETERS_PRINT_FP 148
+# define EC_F_ECPKPARAMETERS_PRINT 149
+# define EC_F_ECPKPARAMETERS_PRINT_FP 150
+# define EC_F_ECP_NIST_MOD_192 203
+# define EC_F_ECP_NIST_MOD_224 204
+# define EC_F_ECP_NIST_MOD_256 205
+# define EC_F_ECP_NIST_MOD_521 206
+# define EC_F_EC_ASN1_GROUP2CURVE 153
+# define EC_F_EC_ASN1_GROUP2FIELDID 154
+# define EC_F_EC_ASN1_GROUP2PARAMETERS 155
+# define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156
+# define EC_F_EC_ASN1_PARAMETERS2GROUP 157
+# define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158
+# define EC_F_EC_EX_DATA_SET_DATA 211
+# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
+# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
+# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
+# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160
+# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161
+# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
+# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
+# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164
+# define EC_F_EC_GFP_MONT_FIELD_DECODE 133
+# define EC_F_EC_GFP_MONT_FIELD_ENCODE 134
+# define EC_F_EC_GFP_MONT_FIELD_MUL 131
+# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
+# define EC_F_EC_GFP_MONT_FIELD_SQR 132
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
+# define EC_F_EC_GFP_NIST_FIELD_MUL 200
+# define EC_F_EC_GFP_NIST_FIELD_SQR 201
+# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
+# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101
+# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
+# define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
+# define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
+# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
+# define EC_F_EC_GROUP_CHECK 170
+# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
+# define EC_F_EC_GROUP_COPY 106
+# define EC_F_EC_GROUP_GET0_GENERATOR 139
+# define EC_F_EC_GROUP_GET_COFACTOR 140
+# define EC_F_EC_GROUP_GET_CURVE_GF2M 172
+# define EC_F_EC_GROUP_GET_CURVE_GFP 130
+# define EC_F_EC_GROUP_GET_DEGREE 173
+# define EC_F_EC_GROUP_GET_ORDER 141
+# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
+# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
+# define EC_F_EC_GROUP_NEW 108
+# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174
+# define EC_F_EC_GROUP_NEW_FROM_DATA 175
+# define EC_F_EC_GROUP_PRECOMPUTE_MULT 142
+# define EC_F_EC_GROUP_SET_CURVE_GF2M 176
+# define EC_F_EC_GROUP_SET_CURVE_GFP 109
+# define EC_F_EC_GROUP_SET_EXTRA_DATA 110
+# define EC_F_EC_GROUP_SET_GENERATOR 111
+# define EC_F_EC_KEY_CHECK_KEY 177
+# define EC_F_EC_KEY_COPY 178
+# define EC_F_EC_KEY_GENERATE_KEY 179
+# define EC_F_EC_KEY_NEW 182
+# define EC_F_EC_KEY_PRINT 180
+# define EC_F_EC_KEY_PRINT_FP 181
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
+# define EC_F_EC_POINTS_MAKE_AFFINE 136
+# define EC_F_EC_POINT_ADD 112
+# define EC_F_EC_POINT_CMP 113
+# define EC_F_EC_POINT_COPY 114
+# define EC_F_EC_POINT_DBL 115
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116
+# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117
+# define EC_F_EC_POINT_INVERT 210
+# define EC_F_EC_POINT_IS_AT_INFINITY 118
+# define EC_F_EC_POINT_IS_ON_CURVE 119
+# define EC_F_EC_POINT_MAKE_AFFINE 120
+# define EC_F_EC_POINT_MUL 184
+# define EC_F_EC_POINT_NEW 121
+# define EC_F_EC_POINT_OCT2POINT 122
+# define EC_F_EC_POINT_POINT2OCT 123
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
+# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
+# define EC_F_EC_POINT_SET_TO_INFINITY 127
+# define EC_F_EC_PRE_COMP_DUP 207
+# define EC_F_EC_PRE_COMP_NEW 196
+# define EC_F_EC_WNAF_MUL 187
+# define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
+# define EC_F_I2D_ECPARAMETERS 190
+# define EC_F_I2D_ECPKPARAMETERS 191
+# define EC_F_I2D_ECPRIVATEKEY 192
+# define EC_F_I2O_ECPUBLICKEY 151
+# define EC_F_NISTP224_PRE_COMP_NEW 227
+# define EC_F_NISTP256_PRE_COMP_NEW 236
+# define EC_F_NISTP521_PRE_COMP_NEW 237
+# define EC_F_ECP_NISTZ256_GET_AFFINE 240
+# define EC_F_ECP_NISTZ256_POINTS_MUL 241
+# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
+# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
+# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
+# define EC_F_O2I_ECPUBLICKEY 152
+# define EC_F_OLD_EC_PRIV_DECODE 222
+# define EC_F_PKEY_EC_CTRL 197
+# define EC_F_PKEY_EC_CTRL_STR 198
+# define EC_F_PKEY_EC_DERIVE 217
+# define EC_F_PKEY_EC_KEYGEN 199
+# define EC_F_PKEY_EC_PARAMGEN 219
+# define EC_F_PKEY_EC_SIGN 218
+
+/* Reason codes. */
+# define EC_R_ASN1_ERROR 115
+# define EC_R_ASN1_UNKNOWN_FIELD 116
+# define EC_R_BIGNUM_OUT_OF_RANGE 144
+# define EC_R_BUFFER_TOO_SMALL 100
+# define EC_R_COORDINATES_OUT_OF_RANGE 146
+# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
+# define EC_R_DECODE_ERROR 142
+# define EC_R_DISCRIMINANT_IS_ZERO 118
+# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
+# define EC_R_FIELD_TOO_LARGE 143
+# define EC_R_GF2M_NOT_SUPPORTED 147
+# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
+# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
+# define EC_R_INCOMPATIBLE_OBJECTS 101
+# define EC_R_INVALID_ARGUMENT 112
+# define EC_R_INVALID_COMPRESSED_POINT 110
+# define EC_R_INVALID_COMPRESSION_BIT 109
+# define EC_R_INVALID_CURVE 141
+# define EC_R_INVALID_DIGEST 151
+# define EC_R_INVALID_DIGEST_TYPE 138
+# define EC_R_INVALID_ENCODING 102
+# define EC_R_INVALID_FIELD 103
+# define EC_R_INVALID_FORM 104
+# define EC_R_INVALID_GROUP_ORDER 122
+# define EC_R_INVALID_PENTANOMIAL_BASIS 132
+# define EC_R_INVALID_PRIVATE_KEY 123
+# define EC_R_INVALID_TRINOMIAL_BASIS 137
+# define EC_R_KDF_PARAMETER_ERROR 148
+# define EC_R_KEYS_NOT_SET 140
+# define EC_R_MISSING_PARAMETERS 124
+# define EC_R_MISSING_PRIVATE_KEY 125
+# define EC_R_NOT_A_NIST_PRIME 135
+# define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136
+# define EC_R_NOT_IMPLEMENTED 126
+# define EC_R_NOT_INITIALIZED 111
+# define EC_R_NO_FIELD_MOD 133
+# define EC_R_NO_PARAMETERS_SET 139
+# define EC_R_PASSED_NULL_PARAMETER 134
+# define EC_R_PEER_KEY_ERROR 149
+# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
+# define EC_R_POINT_AT_INFINITY 106
+# define EC_R_POINT_IS_NOT_ON_CURVE 107
+# define EC_R_SHARED_INFO_ERROR 150
+# define EC_R_SLOT_FULL 108
+# define EC_R_UNDEFINED_GENERATOR 113
+# define EC_R_UNDEFINED_ORDER 128
+# define EC_R_UNKNOWN_GROUP 129
+# define EC_R_UNKNOWN_ORDER 114
+# define EC_R_UNSUPPORTED_FIELD 131
+# define EC_R_WRONG_CURVE_PARAMETERS 145
+# define EC_R_WRONG_ORDER 130
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/ecdh/ecdh.h */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ECDH_H
+# define HEADER_ECDH_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_EC
+# error EC is disabled.
+# endif
+
+# include <openssl/ec.h>
+# include <openssl/ossl_typ.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define EC_FLAG_COFACTOR_ECDH 0x1000
+
+const ECDH_METHOD *ECDH_OpenSSL(void);
+
+void ECDH_set_default_method(const ECDH_METHOD *);
+const ECDH_METHOD *ECDH_get_default_method(void);
+int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
+
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+ EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
+ void *out, size_t *outlen));
+
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+ *new_func, CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDH_get_ex_data(EC_KEY *d, int idx);
+
+int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ const unsigned char *sinfo, size_t sinfolen,
+ const EVP_MD *md);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ECDH_strings(void);
+
+/* Error codes for the ECDH functions. */
+
+/* Function codes. */
+# define ECDH_F_ECDH_COMPUTE_KEY 100
+# define ECDH_F_ECDH_DATA_NEW_METHOD 101
+
+/* Reason codes. */
+# define ECDH_R_KDF_FAILED 102
+# define ECDH_R_NO_PRIVATE_VALUE 100
+# define ECDH_R_POINT_ARITHMETIC_FAILURE 101
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/ecdsa/ecdsa.h */
+/**
+ * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
+ * \author Written by Nils Larsch for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ECDSA_H
+# define HEADER_ECDSA_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_EC
+# error EC is disabled.
+# endif
+
+# include <openssl/ec.h>
+# include <openssl/ossl_typ.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct ECDSA_SIG_st {
+ BIGNUM *r;
+ BIGNUM *s;
+} ECDSA_SIG;
+
+/** Allocates and initialize a ECDSA_SIG structure
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_SIG_new(void);
+
+/** frees a ECDSA_SIG structure
+ * \param sig pointer to the ECDSA_SIG structure
+ */
+void ECDSA_SIG_free(ECDSA_SIG *sig);
+
+/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
+ * (*pp += length of the DER encoded signature)).
+ * \param sig pointer to the ECDSA_SIG object
+ * \param pp pointer to a unsigned char pointer for the output or NULL
+ * \return the length of the DER encoded ECDSA_SIG object or 0
+ */
+int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+
+/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
+ * (*pp += len)).
+ * \param sig pointer to ECDSA_SIG pointer (may be NULL)
+ * \param pp memory buffer with the DER encoded signature
+ * \param len length of the buffer
+ * \return pointer to the decoded ECDSA_SIG structure (or NULL)
+ */
+ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+
+/** Computes the ECDSA signature of the given hash value using
+ * the supplied private key and returns the created signature.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+ EC_KEY *eckey);
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optioanl),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+ const BIGNUM *kinv, const BIGNUM *rp,
+ EC_KEY *eckey);
+
+/** Verifies that the supplied signature is a valid ECDSA
+ * signature of the supplied hash value using the supplied public key.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param sig ECDSA_SIG structure
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
+ */
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey);
+
+const ECDSA_METHOD *ECDSA_OpenSSL(void);
+
+/** Sets the default ECDSA method
+ * \param meth new default ECDSA_METHOD
+ */
+void ECDSA_set_default_method(const ECDSA_METHOD *meth);
+
+/** Returns the default ECDSA method
+ * \return pointer to ECDSA_METHOD structure containing the default method
+ */
+const ECDSA_METHOD *ECDSA_get_default_method(void);
+
+/** Sets method to be used for the ECDSA operations
+ * \param eckey EC_KEY object
+ * \param meth new method
+ * \return 1 on success and 0 otherwise
+ */
+int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
+
+/** Returns the maximum length of the DER encoded signature
+ * \param eckey EC_KEY object
+ * \return numbers of bytes required for the DER encoded signature
+ */
+int ECDSA_size(const EC_KEY *eckey);
+
+/** Precompute parts of the signing operation
+ * \param eckey EC_KEY object containing a private EC key
+ * \param ctx BN_CTX object (optional)
+ * \param kinv BIGNUM pointer for the inverse of k
+ * \param rp BIGNUM pointer for x coordinate of k * generator
+ * \return 1 on success and 0 otherwise
+ */
+int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig memory for the DER encoded created signature
+ * \param siglen pointer to the length of the returned signature
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+ */
+int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+ unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optioanl),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+ */
+int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+ unsigned char *sig, unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
+
+/** Verifies that the given signature is valid ECDSA signature
+ * of the supplied hash value using the specified public key.
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value
+ * \param dgstlen length of the hash value
+ * \param sig pointer to the DER encoded signature
+ * \param siglen length of the DER encoded signature
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
+ */
+int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+ const unsigned char *sig, int siglen, EC_KEY *eckey);
+
+/* the standard ex_data functions */
+int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+ *new_func, CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDSA_get_ex_data(EC_KEY *d, int idx);
+
+/** Allocates and initialize a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
+ * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
+ */
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
+
+/** frees a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to the ECDSA_METHOD structure
+ */
+void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
+
+/** Sets application specific data in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param app application specific data to set
+ */
+
+void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
+
+/** Returns application specific data from a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to ECDSA_METHOD structure
+ * \return pointer to application specific data.
+ */
+
+void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
+
+/** Set the ECDSA_do_sign function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_do_sign a funtion of type ECDSA_do_sign
+ */
+
+void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
+ ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
+ *dgst, int dgst_len,
+ const BIGNUM *inv,
+ const BIGNUM *rp,
+ EC_KEY *eckey));
+
+/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
+ */
+
+void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
+ int (*ecdsa_sign_setup) (EC_KEY *eckey,
+ BN_CTX *ctx,
+ BIGNUM **kinv,
+ BIGNUM **r));
+
+/** Set the ECDSA_do_verify function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_do_verify a funtion of type ECDSA_do_verify
+ */
+
+void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
+ int (*ecdsa_do_verify) (const unsigned char
+ *dgst, int dgst_len,
+ const ECDSA_SIG *sig,
+ EC_KEY *eckey));
+
+void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
+
+/** Set the flags field in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param flags flags value to set
+ */
+
+void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
+
+/** Set the name field in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param name name to set
+ */
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ECDSA_strings(void);
+
+/* Error codes for the ECDSA functions. */
+
+/* Function codes. */
+# define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
+# define ECDSA_F_ECDSA_DO_SIGN 101
+# define ECDSA_F_ECDSA_DO_VERIFY 102
+# define ECDSA_F_ECDSA_METHOD_NEW 105
+# define ECDSA_F_ECDSA_SIGN_SETUP 103
+
+/* Reason codes. */
+# define ECDSA_R_BAD_SIGNATURE 100
+# define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
+# define ECDSA_R_ERR_EC_LIB 102
+# define ECDSA_R_MISSING_PARAMETERS 103
+# define ECDSA_R_NEED_NEW_SETUP_VALUES 106
+# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
+# define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* openssl/engine.h */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_ENGINE_H
+# define HEADER_ENGINE_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_ENGINE
+# error ENGINE is disabled.
+# endif
+
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# endif
+# ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+# endif
+# ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+# endif
+# ifndef OPENSSL_NO_EC
+# include <openssl/ecdh.h>
+# include <openssl/ecdsa.h>
+# endif
+# include <openssl/rand.h>
+# include <openssl/ui.h>
+# include <openssl/err.h>
+# endif
+
+# include <openssl/ossl_typ.h>
+# include <openssl/symhacks.h>
+
+# include <openssl/x509.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * These flags are used to control combinations of algorithm (methods) by
+ * bitwise "OR"ing.
+ */
+# define ENGINE_METHOD_RSA (unsigned int)0x0001
+# define ENGINE_METHOD_DSA (unsigned int)0x0002
+# define ENGINE_METHOD_DH (unsigned int)0x0004
+# define ENGINE_METHOD_RAND (unsigned int)0x0008
+# define ENGINE_METHOD_ECDH (unsigned int)0x0010
+# define ENGINE_METHOD_ECDSA (unsigned int)0x0020
+# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
+# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
+# define ENGINE_METHOD_STORE (unsigned int)0x0100
+# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
+# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
+/* Obvious all-or-nothing cases. */
+# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
+# define ENGINE_METHOD_NONE (unsigned int)0x0000
+
+/*
+ * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
+ * internally to control registration of ENGINE implementations, and can be
+ * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
+ * initialise registered ENGINEs if they are not already initialised.
+ */
+# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
+
+/* ENGINE flags that can be set by ENGINE_set_flags(). */
+/* Not used */
+/* #define ENGINE_FLAGS_MALLOCED 0x0001 */
+
+/*
+ * This flag is for ENGINEs that wish to handle the various 'CMD'-related
+ * control commands on their own. Without this flag, ENGINE_ctrl() handles
+ * these control commands on behalf of the ENGINE using their "cmd_defns"
+ * data.
+ */
+# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
+
+/*
+ * This flag is for ENGINEs who return new duplicate structures when found
+ * via "ENGINE_by_id()". When an ENGINE must store state (eg. if
+ * ENGINE_ctrl() commands are called in sequence as part of some stateful
+ * process like key-generation setup and execution), it can set this flag -
+ * then each attempt to obtain the ENGINE will result in it being copied into
+ * a new structure. Normally, ENGINEs don't declare this flag so
+ * ENGINE_by_id() just increments the existing ENGINE's structural reference
+ * count.
+ */
+# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
+
+/*
+ * This flag if for an ENGINE that does not want its methods registered as
+ * part of ENGINE_register_all_complete() for example if the methods are not
+ * usable as default methods.
+ */
+
+# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
+
+/*
+ * ENGINEs can support their own command types, and these flags are used in
+ * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
+ * each command expects. Currently only numeric and string input is
+ * supported. If a control command supports none of the _NUMERIC, _STRING, or
+ * _NO_INPUT options, then it is regarded as an "internal" control command -
+ * and not for use in config setting situations. As such, they're not
+ * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
+ * access. Changes to this list of 'command types' should be reflected
+ * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
+ */
+
+/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
+# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
+/*
+ * accepts string input (cast from 'void*' to 'const char *', 4th parameter
+ * to ENGINE_ctrl)
+ */
+# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
+/*
+ * Indicates that the control command takes *no* input. Ie. the control
+ * command is unparameterised.
+ */
+# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
+/*
+ * Indicates that the control command is internal. This control command won't
+ * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
+ * function.
+ */
+# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
+
+/*
+ * NB: These 3 control commands are deprecated and should not be used.
+ * ENGINEs relying on these commands should compile conditional support for
+ * compatibility (eg. if these symbols are defined) but should also migrate
+ * the same functionality to their own ENGINE-specific control functions that
+ * can be "discovered" by calling applications. The fact these control
+ * commands wouldn't be "executable" (ie. usable by text-based config)
+ * doesn't change the fact that application code can find and use them
+ * without requiring per-ENGINE hacking.
+ */
+
+/*
+ * These flags are used to tell the ctrl function what should be done. All
+ * command numbers are shared between all engines, even if some don't make
+ * sense to some engines. In such a case, they do nothing but return the
+ * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
+ */
+# define ENGINE_CTRL_SET_LOGSTREAM 1
+# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
+# define ENGINE_CTRL_HUP 3/* Close and reinitialise
+ * any handles/connections
+ * etc. */
+# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
+# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
+ * when calling the password
+ * callback and the user
+ * interface */
+# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
+ * given a string that
+ * represents a file name
+ * or so */
+# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
+ * section in the already
+ * loaded configuration */
+
+/*
+ * These control commands allow an application to deal with an arbitrary
+ * engine in a dynamic way. Warn: Negative return values indicate errors FOR
+ * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
+ * commands, including ENGINE-specific command types, return zero for an
+ * error. An ENGINE can choose to implement these ctrl functions, and can
+ * internally manage things however it chooses - it does so by setting the
+ * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
+ * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
+ * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
+ * ctrl() handler need only implement its own commands - the above "meta"
+ * commands will be taken care of.
+ */
+
+/*
+ * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
+ * then all the remaining control commands will return failure, so it is
+ * worth checking this first if the caller is trying to "discover" the
+ * engine's capabilities and doesn't want errors generated unnecessarily.
+ */
+# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
+/*
+ * Returns a positive command number for the first command supported by the
+ * engine. Returns zero if no ctrl commands are supported.
+ */
+# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
+/*
+ * The 'long' argument specifies a command implemented by the engine, and the
+ * return value is the next command supported, or zero if there are no more.
+ */
+# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
+/*
+ * The 'void*' argument is a command name (cast from 'const char *'), and the
+ * return value is the command that corresponds to it.
+ */
+# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
+/*
+ * The next two allow a command to be converted into its corresponding string
+ * form. In each case, the 'long' argument supplies the command. In the
+ * NAME_LEN case, the return value is the length of the command name (not
+ * counting a trailing EOL). In the NAME case, the 'void*' argument must be a
+ * string buffer large enough, and it will be populated with the name of the
+ * command (WITH a trailing EOL).
+ */
+# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
+# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
+/* The next two are similar but give a "short description" of a command. */
+# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
+# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
+/*
+ * With this command, the return value is the OR'd combination of
+ * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
+ * engine-specific ctrl command expects.
+ */
+# define ENGINE_CTRL_GET_CMD_FLAGS 18
+
+/*
+ * ENGINE implementations should start the numbering of their own control
+ * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
+ */
+# define ENGINE_CMD_BASE 200
+
+/*
+ * NB: These 2 nCipher "chil" control commands are deprecated, and their
+ * functionality is now available through ENGINE-specific control commands
+ * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
+ * commands should be migrated to the more general command handling before
+ * these are removed.
+ */
+
+/* Flags specific to the nCipher "chil" engine */
+# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
+ /*
+ * Depending on the value of the (long)i argument, this sets or
+ * unsets the SimpleForkCheck flag in the CHIL API to enable or
+ * disable checking and workarounds for applications that fork().
+ */
+# define ENGINE_CTRL_CHIL_NO_LOCKING 101
+ /*
+ * This prevents the initialisation function from providing mutex
+ * callbacks to the nCipher library.
+ */
+
+/*
+ * If an ENGINE supports its own specific control commands and wishes the
+ * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
+ * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
+ * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
+ * handler that supports the stated commands (ie. the "cmd_num" entries as
+ * described by the array). NB: The array must be ordered in increasing order
+ * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
+ * has cmd_num set to zero and/or cmd_name set to NULL.
+ */
+typedef struct ENGINE_CMD_DEFN_st {
+ unsigned int cmd_num; /* The command number */
+ const char *cmd_name; /* The command name itself */
+ const char *cmd_desc; /* A short description of the command */
+ unsigned int cmd_flags; /* The input the command expects */
+} ENGINE_CMD_DEFN;
+
+/* Generic function pointer */
+typedef int (*ENGINE_GEN_FUNC_PTR) (void);
+/* Generic function pointer taking no arguments */
+typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
+/* Specific control function pointer */
+typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
+ void (*f) (void));
+/* Generic load_key function pointer */
+typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
+ UI_METHOD *ui_method,
+ void *callback_data);
+typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
+ STACK_OF(X509_NAME) *ca_dn,
+ X509 **pcert, EVP_PKEY **pkey,
+ STACK_OF(X509) **pother,
+ UI_METHOD *ui_method,
+ void *callback_data);
+/*-
+ * These callback types are for an ENGINE's handler for cipher and digest logic.
+ * These handlers have these prototypes;
+ * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
+ * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
+ * Looking at how to implement these handlers in the case of cipher support, if
+ * the framework wants the EVP_CIPHER for 'nid', it will call;
+ * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)
+ * If the framework wants a list of supported 'nid's, it will call;
+ * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
+ */
+/*
+ * Returns to a pointer to the array of supported cipher 'nid's. If the
+ * second parameter is non-NULL it is set to the size of the returned array.
+ */
+typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
+ const int **, int);
+typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
+ int);
+typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
+ const int **, int);
+typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
+ const int **, int);
+/*
+ * STRUCTURE functions ... all of these functions deal with pointers to
+ * ENGINE structures where the pointers have a "structural reference". This
+ * means that their reference is to allowed access to the structure but it
+ * does not imply that the structure is functional. To simply increment or
+ * decrement the structural reference count, use ENGINE_by_id and
+ * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
+ * as it will automatically decrement the structural reference count of the
+ * "current" ENGINE and increment the structural reference count of the
+ * ENGINE it returns (unless it is NULL).
+ */
+
+/* Get the first/last "ENGINE" type available. */
+ENGINE *ENGINE_get_first(void);
+ENGINE *ENGINE_get_last(void);
+/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
+ENGINE *ENGINE_get_next(ENGINE *e);
+ENGINE *ENGINE_get_prev(ENGINE *e);
+/* Add another "ENGINE" type into the array. */
+int ENGINE_add(ENGINE *e);
+/* Remove an existing "ENGINE" type from the array. */
+int ENGINE_remove(ENGINE *e);
+/* Retrieve an engine from the list by its unique "id" value. */
+ENGINE *ENGINE_by_id(const char *id);
+/* Add all the built-in engines. */
+void ENGINE_load_openssl(void);
+void ENGINE_load_dynamic(void);
+# ifndef OPENSSL_NO_STATIC_ENGINE
+void ENGINE_load_4758cca(void);
+void ENGINE_load_aep(void);
+void ENGINE_load_atalla(void);
+void ENGINE_load_chil(void);
+void ENGINE_load_cswift(void);
+void ENGINE_load_nuron(void);
+void ENGINE_load_sureware(void);
+void ENGINE_load_ubsec(void);
+void ENGINE_load_padlock(void);
+void ENGINE_load_capi(void);
+# ifndef OPENSSL_NO_GMP
+void ENGINE_load_gmp(void);
+# endif
+# ifndef OPENSSL_NO_GOST
+void ENGINE_load_gost(void);
+# endif
+# endif
+void ENGINE_load_cryptodev(void);
+void ENGINE_load_rdrand(void);
+void ENGINE_load_builtin_engines(void);
+
+/*
+ * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
+ * "registry" handling.
+ */
+unsigned int ENGINE_get_table_flags(void);
+void ENGINE_set_table_flags(unsigned int flags);
+
+/*- Manage registration of ENGINEs per "table". For each type, there are 3
+ * functions;
+ * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
+ * ENGINE_unregister_***(e) - unregister the implementation from 'e'
+ * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
+ * Cleanup is automatically registered from each table when required, so
+ * ENGINE_cleanup() will reverse any "register" operations.
+ */
+
+int ENGINE_register_RSA(ENGINE *e);
+void ENGINE_unregister_RSA(ENGINE *e);
+void ENGINE_register_all_RSA(void);
+
+int ENGINE_register_DSA(ENGINE *e);
+void ENGINE_unregister_DSA(ENGINE *e);
+void ENGINE_register_all_DSA(void);
+
+int ENGINE_register_ECDH(ENGINE *e);
+void ENGINE_unregister_ECDH(ENGINE *e);
+void ENGINE_register_all_ECDH(void);
+
+int ENGINE_register_ECDSA(ENGINE *e);
+void ENGINE_unregister_ECDSA(ENGINE *e);
+void ENGINE_register_all_ECDSA(void);
+
+int ENGINE_register_DH(ENGINE *e);
+void ENGINE_unregister_DH(ENGINE *e);
+void ENGINE_register_all_DH(void);
+
+int ENGINE_register_RAND(ENGINE *e);
+void ENGINE_unregister_RAND(ENGINE *e);
+void ENGINE_register_all_RAND(void);
+
+int ENGINE_register_STORE(ENGINE *e);
+void ENGINE_unregister_STORE(ENGINE *e);
+void ENGINE_register_all_STORE(void);
+
+int ENGINE_register_ciphers(ENGINE *e);
+void ENGINE_unregister_ciphers(ENGINE *e);
+void ENGINE_register_all_ciphers(void);
+
+int ENGINE_register_digests(ENGINE *e);
+void ENGINE_unregister_digests(ENGINE *e);
+void ENGINE_register_all_digests(void);
+
+int ENGINE_register_pkey_meths(ENGINE *e);
+void ENGINE_unregister_pkey_meths(ENGINE *e);
+void ENGINE_register_all_pkey_meths(void);
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e);
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
+void ENGINE_register_all_pkey_asn1_meths(void);
+
+/*
+ * These functions register all support from the above categories. Note, use
+ * of these functions can result in static linkage of code your application
+ * may not need. If you only need a subset of functionality, consider using
+ * more selective initialisation.
+ */
+int ENGINE_register_complete(ENGINE *e);
+int ENGINE_register_all_complete(void);
+
+/*
+ * Send parametrised control commands to the engine. The possibilities to
+ * send down an integer, a pointer to data or a function pointer are
+ * provided. Any of the parameters may or may not be NULL, depending on the
+ * command number. In actuality, this function only requires a structural
+ * (rather than functional) reference to an engine, but many control commands
+ * may require the engine be functional. The caller should be aware of trying
+ * commands that require an operational ENGINE, and only use functional
+ * references in such situations.
+ */
+int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+/*
+ * This function tests if an ENGINE-specific command is usable as a
+ * "setting". Eg. in an application's config file that gets processed through
+ * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
+ * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
+ */
+int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+
+/*
+ * This function works like ENGINE_ctrl() with the exception of taking a
+ * command name instead of a command number, and can handle optional
+ * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
+ * on how to use the cmd_name and cmd_optional.
+ */
+int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+ long i, void *p, void (*f) (void), int cmd_optional);
+
+/*
+ * This function passes a command-name and argument to an ENGINE. The
+ * cmd_name is converted to a command number and the control command is
+ * called using 'arg' as an argument (unless the ENGINE doesn't support such
+ * a command, in which case no control command is called). The command is
+ * checked for input flags, and if necessary the argument will be converted
+ * to a numeric value. If cmd_optional is non-zero, then if the ENGINE
+ * doesn't support the given cmd_name the return value will be success
+ * anyway. This function is intended for applications to use so that users
+ * (or config files) can supply engine-specific config data to the ENGINE at
+ * run-time to control behaviour of specific engines. As such, it shouldn't
+ * be used for calling ENGINE_ctrl() functions that return data, deal with
+ * binary data, or that are otherwise supposed to be used directly through
+ * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
+ * operation in this function will be lost - the return value is interpreted
+ * as failure if the return value is zero, success otherwise, and this
+ * function returns a boolean value as a result. In other words, vendors of
+ * 'ENGINE'-enabled devices should write ENGINE implementations with
+ * parameterisations that work in this scheme, so that compliant ENGINE-based
+ * applications can work consistently with the same configuration for the
+ * same ENGINE-enabled devices, across applications.
+ */
+int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+ int cmd_optional);
+
+/*
+ * These functions are useful for manufacturing new ENGINE structures. They
+ * don't address reference counting at all - one uses them to populate an
+ * ENGINE structure with personalised implementations of things prior to
+ * using it directly or adding it to the builtin ENGINE list in OpenSSL.
+ * These are also here so that the ENGINE structure doesn't have to be
+ * exposed and break binary compatibility!
+ */
+ENGINE *ENGINE_new(void);
+int ENGINE_free(ENGINE *e);
+int ENGINE_up_ref(ENGINE *e);
+int ENGINE_set_id(ENGINE *e, const char *id);
+int ENGINE_set_name(ENGINE *e, const char *name);
+int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
+int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
+int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
+int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+int ENGINE_set_load_privkey_function(ENGINE *e,
+ ENGINE_LOAD_KEY_PTR loadpriv_f);
+int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
+ ENGINE_SSL_CLIENT_CERT_PTR
+ loadssl_f);
+int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
+int ENGINE_set_flags(ENGINE *e, int flags);
+int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+/* These functions allow control over any per-structure ENGINE data. */
+int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
+void *ENGINE_get_ex_data(const ENGINE *e, int idx);
+
+/*
+ * This function cleans up anything that needs it. Eg. the ENGINE_add()
+ * function automatically ensures the list cleanup function is registered to
+ * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
+ * functions ensure ENGINE_cleanup() will clean up after them.
+ */
+void ENGINE_cleanup(void);
+
+/*
+ * These return values from within the ENGINE structure. These can be useful
+ * with functional references as well as structural references - it depends
+ * which you obtained. Using the result for functional purposes if you only
+ * obtained a structural reference may be problematic!
+ */
+const char *ENGINE_get_id(const ENGINE *e);
+const char *ENGINE_get_name(const ENGINE *e);
+const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
+const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
+const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
+ *e);
+ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
+const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+ const char *str,
+ int len);
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+ const char *str,
+ int len);
+const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+int ENGINE_get_flags(const ENGINE *e);
+
+/*
+ * FUNCTIONAL functions. These functions deal with ENGINE structures that
+ * have (or will) be initialised for use. Broadly speaking, the structural
+ * functions are useful for iterating the list of available engine types,
+ * creating new engine types, and other "list" operations. These functions
+ * actually deal with ENGINEs that are to be used. As such these functions
+ * can fail (if applicable) when particular engines are unavailable - eg. if
+ * a hardware accelerator is not attached or not functioning correctly. Each
+ * ENGINE has 2 reference counts; structural and functional. Every time a
+ * functional reference is obtained or released, a corresponding structural
+ * reference is automatically obtained or released too.
+ */
+
+/*
+ * Initialise a engine type for use (or up its reference count if it's
+ * already in use). This will fail if the engine is not currently operational
+ * and cannot initialise.
+ */
+int ENGINE_init(ENGINE *e);
+/*
+ * Free a functional reference to a engine type. This does not require a
+ * corresponding call to ENGINE_free as it also releases a structural
+ * reference.
+ */
+int ENGINE_finish(ENGINE *e);
+
+/*
+ * The following functions handle keys that are stored in some secondary
+ * location, handled by the engine. The storage may be on a card or
+ * whatever.
+ */
+EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+ UI_METHOD *ui_method, void *callback_data);
+EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+ UI_METHOD *ui_method, void *callback_data);
+int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
+ STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
+ EVP_PKEY **ppkey, STACK_OF(X509) **pother,
+ UI_METHOD *ui_method, void *callback_data);
+
+/*
+ * This returns a pointer for the current ENGINE structure that is (by
+ * default) performing any RSA operations. The value returned is an
+ * incremented reference, so it should be free'd (ENGINE_finish) before it is
+ * discarded.
+ */
+ENGINE *ENGINE_get_default_RSA(void);
+/* Same for the other "methods" */
+ENGINE *ENGINE_get_default_DSA(void);
+ENGINE *ENGINE_get_default_ECDH(void);
+ENGINE *ENGINE_get_default_ECDSA(void);
+ENGINE *ENGINE_get_default_DH(void);
+ENGINE *ENGINE_get_default_RAND(void);
+/*
+ * These functions can be used to get a functional reference to perform
+ * ciphering or digesting corresponding to "nid".
+ */
+ENGINE *ENGINE_get_cipher_engine(int nid);
+ENGINE *ENGINE_get_digest_engine(int nid);
+ENGINE *ENGINE_get_pkey_meth_engine(int nid);
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
+
+/*
+ * This sets a new default ENGINE structure for performing RSA operations. If
+ * the result is non-zero (success) then the ENGINE structure will have had
+ * its reference count up'd so the caller should still free their own
+ * reference 'e'.
+ */
+int ENGINE_set_default_RSA(ENGINE *e);
+int ENGINE_set_default_string(ENGINE *e, const char *def_list);
+/* Same for the other "methods" */
+int ENGINE_set_default_DSA(ENGINE *e);
+int ENGINE_set_default_ECDH(ENGINE *e);
+int ENGINE_set_default_ECDSA(ENGINE *e);
+int ENGINE_set_default_DH(ENGINE *e);
+int ENGINE_set_default_RAND(ENGINE *e);
+int ENGINE_set_default_ciphers(ENGINE *e);
+int ENGINE_set_default_digests(ENGINE *e);
+int ENGINE_set_default_pkey_meths(ENGINE *e);
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
+
+/*
+ * The combination "set" - the flags are bitwise "OR"d from the
+ * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
+ * function, this function can result in unnecessary static linkage. If your
+ * application requires only specific functionality, consider using more
+ * selective functions.
+ */
+int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+void ENGINE_add_conf_module(void);
+
+/* Deprecated functions ... */
+/* int ENGINE_clear_defaults(void); */
+
+/**************************/
+/* DYNAMIC ENGINE SUPPORT */
+/**************************/
+
+/* Binary/behaviour compatibility levels */
+# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000
+/*
+ * Binary versions older than this are too old for us (whether we're a loader
+ * or a loadee)
+ */
+# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000
+
+/*
+ * When compiling an ENGINE entirely as an external shared library, loadable
+ * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
+ * structure type provides the calling application's (or library's) error
+ * functionality and memory management function pointers to the loaded
+ * library. These should be used/set in the loaded library code so that the
+ * loading application's 'state' will be used/changed in all operations. The
+ * 'static_state' pointer allows the loaded library to know if it shares the
+ * same static data as the calling application (or library), and thus whether
+ * these callbacks need to be set or not.
+ */
+typedef void *(*dyn_MEM_malloc_cb) (size_t);
+typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
+typedef void (*dyn_MEM_free_cb) (void *);
+typedef struct st_dynamic_MEM_fns {
+ dyn_MEM_malloc_cb malloc_cb;
+ dyn_MEM_realloc_cb realloc_cb;
+ dyn_MEM_free_cb free_cb;
+} dynamic_MEM_fns;
+/*
+ * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
+ * use these types so we (and any other dependant code) can simplify a bit??
+ */
+typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
+typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
+typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
+ int);
+typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
+ const char *, int);
+typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
+ const char *, int);
+typedef struct st_dynamic_LOCK_fns {
+ dyn_lock_locking_cb lock_locking_cb;
+ dyn_lock_add_lock_cb lock_add_lock_cb;
+ dyn_dynlock_create_cb dynlock_create_cb;
+ dyn_dynlock_lock_cb dynlock_lock_cb;
+ dyn_dynlock_destroy_cb dynlock_destroy_cb;
+} dynamic_LOCK_fns;
+/* The top-level structure */
+typedef struct st_dynamic_fns {
+ void *static_state;
+ const ERR_FNS *err_fns;
+ const CRYPTO_EX_DATA_IMPL *ex_data_fns;
+ dynamic_MEM_fns mem_fns;
+ dynamic_LOCK_fns lock_fns;
+} dynamic_fns;
+
+/*
+ * The version checking function should be of this prototype. NB: The
+ * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
+ * code. If this function returns zero, it indicates a (potential) version
+ * incompatibility and the loaded library doesn't believe it can proceed.
+ * Otherwise, the returned value is the (latest) version supported by the
+ * loading library. The loader may still decide that the loaded code's
+ * version is unsatisfactory and could veto the load. The function is
+ * expected to be implemented with the symbol name "v_check", and a default
+ * implementation can be fully instantiated with
+ * IMPLEMENT_DYNAMIC_CHECK_FN().
+ */
+typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
+# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+ OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
+ OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
+ if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
+ return 0; }
+
+/*
+ * This function is passed the ENGINE structure to initialise with its own
+ * function and command settings. It should not adjust the structural or
+ * functional reference counts. If this function returns zero, (a) the load
+ * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
+ * the structure, and (c) the shared library will be unloaded. So
+ * implementations should do their own internal cleanup in failure
+ * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
+ * represents the ENGINE id that the loader is looking for. If this is NULL,
+ * the shared library can choose to return failure or to initialise a
+ * 'default' ENGINE. If non-NULL, the shared library must initialise only an
+ * ENGINE matching the passed 'id'. The function is expected to be
+ * implemented with the symbol name "bind_engine". A standard implementation
+ * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
+ * 'fn' is a callback function that populates the ENGINE structure and
+ * returns an int value (zero for failure). 'fn' should have prototype;
+ * [static] int fn(ENGINE *e, const char *id);
+ */
+typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
+ const dynamic_fns *fns);
+# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+ OPENSSL_EXPORT \
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
+ OPENSSL_EXPORT \
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
+ if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
+ if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
+ fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
+ return 0; \
+ CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
+ CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
+ CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
+ CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
+ CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
+ if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
+ return 0; \
+ if(!ERR_set_implementation(fns->err_fns)) return 0; \
+ skip_cbs: \
+ if(!fn(e,id)) return 0; \
+ return 1; }
+
+/*
+ * If the loading application (or library) and the loaded ENGINE library
+ * share the same static data (eg. they're both dynamically linked to the
+ * same libcrypto.so) we need a way to avoid trying to set system callbacks -
+ * this would fail, and for the same reason that it's unnecessary to try. If
+ * the loaded ENGINE has (or gets from through the loader) its own copy of
+ * the libcrypto static data, we will need to set the callbacks. The easiest
+ * way to detect this is to have a function that returns a pointer to some
+ * static data and let the loading application and loaded ENGINE compare
+ * their respective values.
+ */
+void *ENGINE_get_static_state(void);
+
+# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
+void ENGINE_setup_bsd_cryptodev(void);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ENGINE_strings(void);
+
+/* Error codes for the ENGINE functions. */
+
+/* Function codes. */
+# define ENGINE_F_DYNAMIC_CTRL 180
+# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
+# define ENGINE_F_DYNAMIC_LOAD 182
+# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183
+# define ENGINE_F_ENGINE_ADD 105
+# define ENGINE_F_ENGINE_BY_ID 106
+# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
+# define ENGINE_F_ENGINE_CTRL 142
+# define ENGINE_F_ENGINE_CTRL_CMD 178
+# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
+# define ENGINE_F_ENGINE_FINISH 107
+# define ENGINE_F_ENGINE_FREE_UTIL 108
+# define ENGINE_F_ENGINE_GET_CIPHER 185
+# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
+# define ENGINE_F_ENGINE_GET_DIGEST 186
+# define ENGINE_F_ENGINE_GET_NEXT 115
+# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
+# define ENGINE_F_ENGINE_GET_PKEY_METH 192
+# define ENGINE_F_ENGINE_GET_PREV 116
+# define ENGINE_F_ENGINE_INIT 119
+# define ENGINE_F_ENGINE_LIST_ADD 120
+# define ENGINE_F_ENGINE_LIST_REMOVE 121
+# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
+# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
+# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
+# define ENGINE_F_ENGINE_NEW 122
+# define ENGINE_F_ENGINE_REMOVE 123
+# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
+# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
+# define ENGINE_F_ENGINE_SET_ID 129
+# define ENGINE_F_ENGINE_SET_NAME 130
+# define ENGINE_F_ENGINE_TABLE_REGISTER 184
+# define ENGINE_F_ENGINE_UNLOAD_KEY 152
+# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
+# define ENGINE_F_ENGINE_UP_REF 190
+# define ENGINE_F_INT_CTRL_HELPER 172
+# define ENGINE_F_INT_ENGINE_CONFIGURE 188
+# define ENGINE_F_INT_ENGINE_MODULE_INIT 187
+# define ENGINE_F_LOG_MESSAGE 141
+
+/* Reason codes. */
+# define ENGINE_R_ALREADY_LOADED 100
+# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
+# define ENGINE_R_CMD_NOT_EXECUTABLE 134
+# define ENGINE_R_COMMAND_TAKES_INPUT 135
+# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
+# define ENGINE_R_CONFLICTING_ENGINE_ID 103
+# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
+# define ENGINE_R_DH_NOT_IMPLEMENTED 139
+# define ENGINE_R_DSA_NOT_IMPLEMENTED 140
+# define ENGINE_R_DSO_FAILURE 104
+# define ENGINE_R_DSO_NOT_FOUND 132
+# define ENGINE_R_ENGINES_SECTION_ERROR 148
+# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
+# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
+# define ENGINE_R_ENGINE_SECTION_ERROR 149
+# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
+# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
+# define ENGINE_R_FINISH_FAILED 106
+# define ENGINE_R_GET_HANDLE_FAILED 107
+# define ENGINE_R_ID_OR_NAME_MISSING 108
+# define ENGINE_R_INIT_FAILED 109
+# define ENGINE_R_INTERNAL_LIST_ERROR 110
+# define ENGINE_R_INVALID_ARGUMENT 143
+# define ENGINE_R_INVALID_CMD_NAME 137
+# define ENGINE_R_INVALID_CMD_NUMBER 138
+# define ENGINE_R_INVALID_INIT_VALUE 151
+# define ENGINE_R_INVALID_STRING 150
+# define ENGINE_R_NOT_INITIALISED 117
+# define ENGINE_R_NOT_LOADED 112
+# define ENGINE_R_NO_CONTROL_FUNCTION 120
+# define ENGINE_R_NO_INDEX 144
+# define ENGINE_R_NO_LOAD_FUNCTION 125
+# define ENGINE_R_NO_REFERENCE 130
+# define ENGINE_R_NO_SUCH_ENGINE 116
+# define ENGINE_R_NO_UNLOAD_FUNCTION 126
+# define ENGINE_R_PROVIDE_PARAMETERS 113
+# define ENGINE_R_RSA_NOT_IMPLEMENTED 141
+# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
+# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
+# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
+# define ENGINE_R_VERSION_INCOMPATIBILITY 145
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/err/err.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ERR_H
+# define HEADER_ERR_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# include <stdlib.h>
+# endif
+
+# include <openssl/ossl_typ.h>
+# include <openssl/bio.h>
+# include <openssl/lhash.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifndef OPENSSL_NO_ERR
+# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
+# else
+# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
+# endif
+
+# include <errno.h>
+
+# define ERR_TXT_MALLOCED 0x01
+# define ERR_TXT_STRING 0x02
+
+# define ERR_FLAG_MARK 0x01
+
+# define ERR_NUM_ERRORS 16
+typedef struct err_state_st {
+ CRYPTO_THREADID tid;
+ int err_flags[ERR_NUM_ERRORS];
+ unsigned long err_buffer[ERR_NUM_ERRORS];
+ char *err_data[ERR_NUM_ERRORS];
+ int err_data_flags[ERR_NUM_ERRORS];
+ const char *err_file[ERR_NUM_ERRORS];
+ int err_line[ERR_NUM_ERRORS];
+ int top, bottom;
+} ERR_STATE;
+
+/* library */
+# define ERR_LIB_NONE 1
+# define ERR_LIB_SYS 2
+# define ERR_LIB_BN 3
+# define ERR_LIB_RSA 4
+# define ERR_LIB_DH 5
+# define ERR_LIB_EVP 6
+# define ERR_LIB_BUF 7
+# define ERR_LIB_OBJ 8
+# define ERR_LIB_PEM 9
+# define ERR_LIB_DSA 10
+# define ERR_LIB_X509 11
+/* #define ERR_LIB_METH 12 */
+# define ERR_LIB_ASN1 13
+# define ERR_LIB_CONF 14
+# define ERR_LIB_CRYPTO 15
+# define ERR_LIB_EC 16
+# define ERR_LIB_SSL 20
+/* #define ERR_LIB_SSL23 21 */
+/* #define ERR_LIB_SSL2 22 */
+/* #define ERR_LIB_SSL3 23 */
+/* #define ERR_LIB_RSAREF 30 */
+/* #define ERR_LIB_PROXY 31 */
+# define ERR_LIB_BIO 32
+# define ERR_LIB_PKCS7 33
+# define ERR_LIB_X509V3 34
+# define ERR_LIB_PKCS12 35
+# define ERR_LIB_RAND 36
+# define ERR_LIB_DSO 37
+# define ERR_LIB_ENGINE 38
+# define ERR_LIB_OCSP 39
+# define ERR_LIB_UI 40
+# define ERR_LIB_COMP 41
+# define ERR_LIB_ECDSA 42
+# define ERR_LIB_ECDH 43
+# define ERR_LIB_STORE 44
+# define ERR_LIB_FIPS 45
+# define ERR_LIB_CMS 46
+# define ERR_LIB_TS 47
+# define ERR_LIB_HMAC 48
+# define ERR_LIB_JPAKE 49
+
+# define ERR_LIB_USER 128
+
+# define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
+# define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
+# define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
+# define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
+# define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
+# define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
+# define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
+# define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
+# define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
+# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
+# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
+# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
+# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
+# define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
+# define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
+# define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
+# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
+# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
+# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
+# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
+# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
+# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
+# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
+# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
+# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
+# define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
+# define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
+# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
+# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
+# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
+# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
+# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
+# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
+
+/*
+ * Borland C seems too stupid to be able to shift and do longs in the
+ * pre-processor :-(
+ */
+# define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
+ ((((unsigned long)f)&0xfffL)*0x1000)| \
+ ((((unsigned long)r)&0xfffL)))
+# define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
+# define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
+# define ERR_GET_REASON(l) (int)((l)&0xfffL)
+# define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
+
+/* OS functions */
+# define SYS_F_FOPEN 1
+# define SYS_F_CONNECT 2
+# define SYS_F_GETSERVBYNAME 3
+# define SYS_F_SOCKET 4
+# define SYS_F_IOCTLSOCKET 5
+# define SYS_F_BIND 6
+# define SYS_F_LISTEN 7
+# define SYS_F_ACCEPT 8
+# define SYS_F_WSASTARTUP 9/* Winsock stuff */
+# define SYS_F_OPENDIR 10
+# define SYS_F_FREAD 11
+
+/* reasons */
+# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */
+# define ERR_R_BN_LIB ERR_LIB_BN/* 3 */
+# define ERR_R_RSA_LIB ERR_LIB_RSA/* 4 */
+# define ERR_R_DH_LIB ERR_LIB_DH/* 5 */
+# define ERR_R_EVP_LIB ERR_LIB_EVP/* 6 */
+# define ERR_R_BUF_LIB ERR_LIB_BUF/* 7 */
+# define ERR_R_OBJ_LIB ERR_LIB_OBJ/* 8 */
+# define ERR_R_PEM_LIB ERR_LIB_PEM/* 9 */
+# define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */
+# define ERR_R_X509_LIB ERR_LIB_X509/* 11 */
+# define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */
+# define ERR_R_CONF_LIB ERR_LIB_CONF/* 14 */
+# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
+# define ERR_R_EC_LIB ERR_LIB_EC/* 16 */
+# define ERR_R_SSL_LIB ERR_LIB_SSL/* 20 */
+# define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */
+# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
+# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
+# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
+# define ERR_R_RAND_LIB ERR_LIB_RAND/* 36 */
+# define ERR_R_DSO_LIB ERR_LIB_DSO/* 37 */
+# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
+# define ERR_R_OCSP_LIB ERR_LIB_OCSP/* 39 */
+# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */
+# define ERR_R_COMP_LIB ERR_LIB_COMP/* 41 */
+# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
+# define ERR_R_ECDH_LIB ERR_LIB_ECDH/* 43 */
+# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
+# define ERR_R_TS_LIB ERR_LIB_TS/* 45 */
+
+# define ERR_R_NESTED_ASN1_ERROR 58
+# define ERR_R_BAD_ASN1_OBJECT_HEADER 59
+# define ERR_R_BAD_GET_ASN1_OBJECT_CALL 60
+# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE 61
+# define ERR_R_ASN1_LENGTH_MISMATCH 62
+# define ERR_R_MISSING_ASN1_EOS 63
+
+/* fatal error */
+# define ERR_R_FATAL 64
+# define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
+# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
+# define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
+# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
+# define ERR_R_DISABLED (5|ERR_R_FATAL)
+
+/*
+ * 99 is the maximum possible ERR_R_... code, higher values are reserved for
+ * the individual libraries
+ */
+
+typedef struct ERR_string_data_st {
+ unsigned long error;
+ const char *string;
+} ERR_STRING_DATA;
+
+void ERR_put_error(int lib, int func, int reason, const char *file, int line);
+void ERR_set_error_data(char *data, int flags);
+
+unsigned long ERR_get_error(void);
+unsigned long ERR_get_error_line(const char **file, int *line);
+unsigned long ERR_get_error_line_data(const char **file, int *line,
+ const char **data, int *flags);
+unsigned long ERR_peek_error(void);
+unsigned long ERR_peek_error_line(const char **file, int *line);
+unsigned long ERR_peek_error_line_data(const char **file, int *line,
+ const char **data, int *flags);
+unsigned long ERR_peek_last_error(void);
+unsigned long ERR_peek_last_error_line(const char **file, int *line);
+unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+ const char **data, int *flags);
+void ERR_clear_error(void);
+char *ERR_error_string(unsigned long e, char *buf);
+void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+const char *ERR_lib_error_string(unsigned long e);
+const char *ERR_func_error_string(unsigned long e);
+const char *ERR_reason_error_string(unsigned long e);
+void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
+ void *u);
+# ifndef OPENSSL_NO_STDIO
+void ERR_print_errors_fp(FILE *fp);
+# endif
+void ERR_print_errors(BIO *bp);
+void ERR_add_error_data(int num, ...);
+void ERR_add_error_vdata(int num, va_list args);
+void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
+void ERR_load_ERR_strings(void);
+void ERR_load_crypto_strings(void);
+void ERR_free_strings(void);
+
+void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(void ERR_remove_state(unsigned long pid)); /* if zero we
+ * look it up */
+# endif
+ERR_STATE *ERR_get_state(void);
+
+LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
+LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
+void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
+
+int ERR_get_next_error_library(void);
+
+int ERR_set_mark(void);
+int ERR_pop_to_mark(void);
+
+/* Already defined in ossl_typ.h */
+/* typedef struct st_ERR_FNS ERR_FNS; */
+/*
+ * An application can use this function and provide the return value to
+ * loaded modules that should use the application's ERR state/functionality
+ */
+const ERR_FNS *ERR_get_implementation(void);
+/*
+ * A loaded module should call this function prior to any ERR operations
+ * using the application's "ERR_FNS".
+ */
+int ERR_set_implementation(const ERR_FNS *fns);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/evp/evp.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ENVELOPE_H
+# define HEADER_ENVELOPE_H
+
+# ifdef OPENSSL_ALGORITHM_DEFINES
+# include <openssl/opensslconf.h>
+# else
+# define OPENSSL_ALGORITHM_DEFINES
+# include <openssl/opensslconf.h>
+# undef OPENSSL_ALGORITHM_DEFINES
+# endif
+
+# include <openssl/ossl_typ.h>
+
+# include <openssl/symhacks.h>
+
+# include <openssl/bio.h>
+
+# define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
+# define EVP_MAX_KEY_LENGTH 64
+# define EVP_MAX_IV_LENGTH 16
+# define EVP_MAX_BLOCK_LENGTH 32
+
+# define PKCS5_SALT_LEN 8
+/* Default PKCS#5 iteration count */
+# define PKCS5_DEFAULT_ITER 2048
+
+# include <openssl/objects.h>
+
+# define EVP_PK_RSA 0x0001
+# define EVP_PK_DSA 0x0002
+# define EVP_PK_DH 0x0004
+# define EVP_PK_EC 0x0008
+# define EVP_PKT_SIGN 0x0010
+# define EVP_PKT_ENC 0x0020
+# define EVP_PKT_EXCH 0x0040
+# define EVP_PKS_RSA 0x0100
+# define EVP_PKS_DSA 0x0200
+# define EVP_PKS_EC 0x0400
+# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
+
+# define EVP_PKEY_NONE NID_undef
+# define EVP_PKEY_RSA NID_rsaEncryption
+# define EVP_PKEY_RSA2 NID_rsa
+# define EVP_PKEY_DSA NID_dsa
+# define EVP_PKEY_DSA1 NID_dsa_2
+# define EVP_PKEY_DSA2 NID_dsaWithSHA
+# define EVP_PKEY_DSA3 NID_dsaWithSHA1
+# define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
+# define EVP_PKEY_DH NID_dhKeyAgreement
+# define EVP_PKEY_DHX NID_dhpublicnumber
+# define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
+# define EVP_PKEY_HMAC NID_hmac
+# define EVP_PKEY_CMAC NID_cmac
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Type needs to be a bit field Sub-type needs to be for variations on the
+ * method, as in, can it do arbitrary encryption....
+ */
+struct evp_pkey_st {
+ int type;
+ int save_type;
+ int references;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *engine;
+ union {
+ char *ptr;
+# ifndef OPENSSL_NO_RSA
+ struct rsa_st *rsa; /* RSA */
+# endif
+# ifndef OPENSSL_NO_DSA
+ struct dsa_st *dsa; /* DSA */
+# endif
+# ifndef OPENSSL_NO_DH
+ struct dh_st *dh; /* DH */
+# endif
+# ifndef OPENSSL_NO_EC
+ struct ec_key_st *ec; /* ECC */
+# endif
+ } pkey;
+ int save_parameters;
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} /* EVP_PKEY */ ;
+
+# define EVP_PKEY_MO_SIGN 0x0001
+# define EVP_PKEY_MO_VERIFY 0x0002
+# define EVP_PKEY_MO_ENCRYPT 0x0004
+# define EVP_PKEY_MO_DECRYPT 0x0008
+
+# ifndef EVP_MD
+struct env_md_st {
+ int type;
+ int pkey_type;
+ int md_size;
+ unsigned long flags;
+ int (*init) (EVP_MD_CTX *ctx);
+ int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
+ int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
+ int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
+ int (*cleanup) (EVP_MD_CTX *ctx);
+ /* FIXME: prototype these some day */
+ int (*sign) (int type, const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen, void *key);
+ int (*verify) (int type, const unsigned char *m, unsigned int m_length,
+ const unsigned char *sigbuf, unsigned int siglen,
+ void *key);
+ int required_pkey_type[5]; /* EVP_PKEY_xxx */
+ int block_size;
+ int ctx_size; /* how big does the ctx->md_data need to be */
+ /* control function */
+ int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
+} /* EVP_MD */ ;
+
+typedef int evp_sign_method(int type, const unsigned char *m,
+ unsigned int m_length, unsigned char *sigret,
+ unsigned int *siglen, void *key);
+typedef int evp_verify_method(int type, const unsigned char *m,
+ unsigned int m_length,
+ const unsigned char *sigbuf,
+ unsigned int siglen, void *key);
+
+/* digest can only handle a single block */
+# define EVP_MD_FLAG_ONESHOT 0x0001
+
+/*
+ * digest is a "clone" digest used
+ * which is a copy of an existing
+ * one for a specific public key type.
+ * EVP_dss1() etc
+ */
+# define EVP_MD_FLAG_PKEY_DIGEST 0x0002
+
+/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
+
+# define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
+
+/* DigestAlgorithmIdentifier flags... */
+
+# define EVP_MD_FLAG_DIGALGID_MASK 0x0018
+
+/* NULL or absent parameter accepted. Use NULL */
+
+# define EVP_MD_FLAG_DIGALGID_NULL 0x0000
+
+/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
+
+# define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
+
+/* Custom handling via ctrl */
+
+# define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
+
+/* Note if suitable for use in FIPS mode */
+# define EVP_MD_FLAG_FIPS 0x0400
+
+/* Digest ctrls */
+
+# define EVP_MD_CTRL_DIGALGID 0x1
+# define EVP_MD_CTRL_MICALG 0x2
+
+/* Minimum Algorithm specific ctrl value */
+
+# define EVP_MD_CTRL_ALG_CTRL 0x1000
+
+# define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
+
+# ifndef OPENSSL_NO_DSA
+# define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
+ (evp_verify_method *)DSA_verify, \
+ {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
+ EVP_PKEY_DSA4,0}
+# else
+# define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
+# endif
+
+# ifndef OPENSSL_NO_EC
+# define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
+ (evp_verify_method *)ECDSA_verify, \
+ {EVP_PKEY_EC,0,0,0}
+# else
+# define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
+# endif
+
+# ifndef OPENSSL_NO_RSA
+# define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
+ (evp_verify_method *)RSA_verify, \
+ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
+ (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
+ (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
+ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+# else
+# define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
+# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
+# endif
+
+# endif /* !EVP_MD */
+
+struct env_md_ctx_st {
+ const EVP_MD *digest;
+ ENGINE *engine; /* functional reference if 'digest' is
+ * ENGINE-provided */
+ unsigned long flags;
+ void *md_data;
+ /* Public key context for sign/verify */
+ EVP_PKEY_CTX *pctx;
+ /* Update function: usually copied from EVP_MD */
+ int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
+} /* EVP_MD_CTX */ ;
+
+/* values for EVP_MD_CTX flags */
+
+# define EVP_MD_CTX_FLAG_ONESHOT 0x0001/* digest update will be
+ * called once only */
+# define EVP_MD_CTX_FLAG_CLEANED 0x0002/* context has already been
+ * cleaned */
+# define EVP_MD_CTX_FLAG_REUSE 0x0004/* Don't free up ctx->md_data
+ * in EVP_MD_CTX_cleanup */
+/*
+ * FIPS and pad options are ignored in 1.0.0, definitions are here so we
+ * don't accidentally reuse the values for other purposes.
+ */
+
+# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS
+ * digest in FIPS mode */
+
+/*
+ * The following PAD options are also currently ignored in 1.0.0, digest
+ * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
+ * instead.
+ */
+# define EVP_MD_CTX_FLAG_PAD_MASK 0xF0/* RSA mode to use */
+# define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00/* PKCS#1 v1.5 mode */
+# define EVP_MD_CTX_FLAG_PAD_X931 0x10/* X9.31 mode */
+# define EVP_MD_CTX_FLAG_PAD_PSS 0x20/* PSS mode */
+
+# define EVP_MD_CTX_FLAG_NO_INIT 0x0100/* Don't initialize md_data */
+/*
+ * Some functions such as EVP_DigestSign only finalise copies of internal
+ * contexts so additional data can be included after the finalisation call.
+ * This is inefficient if this functionality is not required: it is disabled
+ * if the following flag is set.
+ */
+# define EVP_MD_CTX_FLAG_FINALISE 0x0200
+
+struct evp_cipher_st {
+ int nid;
+ int block_size;
+ /* Default value for variable length ciphers */
+ int key_len;
+ int iv_len;
+ /* Various flags */
+ unsigned long flags;
+ /* init key */
+ int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+ /* encrypt/decrypt data */
+ int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl);
+ /* cleanup ctx */
+ int (*cleanup) (EVP_CIPHER_CTX *);
+ /* how big ctx->cipher_data needs to be */
+ int ctx_size;
+ /* Populate a ASN1_TYPE with parameters */
+ int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
+ /* Get parameters from a ASN1_TYPE */
+ int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
+ /* Miscellaneous operations */
+ int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
+ /* Application data */
+ void *app_data;
+} /* EVP_CIPHER */ ;
+
+/* Values for cipher flags */
+
+/* Modes for ciphers */
+
+# define EVP_CIPH_STREAM_CIPHER 0x0
+# define EVP_CIPH_ECB_MODE 0x1
+# define EVP_CIPH_CBC_MODE 0x2
+# define EVP_CIPH_CFB_MODE 0x3
+# define EVP_CIPH_OFB_MODE 0x4
+# define EVP_CIPH_CTR_MODE 0x5
+# define EVP_CIPH_GCM_MODE 0x6
+# define EVP_CIPH_CCM_MODE 0x7
+# define EVP_CIPH_XTS_MODE 0x10001
+# define EVP_CIPH_WRAP_MODE 0x10002
+# define EVP_CIPH_OCB_MODE 0x10003
+# define EVP_CIPH_MODE 0xF0007
+/* Set if variable length cipher */
+# define EVP_CIPH_VARIABLE_LENGTH 0x8
+/* Set if the iv handling should be done by the cipher itself */
+# define EVP_CIPH_CUSTOM_IV 0x10
+/* Set if the cipher's init() function should be called if key is NULL */
+# define EVP_CIPH_ALWAYS_CALL_INIT 0x20
+/* Call ctrl() to init cipher parameters */
+# define EVP_CIPH_CTRL_INIT 0x40
+/* Don't use standard key length function */
+# define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
+/* Don't use standard block padding */
+# define EVP_CIPH_NO_PADDING 0x100
+/* cipher handles random key generation */
+# define EVP_CIPH_RAND_KEY 0x200
+/* cipher has its own additional copying logic */
+# define EVP_CIPH_CUSTOM_COPY 0x400
+/* Allow use default ASN1 get/set iv */
+# define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
+/* Buffer length in bits not bytes: CFB1 mode only */
+# define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
+/* Note if suitable for use in FIPS mode */
+# define EVP_CIPH_FLAG_FIPS 0x4000
+/* Allow non FIPS cipher in FIPS mode */
+# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
+/*
+ * Cipher handles any and all padding logic as well as finalisation.
+ */
+# define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
+# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
+# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000
+
+/*
+ * Cipher context flag to indicate we can handle wrap mode: if allowed in
+ * older applications it could overflow buffers.
+ */
+
+# define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0x1
+
+/* ctrl() values */
+
+# define EVP_CTRL_INIT 0x0
+# define EVP_CTRL_SET_KEY_LENGTH 0x1
+# define EVP_CTRL_GET_RC2_KEY_BITS 0x2
+# define EVP_CTRL_SET_RC2_KEY_BITS 0x3
+# define EVP_CTRL_GET_RC5_ROUNDS 0x4
+# define EVP_CTRL_SET_RC5_ROUNDS 0x5
+# define EVP_CTRL_RAND_KEY 0x6
+# define EVP_CTRL_PBE_PRF_NID 0x7
+# define EVP_CTRL_COPY 0x8
+# define EVP_CTRL_AEAD_SET_IVLEN 0x9
+# define EVP_CTRL_AEAD_GET_TAG 0x10
+# define EVP_CTRL_AEAD_SET_TAG 0x11
+# define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
+# define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
+# define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
+# define EVP_CTRL_GCM_SET_IV_FIXED 0x12
+# define EVP_CTRL_GCM_IV_GEN 0x13
+# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
+# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
+# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
+# define EVP_CTRL_CCM_SET_L 0x14
+# define EVP_CTRL_CCM_SET_MSGLEN 0x15
+/*
+ * AEAD cipher deduces payload length and returns number of bytes required to
+ * store MAC and eventual padding. Subsequent call to EVP_Cipher even
+ * appends/verifies MAC.
+ */
+# define EVP_CTRL_AEAD_TLS1_AAD 0x16
+/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
+# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
+/* Set the GCM invocation field, decrypt only */
+# define EVP_CTRL_GCM_SET_IV_INV 0x18
+
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_AAD 0x19
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT 0x1a
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c
+
+typedef struct {
+ unsigned char *out;
+ const unsigned char *inp;
+ size_t len;
+ unsigned int interleave;
+} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
+
+/* GCM TLS constants */
+/* Length of fixed part of IV derived from PRF */
+# define EVP_GCM_TLS_FIXED_IV_LEN 4
+/* Length of explicit part of IV part of TLS records */
+# define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
+/* Length of tag for TLS */
+# define EVP_GCM_TLS_TAG_LEN 16
+
+typedef struct evp_cipher_info_st {
+ const EVP_CIPHER *cipher;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+} EVP_CIPHER_INFO;
+
+struct evp_cipher_ctx_st {
+ const EVP_CIPHER *cipher;
+ ENGINE *engine; /* functional reference if 'cipher' is
+ * ENGINE-provided */
+ int encrypt; /* encrypt or decrypt */
+ int buf_len; /* number we have left */
+ unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
+ unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
+ unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */
+ int num; /* used by cfb/ofb/ctr mode */
+ void *app_data; /* application stuff */
+ int key_len; /* May change for variable length cipher */
+ unsigned long flags; /* Various flags */
+ void *cipher_data; /* per EVP data */
+ int final_used;
+ int block_mask;
+ unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
+} /* EVP_CIPHER_CTX */ ;
+
+typedef struct evp_Encode_Ctx_st {
+ /* number saved in a partial encode/decode */
+ int num;
+ /*
+ * The length is either the output line length (in input bytes) or the
+ * shortest input line length that is ok. Once decoding begins, the
+ * length is adjusted up each time a longer line is decoded
+ */
+ int length;
+ /* data to encode */
+ unsigned char enc_data[80];
+ /* number read on current line */
+ int line_num;
+ int expect_nl;
+} EVP_ENCODE_CTX;
+
+/* Password based encryption function */
+typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
+ int passlen, ASN1_TYPE *param,
+ const EVP_CIPHER *cipher, const EVP_MD *md,
+ int en_de);
+
+# ifndef OPENSSL_NO_RSA
+# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+ (char *)(rsa))
+# endif
+
+# ifndef OPENSSL_NO_DSA
+# define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
+ (char *)(dsa))
+# endif
+
+# ifndef OPENSSL_NO_DH
+# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
+ (char *)(dh))
+# endif
+
+# ifndef OPENSSL_NO_EC
+# define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
+ (char *)(eckey))
+# endif
+
+/* Add some extra combinations */
+# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
+# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
+# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+/* Macros to reduce FIPS dependencies: do NOT use in applications */
+# define M_EVP_MD_size(e) ((e)->md_size)
+# define M_EVP_MD_block_size(e) ((e)->block_size)
+# define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
+# define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
+# define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
+# define M_EVP_MD_type(e) ((e)->type)
+# define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e))
+# define M_EVP_MD_CTX_md(e) ((e)->digest)
+
+# define M_EVP_CIPHER_nid(e) ((e)->nid)
+# define M_EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
+# define M_EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
+# define M_EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
+# define M_EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
+# define M_EVP_CIPHER_CTX_mode(e) (M_EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
+
+# define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
+
+# define M_EVP_EncryptInit(ctx,ciph,key,iv) \
+ (EVP_CipherInit(ctx,ciph,key,iv,1))
+# define M_EVP_EncryptInit_ex(ctx,ciph,impl,key,iv) \
+ (EVP_CipherInit_ex(ctx,ciph,impl,key,iv,1))
+# define M_EVP_DecryptInit(ctx,ciph,key,iv) \
+ (EVP_CipherInit(ctx,ciph,key,iv,0))
+# define M_EVP_DecryptInit_ex(ctx,ciph,impl,key,iv) \
+ (EVP_CipherInit_ex(ctx,ciph,impl,key,iv,0))
+
+int EVP_MD_type(const EVP_MD *md);
+# define EVP_MD_nid(e) EVP_MD_type(e)
+# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
+int EVP_MD_pkey_type(const EVP_MD *md);
+int EVP_MD_size(const EVP_MD *md);
+int EVP_MD_block_size(const EVP_MD *md);
+unsigned long EVP_MD_flags(const EVP_MD *md);
+
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+# define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
+# define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
+# define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
+
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
+int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
+int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
+int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
+unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
+
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
+void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
+# define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
+
+# define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
+# define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
+
+# define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
+# define EVP_SignInit(a,b) EVP_DigestInit(a,b)
+# define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+# define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
+# define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
+# define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+# define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
+# define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
+# define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+# define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+
+# ifdef CONST_STRICT
+void BIO_set_md(BIO *, const EVP_MD *md);
+# else
+# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
+# endif
+# define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
+# define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+# define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
+# define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
+# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
+
+/*__owur*/ int EVP_Cipher(EVP_CIPHER_CTX *c,
+ unsigned char *out,
+ const unsigned char *in, unsigned int inl);
+
+# define EVP_add_cipher_alias(n,alias) \
+ OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
+# define EVP_add_digest_alias(n,alias) \
+ OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
+# define EVP_delete_cipher_alias(alias) \
+ OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
+# define EVP_delete_digest_alias(alias) \
+ OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
+
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
+EVP_MD_CTX *EVP_MD_CTX_create(void);
+void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
+/*__owur*/ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+/*__owur*/ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type,
+ ENGINE *impl);
+/*__owur*/ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d,
+ size_t cnt);
+/*__owur*/ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
+ unsigned int *s);
+/*__owur*/ int EVP_Digest(const void *data, size_t count,
+ unsigned char *md, unsigned int *size,
+ const EVP_MD *type, ENGINE *impl);
+
+/*__owur*/ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+/*__owur*/ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+__owur int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
+ unsigned int *s);
+
+int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
+int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
+ const char *prompt, int verify);
+void EVP_set_pw_prompt(const char *prompt);
+char *EVP_get_pw_prompt(void);
+
+__owur int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
+ const unsigned char *salt,
+ const unsigned char *data, int datal, int count,
+ unsigned char *key, unsigned char *iv);
+
+void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
+void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
+int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
+
+__owur int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv);
+/*__owur*/ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,
+ const EVP_CIPHER *cipher, ENGINE *impl,
+ const unsigned char *key,
+ const unsigned char *iv);
+/*__owur*/ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, const unsigned char *in, int inl);
+/*__owur*/ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl);
+/*__owur*/ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl);
+
+__owur int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv);
+/*__owur*/ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,
+ const EVP_CIPHER *cipher, ENGINE *impl,
+ const unsigned char *key,
+ const unsigned char *iv);
+/*__owur*/ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, const unsigned char *in, int inl);
+__owur int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+/*__owur*/ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+
+__owur int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv,
+ int enc);
+/*__owur*/ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,
+ const EVP_CIPHER *cipher, ENGINE *impl,
+ const unsigned char *key,
+ const unsigned char *iv, int enc);
+__owur int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, const unsigned char *in, int inl);
+__owur int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+__owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+
+__owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
+ EVP_PKEY *pkey);
+
+__owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+ unsigned int siglen, EVP_PKEY *pkey);
+
+/*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e,
+ EVP_PKEY *pkey);
+__owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ size_t *siglen);
+
+__owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e,
+ EVP_PKEY *pkey);
+__owur int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen);
+
+__owur int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+ const unsigned char *ek, int ekl,
+ const unsigned char *iv, EVP_PKEY *priv);
+__owur int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+__owur int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+ unsigned char **ek, int *ekl, unsigned char *iv,
+ EVP_PKEY **pubk, int npubk);
+__owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl);
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl);
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+ char *out, int *outl);
+int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+BIO_METHOD *BIO_f_md(void);
+BIO_METHOD *BIO_f_base64(void);
+BIO_METHOD *BIO_f_cipher(void);
+BIO_METHOD *BIO_f_reliable(void);
+__owur int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
+ const unsigned char *i, int enc);
+
+const EVP_MD *EVP_md_null(void);
+# ifndef OPENSSL_NO_MD2
+const EVP_MD *EVP_md2(void);
+# endif
+# ifndef OPENSSL_NO_MD4
+const EVP_MD *EVP_md4(void);
+# endif
+# ifndef OPENSSL_NO_MD5
+const EVP_MD *EVP_md5(void);
+# endif
+const EVP_MD *EVP_sha1(void);
+const EVP_MD *EVP_dss1(void);
+const EVP_MD *EVP_ecdsa(void);
+const EVP_MD *EVP_sha224(void);
+const EVP_MD *EVP_sha256(void);
+const EVP_MD *EVP_sha384(void);
+const EVP_MD *EVP_sha512(void);
+# ifndef OPENSSL_NO_MDC2
+const EVP_MD *EVP_mdc2(void);
+# endif
+# ifndef OPENSSL_NO_RMD160
+const EVP_MD *EVP_ripemd160(void);
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+const EVP_MD *EVP_whirlpool(void);
+# endif
+const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
+# ifndef OPENSSL_NO_DES
+const EVP_CIPHER *EVP_des_ecb(void);
+const EVP_CIPHER *EVP_des_ede(void);
+const EVP_CIPHER *EVP_des_ede3(void);
+const EVP_CIPHER *EVP_des_ede_ecb(void);
+const EVP_CIPHER *EVP_des_ede3_ecb(void);
+const EVP_CIPHER *EVP_des_cfb64(void);
+# define EVP_des_cfb EVP_des_cfb64
+const EVP_CIPHER *EVP_des_cfb1(void);
+const EVP_CIPHER *EVP_des_cfb8(void);
+const EVP_CIPHER *EVP_des_ede_cfb64(void);
+# define EVP_des_ede_cfb EVP_des_ede_cfb64
+const EVP_CIPHER *EVP_des_ede3_cfb64(void);
+# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
+const EVP_CIPHER *EVP_des_ede3_cfb1(void);
+const EVP_CIPHER *EVP_des_ede3_cfb8(void);
+const EVP_CIPHER *EVP_des_ofb(void);
+const EVP_CIPHER *EVP_des_ede_ofb(void);
+const EVP_CIPHER *EVP_des_ede3_ofb(void);
+const EVP_CIPHER *EVP_des_cbc(void);
+const EVP_CIPHER *EVP_des_ede_cbc(void);
+const EVP_CIPHER *EVP_des_ede3_cbc(void);
+const EVP_CIPHER *EVP_desx_cbc(void);
+const EVP_CIPHER *EVP_des_ede3_wrap(void);
+/*
+ * This should now be supported through the dev_crypto ENGINE. But also, why
+ * are rc4 and md5 declarations made here inside a "NO_DES" precompiler
+ * branch?
+ */
+# endif
+# ifndef OPENSSL_NO_RC4
+const EVP_CIPHER *EVP_rc4(void);
+const EVP_CIPHER *EVP_rc4_40(void);
+# ifndef OPENSSL_NO_MD5
+const EVP_CIPHER *EVP_rc4_hmac_md5(void);
+# endif
+# endif
+# ifndef OPENSSL_NO_IDEA
+const EVP_CIPHER *EVP_idea_ecb(void);
+const EVP_CIPHER *EVP_idea_cfb64(void);
+# define EVP_idea_cfb EVP_idea_cfb64
+const EVP_CIPHER *EVP_idea_ofb(void);
+const EVP_CIPHER *EVP_idea_cbc(void);
+# endif
+# ifndef OPENSSL_NO_RC2
+const EVP_CIPHER *EVP_rc2_ecb(void);
+const EVP_CIPHER *EVP_rc2_cbc(void);
+const EVP_CIPHER *EVP_rc2_40_cbc(void);
+const EVP_CIPHER *EVP_rc2_64_cbc(void);
+const EVP_CIPHER *EVP_rc2_cfb64(void);
+# define EVP_rc2_cfb EVP_rc2_cfb64
+const EVP_CIPHER *EVP_rc2_ofb(void);
+# endif
+# ifndef OPENSSL_NO_BF
+const EVP_CIPHER *EVP_bf_ecb(void);
+const EVP_CIPHER *EVP_bf_cbc(void);
+const EVP_CIPHER *EVP_bf_cfb64(void);
+# define EVP_bf_cfb EVP_bf_cfb64
+const EVP_CIPHER *EVP_bf_ofb(void);
+# endif
+# ifndef OPENSSL_NO_CAST
+const EVP_CIPHER *EVP_cast5_ecb(void);
+const EVP_CIPHER *EVP_cast5_cbc(void);
+const EVP_CIPHER *EVP_cast5_cfb64(void);
+# define EVP_cast5_cfb EVP_cast5_cfb64
+const EVP_CIPHER *EVP_cast5_ofb(void);
+# endif
+# ifndef OPENSSL_NO_RC5
+const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
+# define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
+const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
+# endif
+# ifndef OPENSSL_NO_AES
+const EVP_CIPHER *EVP_aes_128_ecb(void);
+const EVP_CIPHER *EVP_aes_128_cbc(void);
+const EVP_CIPHER *EVP_aes_128_cfb1(void);
+const EVP_CIPHER *EVP_aes_128_cfb8(void);
+const EVP_CIPHER *EVP_aes_128_cfb128(void);
+# define EVP_aes_128_cfb EVP_aes_128_cfb128
+const EVP_CIPHER *EVP_aes_128_ofb(void);
+const EVP_CIPHER *EVP_aes_128_ctr(void);
+const EVP_CIPHER *EVP_aes_128_ccm(void);
+const EVP_CIPHER *EVP_aes_128_gcm(void);
+const EVP_CIPHER *EVP_aes_128_xts(void);
+const EVP_CIPHER *EVP_aes_128_wrap(void);
+const EVP_CIPHER *EVP_aes_128_wrap_pad(void);
+# ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_128_ocb(void);
+# endif
+const EVP_CIPHER *EVP_aes_192_ecb(void);
+const EVP_CIPHER *EVP_aes_192_cbc(void);
+const EVP_CIPHER *EVP_aes_192_cfb1(void);
+const EVP_CIPHER *EVP_aes_192_cfb8(void);
+const EVP_CIPHER *EVP_aes_192_cfb128(void);
+# define EVP_aes_192_cfb EVP_aes_192_cfb128
+const EVP_CIPHER *EVP_aes_192_ofb(void);
+const EVP_CIPHER *EVP_aes_192_ctr(void);
+const EVP_CIPHER *EVP_aes_192_ccm(void);
+const EVP_CIPHER *EVP_aes_192_gcm(void);
+const EVP_CIPHER *EVP_aes_192_wrap(void);
+const EVP_CIPHER *EVP_aes_192_wrap_pad(void);
+# ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_192_ocb(void);
+# endif
+const EVP_CIPHER *EVP_aes_256_ecb(void);
+const EVP_CIPHER *EVP_aes_256_cbc(void);
+const EVP_CIPHER *EVP_aes_256_cfb1(void);
+const EVP_CIPHER *EVP_aes_256_cfb8(void);
+const EVP_CIPHER *EVP_aes_256_cfb128(void);
+# define EVP_aes_256_cfb EVP_aes_256_cfb128
+const EVP_CIPHER *EVP_aes_256_ofb(void);
+const EVP_CIPHER *EVP_aes_256_ctr(void);
+const EVP_CIPHER *EVP_aes_256_ccm(void);
+const EVP_CIPHER *EVP_aes_256_gcm(void);
+const EVP_CIPHER *EVP_aes_256_xts(void);
+const EVP_CIPHER *EVP_aes_256_wrap(void);
+const EVP_CIPHER *EVP_aes_256_wrap_pad(void);
+# ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_256_ocb(void);
+# endif
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+const EVP_CIPHER *EVP_camellia_128_ecb(void);
+const EVP_CIPHER *EVP_camellia_128_cbc(void);
+const EVP_CIPHER *EVP_camellia_128_cfb1(void);
+const EVP_CIPHER *EVP_camellia_128_cfb8(void);
+const EVP_CIPHER *EVP_camellia_128_cfb128(void);
+# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
+const EVP_CIPHER *EVP_camellia_128_ofb(void);
+const EVP_CIPHER *EVP_camellia_128_ctr(void);
+const EVP_CIPHER *EVP_camellia_192_ecb(void);
+const EVP_CIPHER *EVP_camellia_192_cbc(void);
+const EVP_CIPHER *EVP_camellia_192_cfb1(void);
+const EVP_CIPHER *EVP_camellia_192_cfb8(void);
+const EVP_CIPHER *EVP_camellia_192_cfb128(void);
+# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
+const EVP_CIPHER *EVP_camellia_192_ofb(void);
+const EVP_CIPHER *EVP_camellia_192_ctr(void);
+const EVP_CIPHER *EVP_camellia_256_ecb(void);
+const EVP_CIPHER *EVP_camellia_256_cbc(void);
+const EVP_CIPHER *EVP_camellia_256_cfb1(void);
+const EVP_CIPHER *EVP_camellia_256_cfb8(void);
+const EVP_CIPHER *EVP_camellia_256_cfb128(void);
+# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
+const EVP_CIPHER *EVP_camellia_256_ofb(void);
+const EVP_CIPHER *EVP_camellia_256_ctr(void);
+# endif
+
+# ifndef OPENSSL_NO_SEED
+const EVP_CIPHER *EVP_seed_ecb(void);
+const EVP_CIPHER *EVP_seed_cbc(void);
+const EVP_CIPHER *EVP_seed_cfb128(void);
+# define EVP_seed_cfb EVP_seed_cfb128
+const EVP_CIPHER *EVP_seed_ofb(void);
+# endif
+
+void OPENSSL_add_all_algorithms_noconf(void);
+void OPENSSL_add_all_algorithms_conf(void);
+
+# ifdef OPENSSL_LOAD_CONF
+# define OpenSSL_add_all_algorithms() \
+ OPENSSL_add_all_algorithms_conf()
+# else
+# define OpenSSL_add_all_algorithms() \
+ OPENSSL_add_all_algorithms_noconf()
+# endif
+
+void OpenSSL_add_all_ciphers(void);
+void OpenSSL_add_all_digests(void);
+# define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
+# define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
+# define SSLeay_add_all_digests() OpenSSL_add_all_digests()
+
+int EVP_add_cipher(const EVP_CIPHER *cipher);
+int EVP_add_digest(const EVP_MD *digest);
+
+const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+const EVP_MD *EVP_get_digestbyname(const char *name);
+void EVP_cleanup(void);
+
+void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
+ const char *from, const char *to, void *x),
+ void *arg);
+void EVP_CIPHER_do_all_sorted(void (*fn)
+ (const EVP_CIPHER *ciph, const char *from,
+ const char *to, void *x), void *arg);
+
+void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
+ const char *from, const char *to, void *x),
+ void *arg);
+void EVP_MD_do_all_sorted(void (*fn)
+ (const EVP_MD *ciph, const char *from,
+ const char *to, void *x), void *arg);
+
+int EVP_PKEY_decrypt_old(unsigned char *dec_key,
+ const unsigned char *enc_key, int enc_key_len,
+ EVP_PKEY *private_key);
+int EVP_PKEY_encrypt_old(unsigned char *enc_key,
+ const unsigned char *key, int key_len,
+ EVP_PKEY *pub_key);
+int EVP_PKEY_type(int type);
+int EVP_PKEY_id(const EVP_PKEY *pkey);
+int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+int EVP_PKEY_bits(EVP_PKEY *pkey);
+int EVP_PKEY_security_bits(const EVP_PKEY *pkey);
+int EVP_PKEY_size(EVP_PKEY *pkey);
+int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
+int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
+void *EVP_PKEY_get0(EVP_PKEY *pkey);
+
+# ifndef OPENSSL_NO_RSA
+struct rsa_st;
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
+struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_DSA
+struct dsa_st;
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
+struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_DH
+struct dh_st;
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
+struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_EC
+struct ec_key_st;
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
+struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+# endif
+
+EVP_PKEY *EVP_PKEY_new(void);
+void EVP_PKEY_free(EVP_PKEY *pkey);
+
+EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
+int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
+EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+ long length);
+int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+/* calls methods */
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* These are used by EVP_CIPHER methods */
+int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* PKCS5 password based encryption */
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md, int en_de);
+int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ int keylen, unsigned char *out);
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *digest, int keylen, unsigned char *out);
+int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md, int en_de);
+
+void PKCS5_PBE_add(void);
+
+int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
+ ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
+
+/* PBE type */
+
+/* Can appear as the outermost AlgorithmIdentifier */
+# define EVP_PBE_TYPE_OUTER 0x0
+/* Is an PRF type OID */
+# define EVP_PBE_TYPE_PRF 0x1
+/* Is a PKCS#5 v2.0 KDF */
+# define EVP_PBE_TYPE_KDF 0x2
+
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
+ int md_nid, EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
+ EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
+ EVP_PBE_KEYGEN **pkeygen);
+void EVP_PBE_cleanup(void);
+
+# define ASN1_PKEY_ALIAS 0x1
+# define ASN1_PKEY_DYNAMIC 0x2
+# define ASN1_PKEY_SIGPARAM_NULL 0x4
+
+# define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
+# define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
+# define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
+# define ASN1_PKEY_CTRL_CMS_SIGN 0x5
+# define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
+# define ASN1_PKEY_CTRL_CMS_RI_TYPE 0x8
+
+int EVP_PKEY_asn1_get_count(void);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+ const char *str, int len);
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+int EVP_PKEY_asn1_add_alias(int to, int from);
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+ int *ppkey_flags, const char **pinfo,
+ const char **ppem_str,
+ const EVP_PKEY_ASN1_METHOD *ameth);
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
+EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+ const char *pem_str,
+ const char *info);
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+ const EVP_PKEY_ASN1_METHOD *src);
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pub_decode) (EVP_PKEY *pk,
+ X509_PUBKEY *pub),
+ int (*pub_encode) (X509_PUBKEY *pub,
+ const EVP_PKEY *pk),
+ int (*pub_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*pub_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx),
+ int (*pkey_size) (const EVP_PKEY *pk),
+ int (*pkey_bits) (const EVP_PKEY *pk));
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*priv_decode) (EVP_PKEY *pk,
+ PKCS8_PRIV_KEY_INFO
+ *p8inf),
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+ const EVP_PKEY *pk),
+ int (*priv_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent,
+ ASN1_PCTX *pctx));
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*param_decode) (EVP_PKEY *pkey,
+ const unsigned char **pder,
+ int derlen),
+ int (*param_encode) (const EVP_PKEY *pkey,
+ unsigned char **pder),
+ int (*param_missing) (const EVP_PKEY *pk),
+ int (*param_copy) (EVP_PKEY *to,
+ const EVP_PKEY *from),
+ int (*param_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*param_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent,
+ ASN1_PCTX *pctx));
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+ void (*pkey_free) (EVP_PKEY *pkey));
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+ long arg1, void *arg2));
+
+void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_security_bits) (const EVP_PKEY
+ *pk));
+
+# define EVP_PKEY_OP_UNDEFINED 0
+# define EVP_PKEY_OP_PARAMGEN (1<<1)
+# define EVP_PKEY_OP_KEYGEN (1<<2)
+# define EVP_PKEY_OP_SIGN (1<<3)
+# define EVP_PKEY_OP_VERIFY (1<<4)
+# define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
+# define EVP_PKEY_OP_SIGNCTX (1<<6)
+# define EVP_PKEY_OP_VERIFYCTX (1<<7)
+# define EVP_PKEY_OP_ENCRYPT (1<<8)
+# define EVP_PKEY_OP_DECRYPT (1<<9)
+# define EVP_PKEY_OP_DERIVE (1<<10)
+
+# define EVP_PKEY_OP_TYPE_SIG \
+ (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+ | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+# define EVP_PKEY_OP_TYPE_CRYPT \
+ (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
+
+# define EVP_PKEY_OP_TYPE_NOGEN \
+ (EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_DERIVE)
+
+# define EVP_PKEY_OP_TYPE_GEN \
+ (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+# define EVP_PKEY_CTX_set_signature_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_signature_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_GET_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set_mac_key(ctx, key, len) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)key)
+
+# define EVP_PKEY_CTRL_MD 1
+# define EVP_PKEY_CTRL_PEER_KEY 2
+
+# define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
+# define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
+
+# define EVP_PKEY_CTRL_PKCS7_SIGN 5
+
+# define EVP_PKEY_CTRL_SET_MAC_KEY 6
+
+# define EVP_PKEY_CTRL_DIGESTINIT 7
+
+/* Used by GOST key encryption in TLS */
+# define EVP_PKEY_CTRL_SET_IV 8
+
+# define EVP_PKEY_CTRL_CMS_ENCRYPT 9
+# define EVP_PKEY_CTRL_CMS_DECRYPT 10
+# define EVP_PKEY_CTRL_CMS_SIGN 11
+
+# define EVP_PKEY_CTRL_CIPHER 12
+
+# define EVP_PKEY_CTRL_GET_MD 13
+
+# define EVP_PKEY_ALG_CTRL 0x1000
+
+# define EVP_PKEY_FLAG_AUTOARGLEN 2
+/*
+ * Method handles all operations: don't assume any digest related defaults.
+ */
+# define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth);
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, int p1, void *p2);
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+ const char *value);
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+ const unsigned char *key, int keylen);
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
+
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+typedef int EVP_PKEY_gen_cb (EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+ int (*init) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+ int (*copy) (EVP_PKEY_CTX *dst,
+ EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+ void (*cleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+ int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+ int (*paramgen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+ int (*keygen_init) (EVP_PKEY_CTX *ctx),
+ int (*keygen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+ int (*sign_init) (EVP_PKEY_CTX *ctx),
+ int (*sign) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+ int (*verify_init) (EVP_PKEY_CTX *ctx),
+ int (*verify) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+ int (*verify_recover_init) (EVP_PKEY_CTX
+ *ctx),
+ int (*verify_recover) (EVP_PKEY_CTX
+ *ctx,
+ unsigned char
+ *sig,
+ size_t *siglen,
+ const unsigned
+ char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+ int (*signctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*signctx) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig,
+ size_t *siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+ int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*verifyctx) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ int siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+ int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*encryptfn) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+ int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*decrypt) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+ int (*derive_init) (EVP_PKEY_CTX *ctx),
+ int (*derive) (EVP_PKEY_CTX *ctx,
+ unsigned char *key,
+ size_t *keylen));
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+ int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+ void *p2),
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+ const char *type,
+ const char *value));
+
+void EVP_add_alg_module(void);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_EVP_strings(void);
+
+/* Error codes for the EVP functions. */
+
+/* Function codes. */
+# define EVP_F_AESNI_INIT_KEY 165
+# define EVP_F_AESNI_XTS_CIPHER 176
+# define EVP_F_AES_INIT_KEY 133
+# define EVP_F_AES_T4_INIT_KEY 178
+# define EVP_F_AES_XTS 172
+# define EVP_F_AES_XTS_CIPHER 175
+# define EVP_F_ALG_MODULE_INIT 177
+# define EVP_F_CAMELLIA_INIT_KEY 159
+# define EVP_F_CMAC_INIT 173
+# define EVP_F_CMLL_T4_INIT_KEY 179
+# define EVP_F_D2I_PKEY 100
+# define EVP_F_DO_SIGVER_INIT 161
+# define EVP_F_DSAPKEY2PKCS8 134
+# define EVP_F_DSA_PKEY2PKCS8 135
+# define EVP_F_ECDSA_PKEY2PKCS8 129
+# define EVP_F_ECKEY_PKEY2PKCS8 132
+# define EVP_F_EVP_CIPHERINIT_EX 123
+# define EVP_F_EVP_CIPHER_CTX_COPY 163
+# define EVP_F_EVP_CIPHER_CTX_CTRL 124
+# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
+# define EVP_F_EVP_DECRYPTFINAL_EX 101
+# define EVP_F_EVP_DIGESTINIT_EX 128
+# define EVP_F_EVP_ENCRYPTFINAL_EX 127
+# define EVP_F_EVP_MD_CTX_COPY_EX 110
+# define EVP_F_EVP_MD_SIZE 162
+# define EVP_F_EVP_OPENINIT 102
+# define EVP_F_EVP_PBE_ALG_ADD 115
+# define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
+# define EVP_F_EVP_PBE_CIPHERINIT 116
+# define EVP_F_EVP_PKCS82PKEY 111
+# define EVP_F_EVP_PKCS82PKEY_BROKEN 136
+# define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
+# define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
+# define EVP_F_EVP_PKEY_CTX_CTRL 137
+# define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
+# define EVP_F_EVP_PKEY_CTX_DUP 156
+# define EVP_F_EVP_PKEY_DECRYPT 104
+# define EVP_F_EVP_PKEY_DECRYPT_INIT 138
+# define EVP_F_EVP_PKEY_DECRYPT_OLD 151
+# define EVP_F_EVP_PKEY_DERIVE 153
+# define EVP_F_EVP_PKEY_DERIVE_INIT 154
+# define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
+# define EVP_F_EVP_PKEY_ENCRYPT 105
+# define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
+# define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
+# define EVP_F_EVP_PKEY_GET1_DH 119
+# define EVP_F_EVP_PKEY_GET1_DSA 120
+# define EVP_F_EVP_PKEY_GET1_ECDSA 130
+# define EVP_F_EVP_PKEY_GET1_EC_KEY 131
+# define EVP_F_EVP_PKEY_GET1_RSA 121
+# define EVP_F_EVP_PKEY_KEYGEN 146
+# define EVP_F_EVP_PKEY_KEYGEN_INIT 147
+# define EVP_F_EVP_PKEY_NEW 106
+# define EVP_F_EVP_PKEY_PARAMGEN 148
+# define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
+# define EVP_F_EVP_PKEY_SIGN 140
+# define EVP_F_EVP_PKEY_SIGN_INIT 141
+# define EVP_F_EVP_PKEY_VERIFY 142
+# define EVP_F_EVP_PKEY_VERIFY_INIT 143
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
+# define EVP_F_EVP_RIJNDAEL 126
+# define EVP_F_EVP_SIGNFINAL 107
+# define EVP_F_EVP_VERIFYFINAL 108
+# define EVP_F_FIPS_CIPHERINIT 166
+# define EVP_F_FIPS_CIPHER_CTX_COPY 170
+# define EVP_F_FIPS_CIPHER_CTX_CTRL 167
+# define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
+# define EVP_F_FIPS_DIGESTINIT 168
+# define EVP_F_FIPS_MD_CTX_COPY 169
+# define EVP_F_HMAC_INIT_EX 174
+# define EVP_F_INT_CTX_NEW 157
+# define EVP_F_PKCS5_PBE_KEYIVGEN 117
+# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
+# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
+# define EVP_F_PKCS8_SET_BROKEN 112
+# define EVP_F_PKEY_SET_TYPE 158
+# define EVP_F_RC2_MAGIC_TO_METH 109
+# define EVP_F_RC5_CTRL 125
+
+/* Reason codes. */
+# define EVP_R_AES_IV_SETUP_FAILED 162
+# define EVP_R_AES_KEY_SETUP_FAILED 143
+# define EVP_R_ASN1_LIB 140
+# define EVP_R_BAD_BLOCK_LENGTH 136
+# define EVP_R_BAD_DECRYPT 100
+# define EVP_R_BAD_KEY_LENGTH 137
+# define EVP_R_BN_DECODE_ERROR 112
+# define EVP_R_BN_PUBKEY_ERROR 113
+# define EVP_R_BUFFER_TOO_SMALL 155
+# define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
+# define EVP_R_CIPHER_PARAMETER_ERROR 122
+# define EVP_R_COMMAND_NOT_SUPPORTED 147
+# define EVP_R_CTRL_NOT_IMPLEMENTED 132
+# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
+# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
+# define EVP_R_DECODE_ERROR 114
+# define EVP_R_DIFFERENT_KEY_TYPES 101
+# define EVP_R_DIFFERENT_PARAMETERS 153
+# define EVP_R_DISABLED_FOR_FIPS 163
+# define EVP_R_ENCODE_ERROR 115
+# define EVP_R_ERROR_LOADING_SECTION 165
+# define EVP_R_ERROR_SETTING_FIPS_MODE 166
+# define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
+# define EVP_R_EXPECTING_AN_RSA_KEY 127
+# define EVP_R_EXPECTING_A_DH_KEY 128
+# define EVP_R_EXPECTING_A_DSA_KEY 129
+# define EVP_R_EXPECTING_A_ECDSA_KEY 141
+# define EVP_R_EXPECTING_A_EC_KEY 142
+# define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
+# define EVP_R_INITIALIZATION_ERROR 134
+# define EVP_R_INPUT_NOT_INITIALIZED 111
+# define EVP_R_INVALID_DIGEST 152
+# define EVP_R_INVALID_FIPS_MODE 168
+# define EVP_R_INVALID_KEY_LENGTH 130
+# define EVP_R_INVALID_OPERATION 148
+# define EVP_R_IV_TOO_LARGE 102
+# define EVP_R_KEYGEN_FAILURE 120
+# define EVP_R_MESSAGE_DIGEST_IS_NULL 159
+# define EVP_R_METHOD_NOT_SUPPORTED 144
+# define EVP_R_MISSING_PARAMETERS 103
+# define EVP_R_NO_CIPHER_SET 131
+# define EVP_R_NO_DEFAULT_DIGEST 158
+# define EVP_R_NO_DIGEST_SET 139
+# define EVP_R_NO_DSA_PARAMETERS 116
+# define EVP_R_NO_KEY_SET 154
+# define EVP_R_NO_OPERATION_SET 149
+# define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
+# define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
+# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
+# define EVP_R_OPERATON_NOT_INITIALIZED 151
+# define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
+# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
+# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
+# define EVP_R_PUBLIC_KEY_NOT_RSA 106
+# define EVP_R_TOO_LARGE 164
+# define EVP_R_UNKNOWN_CIPHER 160
+# define EVP_R_UNKNOWN_DIGEST 161
+# define EVP_R_UNKNOWN_OPTION 169
+# define EVP_R_UNKNOWN_PBE_ALGORITHM 121
+# define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
+# define EVP_R_UNSUPPORTED_ALGORITHM 156
+# define EVP_R_UNSUPPORTED_CIPHER 107
+# define EVP_R_UNSUPPORTED_KEYLENGTH 123
+# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
+# define EVP_R_UNSUPPORTED_KEY_SIZE 108
+# define EVP_R_UNSUPPORTED_PRF 125
+# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
+# define EVP_R_UNSUPPORTED_SALT_TYPE 126
+# define EVP_R_WRAP_MODE_NOT_ALLOWED 170
+# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
+# define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/hmac/hmac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#ifndef HEADER_HMAC_H
+# define HEADER_HMAC_H
+
+# include <openssl/opensslconf.h>
+
+# include <openssl/evp.h>
+
+# define HMAC_MAX_MD_CBLOCK 128/* largest known is SHA512 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct hmac_ctx_st {
+ const EVP_MD *md;
+ EVP_MD_CTX md_ctx;
+ EVP_MD_CTX i_ctx;
+ EVP_MD_CTX o_ctx;
+ unsigned int key_length;
+ unsigned char key[HMAC_MAX_MD_CBLOCK];
+ int key_init;
+} HMAC_CTX;
+
+# define HMAC_size(e) (EVP_MD_size((e)->md))
+
+void HMAC_CTX_init(HMAC_CTX *ctx);
+void HMAC_CTX_cleanup(HMAC_CTX *ctx);
+
+#ifdef OPENSSL_USE_DEPRECATED
+/* deprecated */
+# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
+
+/* deprecated */
+DECLARE_DEPRECATED(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md));
+
+#endif
+/*__owur*/ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md, ENGINE *impl);
+/*__owur*/ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
+ size_t len);
+/*__owur*/ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md,
+ unsigned int *len);
+unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
+ const unsigned char *d, size_t n, unsigned char *md,
+ unsigned int *md_len);
+__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/idea/idea.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_IDEA_H
+# define HEADER_IDEA_H
+
+# include <openssl/opensslconf.h>/* IDEA_INT, OPENSSL_NO_IDEA */
+
+# ifdef OPENSSL_NO_IDEA
+# error IDEA is disabled.
+# endif
+
+# define IDEA_ENCRYPT 1
+# define IDEA_DECRYPT 0
+
+# define IDEA_BLOCK 8
+# define IDEA_KEY_LENGTH 16
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct idea_key_st {
+ IDEA_INT data[9][6];
+} IDEA_KEY_SCHEDULE;
+
+const char *idea_options(void);
+void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ IDEA_KEY_SCHEDULE *ks);
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
+void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+ int enc);
+void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+ int *num, int enc);
+void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+ int *num);
+void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/*
+ * Implement J-PAKE, as described in
+ * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf
+ *
+ * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java.
+ */
+
+#ifndef HEADER_JPAKE_H
+# define HEADER_JPAKE_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_JPAKE
+# error JPAKE is disabled.
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/bn.h>
+# include <openssl/sha.h>
+
+typedef struct JPAKE_CTX JPAKE_CTX;
+
+/* Note that "g" in the ZKPs is not necessarily the J-PAKE g. */
+typedef struct {
+ BIGNUM *gr; /* g^r (r random) */
+ BIGNUM *b; /* b = r - x*h, h=hash(g, g^r, g^x, name) */
+} JPAKE_ZKP;
+
+typedef struct {
+ BIGNUM *gx; /* g^x in step 1, g^(xa + xc + xd) * xb * s
+ * in step 2 */
+ JPAKE_ZKP zkpx; /* ZKP(x) or ZKP(xb * s) */
+} JPAKE_STEP_PART;
+
+typedef struct {
+ JPAKE_STEP_PART p1; /* g^x3, ZKP(x3) or g^x1, ZKP(x1) */
+ JPAKE_STEP_PART p2; /* g^x4, ZKP(x4) or g^x2, ZKP(x2) */
+} JPAKE_STEP1;
+
+typedef JPAKE_STEP_PART JPAKE_STEP2;
+
+typedef struct {
+ unsigned char hhk[SHA_DIGEST_LENGTH];
+} JPAKE_STEP3A;
+
+typedef struct {
+ unsigned char hk[SHA_DIGEST_LENGTH];
+} JPAKE_STEP3B;
+
+/* Parameters are copied */
+JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
+ const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
+ const BIGNUM *secret);
+void JPAKE_CTX_free(JPAKE_CTX *ctx);
+
+/*
+ * Note that JPAKE_STEP1 can be used multiple times before release
+ * without another init.
+ */
+void JPAKE_STEP1_init(JPAKE_STEP1 *s1);
+int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx);
+int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received);
+void JPAKE_STEP1_release(JPAKE_STEP1 *s1);
+
+/*
+ * Note that JPAKE_STEP2 can be used multiple times before release
+ * without another init.
+ */
+void JPAKE_STEP2_init(JPAKE_STEP2 *s2);
+int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx);
+int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received);
+void JPAKE_STEP2_release(JPAKE_STEP2 *s2);
+
+/*
+ * Optionally verify the shared key. If the shared secrets do not
+ * match, the two ends will disagree about the shared key, but
+ * otherwise the protocol will succeed.
+ */
+void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a);
+int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx);
+int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received);
+void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a);
+
+void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b);
+int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx);
+int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received);
+void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b);
+
+/*
+ * the return value belongs to the library and will be released when
+ * ctx is released, and will change when a new handshake is performed.
+ */
+const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_JPAKE_strings(void);
+
+/* Error codes for the JPAKE functions. */
+
+/* Function codes. */
+# define JPAKE_F_JPAKE_STEP1_PROCESS 101
+# define JPAKE_F_JPAKE_STEP2_PROCESS 102
+# define JPAKE_F_JPAKE_STEP3A_PROCESS 103
+# define JPAKE_F_JPAKE_STEP3B_PROCESS 104
+# define JPAKE_F_VERIFY_ZKP 100
+
+/* Reason codes. */
+# define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108
+# define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109
+# define JPAKE_R_G_TO_THE_X4_IS_ONE 105
+# define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106
+# define JPAKE_R_HASH_OF_KEY_MISMATCH 107
+# define JPAKE_R_VERIFY_B_FAILED 102
+# define JPAKE_R_VERIFY_X3_FAILED 103
+# define JPAKE_R_VERIFY_X4_FAILED 104
+# define JPAKE_R_ZKP_VERIFY_FAILED 100
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* krb5_asn.h */
+/*
+ * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
+ * using ocsp/{*.h,*asn*.c} as a starting point
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_KRB5_ASN_H
+# define HEADER_KRB5_ASN_H
+
+/*
+ * #include <krb5.h>
+ */
+# include <openssl/safestack.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * ASN.1 from Kerberos RFC 1510
+ */
+
+/*- EncryptedData ::= SEQUENCE {
+ * etype[0] INTEGER, -- EncryptionType
+ * kvno[1] INTEGER OPTIONAL,
+ * cipher[2] OCTET STRING -- ciphertext
+ * }
+ */
+typedef struct krb5_encdata_st {
+ ASN1_INTEGER *etype;
+ ASN1_INTEGER *kvno;
+ ASN1_OCTET_STRING *cipher;
+} KRB5_ENCDATA;
+
+DECLARE_STACK_OF(KRB5_ENCDATA)
+
+/*- PrincipalName ::= SEQUENCE {
+ * name-type[0] INTEGER,
+ * name-string[1] SEQUENCE OF GeneralString
+ * }
+ */
+typedef struct krb5_princname_st {
+ ASN1_INTEGER *nametype;
+ STACK_OF(ASN1_GENERALSTRING) *namestring;
+} KRB5_PRINCNAME;
+
+DECLARE_STACK_OF(KRB5_PRINCNAME)
+
+/*- Ticket ::= [APPLICATION 1] SEQUENCE {
+ * tkt-vno[0] INTEGER,
+ * realm[1] Realm,
+ * sname[2] PrincipalName,
+ * enc-part[3] EncryptedData
+ * }
+ */
+typedef struct krb5_tktbody_st {
+ ASN1_INTEGER *tktvno;
+ ASN1_GENERALSTRING *realm;
+ KRB5_PRINCNAME *sname;
+ KRB5_ENCDATA *encdata;
+} KRB5_TKTBODY;
+
+typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
+DECLARE_STACK_OF(KRB5_TKTBODY)
+
+/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
+ * pvno[0] INTEGER,
+ * msg-type[1] INTEGER,
+ * ap-options[2] APOptions,
+ * ticket[3] Ticket,
+ * authenticator[4] EncryptedData
+ * }
+ *
+ * APOptions ::= BIT STRING {
+ * reserved(0), use-session-key(1), mutual-required(2) }
+ */
+typedef struct krb5_ap_req_st {
+ ASN1_INTEGER *pvno;
+ ASN1_INTEGER *msgtype;
+ ASN1_BIT_STRING *apoptions;
+ KRB5_TICKET *ticket;
+ KRB5_ENCDATA *authenticator;
+} KRB5_APREQBODY;
+
+typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
+DECLARE_STACK_OF(KRB5_APREQBODY)
+
+/* Authenticator Stuff */
+
+/*- Checksum ::= SEQUENCE {
+ * cksumtype[0] INTEGER,
+ * checksum[1] OCTET STRING
+ * }
+ */
+typedef struct krb5_checksum_st {
+ ASN1_INTEGER *ctype;
+ ASN1_OCTET_STRING *checksum;
+} KRB5_CHECKSUM;
+
+DECLARE_STACK_OF(KRB5_CHECKSUM)
+
+/*- EncryptionKey ::= SEQUENCE {
+ * keytype[0] INTEGER,
+ * keyvalue[1] OCTET STRING
+ * }
+ */
+typedef struct krb5_encryptionkey_st {
+ ASN1_INTEGER *ktype;
+ ASN1_OCTET_STRING *keyvalue;
+} KRB5_ENCKEY;
+
+DECLARE_STACK_OF(KRB5_ENCKEY)
+
+/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ * ad-type[0] INTEGER,
+ * ad-data[1] OCTET STRING
+ * }
+ */
+typedef struct krb5_authorization_st {
+ ASN1_INTEGER *adtype;
+ ASN1_OCTET_STRING *addata;
+} KRB5_AUTHDATA;
+
+DECLARE_STACK_OF(KRB5_AUTHDATA)
+
+/*- -- Unencrypted authenticator
+ * Authenticator ::= [APPLICATION 2] SEQUENCE {
+ * authenticator-vno[0] INTEGER,
+ * crealm[1] Realm,
+ * cname[2] PrincipalName,
+ * cksum[3] Checksum OPTIONAL,
+ * cusec[4] INTEGER,
+ * ctime[5] KerberosTime,
+ * subkey[6] EncryptionKey OPTIONAL,
+ * seq-number[7] INTEGER OPTIONAL,
+ * authorization-data[8] AuthorizationData OPTIONAL
+ * }
+ */
+typedef struct krb5_authenticator_st {
+ ASN1_INTEGER *avno;
+ ASN1_GENERALSTRING *crealm;
+ KRB5_PRINCNAME *cname;
+ KRB5_CHECKSUM *cksum;
+ ASN1_INTEGER *cusec;
+ ASN1_GENERALIZEDTIME *ctime;
+ KRB5_ENCKEY *subkey;
+ ASN1_INTEGER *seqnum;
+ KRB5_AUTHDATA *authorization;
+} KRB5_AUTHENTBODY;
+
+typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
+DECLARE_STACK_OF(KRB5_AUTHENTBODY)
+
+/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
+ * type *name##_new(void);
+ * void name##_free(type *a);
+ * DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
+ * DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
+ * type *d2i_##name(type **a, const unsigned char **in, long len);
+ * int i2d_##name(type *a, unsigned char **out);
+ * DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
+ */
+
+DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
+DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
+DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
+DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
+DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
+DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
+
+DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
+DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
+DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
+DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
+DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
+/*
+ * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
+ * 2000. project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ ** 19990701 VRS Started.
+ */
+
+#ifndef KSSL_H
+# define KSSL_H
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_KRB5
+
+# include <stdio.h>
+# include <ctype.h>
+# include <krb5.h>
+# ifdef OPENSSL_SYS_WIN32
+/*
+ * These can sometimes get redefined indirectly by krb5 header files after
+ * they get undefed in ossl_typ.h
+ */
+# undef X509_NAME
+# undef X509_EXTENSIONS
+# undef OCSP_REQUEST
+# undef OCSP_RESPONSE
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Depending on which KRB5 implementation used, some types from
+ * the other may be missing. Resolve that here and now
+ */
+# ifdef KRB5_HEIMDAL
+typedef unsigned char krb5_octet;
+# define FAR
+# else
+
+# ifndef FAR
+# define FAR
+# endif
+
+# endif
+
+/*-
+ * Uncomment this to debug kssl problems or
+ * to trace usage of the Kerberos session key
+ *
+ * #define KSSL_DEBUG
+ */
+
+# ifndef KRB5SVC
+# define KRB5SVC "host"
+# endif
+
+# ifndef KRB5KEYTAB
+# define KRB5KEYTAB "/etc/krb5.keytab"
+# endif
+
+# ifndef KRB5SENDAUTH
+# define KRB5SENDAUTH 1
+# endif
+
+# ifndef KRB5CHECKAUTH
+# define KRB5CHECKAUTH 1
+# endif
+
+# ifndef KSSL_CLOCKSKEW
+# define KSSL_CLOCKSKEW 300;
+# endif
+
+# define KSSL_ERR_MAX 255
+typedef struct kssl_err_st {
+ int reason;
+ char text[KSSL_ERR_MAX + 1];
+} KSSL_ERR;
+
+/*- Context for passing
+ * (1) Kerberos session key to SSL, and
+ * (2) Config data between application and SSL lib
+ */
+typedef struct kssl_ctx_st {
+ /* used by: disposition: */
+ char *service_name; /* C,S default ok (kssl) */
+ char *service_host; /* C input, REQUIRED */
+ char *client_princ; /* S output from krb5 ticket */
+ char *keytab_file; /* S NULL (/etc/krb5.keytab) */
+ char *cred_cache; /* C NULL (default) */
+ krb5_enctype enctype;
+ int length;
+ krb5_octet FAR *key;
+} KSSL_CTX;
+
+# define KSSL_CLIENT 1
+# define KSSL_SERVER 2
+# define KSSL_SERVICE 3
+# define KSSL_KEYTAB 4
+
+# define KSSL_CTX_OK 0
+# define KSSL_CTX_ERR 1
+# define KSSL_NOMEM 2
+
+/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
+krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
+KSSL_CTX *kssl_ctx_new(void);
+KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
+void kssl_ctx_show(KSSL_CTX *kssl_ctx);
+krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
+ krb5_data *realm, krb5_data *entity,
+ int nentities);
+krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
+ krb5_data *authenp, KSSL_ERR *kssl_err);
+krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
+ krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
+krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
+void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
+void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
+krb5_error_code kssl_build_principal_2(krb5_context context,
+ krb5_principal *princ, int rlen,
+ const char *realm, int slen,
+ const char *svc, int hlen,
+ const char *host);
+krb5_error_code kssl_validate_times(krb5_timestamp atime,
+ krb5_ticket_times *ttimes);
+krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
+ krb5_timestamp *atimep,
+ KSSL_ERR *kssl_err);
+unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
+
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
+KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
+
+#ifdef __cplusplus
+}
+#endif
+# endif /* OPENSSL_NO_KRB5 */
+#endif /* KSSL_H */
--- /dev/null
+/* crypto/lhash/lhash.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Header for dynamic hash table routines Author - Eric Young
+ */
+
+#ifndef HEADER_LHASH_H
+# define HEADER_LHASH_H
+
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+
+# include <openssl/bio.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct lhash_node_st {
+ void *data;
+ struct lhash_node_st *next;
+ unsigned long hash;
+} LHASH_NODE;
+
+typedef int (*LHASH_COMP_FN_TYPE) (const void *, const void *);
+typedef unsigned long (*LHASH_HASH_FN_TYPE) (const void *);
+typedef void (*LHASH_DOALL_FN_TYPE) (void *);
+typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
+
+/*
+ * Macros for declaring and implementing type-safe wrappers for LHASH
+ * callbacks. This way, callbacks can be provided to LHASH structures without
+ * function pointer casting and the macro-defined callbacks provide
+ * per-variable casting before deferring to the underlying type-specific
+ * callbacks. NB: It is possible to place a "static" in front of both the
+ * DECLARE and IMPLEMENT macros if the functions are strictly internal.
+ */
+
+/* First: "hash" functions */
+# define DECLARE_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *);
+# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *arg) { \
+ const o_type *a = arg; \
+ return name##_hash(a); }
+# define LHASH_HASH_FN(name) name##_LHASH_HASH
+
+/* Second: "compare" functions */
+# define DECLARE_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *, const void *);
+# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+ const o_type *a = arg1; \
+ const o_type *b = arg2; \
+ return name##_cmp(a,b); }
+# define LHASH_COMP_FN(name) name##_LHASH_COMP
+
+/* Third: "doall" functions */
+# define DECLARE_LHASH_DOALL_FN(name, o_type) \
+ void name##_LHASH_DOALL(void *);
+# define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+ void name##_LHASH_DOALL(void *arg) { \
+ o_type *a = arg; \
+ name##_doall(a); }
+# define LHASH_DOALL_FN(name) name##_LHASH_DOALL
+
+/* Fourth: "doall_arg" functions */
+# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *, void *);
+# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+ o_type *a = arg1; \
+ a_type *b = arg2; \
+ name##_doall_arg(a, b); }
+# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
+
+typedef struct lhash_st {
+ LHASH_NODE **b;
+ LHASH_COMP_FN_TYPE comp;
+ LHASH_HASH_FN_TYPE hash;
+ unsigned int num_nodes;
+ unsigned int num_alloc_nodes;
+ unsigned int p;
+ unsigned int pmax;
+ unsigned long up_load; /* load times 256 */
+ unsigned long down_load; /* load times 256 */
+ unsigned long num_items;
+ unsigned long num_expands;
+ unsigned long num_expand_reallocs;
+ unsigned long num_contracts;
+ unsigned long num_contract_reallocs;
+ unsigned long num_hash_calls;
+ unsigned long num_comp_calls;
+ unsigned long num_insert;
+ unsigned long num_replace;
+ unsigned long num_delete;
+ unsigned long num_no_delete;
+ unsigned long num_retrieve;
+ unsigned long num_retrieve_miss;
+ unsigned long num_hash_comps;
+ int error;
+} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
+ * and friends */
+
+# define LH_LOAD_MULT 256
+
+/*
+ * Indicates a malloc() error in the last call, this is only bad in
+ * lh_insert().
+ */
+# define lh_error(lh) ((lh)->error)
+
+_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
+void lh_free(_LHASH *lh);
+void *lh_insert(_LHASH *lh, void *data);
+void *lh_delete(_LHASH *lh, const void *data);
+void *lh_retrieve(_LHASH *lh, const void *data);
+void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
+void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
+unsigned long lh_strhash(const char *c);
+unsigned long lh_num_items(const _LHASH *lh);
+
+# ifndef OPENSSL_NO_STDIO
+void lh_stats(const _LHASH *lh, FILE *fp);
+void lh_node_stats(const _LHASH *lh, FILE *fp);
+void lh_node_usage_stats(const _LHASH *lh, FILE *fp);
+# endif
+void lh_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
+
+/* Type checking... */
+
+# define LHASH_OF(type) struct lhash_st_##type
+
+# define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
+
+# define CHECKED_LHASH_OF(type,lh) \
+ ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
+
+/* Define wrapper functions. */
+# define LHM_lh_new(type, name) \
+ ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
+# define LHM_lh_error(type, lh) \
+ lh_error(CHECKED_LHASH_OF(type,lh))
+# define LHM_lh_insert(type, lh, inst) \
+ ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
+ CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_retrieve(type, lh, inst) \
+ ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
+ CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_delete(type, lh, inst) \
+ ((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \
+ CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
+# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
+ lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
+# define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
+# define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
+# define LHM_lh_node_stats_bio(type, lh, out) \
+ lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_node_usage_stats_bio(type, lh, out) \
+ lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_stats_bio(type, lh, out) \
+ lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
+
+DECLARE_LHASH_OF(OPENSSL_STRING);
+DECLARE_LHASH_OF(OPENSSL_CSTRING);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/md/md2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD2_H
+# define HEADER_MD2_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_MD2, MD2_INT */
+# ifdef OPENSSL_NO_MD2
+# error MD2 is disabled.
+# endif
+# include <stddef.h>
+
+# define MD2_DIGEST_LENGTH 16
+# define MD2_BLOCK 16
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct MD2state_st {
+ unsigned int num;
+ unsigned char data[MD2_BLOCK];
+ MD2_INT cksm[MD2_BLOCK];
+ MD2_INT state[MD2_BLOCK];
+} MD2_CTX;
+
+const char *MD2_options(void);
+int MD2_Init(MD2_CTX *c);
+int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len);
+int MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md);
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/md4/md4.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD4_H
+# define HEADER_MD4_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_MD4
+# error MD4 is disabled.
+# endif
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD4_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define MD4_LONG unsigned int
+
+# define MD4_CBLOCK 64
+# define MD4_LBLOCK (MD4_CBLOCK/4)
+# define MD4_DIGEST_LENGTH 16
+
+typedef struct MD4state_st {
+ MD4_LONG A, B, C, D;
+ MD4_LONG Nl, Nh;
+ MD4_LONG data[MD4_LBLOCK];
+ unsigned int num;
+} MD4_CTX;
+
+int MD4_Init(MD4_CTX *c);
+int MD4_Update(MD4_CTX *c, const void *data, size_t len);
+int MD4_Final(unsigned char *md, MD4_CTX *c);
+unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
+void MD4_Transform(MD4_CTX *c, const unsigned char *b);
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/md5/md5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD5_H
+# define HEADER_MD5_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_MD5
+# error MD5 is disabled.
+# endif
+
+/*
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD5_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define MD5_LONG unsigned int
+
+# define MD5_CBLOCK 64
+# define MD5_LBLOCK (MD5_CBLOCK/4)
+# define MD5_DIGEST_LENGTH 16
+
+typedef struct MD5state_st {
+ MD5_LONG A, B, C, D;
+ MD5_LONG Nl, Nh;
+ MD5_LONG data[MD5_LBLOCK];
+ unsigned int num;
+} MD5_CTX;
+
+int MD5_Init(MD5_CTX *c);
+int MD5_Update(MD5_CTX *c, const void *data, size_t len);
+int MD5_Final(unsigned char *md, MD5_CTX *c);
+unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
+void MD5_Transform(MD5_CTX *c, const unsigned char *b);
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/mdc2/mdc2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MDC2_H
+# define HEADER_MDC2_H
+
+# include <openssl/des.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_MDC2
+# error MDC2 is disabled.
+# endif
+
+# define MDC2_BLOCK 8
+# define MDC2_DIGEST_LENGTH 16
+
+typedef struct mdc2_ctx_st {
+ unsigned int num;
+ unsigned char data[MDC2_BLOCK];
+ DES_cblock h, hh;
+ int pad_type; /* either 1 or 2, default 1 */
+} MDC2_CTX;
+
+int MDC2_Init(MDC2_CTX *c);
+int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
+int MDC2_Final(unsigned char *md, MDC2_CTX *c);
+unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Rights for redistribution and usage in source and binary
+ * forms are granted according to the OpenSSL license.
+ */
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+typedef void (*block128_f) (const unsigned char in[16],
+ unsigned char out[16], const void *key);
+
+typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], int enc);
+
+typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
+ size_t blocks, const void *key,
+ const unsigned char ivec[16]);
+
+typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
+ size_t blocks, const void *key,
+ const unsigned char ivec[16],
+ unsigned char cmac[16]);
+
+void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block);
+void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block);
+
+void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16],
+ unsigned char ecount_buf[16], unsigned int *num,
+ block128_f block);
+
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16],
+ unsigned char ecount_buf[16],
+ unsigned int *num, ctr128_f ctr);
+
+void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], int *num,
+ block128_f block);
+
+void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], int *num,
+ int enc, block128_f block);
+void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const void *key,
+ unsigned char ivec[16], int *num,
+ int enc, block128_f block);
+void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t bits, const void *key,
+ unsigned char ivec[16], int *num,
+ int enc, block128_f block);
+
+size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key, unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key, unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+
+size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key,
+ unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key,
+ unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+
+typedef struct gcm128_context GCM128_CONTEXT;
+
+GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
+void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
+void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
+ size_t len);
+int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
+ size_t len);
+int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len);
+int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len);
+int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len, ctr128_f stream);
+int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len, ctr128_f stream);
+int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
+ size_t len);
+void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
+
+typedef struct ccm128_context CCM128_CONTEXT;
+
+void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
+ unsigned int M, unsigned int L, void *key,
+ block128_f block);
+int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
+ size_t nlen, size_t mlen);
+void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
+ size_t alen);
+int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len);
+int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len);
+int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len,
+ ccm128_f stream);
+int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len,
+ ccm128_f stream);
+size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+
+typedef struct xts128_context XTS128_CONTEXT;
+
+int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
+ const unsigned char iv[16],
+ const unsigned char *inp, unsigned char *out,
+ size_t len, int enc);
+
+size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, size_t inlen,
+ block128_f block);
+
+size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, size_t inlen,
+ block128_f block);
+size_t CRYPTO_128_wrap_pad(void *key, const unsigned char *icv,
+ unsigned char *out, const unsigned char *in,
+ size_t inlen, block128_f block);
+size_t CRYPTO_128_unwrap_pad(void *key, const unsigned char *icv,
+ unsigned char *out, const unsigned char *in,
+ size_t inlen, block128_f block);
+
+#ifndef OPENSSL_NO_OCB
+typedef struct ocb128_context OCB128_CONTEXT;
+
+OCB128_CONTEXT *CRYPTO_ocb128_new(void *keyenc, void *keydec,
+ block128_f encrypt, block128_f decrypt);
+int CRYPTO_ocb128_init(OCB128_CONTEXT *ctx, void *keyenc, void *keydec,
+ block128_f encrypt, block128_f decrypt);
+int CRYPTO_ocb128_copy_ctx(OCB128_CONTEXT *dest, OCB128_CONTEXT *src,
+ void *keyenc, void *keydec);
+int CRYPTO_ocb128_setiv(OCB128_CONTEXT *ctx, const unsigned char *iv,
+ size_t len, size_t taglen);
+int CRYPTO_ocb128_aad(OCB128_CONTEXT *ctx, const unsigned char *aad,
+ size_t len);
+int CRYPTO_ocb128_encrypt(OCB128_CONTEXT *ctx, const unsigned char *in,
+ unsigned char *out, size_t len);
+int CRYPTO_ocb128_decrypt(OCB128_CONTEXT *ctx, const unsigned char *in,
+ unsigned char *out, size_t len);
+int CRYPTO_ocb128_finish(OCB128_CONTEXT *ctx, const unsigned char *tag,
+ size_t len);
+int CRYPTO_ocb128_tag(OCB128_CONTEXT *ctx, unsigned char *tag, size_t len);
+void CRYPTO_ocb128_cleanup(OCB128_CONTEXT *ctx);
+#endif /* OPENSSL_NO_OCB */
+
+#ifdef __cplusplus
+}
+#endif
--- /dev/null
+/* crypto/objects/obj_mac.h */
+
+/*
+ * THIS FILE IS GENERATED FROM objects.txt by objects.pl via the following
+ * command: perl objects.pl objects.txt obj_mac.num obj_mac.h
+ */
+
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define SN_undef "UNDEF"
+#define LN_undef "undefined"
+#define NID_undef 0
+#define OBJ_undef 0L
+
+#define SN_itu_t "ITU-T"
+#define LN_itu_t "itu-t"
+#define NID_itu_t 645
+#define OBJ_itu_t 0L
+
+#define NID_ccitt 404
+#define OBJ_ccitt OBJ_itu_t
+
+#define SN_iso "ISO"
+#define LN_iso "iso"
+#define NID_iso 181
+#define OBJ_iso 1L
+
+#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T"
+#define LN_joint_iso_itu_t "joint-iso-itu-t"
+#define NID_joint_iso_itu_t 646
+#define OBJ_joint_iso_itu_t 2L
+
+#define NID_joint_iso_ccitt 393
+#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t
+
+#define SN_member_body "member-body"
+#define LN_member_body "ISO Member Body"
+#define NID_member_body 182
+#define OBJ_member_body OBJ_iso,2L
+
+#define SN_identified_organization "identified-organization"
+#define NID_identified_organization 676
+#define OBJ_identified_organization OBJ_iso,3L
+
+#define SN_hmac_md5 "HMAC-MD5"
+#define LN_hmac_md5 "hmac-md5"
+#define NID_hmac_md5 780
+#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L
+
+#define SN_hmac_sha1 "HMAC-SHA1"
+#define LN_hmac_sha1 "hmac-sha1"
+#define NID_hmac_sha1 781
+#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L
+
+#define SN_certicom_arc "certicom-arc"
+#define NID_certicom_arc 677
+#define OBJ_certicom_arc OBJ_identified_organization,132L
+
+#define SN_international_organizations "international-organizations"
+#define LN_international_organizations "International Organizations"
+#define NID_international_organizations 647
+#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L
+
+#define SN_wap "wap"
+#define NID_wap 678
+#define OBJ_wap OBJ_international_organizations,43L
+
+#define SN_wap_wsg "wap-wsg"
+#define NID_wap_wsg 679
+#define OBJ_wap_wsg OBJ_wap,1L
+
+#define SN_selected_attribute_types "selected-attribute-types"
+#define LN_selected_attribute_types "Selected Attribute Types"
+#define NID_selected_attribute_types 394
+#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L
+
+#define SN_clearance "clearance"
+#define NID_clearance 395
+#define OBJ_clearance OBJ_selected_attribute_types,55L
+
+#define SN_ISO_US "ISO-US"
+#define LN_ISO_US "ISO US Member Body"
+#define NID_ISO_US 183
+#define OBJ_ISO_US OBJ_member_body,840L
+
+#define SN_X9_57 "X9-57"
+#define LN_X9_57 "X9.57"
+#define NID_X9_57 184
+#define OBJ_X9_57 OBJ_ISO_US,10040L
+
+#define SN_X9cm "X9cm"
+#define LN_X9cm "X9.57 CM ?"
+#define NID_X9cm 185
+#define OBJ_X9cm OBJ_X9_57,4L
+
+#define SN_dsa "DSA"
+#define LN_dsa "dsaEncryption"
+#define NID_dsa 116
+#define OBJ_dsa OBJ_X9cm,1L
+
+#define SN_dsaWithSHA1 "DSA-SHA1"
+#define LN_dsaWithSHA1 "dsaWithSHA1"
+#define NID_dsaWithSHA1 113
+#define OBJ_dsaWithSHA1 OBJ_X9cm,3L
+
+#define SN_ansi_X9_62 "ansi-X9-62"
+#define LN_ansi_X9_62 "ANSI X9.62"
+#define NID_ansi_X9_62 405
+#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L
+
+#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L
+
+#define SN_X9_62_prime_field "prime-field"
+#define NID_X9_62_prime_field 406
+#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L
+
+#define SN_X9_62_characteristic_two_field "characteristic-two-field"
+#define NID_X9_62_characteristic_two_field 407
+#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L
+
+#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis"
+#define NID_X9_62_id_characteristic_two_basis 680
+#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L
+
+#define SN_X9_62_onBasis "onBasis"
+#define NID_X9_62_onBasis 681
+#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L
+
+#define SN_X9_62_tpBasis "tpBasis"
+#define NID_X9_62_tpBasis 682
+#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L
+
+#define SN_X9_62_ppBasis "ppBasis"
+#define NID_X9_62_ppBasis 683
+#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L
+
+#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L
+
+#define SN_X9_62_id_ecPublicKey "id-ecPublicKey"
+#define NID_X9_62_id_ecPublicKey 408
+#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L
+
+#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L
+
+#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L
+
+#define SN_X9_62_c2pnb163v1 "c2pnb163v1"
+#define NID_X9_62_c2pnb163v1 684
+#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L
+
+#define SN_X9_62_c2pnb163v2 "c2pnb163v2"
+#define NID_X9_62_c2pnb163v2 685
+#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L
+
+#define SN_X9_62_c2pnb163v3 "c2pnb163v3"
+#define NID_X9_62_c2pnb163v3 686
+#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L
+
+#define SN_X9_62_c2pnb176v1 "c2pnb176v1"
+#define NID_X9_62_c2pnb176v1 687
+#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L
+
+#define SN_X9_62_c2tnb191v1 "c2tnb191v1"
+#define NID_X9_62_c2tnb191v1 688
+#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L
+
+#define SN_X9_62_c2tnb191v2 "c2tnb191v2"
+#define NID_X9_62_c2tnb191v2 689
+#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L
+
+#define SN_X9_62_c2tnb191v3 "c2tnb191v3"
+#define NID_X9_62_c2tnb191v3 690
+#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L
+
+#define SN_X9_62_c2onb191v4 "c2onb191v4"
+#define NID_X9_62_c2onb191v4 691
+#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L
+
+#define SN_X9_62_c2onb191v5 "c2onb191v5"
+#define NID_X9_62_c2onb191v5 692
+#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L
+
+#define SN_X9_62_c2pnb208w1 "c2pnb208w1"
+#define NID_X9_62_c2pnb208w1 693
+#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L
+
+#define SN_X9_62_c2tnb239v1 "c2tnb239v1"
+#define NID_X9_62_c2tnb239v1 694
+#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L
+
+#define SN_X9_62_c2tnb239v2 "c2tnb239v2"
+#define NID_X9_62_c2tnb239v2 695
+#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L
+
+#define SN_X9_62_c2tnb239v3 "c2tnb239v3"
+#define NID_X9_62_c2tnb239v3 696
+#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L
+
+#define SN_X9_62_c2onb239v4 "c2onb239v4"
+#define NID_X9_62_c2onb239v4 697
+#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L
+
+#define SN_X9_62_c2onb239v5 "c2onb239v5"
+#define NID_X9_62_c2onb239v5 698
+#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L
+
+#define SN_X9_62_c2pnb272w1 "c2pnb272w1"
+#define NID_X9_62_c2pnb272w1 699
+#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L
+
+#define SN_X9_62_c2pnb304w1 "c2pnb304w1"
+#define NID_X9_62_c2pnb304w1 700
+#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L
+
+#define SN_X9_62_c2tnb359v1 "c2tnb359v1"
+#define NID_X9_62_c2tnb359v1 701
+#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L
+
+#define SN_X9_62_c2pnb368w1 "c2pnb368w1"
+#define NID_X9_62_c2pnb368w1 702
+#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L
+
+#define SN_X9_62_c2tnb431r1 "c2tnb431r1"
+#define NID_X9_62_c2tnb431r1 703
+#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L
+
+#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L
+
+#define SN_X9_62_prime192v1 "prime192v1"
+#define NID_X9_62_prime192v1 409
+#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L
+
+#define SN_X9_62_prime192v2 "prime192v2"
+#define NID_X9_62_prime192v2 410
+#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L
+
+#define SN_X9_62_prime192v3 "prime192v3"
+#define NID_X9_62_prime192v3 411
+#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L
+
+#define SN_X9_62_prime239v1 "prime239v1"
+#define NID_X9_62_prime239v1 412
+#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L
+
+#define SN_X9_62_prime239v2 "prime239v2"
+#define NID_X9_62_prime239v2 413
+#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L
+
+#define SN_X9_62_prime239v3 "prime239v3"
+#define NID_X9_62_prime239v3 414
+#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L
+
+#define SN_X9_62_prime256v1 "prime256v1"
+#define NID_X9_62_prime256v1 415
+#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L
+
+#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L
+
+#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1"
+#define NID_ecdsa_with_SHA1 416
+#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L
+
+#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended"
+#define NID_ecdsa_with_Recommended 791
+#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L
+
+#define SN_ecdsa_with_Specified "ecdsa-with-Specified"
+#define NID_ecdsa_with_Specified 792
+#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L
+
+#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224"
+#define NID_ecdsa_with_SHA224 793
+#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L
+
+#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256"
+#define NID_ecdsa_with_SHA256 794
+#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L
+
+#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384"
+#define NID_ecdsa_with_SHA384 795
+#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L
+
+#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512"
+#define NID_ecdsa_with_SHA512 796
+#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L
+
+#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L
+
+#define SN_secp112r1 "secp112r1"
+#define NID_secp112r1 704
+#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L
+
+#define SN_secp112r2 "secp112r2"
+#define NID_secp112r2 705
+#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L
+
+#define SN_secp128r1 "secp128r1"
+#define NID_secp128r1 706
+#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L
+
+#define SN_secp128r2 "secp128r2"
+#define NID_secp128r2 707
+#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L
+
+#define SN_secp160k1 "secp160k1"
+#define NID_secp160k1 708
+#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L
+
+#define SN_secp160r1 "secp160r1"
+#define NID_secp160r1 709
+#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L
+
+#define SN_secp160r2 "secp160r2"
+#define NID_secp160r2 710
+#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L
+
+#define SN_secp192k1 "secp192k1"
+#define NID_secp192k1 711
+#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L
+
+#define SN_secp224k1 "secp224k1"
+#define NID_secp224k1 712
+#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L
+
+#define SN_secp224r1 "secp224r1"
+#define NID_secp224r1 713
+#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L
+
+#define SN_secp256k1 "secp256k1"
+#define NID_secp256k1 714
+#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L
+
+#define SN_secp384r1 "secp384r1"
+#define NID_secp384r1 715
+#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L
+
+#define SN_secp521r1 "secp521r1"
+#define NID_secp521r1 716
+#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L
+
+#define SN_sect113r1 "sect113r1"
+#define NID_sect113r1 717
+#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L
+
+#define SN_sect113r2 "sect113r2"
+#define NID_sect113r2 718
+#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L
+
+#define SN_sect131r1 "sect131r1"
+#define NID_sect131r1 719
+#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L
+
+#define SN_sect131r2 "sect131r2"
+#define NID_sect131r2 720
+#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L
+
+#define SN_sect163k1 "sect163k1"
+#define NID_sect163k1 721
+#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L
+
+#define SN_sect163r1 "sect163r1"
+#define NID_sect163r1 722
+#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L
+
+#define SN_sect163r2 "sect163r2"
+#define NID_sect163r2 723
+#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L
+
+#define SN_sect193r1 "sect193r1"
+#define NID_sect193r1 724
+#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L
+
+#define SN_sect193r2 "sect193r2"
+#define NID_sect193r2 725
+#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L
+
+#define SN_sect233k1 "sect233k1"
+#define NID_sect233k1 726
+#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L
+
+#define SN_sect233r1 "sect233r1"
+#define NID_sect233r1 727
+#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L
+
+#define SN_sect239k1 "sect239k1"
+#define NID_sect239k1 728
+#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L
+
+#define SN_sect283k1 "sect283k1"
+#define NID_sect283k1 729
+#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L
+
+#define SN_sect283r1 "sect283r1"
+#define NID_sect283r1 730
+#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L
+
+#define SN_sect409k1 "sect409k1"
+#define NID_sect409k1 731
+#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L
+
+#define SN_sect409r1 "sect409r1"
+#define NID_sect409r1 732
+#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L
+
+#define SN_sect571k1 "sect571k1"
+#define NID_sect571k1 733
+#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L
+
+#define SN_sect571r1 "sect571r1"
+#define NID_sect571r1 734
+#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L
+
+#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L
+
+#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1"
+#define NID_wap_wsg_idm_ecid_wtls1 735
+#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L
+
+#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3"
+#define NID_wap_wsg_idm_ecid_wtls3 736
+#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L
+
+#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4"
+#define NID_wap_wsg_idm_ecid_wtls4 737
+#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L
+
+#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5"
+#define NID_wap_wsg_idm_ecid_wtls5 738
+#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L
+
+#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6"
+#define NID_wap_wsg_idm_ecid_wtls6 739
+#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L
+
+#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7"
+#define NID_wap_wsg_idm_ecid_wtls7 740
+#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L
+
+#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8"
+#define NID_wap_wsg_idm_ecid_wtls8 741
+#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L
+
+#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9"
+#define NID_wap_wsg_idm_ecid_wtls9 742
+#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L
+
+#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10"
+#define NID_wap_wsg_idm_ecid_wtls10 743
+#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L
+
+#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11"
+#define NID_wap_wsg_idm_ecid_wtls11 744
+#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L
+
+#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12"
+#define NID_wap_wsg_idm_ecid_wtls12 745
+#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L
+
+#define SN_cast5_cbc "CAST5-CBC"
+#define LN_cast5_cbc "cast5-cbc"
+#define NID_cast5_cbc 108
+#define OBJ_cast5_cbc OBJ_ISO_US,113533L,7L,66L,10L
+
+#define SN_cast5_ecb "CAST5-ECB"
+#define LN_cast5_ecb "cast5-ecb"
+#define NID_cast5_ecb 109
+
+#define SN_cast5_cfb64 "CAST5-CFB"
+#define LN_cast5_cfb64 "cast5-cfb"
+#define NID_cast5_cfb64 110
+
+#define SN_cast5_ofb64 "CAST5-OFB"
+#define LN_cast5_ofb64 "cast5-ofb"
+#define NID_cast5_ofb64 111
+
+#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
+#define NID_pbeWithMD5AndCast5_CBC 112
+#define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L
+
+#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC"
+#define LN_id_PasswordBasedMAC "password based MAC"
+#define NID_id_PasswordBasedMAC 782
+#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L
+
+#define SN_id_DHBasedMac "id-DHBasedMac"
+#define LN_id_DHBasedMac "Diffie-Hellman based MAC"
+#define NID_id_DHBasedMac 783
+#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L
+
+#define SN_rsadsi "rsadsi"
+#define LN_rsadsi "RSA Data Security, Inc."
+#define NID_rsadsi 1
+#define OBJ_rsadsi OBJ_ISO_US,113549L
+
+#define SN_pkcs "pkcs"
+#define LN_pkcs "RSA Data Security, Inc. PKCS"
+#define NID_pkcs 2
+#define OBJ_pkcs OBJ_rsadsi,1L
+
+#define SN_pkcs1 "pkcs1"
+#define NID_pkcs1 186
+#define OBJ_pkcs1 OBJ_pkcs,1L
+
+#define LN_rsaEncryption "rsaEncryption"
+#define NID_rsaEncryption 6
+#define OBJ_rsaEncryption OBJ_pkcs1,1L
+
+#define SN_md2WithRSAEncryption "RSA-MD2"
+#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption 7
+#define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L
+
+#define SN_md4WithRSAEncryption "RSA-MD4"
+#define LN_md4WithRSAEncryption "md4WithRSAEncryption"
+#define NID_md4WithRSAEncryption 396
+#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L
+
+#define SN_md5WithRSAEncryption "RSA-MD5"
+#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption 8
+#define OBJ_md5WithRSAEncryption OBJ_pkcs1,4L
+
+#define SN_sha1WithRSAEncryption "RSA-SHA1"
+#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption 65
+#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
+
+#define SN_rsaesOaep "RSAES-OAEP"
+#define LN_rsaesOaep "rsaesOaep"
+#define NID_rsaesOaep 919
+#define OBJ_rsaesOaep OBJ_pkcs1,7L
+
+#define SN_mgf1 "MGF1"
+#define LN_mgf1 "mgf1"
+#define NID_mgf1 911
+#define OBJ_mgf1 OBJ_pkcs1,8L
+
+#define SN_pSpecified "PSPECIFIED"
+#define LN_pSpecified "pSpecified"
+#define NID_pSpecified 935
+#define OBJ_pSpecified OBJ_pkcs1,9L
+
+#define SN_rsassaPss "RSASSA-PSS"
+#define LN_rsassaPss "rsassaPss"
+#define NID_rsassaPss 912
+#define OBJ_rsassaPss OBJ_pkcs1,10L
+
+#define SN_sha256WithRSAEncryption "RSA-SHA256"
+#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
+#define NID_sha256WithRSAEncryption 668
+#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L
+
+#define SN_sha384WithRSAEncryption "RSA-SHA384"
+#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
+#define NID_sha384WithRSAEncryption 669
+#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L
+
+#define SN_sha512WithRSAEncryption "RSA-SHA512"
+#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
+#define NID_sha512WithRSAEncryption 670
+#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L
+
+#define SN_sha224WithRSAEncryption "RSA-SHA224"
+#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
+#define NID_sha224WithRSAEncryption 671
+#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
+
+#define SN_pkcs3 "pkcs3"
+#define NID_pkcs3 27
+#define OBJ_pkcs3 OBJ_pkcs,3L
+
+#define LN_dhKeyAgreement "dhKeyAgreement"
+#define NID_dhKeyAgreement 28
+#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
+
+#define SN_pkcs5 "pkcs5"
+#define NID_pkcs5 187
+#define OBJ_pkcs5 OBJ_pkcs,5L
+
+#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
+#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC 9
+#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs5,1L
+
+#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
+#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC 10
+#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs5,3L
+
+#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
+#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
+#define NID_pbeWithMD2AndRC2_CBC 168
+#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs5,4L
+
+#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
+#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
+#define NID_pbeWithMD5AndRC2_CBC 169
+#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs5,6L
+
+#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
+#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
+#define NID_pbeWithSHA1AndDES_CBC 170
+#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs5,10L
+
+#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
+#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC 68
+#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs5,11L
+
+#define LN_id_pbkdf2 "PBKDF2"
+#define NID_id_pbkdf2 69
+#define OBJ_id_pbkdf2 OBJ_pkcs5,12L
+
+#define LN_pbes2 "PBES2"
+#define NID_pbes2 161
+#define OBJ_pbes2 OBJ_pkcs5,13L
+
+#define LN_pbmac1 "PBMAC1"
+#define NID_pbmac1 162
+#define OBJ_pbmac1 OBJ_pkcs5,14L
+
+#define SN_pkcs7 "pkcs7"
+#define NID_pkcs7 20
+#define OBJ_pkcs7 OBJ_pkcs,7L
+
+#define LN_pkcs7_data "pkcs7-data"
+#define NID_pkcs7_data 21
+#define OBJ_pkcs7_data OBJ_pkcs7,1L
+
+#define LN_pkcs7_signed "pkcs7-signedData"
+#define NID_pkcs7_signed 22
+#define OBJ_pkcs7_signed OBJ_pkcs7,2L
+
+#define LN_pkcs7_enveloped "pkcs7-envelopedData"
+#define NID_pkcs7_enveloped 23
+#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
+
+#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped 24
+#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
+
+#define LN_pkcs7_digest "pkcs7-digestData"
+#define NID_pkcs7_digest 25
+#define OBJ_pkcs7_digest OBJ_pkcs7,5L
+
+#define LN_pkcs7_encrypted "pkcs7-encryptedData"
+#define NID_pkcs7_encrypted 26
+#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
+
+#define SN_pkcs9 "pkcs9"
+#define NID_pkcs9 47
+#define OBJ_pkcs9 OBJ_pkcs,9L
+
+#define LN_pkcs9_emailAddress "emailAddress"
+#define NID_pkcs9_emailAddress 48
+#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
+
+#define LN_pkcs9_unstructuredName "unstructuredName"
+#define NID_pkcs9_unstructuredName 49
+#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
+
+#define LN_pkcs9_contentType "contentType"
+#define NID_pkcs9_contentType 50
+#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
+
+#define LN_pkcs9_messageDigest "messageDigest"
+#define NID_pkcs9_messageDigest 51
+#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
+
+#define LN_pkcs9_signingTime "signingTime"
+#define NID_pkcs9_signingTime 52
+#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
+
+#define LN_pkcs9_countersignature "countersignature"
+#define NID_pkcs9_countersignature 53
+#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
+
+#define LN_pkcs9_challengePassword "challengePassword"
+#define NID_pkcs9_challengePassword 54
+#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
+
+#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress 55
+#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
+
+#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes 56
+#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
+
+#define SN_ext_req "extReq"
+#define LN_ext_req "Extension Request"
+#define NID_ext_req 172
+#define OBJ_ext_req OBJ_pkcs9,14L
+
+#define SN_SMIMECapabilities "SMIME-CAPS"
+#define LN_SMIMECapabilities "S/MIME Capabilities"
+#define NID_SMIMECapabilities 167
+#define OBJ_SMIMECapabilities OBJ_pkcs9,15L
+
+#define SN_SMIME "SMIME"
+#define LN_SMIME "S/MIME"
+#define NID_SMIME 188
+#define OBJ_SMIME OBJ_pkcs9,16L
+
+#define SN_id_smime_mod "id-smime-mod"
+#define NID_id_smime_mod 189
+#define OBJ_id_smime_mod OBJ_SMIME,0L
+
+#define SN_id_smime_ct "id-smime-ct"
+#define NID_id_smime_ct 190
+#define OBJ_id_smime_ct OBJ_SMIME,1L
+
+#define SN_id_smime_aa "id-smime-aa"
+#define NID_id_smime_aa 191
+#define OBJ_id_smime_aa OBJ_SMIME,2L
+
+#define SN_id_smime_alg "id-smime-alg"
+#define NID_id_smime_alg 192
+#define OBJ_id_smime_alg OBJ_SMIME,3L
+
+#define SN_id_smime_cd "id-smime-cd"
+#define NID_id_smime_cd 193
+#define OBJ_id_smime_cd OBJ_SMIME,4L
+
+#define SN_id_smime_spq "id-smime-spq"
+#define NID_id_smime_spq 194
+#define OBJ_id_smime_spq OBJ_SMIME,5L
+
+#define SN_id_smime_cti "id-smime-cti"
+#define NID_id_smime_cti 195
+#define OBJ_id_smime_cti OBJ_SMIME,6L
+
+#define SN_id_smime_mod_cms "id-smime-mod-cms"
+#define NID_id_smime_mod_cms 196
+#define OBJ_id_smime_mod_cms OBJ_id_smime_mod,1L
+
+#define SN_id_smime_mod_ess "id-smime-mod-ess"
+#define NID_id_smime_mod_ess 197
+#define OBJ_id_smime_mod_ess OBJ_id_smime_mod,2L
+
+#define SN_id_smime_mod_oid "id-smime-mod-oid"
+#define NID_id_smime_mod_oid 198
+#define OBJ_id_smime_mod_oid OBJ_id_smime_mod,3L
+
+#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3"
+#define NID_id_smime_mod_msg_v3 199
+#define OBJ_id_smime_mod_msg_v3 OBJ_id_smime_mod,4L
+
+#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88"
+#define NID_id_smime_mod_ets_eSignature_88 200
+#define OBJ_id_smime_mod_ets_eSignature_88 OBJ_id_smime_mod,5L
+
+#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97"
+#define NID_id_smime_mod_ets_eSignature_97 201
+#define OBJ_id_smime_mod_ets_eSignature_97 OBJ_id_smime_mod,6L
+
+#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88"
+#define NID_id_smime_mod_ets_eSigPolicy_88 202
+#define OBJ_id_smime_mod_ets_eSigPolicy_88 OBJ_id_smime_mod,7L
+
+#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97"
+#define NID_id_smime_mod_ets_eSigPolicy_97 203
+#define OBJ_id_smime_mod_ets_eSigPolicy_97 OBJ_id_smime_mod,8L
+
+#define SN_id_smime_ct_receipt "id-smime-ct-receipt"
+#define NID_id_smime_ct_receipt 204
+#define OBJ_id_smime_ct_receipt OBJ_id_smime_ct,1L
+
+#define SN_id_smime_ct_authData "id-smime-ct-authData"
+#define NID_id_smime_ct_authData 205
+#define OBJ_id_smime_ct_authData OBJ_id_smime_ct,2L
+
+#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert"
+#define NID_id_smime_ct_publishCert 206
+#define OBJ_id_smime_ct_publishCert OBJ_id_smime_ct,3L
+
+#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo"
+#define NID_id_smime_ct_TSTInfo 207
+#define OBJ_id_smime_ct_TSTInfo OBJ_id_smime_ct,4L
+
+#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo"
+#define NID_id_smime_ct_TDTInfo 208
+#define OBJ_id_smime_ct_TDTInfo OBJ_id_smime_ct,5L
+
+#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo"
+#define NID_id_smime_ct_contentInfo 209
+#define OBJ_id_smime_ct_contentInfo OBJ_id_smime_ct,6L
+
+#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData"
+#define NID_id_smime_ct_DVCSRequestData 210
+#define OBJ_id_smime_ct_DVCSRequestData OBJ_id_smime_ct,7L
+
+#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData"
+#define NID_id_smime_ct_DVCSResponseData 211
+#define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L
+
+#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData"
+#define NID_id_smime_ct_compressedData 786
+#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L
+
+#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF"
+#define NID_id_ct_asciiTextWithCRLF 787
+#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L
+
+#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
+#define NID_id_smime_aa_receiptRequest 212
+#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L
+
+#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel"
+#define NID_id_smime_aa_securityLabel 213
+#define OBJ_id_smime_aa_securityLabel OBJ_id_smime_aa,2L
+
+#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory"
+#define NID_id_smime_aa_mlExpandHistory 214
+#define OBJ_id_smime_aa_mlExpandHistory OBJ_id_smime_aa,3L
+
+#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint"
+#define NID_id_smime_aa_contentHint 215
+#define OBJ_id_smime_aa_contentHint OBJ_id_smime_aa,4L
+
+#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest"
+#define NID_id_smime_aa_msgSigDigest 216
+#define OBJ_id_smime_aa_msgSigDigest OBJ_id_smime_aa,5L
+
+#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType"
+#define NID_id_smime_aa_encapContentType 217
+#define OBJ_id_smime_aa_encapContentType OBJ_id_smime_aa,6L
+
+#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier"
+#define NID_id_smime_aa_contentIdentifier 218
+#define OBJ_id_smime_aa_contentIdentifier OBJ_id_smime_aa,7L
+
+#define SN_id_smime_aa_macValue "id-smime-aa-macValue"
+#define NID_id_smime_aa_macValue 219
+#define OBJ_id_smime_aa_macValue OBJ_id_smime_aa,8L
+
+#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels"
+#define NID_id_smime_aa_equivalentLabels 220
+#define OBJ_id_smime_aa_equivalentLabels OBJ_id_smime_aa,9L
+
+#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference"
+#define NID_id_smime_aa_contentReference 221
+#define OBJ_id_smime_aa_contentReference OBJ_id_smime_aa,10L
+
+#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref"
+#define NID_id_smime_aa_encrypKeyPref 222
+#define OBJ_id_smime_aa_encrypKeyPref OBJ_id_smime_aa,11L
+
+#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate"
+#define NID_id_smime_aa_signingCertificate 223
+#define OBJ_id_smime_aa_signingCertificate OBJ_id_smime_aa,12L
+
+#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts"
+#define NID_id_smime_aa_smimeEncryptCerts 224
+#define OBJ_id_smime_aa_smimeEncryptCerts OBJ_id_smime_aa,13L
+
+#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken"
+#define NID_id_smime_aa_timeStampToken 225
+#define OBJ_id_smime_aa_timeStampToken OBJ_id_smime_aa,14L
+
+#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId"
+#define NID_id_smime_aa_ets_sigPolicyId 226
+#define OBJ_id_smime_aa_ets_sigPolicyId OBJ_id_smime_aa,15L
+
+#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType"
+#define NID_id_smime_aa_ets_commitmentType 227
+#define OBJ_id_smime_aa_ets_commitmentType OBJ_id_smime_aa,16L
+
+#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation"
+#define NID_id_smime_aa_ets_signerLocation 228
+#define OBJ_id_smime_aa_ets_signerLocation OBJ_id_smime_aa,17L
+
+#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr"
+#define NID_id_smime_aa_ets_signerAttr 229
+#define OBJ_id_smime_aa_ets_signerAttr OBJ_id_smime_aa,18L
+
+#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert"
+#define NID_id_smime_aa_ets_otherSigCert 230
+#define OBJ_id_smime_aa_ets_otherSigCert OBJ_id_smime_aa,19L
+
+#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp"
+#define NID_id_smime_aa_ets_contentTimestamp 231
+#define OBJ_id_smime_aa_ets_contentTimestamp OBJ_id_smime_aa,20L
+
+#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs"
+#define NID_id_smime_aa_ets_CertificateRefs 232
+#define OBJ_id_smime_aa_ets_CertificateRefs OBJ_id_smime_aa,21L
+
+#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs"
+#define NID_id_smime_aa_ets_RevocationRefs 233
+#define OBJ_id_smime_aa_ets_RevocationRefs OBJ_id_smime_aa,22L
+
+#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues"
+#define NID_id_smime_aa_ets_certValues 234
+#define OBJ_id_smime_aa_ets_certValues OBJ_id_smime_aa,23L
+
+#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues"
+#define NID_id_smime_aa_ets_revocationValues 235
+#define OBJ_id_smime_aa_ets_revocationValues OBJ_id_smime_aa,24L
+
+#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp"
+#define NID_id_smime_aa_ets_escTimeStamp 236
+#define OBJ_id_smime_aa_ets_escTimeStamp OBJ_id_smime_aa,25L
+
+#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp"
+#define NID_id_smime_aa_ets_certCRLTimestamp 237
+#define OBJ_id_smime_aa_ets_certCRLTimestamp OBJ_id_smime_aa,26L
+
+#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp"
+#define NID_id_smime_aa_ets_archiveTimeStamp 238
+#define OBJ_id_smime_aa_ets_archiveTimeStamp OBJ_id_smime_aa,27L
+
+#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType"
+#define NID_id_smime_aa_signatureType 239
+#define OBJ_id_smime_aa_signatureType OBJ_id_smime_aa,28L
+
+#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc"
+#define NID_id_smime_aa_dvcs_dvc 240
+#define OBJ_id_smime_aa_dvcs_dvc OBJ_id_smime_aa,29L
+
+#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES"
+#define NID_id_smime_alg_ESDHwith3DES 241
+#define OBJ_id_smime_alg_ESDHwith3DES OBJ_id_smime_alg,1L
+
+#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2"
+#define NID_id_smime_alg_ESDHwithRC2 242
+#define OBJ_id_smime_alg_ESDHwithRC2 OBJ_id_smime_alg,2L
+
+#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap"
+#define NID_id_smime_alg_3DESwrap 243
+#define OBJ_id_smime_alg_3DESwrap OBJ_id_smime_alg,3L
+
+#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap"
+#define NID_id_smime_alg_RC2wrap 244
+#define OBJ_id_smime_alg_RC2wrap OBJ_id_smime_alg,4L
+
+#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH"
+#define NID_id_smime_alg_ESDH 245
+#define OBJ_id_smime_alg_ESDH OBJ_id_smime_alg,5L
+
+#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap"
+#define NID_id_smime_alg_CMS3DESwrap 246
+#define OBJ_id_smime_alg_CMS3DESwrap OBJ_id_smime_alg,6L
+
+#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap"
+#define NID_id_smime_alg_CMSRC2wrap 247
+#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
+
+#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
+#define NID_id_alg_PWRI_KEK 893
+#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
+
+#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
+#define NID_id_smime_cd_ldap 248
+#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
+
+#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri"
+#define NID_id_smime_spq_ets_sqt_uri 249
+#define OBJ_id_smime_spq_ets_sqt_uri OBJ_id_smime_spq,1L
+
+#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice"
+#define NID_id_smime_spq_ets_sqt_unotice 250
+#define OBJ_id_smime_spq_ets_sqt_unotice OBJ_id_smime_spq,2L
+
+#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin"
+#define NID_id_smime_cti_ets_proofOfOrigin 251
+#define OBJ_id_smime_cti_ets_proofOfOrigin OBJ_id_smime_cti,1L
+
+#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt"
+#define NID_id_smime_cti_ets_proofOfReceipt 252
+#define OBJ_id_smime_cti_ets_proofOfReceipt OBJ_id_smime_cti,2L
+
+#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery"
+#define NID_id_smime_cti_ets_proofOfDelivery 253
+#define OBJ_id_smime_cti_ets_proofOfDelivery OBJ_id_smime_cti,3L
+
+#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender"
+#define NID_id_smime_cti_ets_proofOfSender 254
+#define OBJ_id_smime_cti_ets_proofOfSender OBJ_id_smime_cti,4L
+
+#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval"
+#define NID_id_smime_cti_ets_proofOfApproval 255
+#define OBJ_id_smime_cti_ets_proofOfApproval OBJ_id_smime_cti,5L
+
+#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation"
+#define NID_id_smime_cti_ets_proofOfCreation 256
+#define OBJ_id_smime_cti_ets_proofOfCreation OBJ_id_smime_cti,6L
+
+#define LN_friendlyName "friendlyName"
+#define NID_friendlyName 156
+#define OBJ_friendlyName OBJ_pkcs9,20L
+
+#define LN_localKeyID "localKeyID"
+#define NID_localKeyID 157
+#define OBJ_localKeyID OBJ_pkcs9,21L
+
+#define SN_ms_csp_name "CSPName"
+#define LN_ms_csp_name "Microsoft CSP Name"
+#define NID_ms_csp_name 417
+#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L
+
+#define SN_LocalKeySet "LocalKeySet"
+#define LN_LocalKeySet "Microsoft Local Key set"
+#define NID_LocalKeySet 856
+#define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L
+
+#define OBJ_certTypes OBJ_pkcs9,22L
+
+#define LN_x509Certificate "x509Certificate"
+#define NID_x509Certificate 158
+#define OBJ_x509Certificate OBJ_certTypes,1L
+
+#define LN_sdsiCertificate "sdsiCertificate"
+#define NID_sdsiCertificate 159
+#define OBJ_sdsiCertificate OBJ_certTypes,2L
+
+#define OBJ_crlTypes OBJ_pkcs9,23L
+
+#define LN_x509Crl "x509Crl"
+#define NID_x509Crl 160
+#define OBJ_x509Crl OBJ_crlTypes,1L
+
+#define OBJ_pkcs12 OBJ_pkcs,12L
+
+#define OBJ_pkcs12_pbeids OBJ_pkcs12,1L
+
+#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
+#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
+#define NID_pbe_WithSHA1And128BitRC4 144
+#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids,1L
+
+#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
+#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
+#define NID_pbe_WithSHA1And40BitRC4 145
+#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids,2L
+
+#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
+#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
+#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids,3L
+
+#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
+#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
+#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids,4L
+
+#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
+#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
+#define NID_pbe_WithSHA1And128BitRC2_CBC 148
+#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids,5L
+
+#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
+#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
+#define NID_pbe_WithSHA1And40BitRC2_CBC 149
+#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L
+
+#define OBJ_pkcs12_Version1 OBJ_pkcs12,10L
+
+#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L
+
+#define LN_keyBag "keyBag"
+#define NID_keyBag 150
+#define OBJ_keyBag OBJ_pkcs12_BagIds,1L
+
+#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
+#define NID_pkcs8ShroudedKeyBag 151
+#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds,2L
+
+#define LN_certBag "certBag"
+#define NID_certBag 152
+#define OBJ_certBag OBJ_pkcs12_BagIds,3L
+
+#define LN_crlBag "crlBag"
+#define NID_crlBag 153
+#define OBJ_crlBag OBJ_pkcs12_BagIds,4L
+
+#define LN_secretBag "secretBag"
+#define NID_secretBag 154
+#define OBJ_secretBag OBJ_pkcs12_BagIds,5L
+
+#define LN_safeContentsBag "safeContentsBag"
+#define NID_safeContentsBag 155
+#define OBJ_safeContentsBag OBJ_pkcs12_BagIds,6L
+
+#define SN_md2 "MD2"
+#define LN_md2 "md2"
+#define NID_md2 3
+#define OBJ_md2 OBJ_rsadsi,2L,2L
+
+#define SN_md4 "MD4"
+#define LN_md4 "md4"
+#define NID_md4 257
+#define OBJ_md4 OBJ_rsadsi,2L,4L
+
+#define SN_md5 "MD5"
+#define LN_md5 "md5"
+#define NID_md5 4
+#define OBJ_md5 OBJ_rsadsi,2L,5L
+
+#define SN_md5_sha1 "MD5-SHA1"
+#define LN_md5_sha1 "md5-sha1"
+#define NID_md5_sha1 114
+
+#define LN_hmacWithMD5 "hmacWithMD5"
+#define NID_hmacWithMD5 797
+#define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L
+
+#define LN_hmacWithSHA1 "hmacWithSHA1"
+#define NID_hmacWithSHA1 163
+#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
+
+#define LN_hmacWithSHA224 "hmacWithSHA224"
+#define NID_hmacWithSHA224 798
+#define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L
+
+#define LN_hmacWithSHA256 "hmacWithSHA256"
+#define NID_hmacWithSHA256 799
+#define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L
+
+#define LN_hmacWithSHA384 "hmacWithSHA384"
+#define NID_hmacWithSHA384 800
+#define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L
+
+#define LN_hmacWithSHA512 "hmacWithSHA512"
+#define NID_hmacWithSHA512 801
+#define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L
+
+#define SN_rc2_cbc "RC2-CBC"
+#define LN_rc2_cbc "rc2-cbc"
+#define NID_rc2_cbc 37
+#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
+
+#define SN_rc2_ecb "RC2-ECB"
+#define LN_rc2_ecb "rc2-ecb"
+#define NID_rc2_ecb 38
+
+#define SN_rc2_cfb64 "RC2-CFB"
+#define LN_rc2_cfb64 "rc2-cfb"
+#define NID_rc2_cfb64 39
+
+#define SN_rc2_ofb64 "RC2-OFB"
+#define LN_rc2_ofb64 "rc2-ofb"
+#define NID_rc2_ofb64 40
+
+#define SN_rc2_40_cbc "RC2-40-CBC"
+#define LN_rc2_40_cbc "rc2-40-cbc"
+#define NID_rc2_40_cbc 98
+
+#define SN_rc2_64_cbc "RC2-64-CBC"
+#define LN_rc2_64_cbc "rc2-64-cbc"
+#define NID_rc2_64_cbc 166
+
+#define SN_rc4 "RC4"
+#define LN_rc4 "rc4"
+#define NID_rc4 5
+#define OBJ_rc4 OBJ_rsadsi,3L,4L
+
+#define SN_rc4_40 "RC4-40"
+#define LN_rc4_40 "rc4-40"
+#define NID_rc4_40 97
+
+#define SN_des_ede3_cbc "DES-EDE3-CBC"
+#define LN_des_ede3_cbc "des-ede3-cbc"
+#define NID_des_ede3_cbc 44
+#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
+
+#define SN_rc5_cbc "RC5-CBC"
+#define LN_rc5_cbc "rc5-cbc"
+#define NID_rc5_cbc 120
+#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
+
+#define SN_rc5_ecb "RC5-ECB"
+#define LN_rc5_ecb "rc5-ecb"
+#define NID_rc5_ecb 121
+
+#define SN_rc5_cfb64 "RC5-CFB"
+#define LN_rc5_cfb64 "rc5-cfb"
+#define NID_rc5_cfb64 122
+
+#define SN_rc5_ofb64 "RC5-OFB"
+#define LN_rc5_ofb64 "rc5-ofb"
+#define NID_rc5_ofb64 123
+
+#define SN_ms_ext_req "msExtReq"
+#define LN_ms_ext_req "Microsoft Extension Request"
+#define NID_ms_ext_req 171
+#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
+
+#define SN_ms_code_ind "msCodeInd"
+#define LN_ms_code_ind "Microsoft Individual Code Signing"
+#define NID_ms_code_ind 134
+#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
+
+#define SN_ms_code_com "msCodeCom"
+#define LN_ms_code_com "Microsoft Commercial Code Signing"
+#define NID_ms_code_com 135
+#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
+
+#define SN_ms_ctl_sign "msCTLSign"
+#define LN_ms_ctl_sign "Microsoft Trust List Signing"
+#define NID_ms_ctl_sign 136
+#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
+
+#define SN_ms_sgc "msSGC"
+#define LN_ms_sgc "Microsoft Server Gated Crypto"
+#define NID_ms_sgc 137
+#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
+
+#define SN_ms_efs "msEFS"
+#define LN_ms_efs "Microsoft Encrypted File System"
+#define NID_ms_efs 138
+#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
+
+#define SN_ms_smartcard_login "msSmartcardLogin"
+#define LN_ms_smartcard_login "Microsoft Smartcardlogin"
+#define NID_ms_smartcard_login 648
+#define OBJ_ms_smartcard_login 1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
+
+#define SN_ms_upn "msUPN"
+#define LN_ms_upn "Microsoft Universal Principal Name"
+#define NID_ms_upn 649
+#define OBJ_ms_upn 1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
+
+#define SN_idea_cbc "IDEA-CBC"
+#define LN_idea_cbc "idea-cbc"
+#define NID_idea_cbc 34
+#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
+
+#define SN_idea_ecb "IDEA-ECB"
+#define LN_idea_ecb "idea-ecb"
+#define NID_idea_ecb 36
+
+#define SN_idea_cfb64 "IDEA-CFB"
+#define LN_idea_cfb64 "idea-cfb"
+#define NID_idea_cfb64 35
+
+#define SN_idea_ofb64 "IDEA-OFB"
+#define LN_idea_ofb64 "idea-ofb"
+#define NID_idea_ofb64 46
+
+#define SN_bf_cbc "BF-CBC"
+#define LN_bf_cbc "bf-cbc"
+#define NID_bf_cbc 91
+#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
+
+#define SN_bf_ecb "BF-ECB"
+#define LN_bf_ecb "bf-ecb"
+#define NID_bf_ecb 92
+
+#define SN_bf_cfb64 "BF-CFB"
+#define LN_bf_cfb64 "bf-cfb"
+#define NID_bf_cfb64 93
+
+#define SN_bf_ofb64 "BF-OFB"
+#define LN_bf_ofb64 "bf-ofb"
+#define NID_bf_ofb64 94
+
+#define SN_id_pkix "PKIX"
+#define NID_id_pkix 127
+#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
+
+#define SN_id_pkix_mod "id-pkix-mod"
+#define NID_id_pkix_mod 258
+#define OBJ_id_pkix_mod OBJ_id_pkix,0L
+
+#define SN_id_pe "id-pe"
+#define NID_id_pe 175
+#define OBJ_id_pe OBJ_id_pkix,1L
+
+#define SN_id_qt "id-qt"
+#define NID_id_qt 259
+#define OBJ_id_qt OBJ_id_pkix,2L
+
+#define SN_id_kp "id-kp"
+#define NID_id_kp 128
+#define OBJ_id_kp OBJ_id_pkix,3L
+
+#define SN_id_it "id-it"
+#define NID_id_it 260
+#define OBJ_id_it OBJ_id_pkix,4L
+
+#define SN_id_pkip "id-pkip"
+#define NID_id_pkip 261
+#define OBJ_id_pkip OBJ_id_pkix,5L
+
+#define SN_id_alg "id-alg"
+#define NID_id_alg 262
+#define OBJ_id_alg OBJ_id_pkix,6L
+
+#define SN_id_cmc "id-cmc"
+#define NID_id_cmc 263
+#define OBJ_id_cmc OBJ_id_pkix,7L
+
+#define SN_id_on "id-on"
+#define NID_id_on 264
+#define OBJ_id_on OBJ_id_pkix,8L
+
+#define SN_id_pda "id-pda"
+#define NID_id_pda 265
+#define OBJ_id_pda OBJ_id_pkix,9L
+
+#define SN_id_aca "id-aca"
+#define NID_id_aca 266
+#define OBJ_id_aca OBJ_id_pkix,10L
+
+#define SN_id_qcs "id-qcs"
+#define NID_id_qcs 267
+#define OBJ_id_qcs OBJ_id_pkix,11L
+
+#define SN_id_cct "id-cct"
+#define NID_id_cct 268
+#define OBJ_id_cct OBJ_id_pkix,12L
+
+#define SN_id_ppl "id-ppl"
+#define NID_id_ppl 662
+#define OBJ_id_ppl OBJ_id_pkix,21L
+
+#define SN_id_ad "id-ad"
+#define NID_id_ad 176
+#define OBJ_id_ad OBJ_id_pkix,48L
+
+#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88"
+#define NID_id_pkix1_explicit_88 269
+#define OBJ_id_pkix1_explicit_88 OBJ_id_pkix_mod,1L
+
+#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88"
+#define NID_id_pkix1_implicit_88 270
+#define OBJ_id_pkix1_implicit_88 OBJ_id_pkix_mod,2L
+
+#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93"
+#define NID_id_pkix1_explicit_93 271
+#define OBJ_id_pkix1_explicit_93 OBJ_id_pkix_mod,3L
+
+#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93"
+#define NID_id_pkix1_implicit_93 272
+#define OBJ_id_pkix1_implicit_93 OBJ_id_pkix_mod,4L
+
+#define SN_id_mod_crmf "id-mod-crmf"
+#define NID_id_mod_crmf 273
+#define OBJ_id_mod_crmf OBJ_id_pkix_mod,5L
+
+#define SN_id_mod_cmc "id-mod-cmc"
+#define NID_id_mod_cmc 274
+#define OBJ_id_mod_cmc OBJ_id_pkix_mod,6L
+
+#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88"
+#define NID_id_mod_kea_profile_88 275
+#define OBJ_id_mod_kea_profile_88 OBJ_id_pkix_mod,7L
+
+#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93"
+#define NID_id_mod_kea_profile_93 276
+#define OBJ_id_mod_kea_profile_93 OBJ_id_pkix_mod,8L
+
+#define SN_id_mod_cmp "id-mod-cmp"
+#define NID_id_mod_cmp 277
+#define OBJ_id_mod_cmp OBJ_id_pkix_mod,9L
+
+#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88"
+#define NID_id_mod_qualified_cert_88 278
+#define OBJ_id_mod_qualified_cert_88 OBJ_id_pkix_mod,10L
+
+#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93"
+#define NID_id_mod_qualified_cert_93 279
+#define OBJ_id_mod_qualified_cert_93 OBJ_id_pkix_mod,11L
+
+#define SN_id_mod_attribute_cert "id-mod-attribute-cert"
+#define NID_id_mod_attribute_cert 280
+#define OBJ_id_mod_attribute_cert OBJ_id_pkix_mod,12L
+
+#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol"
+#define NID_id_mod_timestamp_protocol 281
+#define OBJ_id_mod_timestamp_protocol OBJ_id_pkix_mod,13L
+
+#define SN_id_mod_ocsp "id-mod-ocsp"
+#define NID_id_mod_ocsp 282
+#define OBJ_id_mod_ocsp OBJ_id_pkix_mod,14L
+
+#define SN_id_mod_dvcs "id-mod-dvcs"
+#define NID_id_mod_dvcs 283
+#define OBJ_id_mod_dvcs OBJ_id_pkix_mod,15L
+
+#define SN_id_mod_cmp2000 "id-mod-cmp2000"
+#define NID_id_mod_cmp2000 284
+#define OBJ_id_mod_cmp2000 OBJ_id_pkix_mod,16L
+
+#define SN_info_access "authorityInfoAccess"
+#define LN_info_access "Authority Information Access"
+#define NID_info_access 177
+#define OBJ_info_access OBJ_id_pe,1L
+
+#define SN_biometricInfo "biometricInfo"
+#define LN_biometricInfo "Biometric Info"
+#define NID_biometricInfo 285
+#define OBJ_biometricInfo OBJ_id_pe,2L
+
+#define SN_qcStatements "qcStatements"
+#define NID_qcStatements 286
+#define OBJ_qcStatements OBJ_id_pe,3L
+
+#define SN_ac_auditEntity "ac-auditEntity"
+#define NID_ac_auditEntity 287
+#define OBJ_ac_auditEntity OBJ_id_pe,4L
+
+#define SN_ac_targeting "ac-targeting"
+#define NID_ac_targeting 288
+#define OBJ_ac_targeting OBJ_id_pe,5L
+
+#define SN_aaControls "aaControls"
+#define NID_aaControls 289
+#define OBJ_aaControls OBJ_id_pe,6L
+
+#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock"
+#define NID_sbgp_ipAddrBlock 290
+#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L
+
+#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum"
+#define NID_sbgp_autonomousSysNum 291
+#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L
+
+#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier"
+#define NID_sbgp_routerIdentifier 292
+#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L
+
+#define SN_ac_proxying "ac-proxying"
+#define NID_ac_proxying 397
+#define OBJ_ac_proxying OBJ_id_pe,10L
+
+#define SN_sinfo_access "subjectInfoAccess"
+#define LN_sinfo_access "Subject Information Access"
+#define NID_sinfo_access 398
+#define OBJ_sinfo_access OBJ_id_pe,11L
+
+#define SN_proxyCertInfo "proxyCertInfo"
+#define LN_proxyCertInfo "Proxy Certificate Information"
+#define NID_proxyCertInfo 663
+#define OBJ_proxyCertInfo OBJ_id_pe,14L
+
+#define SN_id_qt_cps "id-qt-cps"
+#define LN_id_qt_cps "Policy Qualifier CPS"
+#define NID_id_qt_cps 164
+#define OBJ_id_qt_cps OBJ_id_qt,1L
+
+#define SN_id_qt_unotice "id-qt-unotice"
+#define LN_id_qt_unotice "Policy Qualifier User Notice"
+#define NID_id_qt_unotice 165
+#define OBJ_id_qt_unotice OBJ_id_qt,2L
+
+#define SN_textNotice "textNotice"
+#define NID_textNotice 293
+#define OBJ_textNotice OBJ_id_qt,3L
+
+#define SN_server_auth "serverAuth"
+#define LN_server_auth "TLS Web Server Authentication"
+#define NID_server_auth 129
+#define OBJ_server_auth OBJ_id_kp,1L
+
+#define SN_client_auth "clientAuth"
+#define LN_client_auth "TLS Web Client Authentication"
+#define NID_client_auth 130
+#define OBJ_client_auth OBJ_id_kp,2L
+
+#define SN_code_sign "codeSigning"
+#define LN_code_sign "Code Signing"
+#define NID_code_sign 131
+#define OBJ_code_sign OBJ_id_kp,3L
+
+#define SN_email_protect "emailProtection"
+#define LN_email_protect "E-mail Protection"
+#define NID_email_protect 132
+#define OBJ_email_protect OBJ_id_kp,4L
+
+#define SN_ipsecEndSystem "ipsecEndSystem"
+#define LN_ipsecEndSystem "IPSec End System"
+#define NID_ipsecEndSystem 294
+#define OBJ_ipsecEndSystem OBJ_id_kp,5L
+
+#define SN_ipsecTunnel "ipsecTunnel"
+#define LN_ipsecTunnel "IPSec Tunnel"
+#define NID_ipsecTunnel 295
+#define OBJ_ipsecTunnel OBJ_id_kp,6L
+
+#define SN_ipsecUser "ipsecUser"
+#define LN_ipsecUser "IPSec User"
+#define NID_ipsecUser 296
+#define OBJ_ipsecUser OBJ_id_kp,7L
+
+#define SN_time_stamp "timeStamping"
+#define LN_time_stamp "Time Stamping"
+#define NID_time_stamp 133
+#define OBJ_time_stamp OBJ_id_kp,8L
+
+#define SN_OCSP_sign "OCSPSigning"
+#define LN_OCSP_sign "OCSP Signing"
+#define NID_OCSP_sign 180
+#define OBJ_OCSP_sign OBJ_id_kp,9L
+
+#define SN_dvcs "DVCS"
+#define LN_dvcs "dvcs"
+#define NID_dvcs 297
+#define OBJ_dvcs OBJ_id_kp,10L
+
+#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
+#define NID_id_it_caProtEncCert 298
+#define OBJ_id_it_caProtEncCert OBJ_id_it,1L
+
+#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes"
+#define NID_id_it_signKeyPairTypes 299
+#define OBJ_id_it_signKeyPairTypes OBJ_id_it,2L
+
+#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes"
+#define NID_id_it_encKeyPairTypes 300
+#define OBJ_id_it_encKeyPairTypes OBJ_id_it,3L
+
+#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg"
+#define NID_id_it_preferredSymmAlg 301
+#define OBJ_id_it_preferredSymmAlg OBJ_id_it,4L
+
+#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo"
+#define NID_id_it_caKeyUpdateInfo 302
+#define OBJ_id_it_caKeyUpdateInfo OBJ_id_it,5L
+
+#define SN_id_it_currentCRL "id-it-currentCRL"
+#define NID_id_it_currentCRL 303
+#define OBJ_id_it_currentCRL OBJ_id_it,6L
+
+#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs"
+#define NID_id_it_unsupportedOIDs 304
+#define OBJ_id_it_unsupportedOIDs OBJ_id_it,7L
+
+#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest"
+#define NID_id_it_subscriptionRequest 305
+#define OBJ_id_it_subscriptionRequest OBJ_id_it,8L
+
+#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse"
+#define NID_id_it_subscriptionResponse 306
+#define OBJ_id_it_subscriptionResponse OBJ_id_it,9L
+
+#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq"
+#define NID_id_it_keyPairParamReq 307
+#define OBJ_id_it_keyPairParamReq OBJ_id_it,10L
+
+#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep"
+#define NID_id_it_keyPairParamRep 308
+#define OBJ_id_it_keyPairParamRep OBJ_id_it,11L
+
+#define SN_id_it_revPassphrase "id-it-revPassphrase"
+#define NID_id_it_revPassphrase 309
+#define OBJ_id_it_revPassphrase OBJ_id_it,12L
+
+#define SN_id_it_implicitConfirm "id-it-implicitConfirm"
+#define NID_id_it_implicitConfirm 310
+#define OBJ_id_it_implicitConfirm OBJ_id_it,13L
+
+#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime"
+#define NID_id_it_confirmWaitTime 311
+#define OBJ_id_it_confirmWaitTime OBJ_id_it,14L
+
+#define SN_id_it_origPKIMessage "id-it-origPKIMessage"
+#define NID_id_it_origPKIMessage 312
+#define OBJ_id_it_origPKIMessage OBJ_id_it,15L
+
+#define SN_id_it_suppLangTags "id-it-suppLangTags"
+#define NID_id_it_suppLangTags 784
+#define OBJ_id_it_suppLangTags OBJ_id_it,16L
+
+#define SN_id_regCtrl "id-regCtrl"
+#define NID_id_regCtrl 313
+#define OBJ_id_regCtrl OBJ_id_pkip,1L
+
+#define SN_id_regInfo "id-regInfo"
+#define NID_id_regInfo 314
+#define OBJ_id_regInfo OBJ_id_pkip,2L
+
+#define SN_id_regCtrl_regToken "id-regCtrl-regToken"
+#define NID_id_regCtrl_regToken 315
+#define OBJ_id_regCtrl_regToken OBJ_id_regCtrl,1L
+
+#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator"
+#define NID_id_regCtrl_authenticator 316
+#define OBJ_id_regCtrl_authenticator OBJ_id_regCtrl,2L
+
+#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo"
+#define NID_id_regCtrl_pkiPublicationInfo 317
+#define OBJ_id_regCtrl_pkiPublicationInfo OBJ_id_regCtrl,3L
+
+#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions"
+#define NID_id_regCtrl_pkiArchiveOptions 318
+#define OBJ_id_regCtrl_pkiArchiveOptions OBJ_id_regCtrl,4L
+
+#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID"
+#define NID_id_regCtrl_oldCertID 319
+#define OBJ_id_regCtrl_oldCertID OBJ_id_regCtrl,5L
+
+#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey"
+#define NID_id_regCtrl_protocolEncrKey 320
+#define OBJ_id_regCtrl_protocolEncrKey OBJ_id_regCtrl,6L
+
+#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs"
+#define NID_id_regInfo_utf8Pairs 321
+#define OBJ_id_regInfo_utf8Pairs OBJ_id_regInfo,1L
+
+#define SN_id_regInfo_certReq "id-regInfo-certReq"
+#define NID_id_regInfo_certReq 322
+#define OBJ_id_regInfo_certReq OBJ_id_regInfo,2L
+
+#define SN_id_alg_des40 "id-alg-des40"
+#define NID_id_alg_des40 323
+#define OBJ_id_alg_des40 OBJ_id_alg,1L
+
+#define SN_id_alg_noSignature "id-alg-noSignature"
+#define NID_id_alg_noSignature 324
+#define OBJ_id_alg_noSignature OBJ_id_alg,2L
+
+#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1"
+#define NID_id_alg_dh_sig_hmac_sha1 325
+#define OBJ_id_alg_dh_sig_hmac_sha1 OBJ_id_alg,3L
+
+#define SN_id_alg_dh_pop "id-alg-dh-pop"
+#define NID_id_alg_dh_pop 326
+#define OBJ_id_alg_dh_pop OBJ_id_alg,4L
+
+#define SN_id_cmc_statusInfo "id-cmc-statusInfo"
+#define NID_id_cmc_statusInfo 327
+#define OBJ_id_cmc_statusInfo OBJ_id_cmc,1L
+
+#define SN_id_cmc_identification "id-cmc-identification"
+#define NID_id_cmc_identification 328
+#define OBJ_id_cmc_identification OBJ_id_cmc,2L
+
+#define SN_id_cmc_identityProof "id-cmc-identityProof"
+#define NID_id_cmc_identityProof 329
+#define OBJ_id_cmc_identityProof OBJ_id_cmc,3L
+
+#define SN_id_cmc_dataReturn "id-cmc-dataReturn"
+#define NID_id_cmc_dataReturn 330
+#define OBJ_id_cmc_dataReturn OBJ_id_cmc,4L
+
+#define SN_id_cmc_transactionId "id-cmc-transactionId"
+#define NID_id_cmc_transactionId 331
+#define OBJ_id_cmc_transactionId OBJ_id_cmc,5L
+
+#define SN_id_cmc_senderNonce "id-cmc-senderNonce"
+#define NID_id_cmc_senderNonce 332
+#define OBJ_id_cmc_senderNonce OBJ_id_cmc,6L
+
+#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce"
+#define NID_id_cmc_recipientNonce 333
+#define OBJ_id_cmc_recipientNonce OBJ_id_cmc,7L
+
+#define SN_id_cmc_addExtensions "id-cmc-addExtensions"
+#define NID_id_cmc_addExtensions 334
+#define OBJ_id_cmc_addExtensions OBJ_id_cmc,8L
+
+#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP"
+#define NID_id_cmc_encryptedPOP 335
+#define OBJ_id_cmc_encryptedPOP OBJ_id_cmc,9L
+
+#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP"
+#define NID_id_cmc_decryptedPOP 336
+#define OBJ_id_cmc_decryptedPOP OBJ_id_cmc,10L
+
+#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness"
+#define NID_id_cmc_lraPOPWitness 337
+#define OBJ_id_cmc_lraPOPWitness OBJ_id_cmc,11L
+
+#define SN_id_cmc_getCert "id-cmc-getCert"
+#define NID_id_cmc_getCert 338
+#define OBJ_id_cmc_getCert OBJ_id_cmc,15L
+
+#define SN_id_cmc_getCRL "id-cmc-getCRL"
+#define NID_id_cmc_getCRL 339
+#define OBJ_id_cmc_getCRL OBJ_id_cmc,16L
+
+#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest"
+#define NID_id_cmc_revokeRequest 340
+#define OBJ_id_cmc_revokeRequest OBJ_id_cmc,17L
+
+#define SN_id_cmc_regInfo "id-cmc-regInfo"
+#define NID_id_cmc_regInfo 341
+#define OBJ_id_cmc_regInfo OBJ_id_cmc,18L
+
+#define SN_id_cmc_responseInfo "id-cmc-responseInfo"
+#define NID_id_cmc_responseInfo 342
+#define OBJ_id_cmc_responseInfo OBJ_id_cmc,19L
+
+#define SN_id_cmc_queryPending "id-cmc-queryPending"
+#define NID_id_cmc_queryPending 343
+#define OBJ_id_cmc_queryPending OBJ_id_cmc,21L
+
+#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom"
+#define NID_id_cmc_popLinkRandom 344
+#define OBJ_id_cmc_popLinkRandom OBJ_id_cmc,22L
+
+#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness"
+#define NID_id_cmc_popLinkWitness 345
+#define OBJ_id_cmc_popLinkWitness OBJ_id_cmc,23L
+
+#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance"
+#define NID_id_cmc_confirmCertAcceptance 346
+#define OBJ_id_cmc_confirmCertAcceptance OBJ_id_cmc,24L
+
+#define SN_id_on_personalData "id-on-personalData"
+#define NID_id_on_personalData 347
+#define OBJ_id_on_personalData OBJ_id_on,1L
+
+#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier"
+#define LN_id_on_permanentIdentifier "Permanent Identifier"
+#define NID_id_on_permanentIdentifier 858
+#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L
+
+#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
+#define NID_id_pda_dateOfBirth 348
+#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L
+
+#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth"
+#define NID_id_pda_placeOfBirth 349
+#define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L
+
+#define SN_id_pda_gender "id-pda-gender"
+#define NID_id_pda_gender 351
+#define OBJ_id_pda_gender OBJ_id_pda,3L
+
+#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship"
+#define NID_id_pda_countryOfCitizenship 352
+#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L
+
+#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence"
+#define NID_id_pda_countryOfResidence 353
+#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L
+
+#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo"
+#define NID_id_aca_authenticationInfo 354
+#define OBJ_id_aca_authenticationInfo OBJ_id_aca,1L
+
+#define SN_id_aca_accessIdentity "id-aca-accessIdentity"
+#define NID_id_aca_accessIdentity 355
+#define OBJ_id_aca_accessIdentity OBJ_id_aca,2L
+
+#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity"
+#define NID_id_aca_chargingIdentity 356
+#define OBJ_id_aca_chargingIdentity OBJ_id_aca,3L
+
+#define SN_id_aca_group "id-aca-group"
+#define NID_id_aca_group 357
+#define OBJ_id_aca_group OBJ_id_aca,4L
+
+#define SN_id_aca_role "id-aca-role"
+#define NID_id_aca_role 358
+#define OBJ_id_aca_role OBJ_id_aca,5L
+
+#define SN_id_aca_encAttrs "id-aca-encAttrs"
+#define NID_id_aca_encAttrs 399
+#define OBJ_id_aca_encAttrs OBJ_id_aca,6L
+
+#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1"
+#define NID_id_qcs_pkixQCSyntax_v1 359
+#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L
+
+#define SN_id_cct_crs "id-cct-crs"
+#define NID_id_cct_crs 360
+#define OBJ_id_cct_crs OBJ_id_cct,1L
+
+#define SN_id_cct_PKIData "id-cct-PKIData"
+#define NID_id_cct_PKIData 361
+#define OBJ_id_cct_PKIData OBJ_id_cct,2L
+
+#define SN_id_cct_PKIResponse "id-cct-PKIResponse"
+#define NID_id_cct_PKIResponse 362
+#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L
+
+#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage"
+#define LN_id_ppl_anyLanguage "Any language"
+#define NID_id_ppl_anyLanguage 664
+#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L
+
+#define SN_id_ppl_inheritAll "id-ppl-inheritAll"
+#define LN_id_ppl_inheritAll "Inherit all"
+#define NID_id_ppl_inheritAll 665
+#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L
+
+#define SN_Independent "id-ppl-independent"
+#define LN_Independent "Independent"
+#define NID_Independent 667
+#define OBJ_Independent OBJ_id_ppl,2L
+
+#define SN_ad_OCSP "OCSP"
+#define LN_ad_OCSP "OCSP"
+#define NID_ad_OCSP 178
+#define OBJ_ad_OCSP OBJ_id_ad,1L
+
+#define SN_ad_ca_issuers "caIssuers"
+#define LN_ad_ca_issuers "CA Issuers"
+#define NID_ad_ca_issuers 179
+#define OBJ_ad_ca_issuers OBJ_id_ad,2L
+
+#define SN_ad_timeStamping "ad_timestamping"
+#define LN_ad_timeStamping "AD Time Stamping"
+#define NID_ad_timeStamping 363
+#define OBJ_ad_timeStamping OBJ_id_ad,3L
+
+#define SN_ad_dvcs "AD_DVCS"
+#define LN_ad_dvcs "ad dvcs"
+#define NID_ad_dvcs 364
+#define OBJ_ad_dvcs OBJ_id_ad,4L
+
+#define SN_caRepository "caRepository"
+#define LN_caRepository "CA Repository"
+#define NID_caRepository 785
+#define OBJ_caRepository OBJ_id_ad,5L
+
+#define OBJ_id_pkix_OCSP OBJ_ad_OCSP
+
+#define SN_id_pkix_OCSP_basic "basicOCSPResponse"
+#define LN_id_pkix_OCSP_basic "Basic OCSP Response"
+#define NID_id_pkix_OCSP_basic 365
+#define OBJ_id_pkix_OCSP_basic OBJ_id_pkix_OCSP,1L
+
+#define SN_id_pkix_OCSP_Nonce "Nonce"
+#define LN_id_pkix_OCSP_Nonce "OCSP Nonce"
+#define NID_id_pkix_OCSP_Nonce 366
+#define OBJ_id_pkix_OCSP_Nonce OBJ_id_pkix_OCSP,2L
+
+#define SN_id_pkix_OCSP_CrlID "CrlID"
+#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID"
+#define NID_id_pkix_OCSP_CrlID 367
+#define OBJ_id_pkix_OCSP_CrlID OBJ_id_pkix_OCSP,3L
+
+#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses"
+#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses"
+#define NID_id_pkix_OCSP_acceptableResponses 368
+#define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L
+
+#define SN_id_pkix_OCSP_noCheck "noCheck"
+#define LN_id_pkix_OCSP_noCheck "OCSP No Check"
+#define NID_id_pkix_OCSP_noCheck 369
+#define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L
+
+#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff"
+#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff"
+#define NID_id_pkix_OCSP_archiveCutoff 370
+#define OBJ_id_pkix_OCSP_archiveCutoff OBJ_id_pkix_OCSP,6L
+
+#define SN_id_pkix_OCSP_serviceLocator "serviceLocator"
+#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator"
+#define NID_id_pkix_OCSP_serviceLocator 371
+#define OBJ_id_pkix_OCSP_serviceLocator OBJ_id_pkix_OCSP,7L
+
+#define SN_id_pkix_OCSP_extendedStatus "extendedStatus"
+#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status"
+#define NID_id_pkix_OCSP_extendedStatus 372
+#define OBJ_id_pkix_OCSP_extendedStatus OBJ_id_pkix_OCSP,8L
+
+#define SN_id_pkix_OCSP_valid "valid"
+#define NID_id_pkix_OCSP_valid 373
+#define OBJ_id_pkix_OCSP_valid OBJ_id_pkix_OCSP,9L
+
+#define SN_id_pkix_OCSP_path "path"
+#define NID_id_pkix_OCSP_path 374
+#define OBJ_id_pkix_OCSP_path OBJ_id_pkix_OCSP,10L
+
+#define SN_id_pkix_OCSP_trustRoot "trustRoot"
+#define LN_id_pkix_OCSP_trustRoot "Trust Root"
+#define NID_id_pkix_OCSP_trustRoot 375
+#define OBJ_id_pkix_OCSP_trustRoot OBJ_id_pkix_OCSP,11L
+
+#define SN_algorithm "algorithm"
+#define LN_algorithm "algorithm"
+#define NID_algorithm 376
+#define OBJ_algorithm 1L,3L,14L,3L,2L
+
+#define SN_md5WithRSA "RSA-NP-MD5"
+#define LN_md5WithRSA "md5WithRSA"
+#define NID_md5WithRSA 104
+#define OBJ_md5WithRSA OBJ_algorithm,3L
+
+#define SN_des_ecb "DES-ECB"
+#define LN_des_ecb "des-ecb"
+#define NID_des_ecb 29
+#define OBJ_des_ecb OBJ_algorithm,6L
+
+#define SN_des_cbc "DES-CBC"
+#define LN_des_cbc "des-cbc"
+#define NID_des_cbc 31
+#define OBJ_des_cbc OBJ_algorithm,7L
+
+#define SN_des_ofb64 "DES-OFB"
+#define LN_des_ofb64 "des-ofb"
+#define NID_des_ofb64 45
+#define OBJ_des_ofb64 OBJ_algorithm,8L
+
+#define SN_des_cfb64 "DES-CFB"
+#define LN_des_cfb64 "des-cfb"
+#define NID_des_cfb64 30
+#define OBJ_des_cfb64 OBJ_algorithm,9L
+
+#define SN_rsaSignature "rsaSignature"
+#define NID_rsaSignature 377
+#define OBJ_rsaSignature OBJ_algorithm,11L
+
+#define SN_dsa_2 "DSA-old"
+#define LN_dsa_2 "dsaEncryption-old"
+#define NID_dsa_2 67
+#define OBJ_dsa_2 OBJ_algorithm,12L
+
+#define SN_dsaWithSHA "DSA-SHA"
+#define LN_dsaWithSHA "dsaWithSHA"
+#define NID_dsaWithSHA 66
+#define OBJ_dsaWithSHA OBJ_algorithm,13L
+
+#define SN_shaWithRSAEncryption "RSA-SHA"
+#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption 42
+#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
+
+#define SN_des_ede_ecb "DES-EDE"
+#define LN_des_ede_ecb "des-ede"
+#define NID_des_ede_ecb 32
+#define OBJ_des_ede_ecb OBJ_algorithm,17L
+
+#define SN_des_ede3_ecb "DES-EDE3"
+#define LN_des_ede3_ecb "des-ede3"
+#define NID_des_ede3_ecb 33
+
+#define SN_des_ede_cbc "DES-EDE-CBC"
+#define LN_des_ede_cbc "des-ede-cbc"
+#define NID_des_ede_cbc 43
+
+#define SN_des_ede_cfb64 "DES-EDE-CFB"
+#define LN_des_ede_cfb64 "des-ede-cfb"
+#define NID_des_ede_cfb64 60
+
+#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
+#define LN_des_ede3_cfb64 "des-ede3-cfb"
+#define NID_des_ede3_cfb64 61
+
+#define SN_des_ede_ofb64 "DES-EDE-OFB"
+#define LN_des_ede_ofb64 "des-ede-ofb"
+#define NID_des_ede_ofb64 62
+
+#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
+#define LN_des_ede3_ofb64 "des-ede3-ofb"
+#define NID_des_ede3_ofb64 63
+
+#define SN_desx_cbc "DESX-CBC"
+#define LN_desx_cbc "desx-cbc"
+#define NID_desx_cbc 80
+
+#define SN_sha "SHA"
+#define LN_sha "sha"
+#define NID_sha 41
+#define OBJ_sha OBJ_algorithm,18L
+
+#define SN_sha1 "SHA1"
+#define LN_sha1 "sha1"
+#define NID_sha1 64
+#define OBJ_sha1 OBJ_algorithm,26L
+
+#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
+#define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
+#define NID_dsaWithSHA1_2 70
+#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
+
+#define SN_sha1WithRSA "RSA-SHA1-2"
+#define LN_sha1WithRSA "sha1WithRSA"
+#define NID_sha1WithRSA 115
+#define OBJ_sha1WithRSA OBJ_algorithm,29L
+
+#define SN_ripemd160 "RIPEMD160"
+#define LN_ripemd160 "ripemd160"
+#define NID_ripemd160 117
+#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
+
+#define SN_ripemd160WithRSA "RSA-RIPEMD160"
+#define LN_ripemd160WithRSA "ripemd160WithRSA"
+#define NID_ripemd160WithRSA 119
+#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
+
+#define SN_sxnet "SXNetID"
+#define LN_sxnet "Strong Extranet ID"
+#define NID_sxnet 143
+#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
+
+#define SN_X500 "X500"
+#define LN_X500 "directory services (X.500)"
+#define NID_X500 11
+#define OBJ_X500 2L,5L
+
+#define SN_X509 "X509"
+#define NID_X509 12
+#define OBJ_X509 OBJ_X500,4L
+
+#define SN_commonName "CN"
+#define LN_commonName "commonName"
+#define NID_commonName 13
+#define OBJ_commonName OBJ_X509,3L
+
+#define SN_surname "SN"
+#define LN_surname "surname"
+#define NID_surname 100
+#define OBJ_surname OBJ_X509,4L
+
+#define LN_serialNumber "serialNumber"
+#define NID_serialNumber 105
+#define OBJ_serialNumber OBJ_X509,5L
+
+#define SN_countryName "C"
+#define LN_countryName "countryName"
+#define NID_countryName 14
+#define OBJ_countryName OBJ_X509,6L
+
+#define SN_localityName "L"
+#define LN_localityName "localityName"
+#define NID_localityName 15
+#define OBJ_localityName OBJ_X509,7L
+
+#define SN_stateOrProvinceName "ST"
+#define LN_stateOrProvinceName "stateOrProvinceName"
+#define NID_stateOrProvinceName 16
+#define OBJ_stateOrProvinceName OBJ_X509,8L
+
+#define SN_streetAddress "street"
+#define LN_streetAddress "streetAddress"
+#define NID_streetAddress 660
+#define OBJ_streetAddress OBJ_X509,9L
+
+#define SN_organizationName "O"
+#define LN_organizationName "organizationName"
+#define NID_organizationName 17
+#define OBJ_organizationName OBJ_X509,10L
+
+#define SN_organizationalUnitName "OU"
+#define LN_organizationalUnitName "organizationalUnitName"
+#define NID_organizationalUnitName 18
+#define OBJ_organizationalUnitName OBJ_X509,11L
+
+#define SN_title "title"
+#define LN_title "title"
+#define NID_title 106
+#define OBJ_title OBJ_X509,12L
+
+#define LN_description "description"
+#define NID_description 107
+#define OBJ_description OBJ_X509,13L
+
+#define LN_searchGuide "searchGuide"
+#define NID_searchGuide 859
+#define OBJ_searchGuide OBJ_X509,14L
+
+#define LN_businessCategory "businessCategory"
+#define NID_businessCategory 860
+#define OBJ_businessCategory OBJ_X509,15L
+
+#define LN_postalAddress "postalAddress"
+#define NID_postalAddress 861
+#define OBJ_postalAddress OBJ_X509,16L
+
+#define LN_postalCode "postalCode"
+#define NID_postalCode 661
+#define OBJ_postalCode OBJ_X509,17L
+
+#define LN_postOfficeBox "postOfficeBox"
+#define NID_postOfficeBox 862
+#define OBJ_postOfficeBox OBJ_X509,18L
+
+#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName"
+#define NID_physicalDeliveryOfficeName 863
+#define OBJ_physicalDeliveryOfficeName OBJ_X509,19L
+
+#define LN_telephoneNumber "telephoneNumber"
+#define NID_telephoneNumber 864
+#define OBJ_telephoneNumber OBJ_X509,20L
+
+#define LN_telexNumber "telexNumber"
+#define NID_telexNumber 865
+#define OBJ_telexNumber OBJ_X509,21L
+
+#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier"
+#define NID_teletexTerminalIdentifier 866
+#define OBJ_teletexTerminalIdentifier OBJ_X509,22L
+
+#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber"
+#define NID_facsimileTelephoneNumber 867
+#define OBJ_facsimileTelephoneNumber OBJ_X509,23L
+
+#define LN_x121Address "x121Address"
+#define NID_x121Address 868
+#define OBJ_x121Address OBJ_X509,24L
+
+#define LN_internationaliSDNNumber "internationaliSDNNumber"
+#define NID_internationaliSDNNumber 869
+#define OBJ_internationaliSDNNumber OBJ_X509,25L
+
+#define LN_registeredAddress "registeredAddress"
+#define NID_registeredAddress 870
+#define OBJ_registeredAddress OBJ_X509,26L
+
+#define LN_destinationIndicator "destinationIndicator"
+#define NID_destinationIndicator 871
+#define OBJ_destinationIndicator OBJ_X509,27L
+
+#define LN_preferredDeliveryMethod "preferredDeliveryMethod"
+#define NID_preferredDeliveryMethod 872
+#define OBJ_preferredDeliveryMethod OBJ_X509,28L
+
+#define LN_presentationAddress "presentationAddress"
+#define NID_presentationAddress 873
+#define OBJ_presentationAddress OBJ_X509,29L
+
+#define LN_supportedApplicationContext "supportedApplicationContext"
+#define NID_supportedApplicationContext 874
+#define OBJ_supportedApplicationContext OBJ_X509,30L
+
+#define SN_member "member"
+#define NID_member 875
+#define OBJ_member OBJ_X509,31L
+
+#define SN_owner "owner"
+#define NID_owner 876
+#define OBJ_owner OBJ_X509,32L
+
+#define LN_roleOccupant "roleOccupant"
+#define NID_roleOccupant 877
+#define OBJ_roleOccupant OBJ_X509,33L
+
+#define SN_seeAlso "seeAlso"
+#define NID_seeAlso 878
+#define OBJ_seeAlso OBJ_X509,34L
+
+#define LN_userPassword "userPassword"
+#define NID_userPassword 879
+#define OBJ_userPassword OBJ_X509,35L
+
+#define LN_userCertificate "userCertificate"
+#define NID_userCertificate 880
+#define OBJ_userCertificate OBJ_X509,36L
+
+#define LN_cACertificate "cACertificate"
+#define NID_cACertificate 881
+#define OBJ_cACertificate OBJ_X509,37L
+
+#define LN_authorityRevocationList "authorityRevocationList"
+#define NID_authorityRevocationList 882
+#define OBJ_authorityRevocationList OBJ_X509,38L
+
+#define LN_certificateRevocationList "certificateRevocationList"
+#define NID_certificateRevocationList 883
+#define OBJ_certificateRevocationList OBJ_X509,39L
+
+#define LN_crossCertificatePair "crossCertificatePair"
+#define NID_crossCertificatePair 884
+#define OBJ_crossCertificatePair OBJ_X509,40L
+
+#define SN_name "name"
+#define LN_name "name"
+#define NID_name 173
+#define OBJ_name OBJ_X509,41L
+
+#define SN_givenName "GN"
+#define LN_givenName "givenName"
+#define NID_givenName 99
+#define OBJ_givenName OBJ_X509,42L
+
+#define SN_initials "initials"
+#define LN_initials "initials"
+#define NID_initials 101
+#define OBJ_initials OBJ_X509,43L
+
+#define LN_generationQualifier "generationQualifier"
+#define NID_generationQualifier 509
+#define OBJ_generationQualifier OBJ_X509,44L
+
+#define LN_x500UniqueIdentifier "x500UniqueIdentifier"
+#define NID_x500UniqueIdentifier 503
+#define OBJ_x500UniqueIdentifier OBJ_X509,45L
+
+#define SN_dnQualifier "dnQualifier"
+#define LN_dnQualifier "dnQualifier"
+#define NID_dnQualifier 174
+#define OBJ_dnQualifier OBJ_X509,46L
+
+#define LN_enhancedSearchGuide "enhancedSearchGuide"
+#define NID_enhancedSearchGuide 885
+#define OBJ_enhancedSearchGuide OBJ_X509,47L
+
+#define LN_protocolInformation "protocolInformation"
+#define NID_protocolInformation 886
+#define OBJ_protocolInformation OBJ_X509,48L
+
+#define LN_distinguishedName "distinguishedName"
+#define NID_distinguishedName 887
+#define OBJ_distinguishedName OBJ_X509,49L
+
+#define LN_uniqueMember "uniqueMember"
+#define NID_uniqueMember 888
+#define OBJ_uniqueMember OBJ_X509,50L
+
+#define LN_houseIdentifier "houseIdentifier"
+#define NID_houseIdentifier 889
+#define OBJ_houseIdentifier OBJ_X509,51L
+
+#define LN_supportedAlgorithms "supportedAlgorithms"
+#define NID_supportedAlgorithms 890
+#define OBJ_supportedAlgorithms OBJ_X509,52L
+
+#define LN_deltaRevocationList "deltaRevocationList"
+#define NID_deltaRevocationList 891
+#define OBJ_deltaRevocationList OBJ_X509,53L
+
+#define SN_dmdName "dmdName"
+#define NID_dmdName 892
+#define OBJ_dmdName OBJ_X509,54L
+
+#define LN_pseudonym "pseudonym"
+#define NID_pseudonym 510
+#define OBJ_pseudonym OBJ_X509,65L
+
+#define SN_role "role"
+#define LN_role "role"
+#define NID_role 400
+#define OBJ_role OBJ_X509,72L
+
+#define SN_X500algorithms "X500algorithms"
+#define LN_X500algorithms "directory services - algorithms"
+#define NID_X500algorithms 378
+#define OBJ_X500algorithms OBJ_X500,8L
+
+#define SN_rsa "RSA"
+#define LN_rsa "rsa"
+#define NID_rsa 19
+#define OBJ_rsa OBJ_X500algorithms,1L,1L
+
+#define SN_mdc2WithRSA "RSA-MDC2"
+#define LN_mdc2WithRSA "mdc2WithRSA"
+#define NID_mdc2WithRSA 96
+#define OBJ_mdc2WithRSA OBJ_X500algorithms,3L,100L
+
+#define SN_mdc2 "MDC2"
+#define LN_mdc2 "mdc2"
+#define NID_mdc2 95
+#define OBJ_mdc2 OBJ_X500algorithms,3L,101L
+
+#define SN_id_ce "id-ce"
+#define NID_id_ce 81
+#define OBJ_id_ce OBJ_X500,29L
+
+#define SN_subject_directory_attributes "subjectDirectoryAttributes"
+#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes"
+#define NID_subject_directory_attributes 769
+#define OBJ_subject_directory_attributes OBJ_id_ce,9L
+
+#define SN_subject_key_identifier "subjectKeyIdentifier"
+#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier 82
+#define OBJ_subject_key_identifier OBJ_id_ce,14L
+
+#define SN_key_usage "keyUsage"
+#define LN_key_usage "X509v3 Key Usage"
+#define NID_key_usage 83
+#define OBJ_key_usage OBJ_id_ce,15L
+
+#define SN_private_key_usage_period "privateKeyUsagePeriod"
+#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period 84
+#define OBJ_private_key_usage_period OBJ_id_ce,16L
+
+#define SN_subject_alt_name "subjectAltName"
+#define LN_subject_alt_name "X509v3 Subject Alternative Name"
+#define NID_subject_alt_name 85
+#define OBJ_subject_alt_name OBJ_id_ce,17L
+
+#define SN_issuer_alt_name "issuerAltName"
+#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name 86
+#define OBJ_issuer_alt_name OBJ_id_ce,18L
+
+#define SN_basic_constraints "basicConstraints"
+#define LN_basic_constraints "X509v3 Basic Constraints"
+#define NID_basic_constraints 87
+#define OBJ_basic_constraints OBJ_id_ce,19L
+
+#define SN_crl_number "crlNumber"
+#define LN_crl_number "X509v3 CRL Number"
+#define NID_crl_number 88
+#define OBJ_crl_number OBJ_id_ce,20L
+
+#define SN_crl_reason "CRLReason"
+#define LN_crl_reason "X509v3 CRL Reason Code"
+#define NID_crl_reason 141
+#define OBJ_crl_reason OBJ_id_ce,21L
+
+#define SN_invalidity_date "invalidityDate"
+#define LN_invalidity_date "Invalidity Date"
+#define NID_invalidity_date 142
+#define OBJ_invalidity_date OBJ_id_ce,24L
+
+#define SN_delta_crl "deltaCRL"
+#define LN_delta_crl "X509v3 Delta CRL Indicator"
+#define NID_delta_crl 140
+#define OBJ_delta_crl OBJ_id_ce,27L
+
+#define SN_issuing_distribution_point "issuingDistributionPoint"
+#define LN_issuing_distribution_point "X509v3 Issuing Distrubution Point"
+#define NID_issuing_distribution_point 770
+#define OBJ_issuing_distribution_point OBJ_id_ce,28L
+
+#define SN_certificate_issuer "certificateIssuer"
+#define LN_certificate_issuer "X509v3 Certificate Issuer"
+#define NID_certificate_issuer 771
+#define OBJ_certificate_issuer OBJ_id_ce,29L
+
+#define SN_name_constraints "nameConstraints"
+#define LN_name_constraints "X509v3 Name Constraints"
+#define NID_name_constraints 666
+#define OBJ_name_constraints OBJ_id_ce,30L
+
+#define SN_crl_distribution_points "crlDistributionPoints"
+#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
+#define NID_crl_distribution_points 103
+#define OBJ_crl_distribution_points OBJ_id_ce,31L
+
+#define SN_certificate_policies "certificatePolicies"
+#define LN_certificate_policies "X509v3 Certificate Policies"
+#define NID_certificate_policies 89
+#define OBJ_certificate_policies OBJ_id_ce,32L
+
+#define SN_any_policy "anyPolicy"
+#define LN_any_policy "X509v3 Any Policy"
+#define NID_any_policy 746
+#define OBJ_any_policy OBJ_certificate_policies,0L
+
+#define SN_policy_mappings "policyMappings"
+#define LN_policy_mappings "X509v3 Policy Mappings"
+#define NID_policy_mappings 747
+#define OBJ_policy_mappings OBJ_id_ce,33L
+
+#define SN_authority_key_identifier "authorityKeyIdentifier"
+#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier 90
+#define OBJ_authority_key_identifier OBJ_id_ce,35L
+
+#define SN_policy_constraints "policyConstraints"
+#define LN_policy_constraints "X509v3 Policy Constraints"
+#define NID_policy_constraints 401
+#define OBJ_policy_constraints OBJ_id_ce,36L
+
+#define SN_ext_key_usage "extendedKeyUsage"
+#define LN_ext_key_usage "X509v3 Extended Key Usage"
+#define NID_ext_key_usage 126
+#define OBJ_ext_key_usage OBJ_id_ce,37L
+
+#define SN_freshest_crl "freshestCRL"
+#define LN_freshest_crl "X509v3 Freshest CRL"
+#define NID_freshest_crl 857
+#define OBJ_freshest_crl OBJ_id_ce,46L
+
+#define SN_inhibit_any_policy "inhibitAnyPolicy"
+#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy"
+#define NID_inhibit_any_policy 748
+#define OBJ_inhibit_any_policy OBJ_id_ce,54L
+
+#define SN_target_information "targetInformation"
+#define LN_target_information "X509v3 AC Targeting"
+#define NID_target_information 402
+#define OBJ_target_information OBJ_id_ce,55L
+
+#define SN_no_rev_avail "noRevAvail"
+#define LN_no_rev_avail "X509v3 No Revocation Available"
+#define NID_no_rev_avail 403
+#define OBJ_no_rev_avail OBJ_id_ce,56L
+
+#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
+#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
+#define NID_anyExtendedKeyUsage 910
+#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
+
+#define SN_netscape "Netscape"
+#define LN_netscape "Netscape Communications Corp."
+#define NID_netscape 57
+#define OBJ_netscape 2L,16L,840L,1L,113730L
+
+#define SN_netscape_cert_extension "nsCertExt"
+#define LN_netscape_cert_extension "Netscape Certificate Extension"
+#define NID_netscape_cert_extension 58
+#define OBJ_netscape_cert_extension OBJ_netscape,1L
+
+#define SN_netscape_data_type "nsDataType"
+#define LN_netscape_data_type "Netscape Data Type"
+#define NID_netscape_data_type 59
+#define OBJ_netscape_data_type OBJ_netscape,2L
+
+#define SN_netscape_cert_type "nsCertType"
+#define LN_netscape_cert_type "Netscape Cert Type"
+#define NID_netscape_cert_type 71
+#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
+
+#define SN_netscape_base_url "nsBaseUrl"
+#define LN_netscape_base_url "Netscape Base Url"
+#define NID_netscape_base_url 72
+#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
+
+#define SN_netscape_revocation_url "nsRevocationUrl"
+#define LN_netscape_revocation_url "Netscape Revocation Url"
+#define NID_netscape_revocation_url 73
+#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
+
+#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
+#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
+#define NID_netscape_ca_revocation_url 74
+#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
+
+#define SN_netscape_renewal_url "nsRenewalUrl"
+#define LN_netscape_renewal_url "Netscape Renewal Url"
+#define NID_netscape_renewal_url 75
+#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
+
+#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
+#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
+#define NID_netscape_ca_policy_url 76
+#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
+
+#define SN_netscape_ssl_server_name "nsSslServerName"
+#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
+#define NID_netscape_ssl_server_name 77
+#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
+
+#define SN_netscape_comment "nsComment"
+#define LN_netscape_comment "Netscape Comment"
+#define NID_netscape_comment 78
+#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
+
+#define SN_netscape_cert_sequence "nsCertSequence"
+#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
+#define NID_netscape_cert_sequence 79
+#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
+
+#define SN_ns_sgc "nsSGC"
+#define LN_ns_sgc "Netscape Server Gated Crypto"
+#define NID_ns_sgc 139
+#define OBJ_ns_sgc OBJ_netscape,4L,1L
+
+#define SN_org "ORG"
+#define LN_org "org"
+#define NID_org 379
+#define OBJ_org OBJ_iso,3L
+
+#define SN_dod "DOD"
+#define LN_dod "dod"
+#define NID_dod 380
+#define OBJ_dod OBJ_org,6L
+
+#define SN_iana "IANA"
+#define LN_iana "iana"
+#define NID_iana 381
+#define OBJ_iana OBJ_dod,1L
+
+#define OBJ_internet OBJ_iana
+
+#define SN_Directory "directory"
+#define LN_Directory "Directory"
+#define NID_Directory 382
+#define OBJ_Directory OBJ_internet,1L
+
+#define SN_Management "mgmt"
+#define LN_Management "Management"
+#define NID_Management 383
+#define OBJ_Management OBJ_internet,2L
+
+#define SN_Experimental "experimental"
+#define LN_Experimental "Experimental"
+#define NID_Experimental 384
+#define OBJ_Experimental OBJ_internet,3L
+
+#define SN_Private "private"
+#define LN_Private "Private"
+#define NID_Private 385
+#define OBJ_Private OBJ_internet,4L
+
+#define SN_Security "security"
+#define LN_Security "Security"
+#define NID_Security 386
+#define OBJ_Security OBJ_internet,5L
+
+#define SN_SNMPv2 "snmpv2"
+#define LN_SNMPv2 "SNMPv2"
+#define NID_SNMPv2 387
+#define OBJ_SNMPv2 OBJ_internet,6L
+
+#define LN_Mail "Mail"
+#define NID_Mail 388
+#define OBJ_Mail OBJ_internet,7L
+
+#define SN_Enterprises "enterprises"
+#define LN_Enterprises "Enterprises"
+#define NID_Enterprises 389
+#define OBJ_Enterprises OBJ_Private,1L
+
+#define SN_dcObject "dcobject"
+#define LN_dcObject "dcObject"
+#define NID_dcObject 390
+#define OBJ_dcObject OBJ_Enterprises,1466L,344L
+
+#define SN_mime_mhs "mime-mhs"
+#define LN_mime_mhs "MIME MHS"
+#define NID_mime_mhs 504
+#define OBJ_mime_mhs OBJ_Mail,1L
+
+#define SN_mime_mhs_headings "mime-mhs-headings"
+#define LN_mime_mhs_headings "mime-mhs-headings"
+#define NID_mime_mhs_headings 505
+#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L
+
+#define SN_mime_mhs_bodies "mime-mhs-bodies"
+#define LN_mime_mhs_bodies "mime-mhs-bodies"
+#define NID_mime_mhs_bodies 506
+#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L
+
+#define SN_id_hex_partial_message "id-hex-partial-message"
+#define LN_id_hex_partial_message "id-hex-partial-message"
+#define NID_id_hex_partial_message 507
+#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L
+
+#define SN_id_hex_multipart_message "id-hex-multipart-message"
+#define LN_id_hex_multipart_message "id-hex-multipart-message"
+#define NID_id_hex_multipart_message 508
+#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L
+
+#define SN_rle_compression "RLE"
+#define LN_rle_compression "run length compression"
+#define NID_rle_compression 124
+#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L
+
+#define SN_zlib_compression "ZLIB"
+#define LN_zlib_compression "zlib compression"
+#define NID_zlib_compression 125
+#define OBJ_zlib_compression OBJ_id_smime_alg,8L
+
+#define OBJ_csor 2L,16L,840L,1L,101L,3L
+
+#define OBJ_nistAlgorithms OBJ_csor,4L
+
+#define OBJ_aes OBJ_nistAlgorithms,1L
+
+#define SN_aes_128_ecb "AES-128-ECB"
+#define LN_aes_128_ecb "aes-128-ecb"
+#define NID_aes_128_ecb 418
+#define OBJ_aes_128_ecb OBJ_aes,1L
+
+#define SN_aes_128_cbc "AES-128-CBC"
+#define LN_aes_128_cbc "aes-128-cbc"
+#define NID_aes_128_cbc 419
+#define OBJ_aes_128_cbc OBJ_aes,2L
+
+#define SN_aes_128_ofb128 "AES-128-OFB"
+#define LN_aes_128_ofb128 "aes-128-ofb"
+#define NID_aes_128_ofb128 420
+#define OBJ_aes_128_ofb128 OBJ_aes,3L
+
+#define SN_aes_128_cfb128 "AES-128-CFB"
+#define LN_aes_128_cfb128 "aes-128-cfb"
+#define NID_aes_128_cfb128 421
+#define OBJ_aes_128_cfb128 OBJ_aes,4L
+
+#define SN_id_aes128_wrap "id-aes128-wrap"
+#define NID_id_aes128_wrap 788
+#define OBJ_id_aes128_wrap OBJ_aes,5L
+
+#define SN_aes_128_gcm "id-aes128-GCM"
+#define LN_aes_128_gcm "aes-128-gcm"
+#define NID_aes_128_gcm 895
+#define OBJ_aes_128_gcm OBJ_aes,6L
+
+#define SN_aes_128_ccm "id-aes128-CCM"
+#define LN_aes_128_ccm "aes-128-ccm"
+#define NID_aes_128_ccm 896
+#define OBJ_aes_128_ccm OBJ_aes,7L
+
+#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
+#define NID_id_aes128_wrap_pad 897
+#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
+
+#define SN_aes_192_ecb "AES-192-ECB"
+#define LN_aes_192_ecb "aes-192-ecb"
+#define NID_aes_192_ecb 422
+#define OBJ_aes_192_ecb OBJ_aes,21L
+
+#define SN_aes_192_cbc "AES-192-CBC"
+#define LN_aes_192_cbc "aes-192-cbc"
+#define NID_aes_192_cbc 423
+#define OBJ_aes_192_cbc OBJ_aes,22L
+
+#define SN_aes_192_ofb128 "AES-192-OFB"
+#define LN_aes_192_ofb128 "aes-192-ofb"
+#define NID_aes_192_ofb128 424
+#define OBJ_aes_192_ofb128 OBJ_aes,23L
+
+#define SN_aes_192_cfb128 "AES-192-CFB"
+#define LN_aes_192_cfb128 "aes-192-cfb"
+#define NID_aes_192_cfb128 425
+#define OBJ_aes_192_cfb128 OBJ_aes,24L
+
+#define SN_id_aes192_wrap "id-aes192-wrap"
+#define NID_id_aes192_wrap 789
+#define OBJ_id_aes192_wrap OBJ_aes,25L
+
+#define SN_aes_192_gcm "id-aes192-GCM"
+#define LN_aes_192_gcm "aes-192-gcm"
+#define NID_aes_192_gcm 898
+#define OBJ_aes_192_gcm OBJ_aes,26L
+
+#define SN_aes_192_ccm "id-aes192-CCM"
+#define LN_aes_192_ccm "aes-192-ccm"
+#define NID_aes_192_ccm 899
+#define OBJ_aes_192_ccm OBJ_aes,27L
+
+#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
+#define NID_id_aes192_wrap_pad 900
+#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
+
+#define SN_aes_256_ecb "AES-256-ECB"
+#define LN_aes_256_ecb "aes-256-ecb"
+#define NID_aes_256_ecb 426
+#define OBJ_aes_256_ecb OBJ_aes,41L
+
+#define SN_aes_256_cbc "AES-256-CBC"
+#define LN_aes_256_cbc "aes-256-cbc"
+#define NID_aes_256_cbc 427
+#define OBJ_aes_256_cbc OBJ_aes,42L
+
+#define SN_aes_256_ofb128 "AES-256-OFB"
+#define LN_aes_256_ofb128 "aes-256-ofb"
+#define NID_aes_256_ofb128 428
+#define OBJ_aes_256_ofb128 OBJ_aes,43L
+
+#define SN_aes_256_cfb128 "AES-256-CFB"
+#define LN_aes_256_cfb128 "aes-256-cfb"
+#define NID_aes_256_cfb128 429
+#define OBJ_aes_256_cfb128 OBJ_aes,44L
+
+#define SN_id_aes256_wrap "id-aes256-wrap"
+#define NID_id_aes256_wrap 790
+#define OBJ_id_aes256_wrap OBJ_aes,45L
+
+#define SN_aes_256_gcm "id-aes256-GCM"
+#define LN_aes_256_gcm "aes-256-gcm"
+#define NID_aes_256_gcm 901
+#define OBJ_aes_256_gcm OBJ_aes,46L
+
+#define SN_aes_256_ccm "id-aes256-CCM"
+#define LN_aes_256_ccm "aes-256-ccm"
+#define NID_aes_256_ccm 902
+#define OBJ_aes_256_ccm OBJ_aes,47L
+
+#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
+#define NID_id_aes256_wrap_pad 903
+#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
+
+#define SN_aes_128_cfb1 "AES-128-CFB1"
+#define LN_aes_128_cfb1 "aes-128-cfb1"
+#define NID_aes_128_cfb1 650
+
+#define SN_aes_192_cfb1 "AES-192-CFB1"
+#define LN_aes_192_cfb1 "aes-192-cfb1"
+#define NID_aes_192_cfb1 651
+
+#define SN_aes_256_cfb1 "AES-256-CFB1"
+#define LN_aes_256_cfb1 "aes-256-cfb1"
+#define NID_aes_256_cfb1 652
+
+#define SN_aes_128_cfb8 "AES-128-CFB8"
+#define LN_aes_128_cfb8 "aes-128-cfb8"
+#define NID_aes_128_cfb8 653
+
+#define SN_aes_192_cfb8 "AES-192-CFB8"
+#define LN_aes_192_cfb8 "aes-192-cfb8"
+#define NID_aes_192_cfb8 654
+
+#define SN_aes_256_cfb8 "AES-256-CFB8"
+#define LN_aes_256_cfb8 "aes-256-cfb8"
+#define NID_aes_256_cfb8 655
+
+#define SN_aes_128_ctr "AES-128-CTR"
+#define LN_aes_128_ctr "aes-128-ctr"
+#define NID_aes_128_ctr 904
+
+#define SN_aes_192_ctr "AES-192-CTR"
+#define LN_aes_192_ctr "aes-192-ctr"
+#define NID_aes_192_ctr 905
+
+#define SN_aes_256_ctr "AES-256-CTR"
+#define LN_aes_256_ctr "aes-256-ctr"
+#define NID_aes_256_ctr 906
+
+#define SN_aes_128_ocb "AES-128-OCB"
+#define LN_aes_128_ocb "aes-128-ocb"
+#define NID_aes_128_ocb 958
+
+#define SN_aes_192_ocb "AES-192-OCB"
+#define LN_aes_192_ocb "aes-192-ocb"
+#define NID_aes_192_ocb 959
+
+#define SN_aes_256_ocb "AES-256-OCB"
+#define LN_aes_256_ocb "aes-256-ocb"
+#define NID_aes_256_ocb 960
+
+#define SN_aes_128_xts "AES-128-XTS"
+#define LN_aes_128_xts "aes-128-xts"
+#define NID_aes_128_xts 913
+
+#define SN_aes_256_xts "AES-256-XTS"
+#define LN_aes_256_xts "aes-256-xts"
+#define NID_aes_256_xts 914
+
+#define SN_des_cfb1 "DES-CFB1"
+#define LN_des_cfb1 "des-cfb1"
+#define NID_des_cfb1 656
+
+#define SN_des_cfb8 "DES-CFB8"
+#define LN_des_cfb8 "des-cfb8"
+#define NID_des_cfb8 657
+
+#define SN_des_ede3_cfb1 "DES-EDE3-CFB1"
+#define LN_des_ede3_cfb1 "des-ede3-cfb1"
+#define NID_des_ede3_cfb1 658
+
+#define SN_des_ede3_cfb8 "DES-EDE3-CFB8"
+#define LN_des_ede3_cfb8 "des-ede3-cfb8"
+#define NID_des_ede3_cfb8 659
+
+#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
+
+#define SN_sha256 "SHA256"
+#define LN_sha256 "sha256"
+#define NID_sha256 672
+#define OBJ_sha256 OBJ_nist_hashalgs,1L
+
+#define SN_sha384 "SHA384"
+#define LN_sha384 "sha384"
+#define NID_sha384 673
+#define OBJ_sha384 OBJ_nist_hashalgs,2L
+
+#define SN_sha512 "SHA512"
+#define LN_sha512 "sha512"
+#define NID_sha512 674
+#define OBJ_sha512 OBJ_nist_hashalgs,3L
+
+#define SN_sha224 "SHA224"
+#define LN_sha224 "sha224"
+#define NID_sha224 675
+#define OBJ_sha224 OBJ_nist_hashalgs,4L
+
+#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L
+
+#define SN_dsa_with_SHA224 "dsa_with_SHA224"
+#define NID_dsa_with_SHA224 802
+#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L
+
+#define SN_dsa_with_SHA256 "dsa_with_SHA256"
+#define NID_dsa_with_SHA256 803
+#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L
+
+#define SN_hold_instruction_code "holdInstructionCode"
+#define LN_hold_instruction_code "Hold Instruction Code"
+#define NID_hold_instruction_code 430
+#define OBJ_hold_instruction_code OBJ_id_ce,23L
+
+#define OBJ_holdInstruction OBJ_X9_57,2L
+
+#define SN_hold_instruction_none "holdInstructionNone"
+#define LN_hold_instruction_none "Hold Instruction None"
+#define NID_hold_instruction_none 431
+#define OBJ_hold_instruction_none OBJ_holdInstruction,1L
+
+#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer"
+#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer"
+#define NID_hold_instruction_call_issuer 432
+#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L
+
+#define SN_hold_instruction_reject "holdInstructionReject"
+#define LN_hold_instruction_reject "Hold Instruction Reject"
+#define NID_hold_instruction_reject 433
+#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L
+
+#define SN_data "data"
+#define NID_data 434
+#define OBJ_data OBJ_itu_t,9L
+
+#define SN_pss "pss"
+#define NID_pss 435
+#define OBJ_pss OBJ_data,2342L
+
+#define SN_ucl "ucl"
+#define NID_ucl 436
+#define OBJ_ucl OBJ_pss,19200300L
+
+#define SN_pilot "pilot"
+#define NID_pilot 437
+#define OBJ_pilot OBJ_ucl,100L
+
+#define LN_pilotAttributeType "pilotAttributeType"
+#define NID_pilotAttributeType 438
+#define OBJ_pilotAttributeType OBJ_pilot,1L
+
+#define LN_pilotAttributeSyntax "pilotAttributeSyntax"
+#define NID_pilotAttributeSyntax 439
+#define OBJ_pilotAttributeSyntax OBJ_pilot,3L
+
+#define LN_pilotObjectClass "pilotObjectClass"
+#define NID_pilotObjectClass 440
+#define OBJ_pilotObjectClass OBJ_pilot,4L
+
+#define LN_pilotGroups "pilotGroups"
+#define NID_pilotGroups 441
+#define OBJ_pilotGroups OBJ_pilot,10L
+
+#define LN_iA5StringSyntax "iA5StringSyntax"
+#define NID_iA5StringSyntax 442
+#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L
+
+#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax"
+#define NID_caseIgnoreIA5StringSyntax 443
+#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L
+
+#define LN_pilotObject "pilotObject"
+#define NID_pilotObject 444
+#define OBJ_pilotObject OBJ_pilotObjectClass,3L
+
+#define LN_pilotPerson "pilotPerson"
+#define NID_pilotPerson 445
+#define OBJ_pilotPerson OBJ_pilotObjectClass,4L
+
+#define SN_account "account"
+#define NID_account 446
+#define OBJ_account OBJ_pilotObjectClass,5L
+
+#define SN_document "document"
+#define NID_document 447
+#define OBJ_document OBJ_pilotObjectClass,6L
+
+#define SN_room "room"
+#define NID_room 448
+#define OBJ_room OBJ_pilotObjectClass,7L
+
+#define LN_documentSeries "documentSeries"
+#define NID_documentSeries 449
+#define OBJ_documentSeries OBJ_pilotObjectClass,9L
+
+#define SN_Domain "domain"
+#define LN_Domain "Domain"
+#define NID_Domain 392
+#define OBJ_Domain OBJ_pilotObjectClass,13L
+
+#define LN_rFC822localPart "rFC822localPart"
+#define NID_rFC822localPart 450
+#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L
+
+#define LN_dNSDomain "dNSDomain"
+#define NID_dNSDomain 451
+#define OBJ_dNSDomain OBJ_pilotObjectClass,15L
+
+#define LN_domainRelatedObject "domainRelatedObject"
+#define NID_domainRelatedObject 452
+#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L
+
+#define LN_friendlyCountry "friendlyCountry"
+#define NID_friendlyCountry 453
+#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L
+
+#define LN_simpleSecurityObject "simpleSecurityObject"
+#define NID_simpleSecurityObject 454
+#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L
+
+#define LN_pilotOrganization "pilotOrganization"
+#define NID_pilotOrganization 455
+#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L
+
+#define LN_pilotDSA "pilotDSA"
+#define NID_pilotDSA 456
+#define OBJ_pilotDSA OBJ_pilotObjectClass,21L
+
+#define LN_qualityLabelledData "qualityLabelledData"
+#define NID_qualityLabelledData 457
+#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L
+
+#define SN_userId "UID"
+#define LN_userId "userId"
+#define NID_userId 458
+#define OBJ_userId OBJ_pilotAttributeType,1L
+
+#define LN_textEncodedORAddress "textEncodedORAddress"
+#define NID_textEncodedORAddress 459
+#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L
+
+#define SN_rfc822Mailbox "mail"
+#define LN_rfc822Mailbox "rfc822Mailbox"
+#define NID_rfc822Mailbox 460
+#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L
+
+#define SN_info "info"
+#define NID_info 461
+#define OBJ_info OBJ_pilotAttributeType,4L
+
+#define LN_favouriteDrink "favouriteDrink"
+#define NID_favouriteDrink 462
+#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L
+
+#define LN_roomNumber "roomNumber"
+#define NID_roomNumber 463
+#define OBJ_roomNumber OBJ_pilotAttributeType,6L
+
+#define SN_photo "photo"
+#define NID_photo 464
+#define OBJ_photo OBJ_pilotAttributeType,7L
+
+#define LN_userClass "userClass"
+#define NID_userClass 465
+#define OBJ_userClass OBJ_pilotAttributeType,8L
+
+#define SN_host "host"
+#define NID_host 466
+#define OBJ_host OBJ_pilotAttributeType,9L
+
+#define SN_manager "manager"
+#define NID_manager 467
+#define OBJ_manager OBJ_pilotAttributeType,10L
+
+#define LN_documentIdentifier "documentIdentifier"
+#define NID_documentIdentifier 468
+#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L
+
+#define LN_documentTitle "documentTitle"
+#define NID_documentTitle 469
+#define OBJ_documentTitle OBJ_pilotAttributeType,12L
+
+#define LN_documentVersion "documentVersion"
+#define NID_documentVersion 470
+#define OBJ_documentVersion OBJ_pilotAttributeType,13L
+
+#define LN_documentAuthor "documentAuthor"
+#define NID_documentAuthor 471
+#define OBJ_documentAuthor OBJ_pilotAttributeType,14L
+
+#define LN_documentLocation "documentLocation"
+#define NID_documentLocation 472
+#define OBJ_documentLocation OBJ_pilotAttributeType,15L
+
+#define LN_homeTelephoneNumber "homeTelephoneNumber"
+#define NID_homeTelephoneNumber 473
+#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L
+
+#define SN_secretary "secretary"
+#define NID_secretary 474
+#define OBJ_secretary OBJ_pilotAttributeType,21L
+
+#define LN_otherMailbox "otherMailbox"
+#define NID_otherMailbox 475
+#define OBJ_otherMailbox OBJ_pilotAttributeType,22L
+
+#define LN_lastModifiedTime "lastModifiedTime"
+#define NID_lastModifiedTime 476
+#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L
+
+#define LN_lastModifiedBy "lastModifiedBy"
+#define NID_lastModifiedBy 477
+#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L
+
+#define SN_domainComponent "DC"
+#define LN_domainComponent "domainComponent"
+#define NID_domainComponent 391
+#define OBJ_domainComponent OBJ_pilotAttributeType,25L
+
+#define LN_aRecord "aRecord"
+#define NID_aRecord 478
+#define OBJ_aRecord OBJ_pilotAttributeType,26L
+
+#define LN_pilotAttributeType27 "pilotAttributeType27"
+#define NID_pilotAttributeType27 479
+#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L
+
+#define LN_mXRecord "mXRecord"
+#define NID_mXRecord 480
+#define OBJ_mXRecord OBJ_pilotAttributeType,28L
+
+#define LN_nSRecord "nSRecord"
+#define NID_nSRecord 481
+#define OBJ_nSRecord OBJ_pilotAttributeType,29L
+
+#define LN_sOARecord "sOARecord"
+#define NID_sOARecord 482
+#define OBJ_sOARecord OBJ_pilotAttributeType,30L
+
+#define LN_cNAMERecord "cNAMERecord"
+#define NID_cNAMERecord 483
+#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L
+
+#define LN_associatedDomain "associatedDomain"
+#define NID_associatedDomain 484
+#define OBJ_associatedDomain OBJ_pilotAttributeType,37L
+
+#define LN_associatedName "associatedName"
+#define NID_associatedName 485
+#define OBJ_associatedName OBJ_pilotAttributeType,38L
+
+#define LN_homePostalAddress "homePostalAddress"
+#define NID_homePostalAddress 486
+#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L
+
+#define LN_personalTitle "personalTitle"
+#define NID_personalTitle 487
+#define OBJ_personalTitle OBJ_pilotAttributeType,40L
+
+#define LN_mobileTelephoneNumber "mobileTelephoneNumber"
+#define NID_mobileTelephoneNumber 488
+#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L
+
+#define LN_pagerTelephoneNumber "pagerTelephoneNumber"
+#define NID_pagerTelephoneNumber 489
+#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L
+
+#define LN_friendlyCountryName "friendlyCountryName"
+#define NID_friendlyCountryName 490
+#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L
+
+#define SN_uniqueIdentifier "uid"
+#define LN_uniqueIdentifier "uniqueIdentifier"
+#define NID_uniqueIdentifier 102
+#define OBJ_uniqueIdentifier OBJ_pilotAttributeType,44L
+
+#define LN_organizationalStatus "organizationalStatus"
+#define NID_organizationalStatus 491
+#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L
+
+#define LN_janetMailbox "janetMailbox"
+#define NID_janetMailbox 492
+#define OBJ_janetMailbox OBJ_pilotAttributeType,46L
+
+#define LN_mailPreferenceOption "mailPreferenceOption"
+#define NID_mailPreferenceOption 493
+#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L
+
+#define LN_buildingName "buildingName"
+#define NID_buildingName 494
+#define OBJ_buildingName OBJ_pilotAttributeType,48L
+
+#define LN_dSAQuality "dSAQuality"
+#define NID_dSAQuality 495
+#define OBJ_dSAQuality OBJ_pilotAttributeType,49L
+
+#define LN_singleLevelQuality "singleLevelQuality"
+#define NID_singleLevelQuality 496
+#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L
+
+#define LN_subtreeMinimumQuality "subtreeMinimumQuality"
+#define NID_subtreeMinimumQuality 497
+#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L
+
+#define LN_subtreeMaximumQuality "subtreeMaximumQuality"
+#define NID_subtreeMaximumQuality 498
+#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L
+
+#define LN_personalSignature "personalSignature"
+#define NID_personalSignature 499
+#define OBJ_personalSignature OBJ_pilotAttributeType,53L
+
+#define LN_dITRedirect "dITRedirect"
+#define NID_dITRedirect 500
+#define OBJ_dITRedirect OBJ_pilotAttributeType,54L
+
+#define SN_audio "audio"
+#define NID_audio 501
+#define OBJ_audio OBJ_pilotAttributeType,55L
+
+#define LN_documentPublisher "documentPublisher"
+#define NID_documentPublisher 502
+#define OBJ_documentPublisher OBJ_pilotAttributeType,56L
+
+#define SN_id_set "id-set"
+#define LN_id_set "Secure Electronic Transactions"
+#define NID_id_set 512
+#define OBJ_id_set OBJ_international_organizations,42L
+
+#define SN_set_ctype "set-ctype"
+#define LN_set_ctype "content types"
+#define NID_set_ctype 513
+#define OBJ_set_ctype OBJ_id_set,0L
+
+#define SN_set_msgExt "set-msgExt"
+#define LN_set_msgExt "message extensions"
+#define NID_set_msgExt 514
+#define OBJ_set_msgExt OBJ_id_set,1L
+
+#define SN_set_attr "set-attr"
+#define NID_set_attr 515
+#define OBJ_set_attr OBJ_id_set,3L
+
+#define SN_set_policy "set-policy"
+#define NID_set_policy 516
+#define OBJ_set_policy OBJ_id_set,5L
+
+#define SN_set_certExt "set-certExt"
+#define LN_set_certExt "certificate extensions"
+#define NID_set_certExt 517
+#define OBJ_set_certExt OBJ_id_set,7L
+
+#define SN_set_brand "set-brand"
+#define NID_set_brand 518
+#define OBJ_set_brand OBJ_id_set,8L
+
+#define SN_setct_PANData "setct-PANData"
+#define NID_setct_PANData 519
+#define OBJ_setct_PANData OBJ_set_ctype,0L
+
+#define SN_setct_PANToken "setct-PANToken"
+#define NID_setct_PANToken 520
+#define OBJ_setct_PANToken OBJ_set_ctype,1L
+
+#define SN_setct_PANOnly "setct-PANOnly"
+#define NID_setct_PANOnly 521
+#define OBJ_setct_PANOnly OBJ_set_ctype,2L
+
+#define SN_setct_OIData "setct-OIData"
+#define NID_setct_OIData 522
+#define OBJ_setct_OIData OBJ_set_ctype,3L
+
+#define SN_setct_PI "setct-PI"
+#define NID_setct_PI 523
+#define OBJ_setct_PI OBJ_set_ctype,4L
+
+#define SN_setct_PIData "setct-PIData"
+#define NID_setct_PIData 524
+#define OBJ_setct_PIData OBJ_set_ctype,5L
+
+#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
+#define NID_setct_PIDataUnsigned 525
+#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L
+
+#define SN_setct_HODInput "setct-HODInput"
+#define NID_setct_HODInput 526
+#define OBJ_setct_HODInput OBJ_set_ctype,7L
+
+#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
+#define NID_setct_AuthResBaggage 527
+#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L
+
+#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
+#define NID_setct_AuthRevReqBaggage 528
+#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L
+
+#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
+#define NID_setct_AuthRevResBaggage 529
+#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L
+
+#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
+#define NID_setct_CapTokenSeq 530
+#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L
+
+#define SN_setct_PInitResData "setct-PInitResData"
+#define NID_setct_PInitResData 531
+#define OBJ_setct_PInitResData OBJ_set_ctype,12L
+
+#define SN_setct_PI_TBS "setct-PI-TBS"
+#define NID_setct_PI_TBS 532
+#define OBJ_setct_PI_TBS OBJ_set_ctype,13L
+
+#define SN_setct_PResData "setct-PResData"
+#define NID_setct_PResData 533
+#define OBJ_setct_PResData OBJ_set_ctype,14L
+
+#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
+#define NID_setct_AuthReqTBS 534
+#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L
+
+#define SN_setct_AuthResTBS "setct-AuthResTBS"
+#define NID_setct_AuthResTBS 535
+#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L
+
+#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
+#define NID_setct_AuthResTBSX 536
+#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L
+
+#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
+#define NID_setct_AuthTokenTBS 537
+#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L
+
+#define SN_setct_CapTokenData "setct-CapTokenData"
+#define NID_setct_CapTokenData 538
+#define OBJ_setct_CapTokenData OBJ_set_ctype,20L
+
+#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
+#define NID_setct_CapTokenTBS 539
+#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L
+
+#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
+#define NID_setct_AcqCardCodeMsg 540
+#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L
+
+#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
+#define NID_setct_AuthRevReqTBS 541
+#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L
+
+#define SN_setct_AuthRevResData "setct-AuthRevResData"
+#define NID_setct_AuthRevResData 542
+#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L
+
+#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
+#define NID_setct_AuthRevResTBS 543
+#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L
+
+#define SN_setct_CapReqTBS "setct-CapReqTBS"
+#define NID_setct_CapReqTBS 544
+#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L
+
+#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
+#define NID_setct_CapReqTBSX 545
+#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L
+
+#define SN_setct_CapResData "setct-CapResData"
+#define NID_setct_CapResData 546
+#define OBJ_setct_CapResData OBJ_set_ctype,28L
+
+#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
+#define NID_setct_CapRevReqTBS 547
+#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L
+
+#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
+#define NID_setct_CapRevReqTBSX 548
+#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L
+
+#define SN_setct_CapRevResData "setct-CapRevResData"
+#define NID_setct_CapRevResData 549
+#define OBJ_setct_CapRevResData OBJ_set_ctype,31L
+
+#define SN_setct_CredReqTBS "setct-CredReqTBS"
+#define NID_setct_CredReqTBS 550
+#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L
+
+#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
+#define NID_setct_CredReqTBSX 551
+#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L
+
+#define SN_setct_CredResData "setct-CredResData"
+#define NID_setct_CredResData 552
+#define OBJ_setct_CredResData OBJ_set_ctype,34L
+
+#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
+#define NID_setct_CredRevReqTBS 553
+#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L
+
+#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
+#define NID_setct_CredRevReqTBSX 554
+#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L
+
+#define SN_setct_CredRevResData "setct-CredRevResData"
+#define NID_setct_CredRevResData 555
+#define OBJ_setct_CredRevResData OBJ_set_ctype,37L
+
+#define SN_setct_PCertReqData "setct-PCertReqData"
+#define NID_setct_PCertReqData 556
+#define OBJ_setct_PCertReqData OBJ_set_ctype,38L
+
+#define SN_setct_PCertResTBS "setct-PCertResTBS"
+#define NID_setct_PCertResTBS 557
+#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L
+
+#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
+#define NID_setct_BatchAdminReqData 558
+#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L
+
+#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
+#define NID_setct_BatchAdminResData 559
+#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L
+
+#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
+#define NID_setct_CardCInitResTBS 560
+#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L
+
+#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
+#define NID_setct_MeAqCInitResTBS 561
+#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L
+
+#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
+#define NID_setct_RegFormResTBS 562
+#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L
+
+#define SN_setct_CertReqData "setct-CertReqData"
+#define NID_setct_CertReqData 563
+#define OBJ_setct_CertReqData OBJ_set_ctype,45L
+
+#define SN_setct_CertReqTBS "setct-CertReqTBS"
+#define NID_setct_CertReqTBS 564
+#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L
+
+#define SN_setct_CertResData "setct-CertResData"
+#define NID_setct_CertResData 565
+#define OBJ_setct_CertResData OBJ_set_ctype,47L
+
+#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
+#define NID_setct_CertInqReqTBS 566
+#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L
+
+#define SN_setct_ErrorTBS "setct-ErrorTBS"
+#define NID_setct_ErrorTBS 567
+#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L
+
+#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
+#define NID_setct_PIDualSignedTBE 568
+#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L
+
+#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
+#define NID_setct_PIUnsignedTBE 569
+#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L
+
+#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
+#define NID_setct_AuthReqTBE 570
+#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L
+
+#define SN_setct_AuthResTBE "setct-AuthResTBE"
+#define NID_setct_AuthResTBE 571
+#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L
+
+#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
+#define NID_setct_AuthResTBEX 572
+#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L
+
+#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
+#define NID_setct_AuthTokenTBE 573
+#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L
+
+#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
+#define NID_setct_CapTokenTBE 574
+#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L
+
+#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
+#define NID_setct_CapTokenTBEX 575
+#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L
+
+#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
+#define NID_setct_AcqCardCodeMsgTBE 576
+#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L
+
+#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
+#define NID_setct_AuthRevReqTBE 577
+#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L
+
+#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
+#define NID_setct_AuthRevResTBE 578
+#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L
+
+#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
+#define NID_setct_AuthRevResTBEB 579
+#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L
+
+#define SN_setct_CapReqTBE "setct-CapReqTBE"
+#define NID_setct_CapReqTBE 580
+#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L
+
+#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
+#define NID_setct_CapReqTBEX 581
+#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L
+
+#define SN_setct_CapResTBE "setct-CapResTBE"
+#define NID_setct_CapResTBE 582
+#define OBJ_setct_CapResTBE OBJ_set_ctype,64L
+
+#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
+#define NID_setct_CapRevReqTBE 583
+#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L
+
+#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
+#define NID_setct_CapRevReqTBEX 584
+#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L
+
+#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
+#define NID_setct_CapRevResTBE 585
+#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L
+
+#define SN_setct_CredReqTBE "setct-CredReqTBE"
+#define NID_setct_CredReqTBE 586
+#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L
+
+#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
+#define NID_setct_CredReqTBEX 587
+#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L
+
+#define SN_setct_CredResTBE "setct-CredResTBE"
+#define NID_setct_CredResTBE 588
+#define OBJ_setct_CredResTBE OBJ_set_ctype,70L
+
+#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
+#define NID_setct_CredRevReqTBE 589
+#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L
+
+#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
+#define NID_setct_CredRevReqTBEX 590
+#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L
+
+#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
+#define NID_setct_CredRevResTBE 591
+#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L
+
+#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
+#define NID_setct_BatchAdminReqTBE 592
+#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L
+
+#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
+#define NID_setct_BatchAdminResTBE 593
+#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L
+
+#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
+#define NID_setct_RegFormReqTBE 594
+#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L
+
+#define SN_setct_CertReqTBE "setct-CertReqTBE"
+#define NID_setct_CertReqTBE 595
+#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L
+
+#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
+#define NID_setct_CertReqTBEX 596
+#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L
+
+#define SN_setct_CertResTBE "setct-CertResTBE"
+#define NID_setct_CertResTBE 597
+#define OBJ_setct_CertResTBE OBJ_set_ctype,79L
+
+#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
+#define NID_setct_CRLNotificationTBS 598
+#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L
+
+#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
+#define NID_setct_CRLNotificationResTBS 599
+#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L
+
+#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
+#define NID_setct_BCIDistributionTBS 600
+#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L
+
+#define SN_setext_genCrypt "setext-genCrypt"
+#define LN_setext_genCrypt "generic cryptogram"
+#define NID_setext_genCrypt 601
+#define OBJ_setext_genCrypt OBJ_set_msgExt,1L
+
+#define SN_setext_miAuth "setext-miAuth"
+#define LN_setext_miAuth "merchant initiated auth"
+#define NID_setext_miAuth 602
+#define OBJ_setext_miAuth OBJ_set_msgExt,3L
+
+#define SN_setext_pinSecure "setext-pinSecure"
+#define NID_setext_pinSecure 603
+#define OBJ_setext_pinSecure OBJ_set_msgExt,4L
+
+#define SN_setext_pinAny "setext-pinAny"
+#define NID_setext_pinAny 604
+#define OBJ_setext_pinAny OBJ_set_msgExt,5L
+
+#define SN_setext_track2 "setext-track2"
+#define NID_setext_track2 605
+#define OBJ_setext_track2 OBJ_set_msgExt,7L
+
+#define SN_setext_cv "setext-cv"
+#define LN_setext_cv "additional verification"
+#define NID_setext_cv 606
+#define OBJ_setext_cv OBJ_set_msgExt,8L
+
+#define SN_set_policy_root "set-policy-root"
+#define NID_set_policy_root 607
+#define OBJ_set_policy_root OBJ_set_policy,0L
+
+#define SN_setCext_hashedRoot "setCext-hashedRoot"
+#define NID_setCext_hashedRoot 608
+#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L
+
+#define SN_setCext_certType "setCext-certType"
+#define NID_setCext_certType 609
+#define OBJ_setCext_certType OBJ_set_certExt,1L
+
+#define SN_setCext_merchData "setCext-merchData"
+#define NID_setCext_merchData 610
+#define OBJ_setCext_merchData OBJ_set_certExt,2L
+
+#define SN_setCext_cCertRequired "setCext-cCertRequired"
+#define NID_setCext_cCertRequired 611
+#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L
+
+#define SN_setCext_tunneling "setCext-tunneling"
+#define NID_setCext_tunneling 612
+#define OBJ_setCext_tunneling OBJ_set_certExt,4L
+
+#define SN_setCext_setExt "setCext-setExt"
+#define NID_setCext_setExt 613
+#define OBJ_setCext_setExt OBJ_set_certExt,5L
+
+#define SN_setCext_setQualf "setCext-setQualf"
+#define NID_setCext_setQualf 614
+#define OBJ_setCext_setQualf OBJ_set_certExt,6L
+
+#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
+#define NID_setCext_PGWYcapabilities 615
+#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L
+
+#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
+#define NID_setCext_TokenIdentifier 616
+#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L
+
+#define SN_setCext_Track2Data "setCext-Track2Data"
+#define NID_setCext_Track2Data 617
+#define OBJ_setCext_Track2Data OBJ_set_certExt,9L
+
+#define SN_setCext_TokenType "setCext-TokenType"
+#define NID_setCext_TokenType 618
+#define OBJ_setCext_TokenType OBJ_set_certExt,10L
+
+#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
+#define NID_setCext_IssuerCapabilities 619
+#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L
+
+#define SN_setAttr_Cert "setAttr-Cert"
+#define NID_setAttr_Cert 620
+#define OBJ_setAttr_Cert OBJ_set_attr,0L
+
+#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
+#define LN_setAttr_PGWYcap "payment gateway capabilities"
+#define NID_setAttr_PGWYcap 621
+#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L
+
+#define SN_setAttr_TokenType "setAttr-TokenType"
+#define NID_setAttr_TokenType 622
+#define OBJ_setAttr_TokenType OBJ_set_attr,2L
+
+#define SN_setAttr_IssCap "setAttr-IssCap"
+#define LN_setAttr_IssCap "issuer capabilities"
+#define NID_setAttr_IssCap 623
+#define OBJ_setAttr_IssCap OBJ_set_attr,3L
+
+#define SN_set_rootKeyThumb "set-rootKeyThumb"
+#define NID_set_rootKeyThumb 624
+#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L
+
+#define SN_set_addPolicy "set-addPolicy"
+#define NID_set_addPolicy 625
+#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L
+
+#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
+#define NID_setAttr_Token_EMV 626
+#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L
+
+#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
+#define NID_setAttr_Token_B0Prime 627
+#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L
+
+#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
+#define NID_setAttr_IssCap_CVM 628
+#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L
+
+#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
+#define NID_setAttr_IssCap_T2 629
+#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L
+
+#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
+#define NID_setAttr_IssCap_Sig 630
+#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L
+
+#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
+#define LN_setAttr_GenCryptgrm "generate cryptogram"
+#define NID_setAttr_GenCryptgrm 631
+#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L
+
+#define SN_setAttr_T2Enc "setAttr-T2Enc"
+#define LN_setAttr_T2Enc "encrypted track 2"
+#define NID_setAttr_T2Enc 632
+#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L
+
+#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
+#define LN_setAttr_T2cleartxt "cleartext track 2"
+#define NID_setAttr_T2cleartxt 633
+#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L
+
+#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
+#define LN_setAttr_TokICCsig "ICC or token signature"
+#define NID_setAttr_TokICCsig 634
+#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L
+
+#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
+#define LN_setAttr_SecDevSig "secure device signature"
+#define NID_setAttr_SecDevSig 635
+#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L
+
+#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
+#define NID_set_brand_IATA_ATA 636
+#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L
+
+#define SN_set_brand_Diners "set-brand-Diners"
+#define NID_set_brand_Diners 637
+#define OBJ_set_brand_Diners OBJ_set_brand,30L
+
+#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
+#define NID_set_brand_AmericanExpress 638
+#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L
+
+#define SN_set_brand_JCB "set-brand-JCB"
+#define NID_set_brand_JCB 639
+#define OBJ_set_brand_JCB OBJ_set_brand,35L
+
+#define SN_set_brand_Visa "set-brand-Visa"
+#define NID_set_brand_Visa 640
+#define OBJ_set_brand_Visa OBJ_set_brand,4L
+
+#define SN_set_brand_MasterCard "set-brand-MasterCard"
+#define NID_set_brand_MasterCard 641
+#define OBJ_set_brand_MasterCard OBJ_set_brand,5L
+
+#define SN_set_brand_Novus "set-brand-Novus"
+#define NID_set_brand_Novus 642
+#define OBJ_set_brand_Novus OBJ_set_brand,6011L
+
+#define SN_des_cdmf "DES-CDMF"
+#define LN_des_cdmf "des-cdmf"
+#define NID_des_cdmf 643
+#define OBJ_des_cdmf OBJ_rsadsi,3L,10L
+
+#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
+#define NID_rsaOAEPEncryptionSET 644
+#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L
+
+#define SN_ipsec3 "Oakley-EC2N-3"
+#define LN_ipsec3 "ipsec3"
+#define NID_ipsec3 749
+
+#define SN_ipsec4 "Oakley-EC2N-4"
+#define LN_ipsec4 "ipsec4"
+#define NID_ipsec4 750
+
+#define SN_whirlpool "whirlpool"
+#define NID_whirlpool 804
+#define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L
+
+#define SN_cryptopro "cryptopro"
+#define NID_cryptopro 805
+#define OBJ_cryptopro OBJ_member_body,643L,2L,2L
+
+#define SN_cryptocom "cryptocom"
+#define NID_cryptocom 806
+#define OBJ_cryptocom OBJ_member_body,643L,2L,9L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001"
+#define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001"
+#define NID_id_GostR3411_94_with_GostR3410_2001 807
+#define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94"
+#define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94"
+#define NID_id_GostR3411_94_with_GostR3410_94 808
+#define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L
+
+#define SN_id_GostR3411_94 "md_gost94"
+#define LN_id_GostR3411_94 "GOST R 34.11-94"
+#define NID_id_GostR3411_94 809
+#define OBJ_id_GostR3411_94 OBJ_cryptopro,9L
+
+#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94"
+#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94"
+#define NID_id_HMACGostR3411_94 810
+#define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L
+
+#define SN_id_GostR3410_2001 "gost2001"
+#define LN_id_GostR3410_2001 "GOST R 34.10-2001"
+#define NID_id_GostR3410_2001 811
+#define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L
+
+#define SN_id_GostR3410_94 "gost94"
+#define LN_id_GostR3410_94 "GOST R 34.10-94"
+#define NID_id_GostR3410_94 812
+#define OBJ_id_GostR3410_94 OBJ_cryptopro,20L
+
+#define SN_id_Gost28147_89 "gost89"
+#define LN_id_Gost28147_89 "GOST 28147-89"
+#define NID_id_Gost28147_89 813
+#define OBJ_id_Gost28147_89 OBJ_cryptopro,21L
+
+#define SN_gost89_cnt "gost89-cnt"
+#define NID_gost89_cnt 814
+
+#define SN_id_Gost28147_89_MAC "gost-mac"
+#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC"
+#define NID_id_Gost28147_89_MAC 815
+#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L
+
+#define SN_id_GostR3411_94_prf "prf-gostr3411-94"
+#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF"
+#define NID_id_GostR3411_94_prf 816
+#define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L
+
+#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH"
+#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH"
+#define NID_id_GostR3410_2001DH 817
+#define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L
+
+#define SN_id_GostR3410_94DH "id-GostR3410-94DH"
+#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH"
+#define NID_id_GostR3410_94DH 818
+#define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L
+
+#define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing"
+#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819
+#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L
+
+#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing"
+#define NID_id_Gost28147_89_None_KeyMeshing 820
+#define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L
+
+#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet"
+#define NID_id_GostR3411_94_TestParamSet 821
+#define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L
+
+#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet"
+#define NID_id_GostR3411_94_CryptoProParamSet 822
+#define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L
+
+#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet"
+#define NID_id_Gost28147_89_TestParamSet 823
+#define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L
+
+#define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824
+#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L
+
+#define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825
+#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L
+
+#define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826
+#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L
+
+#define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827
+#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L
+
+#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830
+#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L
+
+#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet"
+#define NID_id_GostR3410_94_TestParamSet 831
+#define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L
+
+#define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832
+#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833
+#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L
+
+#define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834
+#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L
+
+#define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835
+#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L
+
+#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836
+#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L
+
+#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837
+#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838
+#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L
+
+#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet"
+#define NID_id_GostR3410_2001_TestParamSet 839
+#define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840
+#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L
+
+#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841
+#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L
+
+#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842
+#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843
+#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844
+#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L
+
+#define SN_id_GostR3410_94_a "id-GostR3410-94-a"
+#define NID_id_GostR3410_94_a 845
+#define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L
+
+#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis"
+#define NID_id_GostR3410_94_aBis 846
+#define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L
+
+#define SN_id_GostR3410_94_b "id-GostR3410-94-b"
+#define NID_id_GostR3410_94_b 847
+#define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L
+
+#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis"
+#define NID_id_GostR3410_94_bBis 848
+#define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L
+
+#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc"
+#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet"
+#define NID_id_Gost28147_89_cc 849
+#define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L
+
+#define SN_id_GostR3410_94_cc "gost94cc"
+#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom"
+#define NID_id_GostR3410_94_cc 850
+#define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L
+
+#define SN_id_GostR3410_2001_cc "gost2001cc"
+#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom"
+#define NID_id_GostR3410_2001_cc 851
+#define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L
+
+#define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc"
+#define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_94_cc 852
+#define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc"
+#define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853
+#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L
+
+#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc"
+#define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom"
+#define NID_id_GostR3410_2001_ParamSet_cc 854
+#define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L
+
+#define SN_camellia_128_cbc "CAMELLIA-128-CBC"
+#define LN_camellia_128_cbc "camellia-128-cbc"
+#define NID_camellia_128_cbc 751
+#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L
+
+#define SN_camellia_192_cbc "CAMELLIA-192-CBC"
+#define LN_camellia_192_cbc "camellia-192-cbc"
+#define NID_camellia_192_cbc 752
+#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L
+
+#define SN_camellia_256_cbc "CAMELLIA-256-CBC"
+#define LN_camellia_256_cbc "camellia-256-cbc"
+#define NID_camellia_256_cbc 753
+#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
+
+#define SN_id_camellia128_wrap "id-camellia128-wrap"
+#define NID_id_camellia128_wrap 907
+#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
+
+#define SN_id_camellia192_wrap "id-camellia192-wrap"
+#define NID_id_camellia192_wrap 908
+#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
+
+#define SN_id_camellia256_wrap "id-camellia256-wrap"
+#define NID_id_camellia256_wrap 909
+#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
+
+#define OBJ_ntt_ds 0L,3L,4401L,5L
+
+#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
+
+#define SN_camellia_128_ecb "CAMELLIA-128-ECB"
+#define LN_camellia_128_ecb "camellia-128-ecb"
+#define NID_camellia_128_ecb 754
+#define OBJ_camellia_128_ecb OBJ_camellia,1L
+
+#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB"
+#define LN_camellia_128_ofb128 "camellia-128-ofb"
+#define NID_camellia_128_ofb128 766
+#define OBJ_camellia_128_ofb128 OBJ_camellia,3L
+
+#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB"
+#define LN_camellia_128_cfb128 "camellia-128-cfb"
+#define NID_camellia_128_cfb128 757
+#define OBJ_camellia_128_cfb128 OBJ_camellia,4L
+
+#define SN_camellia_128_gcm "CAMELLIA-128-GCM"
+#define LN_camellia_128_gcm "camellia-128-gcm"
+#define NID_camellia_128_gcm 961
+#define OBJ_camellia_128_gcm OBJ_camellia,6L
+
+#define SN_camellia_128_ccm "CAMELLIA-128-CCM"
+#define LN_camellia_128_ccm "camellia-128-ccm"
+#define NID_camellia_128_ccm 962
+#define OBJ_camellia_128_ccm OBJ_camellia,7L
+
+#define SN_camellia_128_ctr "CAMELLIA-128-CTR"
+#define LN_camellia_128_ctr "camellia-128-ctr"
+#define NID_camellia_128_ctr 963
+#define OBJ_camellia_128_ctr OBJ_camellia,9L
+
+#define SN_camellia_128_cmac "CAMELLIA-128-CMAC"
+#define LN_camellia_128_cmac "camellia-128-cmac"
+#define NID_camellia_128_cmac 964
+#define OBJ_camellia_128_cmac OBJ_camellia,10L
+
+#define SN_camellia_192_ecb "CAMELLIA-192-ECB"
+#define LN_camellia_192_ecb "camellia-192-ecb"
+#define NID_camellia_192_ecb 755
+#define OBJ_camellia_192_ecb OBJ_camellia,21L
+
+#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB"
+#define LN_camellia_192_ofb128 "camellia-192-ofb"
+#define NID_camellia_192_ofb128 767
+#define OBJ_camellia_192_ofb128 OBJ_camellia,23L
+
+#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB"
+#define LN_camellia_192_cfb128 "camellia-192-cfb"
+#define NID_camellia_192_cfb128 758
+#define OBJ_camellia_192_cfb128 OBJ_camellia,24L
+
+#define SN_camellia_192_gcm "CAMELLIA-192-GCM"
+#define LN_camellia_192_gcm "camellia-192-gcm"
+#define NID_camellia_192_gcm 965
+#define OBJ_camellia_192_gcm OBJ_camellia,26L
+
+#define SN_camellia_192_ccm "CAMELLIA-192-CCM"
+#define LN_camellia_192_ccm "camellia-192-ccm"
+#define NID_camellia_192_ccm 966
+#define OBJ_camellia_192_ccm OBJ_camellia,27L
+
+#define SN_camellia_192_ctr "CAMELLIA-192-CTR"
+#define LN_camellia_192_ctr "camellia-192-ctr"
+#define NID_camellia_192_ctr 967
+#define OBJ_camellia_192_ctr OBJ_camellia,29L
+
+#define SN_camellia_192_cmac "CAMELLIA-192-CMAC"
+#define LN_camellia_192_cmac "camellia-192-cmac"
+#define NID_camellia_192_cmac 968
+#define OBJ_camellia_192_cmac OBJ_camellia,30L
+
+#define SN_camellia_256_ecb "CAMELLIA-256-ECB"
+#define LN_camellia_256_ecb "camellia-256-ecb"
+#define NID_camellia_256_ecb 756
+#define OBJ_camellia_256_ecb OBJ_camellia,41L
+
+#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB"
+#define LN_camellia_256_ofb128 "camellia-256-ofb"
+#define NID_camellia_256_ofb128 768
+#define OBJ_camellia_256_ofb128 OBJ_camellia,43L
+
+#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB"
+#define LN_camellia_256_cfb128 "camellia-256-cfb"
+#define NID_camellia_256_cfb128 759
+#define OBJ_camellia_256_cfb128 OBJ_camellia,44L
+
+#define SN_camellia_256_gcm "CAMELLIA-256-GCM"
+#define LN_camellia_256_gcm "camellia-256-gcm"
+#define NID_camellia_256_gcm 969
+#define OBJ_camellia_256_gcm OBJ_camellia,46L
+
+#define SN_camellia_256_ccm "CAMELLIA-256-CCM"
+#define LN_camellia_256_ccm "camellia-256-ccm"
+#define NID_camellia_256_ccm 970
+#define OBJ_camellia_256_ccm OBJ_camellia,47L
+
+#define SN_camellia_256_ctr "CAMELLIA-256-CTR"
+#define LN_camellia_256_ctr "camellia-256-ctr"
+#define NID_camellia_256_ctr 971
+#define OBJ_camellia_256_ctr OBJ_camellia,49L
+
+#define SN_camellia_256_cmac "CAMELLIA-256-CMAC"
+#define LN_camellia_256_cmac "camellia-256-cmac"
+#define NID_camellia_256_cmac 972
+#define OBJ_camellia_256_cmac OBJ_camellia,50L
+
+#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1"
+#define LN_camellia_128_cfb1 "camellia-128-cfb1"
+#define NID_camellia_128_cfb1 760
+
+#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1"
+#define LN_camellia_192_cfb1 "camellia-192-cfb1"
+#define NID_camellia_192_cfb1 761
+
+#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1"
+#define LN_camellia_256_cfb1 "camellia-256-cfb1"
+#define NID_camellia_256_cfb1 762
+
+#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8"
+#define LN_camellia_128_cfb8 "camellia-128-cfb8"
+#define NID_camellia_128_cfb8 763
+
+#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8"
+#define LN_camellia_192_cfb8 "camellia-192-cfb8"
+#define NID_camellia_192_cfb8 764
+
+#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8"
+#define LN_camellia_256_cfb8 "camellia-256-cfb8"
+#define NID_camellia_256_cfb8 765
+
+#define SN_kisa "KISA"
+#define LN_kisa "kisa"
+#define NID_kisa 773
+#define OBJ_kisa OBJ_member_body,410L,200004L
+
+#define SN_seed_ecb "SEED-ECB"
+#define LN_seed_ecb "seed-ecb"
+#define NID_seed_ecb 776
+#define OBJ_seed_ecb OBJ_kisa,1L,3L
+
+#define SN_seed_cbc "SEED-CBC"
+#define LN_seed_cbc "seed-cbc"
+#define NID_seed_cbc 777
+#define OBJ_seed_cbc OBJ_kisa,1L,4L
+
+#define SN_seed_cfb128 "SEED-CFB"
+#define LN_seed_cfb128 "seed-cfb"
+#define NID_seed_cfb128 779
+#define OBJ_seed_cfb128 OBJ_kisa,1L,5L
+
+#define SN_seed_ofb128 "SEED-OFB"
+#define LN_seed_ofb128 "seed-ofb"
+#define NID_seed_ofb128 778
+#define OBJ_seed_ofb128 OBJ_kisa,1L,6L
+
+#define SN_hmac "HMAC"
+#define LN_hmac "hmac"
+#define NID_hmac 855
+
+#define SN_cmac "CMAC"
+#define LN_cmac "cmac"
+#define NID_cmac 894
+
+#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
+#define LN_rc4_hmac_md5 "rc4-hmac-md5"
+#define NID_rc4_hmac_md5 915
+
+#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1"
+#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1"
+#define NID_aes_128_cbc_hmac_sha1 916
+
+#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1"
+#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1"
+#define NID_aes_192_cbc_hmac_sha1 917
+
+#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1"
+#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
+#define NID_aes_256_cbc_hmac_sha1 918
+
+#define SN_aes_128_cbc_hmac_sha256 "AES-128-CBC-HMAC-SHA256"
+#define LN_aes_128_cbc_hmac_sha256 "aes-128-cbc-hmac-sha256"
+#define NID_aes_128_cbc_hmac_sha256 948
+
+#define SN_aes_192_cbc_hmac_sha256 "AES-192-CBC-HMAC-SHA256"
+#define LN_aes_192_cbc_hmac_sha256 "aes-192-cbc-hmac-sha256"
+#define NID_aes_192_cbc_hmac_sha256 949
+
+#define SN_aes_256_cbc_hmac_sha256 "AES-256-CBC-HMAC-SHA256"
+#define LN_aes_256_cbc_hmac_sha256 "aes-256-cbc-hmac-sha256"
+#define NID_aes_256_cbc_hmac_sha256 950
+
+#define SN_dhpublicnumber "dhpublicnumber"
+#define LN_dhpublicnumber "X9.42 DH"
+#define NID_dhpublicnumber 920
+#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L
+
+#define SN_brainpoolP160r1 "brainpoolP160r1"
+#define NID_brainpoolP160r1 921
+#define OBJ_brainpoolP160r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,1L
+
+#define SN_brainpoolP160t1 "brainpoolP160t1"
+#define NID_brainpoolP160t1 922
+#define OBJ_brainpoolP160t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,2L
+
+#define SN_brainpoolP192r1 "brainpoolP192r1"
+#define NID_brainpoolP192r1 923
+#define OBJ_brainpoolP192r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,3L
+
+#define SN_brainpoolP192t1 "brainpoolP192t1"
+#define NID_brainpoolP192t1 924
+#define OBJ_brainpoolP192t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,4L
+
+#define SN_brainpoolP224r1 "brainpoolP224r1"
+#define NID_brainpoolP224r1 925
+#define OBJ_brainpoolP224r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,5L
+
+#define SN_brainpoolP224t1 "brainpoolP224t1"
+#define NID_brainpoolP224t1 926
+#define OBJ_brainpoolP224t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,6L
+
+#define SN_brainpoolP256r1 "brainpoolP256r1"
+#define NID_brainpoolP256r1 927
+#define OBJ_brainpoolP256r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,7L
+
+#define SN_brainpoolP256t1 "brainpoolP256t1"
+#define NID_brainpoolP256t1 928
+#define OBJ_brainpoolP256t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,8L
+
+#define SN_brainpoolP320r1 "brainpoolP320r1"
+#define NID_brainpoolP320r1 929
+#define OBJ_brainpoolP320r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,9L
+
+#define SN_brainpoolP320t1 "brainpoolP320t1"
+#define NID_brainpoolP320t1 930
+#define OBJ_brainpoolP320t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,10L
+
+#define SN_brainpoolP384r1 "brainpoolP384r1"
+#define NID_brainpoolP384r1 931
+#define OBJ_brainpoolP384r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,11L
+
+#define SN_brainpoolP384t1 "brainpoolP384t1"
+#define NID_brainpoolP384t1 932
+#define OBJ_brainpoolP384t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,12L
+
+#define SN_brainpoolP512r1 "brainpoolP512r1"
+#define NID_brainpoolP512r1 933
+#define OBJ_brainpoolP512r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,13L
+
+#define SN_brainpoolP512t1 "brainpoolP512t1"
+#define NID_brainpoolP512t1 934
+#define OBJ_brainpoolP512t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
+
+#define OBJ_x9_63_scheme 1L,3L,133L,16L,840L,63L,0L
+
+#define OBJ_secg_scheme OBJ_certicom_arc,1L
+
+#define SN_dhSinglePass_stdDH_sha1kdf_scheme "dhSinglePass-stdDH-sha1kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha1kdf_scheme 936
+#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme OBJ_x9_63_scheme,2L
+
+#define SN_dhSinglePass_stdDH_sha224kdf_scheme "dhSinglePass-stdDH-sha224kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha224kdf_scheme 937
+#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme OBJ_secg_scheme,11L,0L
+
+#define SN_dhSinglePass_stdDH_sha256kdf_scheme "dhSinglePass-stdDH-sha256kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha256kdf_scheme 938
+#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme OBJ_secg_scheme,11L,1L
+
+#define SN_dhSinglePass_stdDH_sha384kdf_scheme "dhSinglePass-stdDH-sha384kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha384kdf_scheme 939
+#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme OBJ_secg_scheme,11L,2L
+
+#define SN_dhSinglePass_stdDH_sha512kdf_scheme "dhSinglePass-stdDH-sha512kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha512kdf_scheme 940
+#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme OBJ_secg_scheme,11L,3L
+
+#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme "dhSinglePass-cofactorDH-sha1kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme 941
+#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme OBJ_x9_63_scheme,3L
+
+#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme "dhSinglePass-cofactorDH-sha224kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme 942
+#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme OBJ_secg_scheme,14L,0L
+
+#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme "dhSinglePass-cofactorDH-sha256kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme 943
+#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme OBJ_secg_scheme,14L,1L
+
+#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme "dhSinglePass-cofactorDH-sha384kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme 944
+#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme OBJ_secg_scheme,14L,2L
+
+#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme "dhSinglePass-cofactorDH-sha512kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme 945
+#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme OBJ_secg_scheme,14L,3L
+
+#define SN_dh_std_kdf "dh-std-kdf"
+#define NID_dh_std_kdf 946
+
+#define SN_dh_cofactor_kdf "dh-cofactor-kdf"
+#define NID_dh_cofactor_kdf 947
+
+#define SN_ct_precert_scts "ct_precert_scts"
+#define LN_ct_precert_scts "CT Precertificate SCTs"
+#define NID_ct_precert_scts 951
+#define OBJ_ct_precert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,2L
+
+#define SN_ct_precert_poison "ct_precert_poison"
+#define LN_ct_precert_poison "CT Precertificate Poison"
+#define NID_ct_precert_poison 952
+#define OBJ_ct_precert_poison 1L,3L,6L,1L,4L,1L,11129L,2L,4L,3L
+
+#define SN_ct_precert_signer "ct_precert_signer"
+#define LN_ct_precert_signer "CT Precertificate Signer"
+#define NID_ct_precert_signer 953
+#define OBJ_ct_precert_signer 1L,3L,6L,1L,4L,1L,11129L,2L,4L,4L
+
+#define SN_ct_cert_scts "ct_cert_scts"
+#define LN_ct_cert_scts "CT Certificate SCTs"
+#define NID_ct_cert_scts 954
+#define OBJ_ct_cert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,5L
+
+#define SN_jurisdictionLocalityName "jurisdictionL"
+#define LN_jurisdictionLocalityName "jurisdictionLocalityName"
+#define NID_jurisdictionLocalityName 955
+#define OBJ_jurisdictionLocalityName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,1L
+
+#define SN_jurisdictionStateOrProvinceName "jurisdictionST"
+#define LN_jurisdictionStateOrProvinceName "jurisdictionStateOrProvinceName"
+#define NID_jurisdictionStateOrProvinceName 956
+#define OBJ_jurisdictionStateOrProvinceName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,2L
+
+#define SN_jurisdictionCountryName "jurisdictionC"
+#define LN_jurisdictionCountryName "jurisdictionCountryName"
+#define NID_jurisdictionCountryName 957
+#define OBJ_jurisdictionCountryName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,3L
--- /dev/null
+/* crypto/objects/objects.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_OBJECTS_H
+# define HEADER_OBJECTS_H
+
+# define USE_OBJ_MAC
+
+# ifdef USE_OBJ_MAC
+# include <openssl/obj_mac.h>
+# else
+# define SN_undef "UNDEF"
+# define LN_undef "undefined"
+# define NID_undef 0
+# define OBJ_undef 0L
+
+# define SN_Algorithm "Algorithm"
+# define LN_algorithm "algorithm"
+# define NID_algorithm 38
+# define OBJ_algorithm 1L,3L,14L,3L,2L
+
+# define LN_rsadsi "rsadsi"
+# define NID_rsadsi 1
+# define OBJ_rsadsi 1L,2L,840L,113549L
+
+# define LN_pkcs "pkcs"
+# define NID_pkcs 2
+# define OBJ_pkcs OBJ_rsadsi,1L
+
+# define SN_md2 "MD2"
+# define LN_md2 "md2"
+# define NID_md2 3
+# define OBJ_md2 OBJ_rsadsi,2L,2L
+
+# define SN_md5 "MD5"
+# define LN_md5 "md5"
+# define NID_md5 4
+# define OBJ_md5 OBJ_rsadsi,2L,5L
+
+# define SN_rc4 "RC4"
+# define LN_rc4 "rc4"
+# define NID_rc4 5
+# define OBJ_rc4 OBJ_rsadsi,3L,4L
+
+# define LN_rsaEncryption "rsaEncryption"
+# define NID_rsaEncryption 6
+# define OBJ_rsaEncryption OBJ_pkcs,1L,1L
+
+# define SN_md2WithRSAEncryption "RSA-MD2"
+# define LN_md2WithRSAEncryption "md2WithRSAEncryption"
+# define NID_md2WithRSAEncryption 7
+# define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L
+
+# define SN_md5WithRSAEncryption "RSA-MD5"
+# define LN_md5WithRSAEncryption "md5WithRSAEncryption"
+# define NID_md5WithRSAEncryption 8
+# define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L
+
+# define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
+# define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
+# define NID_pbeWithMD2AndDES_CBC 9
+# define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L
+
+# define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
+# define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
+# define NID_pbeWithMD5AndDES_CBC 10
+# define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L
+
+# define LN_X500 "X500"
+# define NID_X500 11
+# define OBJ_X500 2L,5L
+
+# define LN_X509 "X509"
+# define NID_X509 12
+# define OBJ_X509 OBJ_X500,4L
+
+# define SN_commonName "CN"
+# define LN_commonName "commonName"
+# define NID_commonName 13
+# define OBJ_commonName OBJ_X509,3L
+
+# define SN_countryName "C"
+# define LN_countryName "countryName"
+# define NID_countryName 14
+# define OBJ_countryName OBJ_X509,6L
+
+# define SN_localityName "L"
+# define LN_localityName "localityName"
+# define NID_localityName 15
+# define OBJ_localityName OBJ_X509,7L
+
+/* Postal Address? PA */
+
+/* should be "ST" (rfc1327) but MS uses 'S' */
+# define SN_stateOrProvinceName "ST"
+# define LN_stateOrProvinceName "stateOrProvinceName"
+# define NID_stateOrProvinceName 16
+# define OBJ_stateOrProvinceName OBJ_X509,8L
+
+# define SN_organizationName "O"
+# define LN_organizationName "organizationName"
+# define NID_organizationName 17
+# define OBJ_organizationName OBJ_X509,10L
+
+# define SN_organizationalUnitName "OU"
+# define LN_organizationalUnitName "organizationalUnitName"
+# define NID_organizationalUnitName 18
+# define OBJ_organizationalUnitName OBJ_X509,11L
+
+# define SN_rsa "RSA"
+# define LN_rsa "rsa"
+# define NID_rsa 19
+# define OBJ_rsa OBJ_X500,8L,1L,1L
+
+# define LN_pkcs7 "pkcs7"
+# define NID_pkcs7 20
+# define OBJ_pkcs7 OBJ_pkcs,7L
+
+# define LN_pkcs7_data "pkcs7-data"
+# define NID_pkcs7_data 21
+# define OBJ_pkcs7_data OBJ_pkcs7,1L
+
+# define LN_pkcs7_signed "pkcs7-signedData"
+# define NID_pkcs7_signed 22
+# define OBJ_pkcs7_signed OBJ_pkcs7,2L
+
+# define LN_pkcs7_enveloped "pkcs7-envelopedData"
+# define NID_pkcs7_enveloped 23
+# define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
+
+# define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
+# define NID_pkcs7_signedAndEnveloped 24
+# define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
+
+# define LN_pkcs7_digest "pkcs7-digestData"
+# define NID_pkcs7_digest 25
+# define OBJ_pkcs7_digest OBJ_pkcs7,5L
+
+# define LN_pkcs7_encrypted "pkcs7-encryptedData"
+# define NID_pkcs7_encrypted 26
+# define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
+
+# define LN_pkcs3 "pkcs3"
+# define NID_pkcs3 27
+# define OBJ_pkcs3 OBJ_pkcs,3L
+
+# define LN_dhKeyAgreement "dhKeyAgreement"
+# define NID_dhKeyAgreement 28
+# define OBJ_dhKeyAgreement OBJ_pkcs3,1L
+
+# define SN_des_ecb "DES-ECB"
+# define LN_des_ecb "des-ecb"
+# define NID_des_ecb 29
+# define OBJ_des_ecb OBJ_algorithm,6L
+
+# define SN_des_cfb64 "DES-CFB"
+# define LN_des_cfb64 "des-cfb"
+# define NID_des_cfb64 30
+/* IV + num */
+# define OBJ_des_cfb64 OBJ_algorithm,9L
+
+# define SN_des_cbc "DES-CBC"
+# define LN_des_cbc "des-cbc"
+# define NID_des_cbc 31
+/* IV */
+# define OBJ_des_cbc OBJ_algorithm,7L
+
+# define SN_des_ede "DES-EDE"
+# define LN_des_ede "des-ede"
+# define NID_des_ede 32
+/* ?? */
+# define OBJ_des_ede OBJ_algorithm,17L
+
+# define SN_des_ede3 "DES-EDE3"
+# define LN_des_ede3 "des-ede3"
+# define NID_des_ede3 33
+
+# define SN_idea_cbc "IDEA-CBC"
+# define LN_idea_cbc "idea-cbc"
+# define NID_idea_cbc 34
+# define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
+
+# define SN_idea_cfb64 "IDEA-CFB"
+# define LN_idea_cfb64 "idea-cfb"
+# define NID_idea_cfb64 35
+
+# define SN_idea_ecb "IDEA-ECB"
+# define LN_idea_ecb "idea-ecb"
+# define NID_idea_ecb 36
+
+# define SN_rc2_cbc "RC2-CBC"
+# define LN_rc2_cbc "rc2-cbc"
+# define NID_rc2_cbc 37
+# define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
+
+# define SN_rc2_ecb "RC2-ECB"
+# define LN_rc2_ecb "rc2-ecb"
+# define NID_rc2_ecb 38
+
+# define SN_rc2_cfb64 "RC2-CFB"
+# define LN_rc2_cfb64 "rc2-cfb"
+# define NID_rc2_cfb64 39
+
+# define SN_rc2_ofb64 "RC2-OFB"
+# define LN_rc2_ofb64 "rc2-ofb"
+# define NID_rc2_ofb64 40
+
+# define SN_sha "SHA"
+# define LN_sha "sha"
+# define NID_sha 41
+# define OBJ_sha OBJ_algorithm,18L
+
+# define SN_shaWithRSAEncryption "RSA-SHA"
+# define LN_shaWithRSAEncryption "shaWithRSAEncryption"
+# define NID_shaWithRSAEncryption 42
+# define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
+
+# define SN_des_ede_cbc "DES-EDE-CBC"
+# define LN_des_ede_cbc "des-ede-cbc"
+# define NID_des_ede_cbc 43
+
+# define SN_des_ede3_cbc "DES-EDE3-CBC"
+# define LN_des_ede3_cbc "des-ede3-cbc"
+# define NID_des_ede3_cbc 44
+# define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
+
+# define SN_des_ofb64 "DES-OFB"
+# define LN_des_ofb64 "des-ofb"
+# define NID_des_ofb64 45
+# define OBJ_des_ofb64 OBJ_algorithm,8L
+
+# define SN_idea_ofb64 "IDEA-OFB"
+# define LN_idea_ofb64 "idea-ofb"
+# define NID_idea_ofb64 46
+
+# define LN_pkcs9 "pkcs9"
+# define NID_pkcs9 47
+# define OBJ_pkcs9 OBJ_pkcs,9L
+
+# define SN_pkcs9_emailAddress "Email"
+# define LN_pkcs9_emailAddress "emailAddress"
+# define NID_pkcs9_emailAddress 48
+# define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
+
+# define LN_pkcs9_unstructuredName "unstructuredName"
+# define NID_pkcs9_unstructuredName 49
+# define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
+
+# define LN_pkcs9_contentType "contentType"
+# define NID_pkcs9_contentType 50
+# define OBJ_pkcs9_contentType OBJ_pkcs9,3L
+
+# define LN_pkcs9_messageDigest "messageDigest"
+# define NID_pkcs9_messageDigest 51
+# define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
+
+# define LN_pkcs9_signingTime "signingTime"
+# define NID_pkcs9_signingTime 52
+# define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
+
+# define LN_pkcs9_countersignature "countersignature"
+# define NID_pkcs9_countersignature 53
+# define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
+
+# define LN_pkcs9_challengePassword "challengePassword"
+# define NID_pkcs9_challengePassword 54
+# define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
+
+# define LN_pkcs9_unstructuredAddress "unstructuredAddress"
+# define NID_pkcs9_unstructuredAddress 55
+# define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
+
+# define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
+# define NID_pkcs9_extCertAttributes 56
+# define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
+
+# define SN_netscape "Netscape"
+# define LN_netscape "Netscape Communications Corp."
+# define NID_netscape 57
+# define OBJ_netscape 2L,16L,840L,1L,113730L
+
+# define SN_netscape_cert_extension "nsCertExt"
+# define LN_netscape_cert_extension "Netscape Certificate Extension"
+# define NID_netscape_cert_extension 58
+# define OBJ_netscape_cert_extension OBJ_netscape,1L
+
+# define SN_netscape_data_type "nsDataType"
+# define LN_netscape_data_type "Netscape Data Type"
+# define NID_netscape_data_type 59
+# define OBJ_netscape_data_type OBJ_netscape,2L
+
+# define SN_des_ede_cfb64 "DES-EDE-CFB"
+# define LN_des_ede_cfb64 "des-ede-cfb"
+# define NID_des_ede_cfb64 60
+
+# define SN_des_ede3_cfb64 "DES-EDE3-CFB"
+# define LN_des_ede3_cfb64 "des-ede3-cfb"
+# define NID_des_ede3_cfb64 61
+
+# define SN_des_ede_ofb64 "DES-EDE-OFB"
+# define LN_des_ede_ofb64 "des-ede-ofb"
+# define NID_des_ede_ofb64 62
+
+# define SN_des_ede3_ofb64 "DES-EDE3-OFB"
+# define LN_des_ede3_ofb64 "des-ede3-ofb"
+# define NID_des_ede3_ofb64 63
+
+/* I'm not sure about the object ID */
+# define SN_sha1 "SHA1"
+# define LN_sha1 "sha1"
+# define NID_sha1 64
+# define OBJ_sha1 OBJ_algorithm,26L
+/* 28 Jun 1996 - eay */
+/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */
+
+# define SN_sha1WithRSAEncryption "RSA-SHA1"
+# define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
+# define NID_sha1WithRSAEncryption 65
+# define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L
+
+# define SN_dsaWithSHA "DSA-SHA"
+# define LN_dsaWithSHA "dsaWithSHA"
+# define NID_dsaWithSHA 66
+# define OBJ_dsaWithSHA OBJ_algorithm,13L
+
+# define SN_dsa_2 "DSA-old"
+# define LN_dsa_2 "dsaEncryption-old"
+# define NID_dsa_2 67
+# define OBJ_dsa_2 OBJ_algorithm,12L
+
+/* proposed by microsoft to RSA */
+# define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
+# define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
+# define NID_pbeWithSHA1AndRC2_CBC 68
+# define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L
+
+/*
+ * proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now defined
+ * explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something completely
+ * different.
+ */
+# define LN_id_pbkdf2 "PBKDF2"
+# define NID_id_pbkdf2 69
+# define OBJ_id_pbkdf2 OBJ_pkcs,5L,12L
+
+# define SN_dsaWithSHA1_2 "DSA-SHA1-old"
+# define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
+# define NID_dsaWithSHA1_2 70
+/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
+# define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
+
+# define SN_netscape_cert_type "nsCertType"
+# define LN_netscape_cert_type "Netscape Cert Type"
+# define NID_netscape_cert_type 71
+# define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
+
+# define SN_netscape_base_url "nsBaseUrl"
+# define LN_netscape_base_url "Netscape Base Url"
+# define NID_netscape_base_url 72
+# define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
+
+# define SN_netscape_revocation_url "nsRevocationUrl"
+# define LN_netscape_revocation_url "Netscape Revocation Url"
+# define NID_netscape_revocation_url 73
+# define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
+
+# define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
+# define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
+# define NID_netscape_ca_revocation_url 74
+# define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
+
+# define SN_netscape_renewal_url "nsRenewalUrl"
+# define LN_netscape_renewal_url "Netscape Renewal Url"
+# define NID_netscape_renewal_url 75
+# define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
+
+# define SN_netscape_ca_policy_url "nsCaPolicyUrl"
+# define LN_netscape_ca_policy_url "Netscape CA Policy Url"
+# define NID_netscape_ca_policy_url 76
+# define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
+
+# define SN_netscape_ssl_server_name "nsSslServerName"
+# define LN_netscape_ssl_server_name "Netscape SSL Server Name"
+# define NID_netscape_ssl_server_name 77
+# define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
+
+# define SN_netscape_comment "nsComment"
+# define LN_netscape_comment "Netscape Comment"
+# define NID_netscape_comment 78
+# define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
+
+# define SN_netscape_cert_sequence "nsCertSequence"
+# define LN_netscape_cert_sequence "Netscape Certificate Sequence"
+# define NID_netscape_cert_sequence 79
+# define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
+
+# define SN_desx_cbc "DESX-CBC"
+# define LN_desx_cbc "desx-cbc"
+# define NID_desx_cbc 80
+
+# define SN_id_ce "id-ce"
+# define NID_id_ce 81
+# define OBJ_id_ce 2L,5L,29L
+
+# define SN_subject_key_identifier "subjectKeyIdentifier"
+# define LN_subject_key_identifier "X509v3 Subject Key Identifier"
+# define NID_subject_key_identifier 82
+# define OBJ_subject_key_identifier OBJ_id_ce,14L
+
+# define SN_key_usage "keyUsage"
+# define LN_key_usage "X509v3 Key Usage"
+# define NID_key_usage 83
+# define OBJ_key_usage OBJ_id_ce,15L
+
+# define SN_private_key_usage_period "privateKeyUsagePeriod"
+# define LN_private_key_usage_period "X509v3 Private Key Usage Period"
+# define NID_private_key_usage_period 84
+# define OBJ_private_key_usage_period OBJ_id_ce,16L
+
+# define SN_subject_alt_name "subjectAltName"
+# define LN_subject_alt_name "X509v3 Subject Alternative Name"
+# define NID_subject_alt_name 85
+# define OBJ_subject_alt_name OBJ_id_ce,17L
+
+# define SN_issuer_alt_name "issuerAltName"
+# define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
+# define NID_issuer_alt_name 86
+# define OBJ_issuer_alt_name OBJ_id_ce,18L
+
+# define SN_basic_constraints "basicConstraints"
+# define LN_basic_constraints "X509v3 Basic Constraints"
+# define NID_basic_constraints 87
+# define OBJ_basic_constraints OBJ_id_ce,19L
+
+# define SN_crl_number "crlNumber"
+# define LN_crl_number "X509v3 CRL Number"
+# define NID_crl_number 88
+# define OBJ_crl_number OBJ_id_ce,20L
+
+# define SN_certificate_policies "certificatePolicies"
+# define LN_certificate_policies "X509v3 Certificate Policies"
+# define NID_certificate_policies 89
+# define OBJ_certificate_policies OBJ_id_ce,32L
+
+# define SN_authority_key_identifier "authorityKeyIdentifier"
+# define LN_authority_key_identifier "X509v3 Authority Key Identifier"
+# define NID_authority_key_identifier 90
+# define OBJ_authority_key_identifier OBJ_id_ce,35L
+
+# define SN_bf_cbc "BF-CBC"
+# define LN_bf_cbc "bf-cbc"
+# define NID_bf_cbc 91
+# define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
+
+# define SN_bf_ecb "BF-ECB"
+# define LN_bf_ecb "bf-ecb"
+# define NID_bf_ecb 92
+
+# define SN_bf_cfb64 "BF-CFB"
+# define LN_bf_cfb64 "bf-cfb"
+# define NID_bf_cfb64 93
+
+# define SN_bf_ofb64 "BF-OFB"
+# define LN_bf_ofb64 "bf-ofb"
+# define NID_bf_ofb64 94
+
+# define SN_mdc2 "MDC2"
+# define LN_mdc2 "mdc2"
+# define NID_mdc2 95
+# define OBJ_mdc2 2L,5L,8L,3L,101L
+/* An alternative? 1L,3L,14L,3L,2L,19L */
+
+# define SN_mdc2WithRSA "RSA-MDC2"
+# define LN_mdc2WithRSA "mdc2withRSA"
+# define NID_mdc2WithRSA 96
+# define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L
+
+# define SN_rc4_40 "RC4-40"
+# define LN_rc4_40 "rc4-40"
+# define NID_rc4_40 97
+
+# define SN_rc2_40_cbc "RC2-40-CBC"
+# define LN_rc2_40_cbc "rc2-40-cbc"
+# define NID_rc2_40_cbc 98
+
+# define SN_givenName "G"
+# define LN_givenName "givenName"
+# define NID_givenName 99
+# define OBJ_givenName OBJ_X509,42L
+
+# define SN_surname "S"
+# define LN_surname "surname"
+# define NID_surname 100
+# define OBJ_surname OBJ_X509,4L
+
+# define SN_initials "I"
+# define LN_initials "initials"
+# define NID_initials 101
+# define OBJ_initials OBJ_X509,43L
+
+# define SN_uniqueIdentifier "UID"
+# define LN_uniqueIdentifier "uniqueIdentifier"
+# define NID_uniqueIdentifier 102
+# define OBJ_uniqueIdentifier OBJ_X509,45L
+
+# define SN_crl_distribution_points "crlDistributionPoints"
+# define LN_crl_distribution_points "X509v3 CRL Distribution Points"
+# define NID_crl_distribution_points 103
+# define OBJ_crl_distribution_points OBJ_id_ce,31L
+
+# define SN_md5WithRSA "RSA-NP-MD5"
+# define LN_md5WithRSA "md5WithRSA"
+# define NID_md5WithRSA 104
+# define OBJ_md5WithRSA OBJ_algorithm,3L
+
+# define SN_serialNumber "SN"
+# define LN_serialNumber "serialNumber"
+# define NID_serialNumber 105
+# define OBJ_serialNumber OBJ_X509,5L
+
+# define SN_title "T"
+# define LN_title "title"
+# define NID_title 106
+# define OBJ_title OBJ_X509,12L
+
+# define SN_description "D"
+# define LN_description "description"
+# define NID_description 107
+# define OBJ_description OBJ_X509,13L
+
+/* CAST5 is CAST-128, I'm just sticking with the documentation */
+# define SN_cast5_cbc "CAST5-CBC"
+# define LN_cast5_cbc "cast5-cbc"
+# define NID_cast5_cbc 108
+# define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L
+
+# define SN_cast5_ecb "CAST5-ECB"
+# define LN_cast5_ecb "cast5-ecb"
+# define NID_cast5_ecb 109
+
+# define SN_cast5_cfb64 "CAST5-CFB"
+# define LN_cast5_cfb64 "cast5-cfb"
+# define NID_cast5_cfb64 110
+
+# define SN_cast5_ofb64 "CAST5-OFB"
+# define LN_cast5_ofb64 "cast5-ofb"
+# define NID_cast5_ofb64 111
+
+# define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
+# define NID_pbeWithMD5AndCast5_CBC 112
+# define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L
+
+/*-
+ * This is one sun will soon be using :-(
+ * id-dsa-with-sha1 ID ::= {
+ * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
+ */
+# define SN_dsaWithSHA1 "DSA-SHA1"
+# define LN_dsaWithSHA1 "dsaWithSHA1"
+# define NID_dsaWithSHA1 113
+# define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L
+
+# define NID_md5_sha1 114
+# define SN_md5_sha1 "MD5-SHA1"
+# define LN_md5_sha1 "md5-sha1"
+
+# define SN_sha1WithRSA "RSA-SHA1-2"
+# define LN_sha1WithRSA "sha1WithRSA"
+# define NID_sha1WithRSA 115
+# define OBJ_sha1WithRSA OBJ_algorithm,29L
+
+# define SN_dsa "DSA"
+# define LN_dsa "dsaEncryption"
+# define NID_dsa 116
+# define OBJ_dsa 1L,2L,840L,10040L,4L,1L
+
+# define SN_ripemd160 "RIPEMD160"
+# define LN_ripemd160 "ripemd160"
+# define NID_ripemd160 117
+# define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
+
+/*
+ * The name should actually be rsaSignatureWithripemd160, but I'm going to
+ * continue using the convention I'm using with the other ciphers
+ */
+# define SN_ripemd160WithRSA "RSA-RIPEMD160"
+# define LN_ripemd160WithRSA "ripemd160WithRSA"
+# define NID_ripemd160WithRSA 119
+# define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
+
+/*-
+ * Taken from rfc2040
+ * RC5_CBC_Parameters ::= SEQUENCE {
+ * version INTEGER (v1_0(16)),
+ * rounds INTEGER (8..127),
+ * blockSizeInBits INTEGER (64, 128),
+ * iv OCTET STRING OPTIONAL
+ * }
+ */
+# define SN_rc5_cbc "RC5-CBC"
+# define LN_rc5_cbc "rc5-cbc"
+# define NID_rc5_cbc 120
+# define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
+
+# define SN_rc5_ecb "RC5-ECB"
+# define LN_rc5_ecb "rc5-ecb"
+# define NID_rc5_ecb 121
+
+# define SN_rc5_cfb64 "RC5-CFB"
+# define LN_rc5_cfb64 "rc5-cfb"
+# define NID_rc5_cfb64 122
+
+# define SN_rc5_ofb64 "RC5-OFB"
+# define LN_rc5_ofb64 "rc5-ofb"
+# define NID_rc5_ofb64 123
+
+# define SN_rle_compression "RLE"
+# define LN_rle_compression "run length compression"
+# define NID_rle_compression 124
+# define OBJ_rle_compression 1L,1L,1L,1L,666L,1L
+
+# define SN_zlib_compression "ZLIB"
+# define LN_zlib_compression "zlib compression"
+# define NID_zlib_compression 125
+# define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L
+
+# define SN_ext_key_usage "extendedKeyUsage"
+# define LN_ext_key_usage "X509v3 Extended Key Usage"
+# define NID_ext_key_usage 126
+# define OBJ_ext_key_usage OBJ_id_ce,37
+
+# define SN_id_pkix "PKIX"
+# define NID_id_pkix 127
+# define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
+
+# define SN_id_kp "id-kp"
+# define NID_id_kp 128
+# define OBJ_id_kp OBJ_id_pkix,3L
+
+/* PKIX extended key usage OIDs */
+
+# define SN_server_auth "serverAuth"
+# define LN_server_auth "TLS Web Server Authentication"
+# define NID_server_auth 129
+# define OBJ_server_auth OBJ_id_kp,1L
+
+# define SN_client_auth "clientAuth"
+# define LN_client_auth "TLS Web Client Authentication"
+# define NID_client_auth 130
+# define OBJ_client_auth OBJ_id_kp,2L
+
+# define SN_code_sign "codeSigning"
+# define LN_code_sign "Code Signing"
+# define NID_code_sign 131
+# define OBJ_code_sign OBJ_id_kp,3L
+
+# define SN_email_protect "emailProtection"
+# define LN_email_protect "E-mail Protection"
+# define NID_email_protect 132
+# define OBJ_email_protect OBJ_id_kp,4L
+
+# define SN_time_stamp "timeStamping"
+# define LN_time_stamp "Time Stamping"
+# define NID_time_stamp 133
+# define OBJ_time_stamp OBJ_id_kp,8L
+
+/* Additional extended key usage OIDs: Microsoft */
+
+# define SN_ms_code_ind "msCodeInd"
+# define LN_ms_code_ind "Microsoft Individual Code Signing"
+# define NID_ms_code_ind 134
+# define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
+
+# define SN_ms_code_com "msCodeCom"
+# define LN_ms_code_com "Microsoft Commercial Code Signing"
+# define NID_ms_code_com 135
+# define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
+
+# define SN_ms_ctl_sign "msCTLSign"
+# define LN_ms_ctl_sign "Microsoft Trust List Signing"
+# define NID_ms_ctl_sign 136
+# define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
+
+# define SN_ms_sgc "msSGC"
+# define LN_ms_sgc "Microsoft Server Gated Crypto"
+# define NID_ms_sgc 137
+# define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
+
+# define SN_ms_efs "msEFS"
+# define LN_ms_efs "Microsoft Encrypted File System"
+# define NID_ms_efs 138
+# define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
+
+/* Additional usage: Netscape */
+
+# define SN_ns_sgc "nsSGC"
+# define LN_ns_sgc "Netscape Server Gated Crypto"
+# define NID_ns_sgc 139
+# define OBJ_ns_sgc OBJ_netscape,4L,1L
+
+# define SN_delta_crl "deltaCRL"
+# define LN_delta_crl "X509v3 Delta CRL Indicator"
+# define NID_delta_crl 140
+# define OBJ_delta_crl OBJ_id_ce,27L
+
+# define SN_crl_reason "CRLReason"
+# define LN_crl_reason "CRL Reason Code"
+# define NID_crl_reason 141
+# define OBJ_crl_reason OBJ_id_ce,21L
+
+# define SN_invalidity_date "invalidityDate"
+# define LN_invalidity_date "Invalidity Date"
+# define NID_invalidity_date 142
+# define OBJ_invalidity_date OBJ_id_ce,24L
+
+# define SN_sxnet "SXNetID"
+# define LN_sxnet "Strong Extranet ID"
+# define NID_sxnet 143
+# define OBJ_sxnet 1L,3L,101L,1L,4L,1L
+
+/* PKCS12 and related OBJECT IDENTIFIERS */
+
+# define OBJ_pkcs12 OBJ_pkcs,12L
+# define OBJ_pkcs12_pbeids OBJ_pkcs12, 1
+
+# define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
+# define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
+# define NID_pbe_WithSHA1And128BitRC4 144
+# define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids, 1L
+
+# define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
+# define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
+# define NID_pbe_WithSHA1And40BitRC4 145
+# define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids, 2L
+
+# define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
+# define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
+# define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
+# define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 3L
+
+# define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
+# define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
+# define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
+# define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 4L
+
+# define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
+# define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
+# define NID_pbe_WithSHA1And128BitRC2_CBC 148
+# define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids, 5L
+
+# define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
+# define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
+# define NID_pbe_WithSHA1And40BitRC2_CBC 149
+# define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L
+
+# define OBJ_pkcs12_Version1 OBJ_pkcs12, 10L
+
+# define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1, 1L
+
+# define LN_keyBag "keyBag"
+# define NID_keyBag 150
+# define OBJ_keyBag OBJ_pkcs12_BagIds, 1L
+
+# define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
+# define NID_pkcs8ShroudedKeyBag 151
+# define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L
+
+# define LN_certBag "certBag"
+# define NID_certBag 152
+# define OBJ_certBag OBJ_pkcs12_BagIds, 3L
+
+# define LN_crlBag "crlBag"
+# define NID_crlBag 153
+# define OBJ_crlBag OBJ_pkcs12_BagIds, 4L
+
+# define LN_secretBag "secretBag"
+# define NID_secretBag 154
+# define OBJ_secretBag OBJ_pkcs12_BagIds, 5L
+
+# define LN_safeContentsBag "safeContentsBag"
+# define NID_safeContentsBag 155
+# define OBJ_safeContentsBag OBJ_pkcs12_BagIds, 6L
+
+# define LN_friendlyName "friendlyName"
+# define NID_friendlyName 156
+# define OBJ_friendlyName OBJ_pkcs9, 20L
+
+# define LN_localKeyID "localKeyID"
+# define NID_localKeyID 157
+# define OBJ_localKeyID OBJ_pkcs9, 21L
+
+# define OBJ_certTypes OBJ_pkcs9, 22L
+
+# define LN_x509Certificate "x509Certificate"
+# define NID_x509Certificate 158
+# define OBJ_x509Certificate OBJ_certTypes, 1L
+
+# define LN_sdsiCertificate "sdsiCertificate"
+# define NID_sdsiCertificate 159
+# define OBJ_sdsiCertificate OBJ_certTypes, 2L
+
+# define OBJ_crlTypes OBJ_pkcs9, 23L
+
+# define LN_x509Crl "x509Crl"
+# define NID_x509Crl 160
+# define OBJ_x509Crl OBJ_crlTypes, 1L
+
+/* PKCS#5 v2 OIDs */
+
+# define LN_pbes2 "PBES2"
+# define NID_pbes2 161
+# define OBJ_pbes2 OBJ_pkcs,5L,13L
+
+# define LN_pbmac1 "PBMAC1"
+# define NID_pbmac1 162
+# define OBJ_pbmac1 OBJ_pkcs,5L,14L
+
+# define LN_hmacWithSHA1 "hmacWithSHA1"
+# define NID_hmacWithSHA1 163
+# define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
+
+/* Policy Qualifier Ids */
+
+# define LN_id_qt_cps "Policy Qualifier CPS"
+# define SN_id_qt_cps "id-qt-cps"
+# define NID_id_qt_cps 164
+# define OBJ_id_qt_cps OBJ_id_pkix,2L,1L
+
+# define LN_id_qt_unotice "Policy Qualifier User Notice"
+# define SN_id_qt_unotice "id-qt-unotice"
+# define NID_id_qt_unotice 165
+# define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L
+
+# define SN_rc2_64_cbc "RC2-64-CBC"
+# define LN_rc2_64_cbc "rc2-64-cbc"
+# define NID_rc2_64_cbc 166
+
+# define SN_SMIMECapabilities "SMIME-CAPS"
+# define LN_SMIMECapabilities "S/MIME Capabilities"
+# define NID_SMIMECapabilities 167
+# define OBJ_SMIMECapabilities OBJ_pkcs9,15L
+
+# define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
+# define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
+# define NID_pbeWithMD2AndRC2_CBC 168
+# define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L
+
+# define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
+# define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
+# define NID_pbeWithMD5AndRC2_CBC 169
+# define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L
+
+# define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
+# define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
+# define NID_pbeWithSHA1AndDES_CBC 170
+# define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L
+
+/* Extension request OIDs */
+
+# define LN_ms_ext_req "Microsoft Extension Request"
+# define SN_ms_ext_req "msExtReq"
+# define NID_ms_ext_req 171
+# define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
+
+# define LN_ext_req "Extension Request"
+# define SN_ext_req "extReq"
+# define NID_ext_req 172
+# define OBJ_ext_req OBJ_pkcs9,14L
+
+# define SN_name "name"
+# define LN_name "name"
+# define NID_name 173
+# define OBJ_name OBJ_X509,41L
+
+# define SN_dnQualifier "dnQualifier"
+# define LN_dnQualifier "dnQualifier"
+# define NID_dnQualifier 174
+# define OBJ_dnQualifier OBJ_X509,46L
+
+# define SN_id_pe "id-pe"
+# define NID_id_pe 175
+# define OBJ_id_pe OBJ_id_pkix,1L
+
+# define SN_id_ad "id-ad"
+# define NID_id_ad 176
+# define OBJ_id_ad OBJ_id_pkix,48L
+
+# define SN_info_access "authorityInfoAccess"
+# define LN_info_access "Authority Information Access"
+# define NID_info_access 177
+# define OBJ_info_access OBJ_id_pe,1L
+
+# define SN_ad_OCSP "OCSP"
+# define LN_ad_OCSP "OCSP"
+# define NID_ad_OCSP 178
+# define OBJ_ad_OCSP OBJ_id_ad,1L
+
+# define SN_ad_ca_issuers "caIssuers"
+# define LN_ad_ca_issuers "CA Issuers"
+# define NID_ad_ca_issuers 179
+# define OBJ_ad_ca_issuers OBJ_id_ad,2L
+
+# define SN_OCSP_sign "OCSPSigning"
+# define LN_OCSP_sign "OCSP Signing"
+# define NID_OCSP_sign 180
+# define OBJ_OCSP_sign OBJ_id_kp,9L
+# endif /* USE_OBJ_MAC */
+
+# include <openssl/bio.h>
+# include <openssl/asn1.h>
+
+# define OBJ_NAME_TYPE_UNDEF 0x00
+# define OBJ_NAME_TYPE_MD_METH 0x01
+# define OBJ_NAME_TYPE_CIPHER_METH 0x02
+# define OBJ_NAME_TYPE_PKEY_METH 0x03
+# define OBJ_NAME_TYPE_COMP_METH 0x04
+# define OBJ_NAME_TYPE_NUM 0x05
+
+# define OBJ_NAME_ALIAS 0x8000
+
+# define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01
+# define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct obj_name_st {
+ int type;
+ int alias;
+ const char *name;
+ const char *data;
+} OBJ_NAME;
+
+# define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
+int OBJ_NAME_init(void);
+int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
+ int (*cmp_func) (const char *, const char *),
+ void (*free_func) (const char *, int, const char *));
+const char *OBJ_NAME_get(const char *name, int type);
+int OBJ_NAME_add(const char *name, int type, const char *data);
+int OBJ_NAME_remove(const char *name, int type);
+void OBJ_NAME_cleanup(int type); /* -1 for everything */
+void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
+ void *arg);
+void OBJ_NAME_do_all_sorted(int type,
+ void (*fn) (const OBJ_NAME *, void *arg),
+ void *arg);
+
+ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+ASN1_OBJECT *OBJ_nid2obj(int n);
+const char *OBJ_nid2ln(int n);
+const char *OBJ_nid2sn(int n);
+int OBJ_obj2nid(const ASN1_OBJECT *o);
+ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+int OBJ_txt2nid(const char *s);
+int OBJ_ln2nid(const char *s);
+int OBJ_sn2nid(const char *s);
+int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
+ int (*cmp) (const void *, const void *));
+const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
+ int size,
+ int (*cmp) (const void *, const void *),
+ int flags);
+
+# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
+ static int nm##_cmp(type1 const *, type2 const *); \
+ scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+# define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \
+ _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
+# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
+ type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+/*-
+ * Unsolved problem: if a type is actually a pointer type, like
+ * nid_triple is, then its impossible to get a const where you need
+ * it. Consider:
+ *
+ * typedef int nid_triple[3];
+ * const void *a_;
+ * const nid_triple const *a = a_;
+ *
+ * The assignement discards a const because what you really want is:
+ *
+ * const int const * const *a = a_;
+ *
+ * But if you do that, you lose the fact that a is an array of 3 ints,
+ * which breaks comparison functions.
+ *
+ * Thus we end up having to cast, sadly, or unpack the
+ * declarations. Or, as I finally did in this case, delcare nid_triple
+ * to be a struct, which it should have been in the first place.
+ *
+ * Ben, August 2008.
+ *
+ * Also, strictly speaking not all types need be const, but handling
+ * the non-constness means a lot of complication, and in practice
+ * comparison routines do always not touch their arguments.
+ */
+
+# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
+ { \
+ type1 const *a = a_; \
+ type2 const *b = b_; \
+ return nm##_cmp(a,b); \
+ } \
+ static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+ { \
+ return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+ nm##_cmp_BSEARCH_CMP_FN); \
+ } \
+ extern void dummy_prototype(void)
+
+# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
+ { \
+ type1 const *a = a_; \
+ type2 const *b = b_; \
+ return nm##_cmp(a,b); \
+ } \
+ type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+ { \
+ return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+ nm##_cmp_BSEARCH_CMP_FN); \
+ } \
+ extern void dummy_prototype(void)
+
+# define OBJ_bsearch(type1,key,type2,base,num,cmp) \
+ ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+ num,sizeof(type2), \
+ ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
+ (void)CHECKED_PTR_OF(type2,cmp##_type_2), \
+ cmp##_BSEARCH_CMP_FN)))
+
+# define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \
+ ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+ num,sizeof(type2), \
+ ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
+ (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
+ cmp##_BSEARCH_CMP_FN)),flags)
+
+int OBJ_new_nid(int num);
+int OBJ_add_object(const ASN1_OBJECT *obj);
+int OBJ_create(const char *oid, const char *sn, const char *ln);
+void OBJ_cleanup(void);
+int OBJ_create_objects(BIO *in);
+
+size_t OBJ_length(const ASN1_OBJECT *obj);
+const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);
+
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
+void OBJ_sigid_free(void);
+
+extern int obj_cleanup_defer;
+void check_defer(int nid);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_OBJ_strings(void);
+
+/* Error codes for the OBJ functions. */
+
+/* Function codes. */
+# define OBJ_F_OBJ_ADD_OBJECT 105
+# define OBJ_F_OBJ_CREATE 100
+# define OBJ_F_OBJ_DUP 101
+# define OBJ_F_OBJ_NAME_NEW_INDEX 106
+# define OBJ_F_OBJ_NID2LN 102
+# define OBJ_F_OBJ_NID2OBJ 103
+# define OBJ_F_OBJ_NID2SN 104
+
+/* Reason codes. */
+# define OBJ_R_MALLOC_FAILURE 100
+# define OBJ_R_UNKNOWN_NID 101
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ocsp.h */
+/*
+ * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project.
+ */
+
+/*
+ * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+ * patch kit.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_OCSP_H
+# define HEADER_OCSP_H
+
+# include <openssl/ossl_typ.h>
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+# include <openssl/safestack.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Various flags and values */
+
+# define OCSP_DEFAULT_NONCE_LENGTH 16
+
+# define OCSP_NOCERTS 0x1
+# define OCSP_NOINTERN 0x2
+# define OCSP_NOSIGS 0x4
+# define OCSP_NOCHAIN 0x8
+# define OCSP_NOVERIFY 0x10
+# define OCSP_NOEXPLICIT 0x20
+# define OCSP_NOCASIGN 0x40
+# define OCSP_NODELEGATED 0x80
+# define OCSP_NOCHECKS 0x100
+# define OCSP_TRUSTOTHER 0x200
+# define OCSP_RESPID_KEY 0x400
+# define OCSP_NOTIME 0x800
+
+typedef struct ocsp_cert_id_st OCSP_CERTID;
+
+DECLARE_STACK_OF(OCSP_CERTID)
+
+typedef struct ocsp_one_request_st OCSP_ONEREQ;
+
+DECLARE_STACK_OF(OCSP_ONEREQ)
+
+typedef struct ocsp_req_info_st OCSP_REQINFO;
+typedef struct ocsp_signature_st OCSP_SIGNATURE;
+typedef struct ocsp_request_st OCSP_REQUEST;
+
+# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
+# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
+# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
+# define OCSP_RESPONSE_STATUS_TRYLATER 3
+# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
+# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
+
+typedef struct ocsp_resp_bytes_st OCSP_RESPBYTES;
+
+# define V_OCSP_RESPID_NAME 0
+# define V_OCSP_RESPID_KEY 1
+
+DECLARE_STACK_OF(OCSP_RESPID)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+
+typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO;
+
+# define V_OCSP_CERTSTATUS_GOOD 0
+# define V_OCSP_CERTSTATUS_REVOKED 1
+# define V_OCSP_CERTSTATUS_UNKNOWN 2
+
+typedef struct ocsp_cert_status_st OCSP_CERTSTATUS;
+typedef struct ocsp_single_response_st OCSP_SINGLERESP;
+
+DECLARE_STACK_OF(OCSP_SINGLERESP)
+
+typedef struct ocsp_response_data_st OCSP_RESPDATA;
+
+typedef struct ocsp_basic_response_st OCSP_BASICRESP;
+
+/*-
+ * CRLReason ::= ENUMERATED {
+ * unspecified (0),
+ * keyCompromise (1),
+ * cACompromise (2),
+ * affiliationChanged (3),
+ * superseded (4),
+ * cessationOfOperation (5),
+ * certificateHold (6),
+ * removeFromCRL (8) }
+ */
+# define OCSP_REVOKED_STATUS_NOSTATUS -1
+# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
+# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
+# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
+# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
+# define OCSP_REVOKED_STATUS_SUPERSEDED 4
+# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
+# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
+# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
+
+typedef struct ocsp_crl_id_st OCSP_CRLID;
+typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
+
+# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
+# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
+
+# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
+
+# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
+
+# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
+
+# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
+ (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
+
+# define PEM_write_bio_OCSP_REQUEST(bp,o) \
+ PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
+ bp,(char *)o, NULL,NULL,0,NULL,NULL)
+
+# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
+ PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
+ bp,(char *)o, NULL,NULL,0,NULL,NULL)
+
+# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
+
+# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
+
+# define OCSP_REQUEST_sign(o,pkey,md) \
+ ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
+ o->optionalSignature->signatureAlgorithm,NULL,\
+ o->optionalSignature->signature,o->tbsRequest,pkey,md)
+
+# define OCSP_BASICRESP_sign(o,pkey,md,d) \
+ ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
+ o->signature,o->tbsResponseData,pkey,md)
+
+# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
+ a->optionalSignature->signatureAlgorithm,\
+ a->optionalSignature->signature,a->tbsRequest,r)
+
+# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
+ a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
+
+# define ASN1_BIT_STRING_digest(data,type,md,len) \
+ ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
+
+# define OCSP_CERTSTATUS_dup(cs)\
+ (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
+ (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
+
+OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
+
+OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
+OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+ int maxline);
+int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
+void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
+ ASN1_VALUE *val);
+int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
+ const ASN1_ITEM *it);
+BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
+int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
+ ASN1_VALUE *val);
+int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+ const char *name, const char *value);
+
+OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
+
+OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+ X509_NAME *issuerName,
+ ASN1_BIT_STRING *issuerKey,
+ ASN1_INTEGER *serialNumber);
+
+OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
+int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
+int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
+int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
+
+int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
+int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+int OCSP_request_sign(OCSP_REQUEST *req,
+ X509 *signer,
+ EVP_PKEY *key,
+ const EVP_MD *dgst,
+ STACK_OF(X509) *certs, unsigned long flags);
+
+int OCSP_response_status(OCSP_RESPONSE *resp);
+OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+
+ASN1_OCTET_STRING *OCSP_resp_get0_signature(OCSP_BASICRESP *bs);
+
+int OCSP_resp_count(OCSP_BASICRESP *bs);
+OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+ ASN1_GENERALIZEDTIME **revtime,
+ ASN1_GENERALIZEDTIME **thisupd,
+ ASN1_GENERALIZEDTIME **nextupd);
+int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+ int *reason,
+ ASN1_GENERALIZEDTIME **revtime,
+ ASN1_GENERALIZEDTIME **thisupd,
+ ASN1_GENERALIZEDTIME **nextupd);
+int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+ ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
+
+int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
+ X509_STORE *store, unsigned long flags);
+
+int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
+ int *pssl);
+
+int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+int OCSP_request_onereq_count(OCSP_REQUEST *req);
+OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
+OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
+int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+ ASN1_OCTET_STRING **pikeyHash,
+ ASN1_INTEGER **pserial, OCSP_CERTID *cid);
+int OCSP_request_is_signed(OCSP_REQUEST *req);
+OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
+ OCSP_CERTID *cid,
+ int status, int reason,
+ ASN1_TIME *revtime,
+ ASN1_TIME *thisupd,
+ ASN1_TIME *nextupd);
+int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
+int OCSP_basic_sign(OCSP_BASICRESP *brsp,
+ X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+ STACK_OF(X509) *certs, unsigned long flags);
+
+X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
+
+X509_EXTENSION *OCSP_accept_responses_new(char **oids);
+
+X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
+
+X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
+
+int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
+int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
+int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
+ int lastpos);
+int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
+X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
+void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
+ int *idx);
+int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
+ unsigned long flags);
+int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
+int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
+int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
+int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
+X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
+void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
+int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
+ unsigned long flags);
+int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
+int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
+int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
+ int lastpos);
+int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
+ int lastpos);
+X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
+X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
+void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
+ int *idx);
+int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
+ int crit, unsigned long flags);
+int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
+int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
+int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
+ int lastpos);
+int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
+ int lastpos);
+X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
+X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
+void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
+ int *idx);
+int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
+ int crit, unsigned long flags);
+int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
+
+DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
+DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
+DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
+DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
+DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
+DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
+DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
+DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
+DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
+
+const char *OCSP_response_status_str(long s);
+const char *OCSP_cert_status_str(long s);
+const char *OCSP_crl_reason_str(long s);
+
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
+int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
+
+int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+ X509_STORE *st, unsigned long flags);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_OCSP_strings(void);
+
+/* Error codes for the OCSP functions. */
+
+/* Function codes. */
+# define OCSP_F_ASN1_STRING_ENCODE 100
+# define OCSP_F_D2I_OCSP_NONCE 102
+# define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
+# define OCSP_F_OCSP_BASIC_SIGN 104
+# define OCSP_F_OCSP_BASIC_VERIFY 105
+# define OCSP_F_OCSP_CERT_ID_NEW 101
+# define OCSP_F_OCSP_CHECK_DELEGATED 106
+# define OCSP_F_OCSP_CHECK_IDS 107
+# define OCSP_F_OCSP_CHECK_ISSUER 108
+# define OCSP_F_OCSP_CHECK_VALIDITY 115
+# define OCSP_F_OCSP_MATCH_ISSUERID 109
+# define OCSP_F_OCSP_PARSE_URL 114
+# define OCSP_F_OCSP_REQUEST_SIGN 110
+# define OCSP_F_OCSP_REQUEST_VERIFY 116
+# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
+# define OCSP_F_OCSP_SENDREQ_BIO 112
+# define OCSP_F_OCSP_SENDREQ_NBIO 117
+# define OCSP_F_PARSE_HTTP_LINE1 118
+# define OCSP_F_REQUEST_VERIFY 113
+
+/* Reason codes. */
+# define OCSP_R_BAD_DATA 100
+# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
+# define OCSP_R_DIGEST_ERR 102
+# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
+# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
+# define OCSP_R_ERROR_PARSING_URL 121
+# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
+# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
+# define OCSP_R_NOT_BASIC_RESPONSE 104
+# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
+# define OCSP_R_NO_CONTENT 106
+# define OCSP_R_NO_PUBLIC_KEY 107
+# define OCSP_R_NO_RESPONSE_DATA 108
+# define OCSP_R_NO_REVOKED_TIME 109
+# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
+# define OCSP_R_REQUEST_NOT_SIGNED 128
+# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
+# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
+# define OCSP_R_SERVER_READ_ERROR 113
+# define OCSP_R_SERVER_RESPONSE_ERROR 114
+# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
+# define OCSP_R_SERVER_WRITE_ERROR 116
+# define OCSP_R_SIGNATURE_FAILURE 117
+# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
+# define OCSP_R_STATUS_EXPIRED 125
+# define OCSP_R_STATUS_NOT_YET_VALID 126
+# define OCSP_R_STATUS_TOO_OLD 127
+# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
+# define OCSP_R_UNKNOWN_NID 120
+# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+#ifndef HEADER_OPENSSLV_H
+# define HEADER_OPENSSLV_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*-
+ * Numeric release version identifier:
+ * MNNFFPPS: major minor fix patch status
+ * The status nibble has one of the values 0 for development, 1 to e for betas
+ * 1 to 14, and f for release. The patch level is exactly that.
+ * For example:
+ * 0.9.3-dev 0x00903000
+ * 0.9.3-beta1 0x00903001
+ * 0.9.3-beta2-dev 0x00903002
+ * 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
+ * 0.9.3 0x0090300f
+ * 0.9.3a 0x0090301f
+ * 0.9.4 0x0090400f
+ * 1.2.3z 0x102031af
+ *
+ * For continuity reasons (because 0.9.5 is already out, and is coded
+ * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
+ * part is slightly different, by setting the highest bit. This means
+ * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
+ * with 0x0090600S...
+ *
+ * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
+ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
+ * major minor fix final patch/beta)
+ */
+# define OPENSSL_VERSION_NUMBER 0x10100000L
+# ifdef OPENSSL_FIPS
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-fips-dev xx XXX xxxx"
+# else
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-dev xx XXX xxxx"
+# endif
+# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
+
+/*-
+ * The macros below are to be used for shared library (.so, .dll, ...)
+ * versioning. That kind of versioning works a bit differently between
+ * operating systems. The most usual scheme is to set a major and a minor
+ * number, and have the runtime loader check that the major number is equal
+ * to what it was at application link time, while the minor number has to
+ * be greater or equal to what it was at application link time. With this
+ * scheme, the version number is usually part of the file name, like this:
+ *
+ * libcrypto.so.0.9
+ *
+ * Some unixen also make a softlink with the major verson number only:
+ *
+ * libcrypto.so.0
+ *
+ * On Tru64 and IRIX 6.x it works a little bit differently. There, the
+ * shared library version is stored in the file, and is actually a series
+ * of versions, separated by colons. The rightmost version present in the
+ * library when linking an application is stored in the application to be
+ * matched at run time. When the application is run, a check is done to
+ * see if the library version stored in the application matches any of the
+ * versions in the version string of the library itself.
+ * This version string can be constructed in any way, depending on what
+ * kind of matching is desired. However, to implement the same scheme as
+ * the one used in the other unixen, all compatible versions, from lowest
+ * to highest, should be part of the string. Consecutive builds would
+ * give the following versions strings:
+ *
+ * 3.0
+ * 3.0:3.1
+ * 3.0:3.1:3.2
+ * 4.0
+ * 4.0:4.1
+ *
+ * Notice how version 4 is completely incompatible with version, and
+ * therefore give the breach you can see.
+ *
+ * There may be other schemes as well that I haven't yet discovered.
+ *
+ * So, here's the way it works here: first of all, the library version
+ * number doesn't need at all to match the overall OpenSSL version.
+ * However, it's nice and more understandable if it actually does.
+ * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
+ * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
+ * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
+ * we need to keep a history of version numbers, which is done in the
+ * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
+ * should only keep the versions that are binary compatible with the current.
+ */
+# define SHLIB_VERSION_HISTORY ""
+# define SHLIB_VERSION_NUMBER "1.1"
+
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* HEADER_OPENSSLV_H */
--- /dev/null
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_OPENSSL_TYPES_H
+# define HEADER_OPENSSL_TYPES_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/e_os2.h>
+
+# ifdef NO_ASN1_TYPEDEFS
+# define ASN1_INTEGER ASN1_STRING
+# define ASN1_ENUMERATED ASN1_STRING
+# define ASN1_BIT_STRING ASN1_STRING
+# define ASN1_OCTET_STRING ASN1_STRING
+# define ASN1_PRINTABLESTRING ASN1_STRING
+# define ASN1_T61STRING ASN1_STRING
+# define ASN1_IA5STRING ASN1_STRING
+# define ASN1_UTCTIME ASN1_STRING
+# define ASN1_GENERALIZEDTIME ASN1_STRING
+# define ASN1_TIME ASN1_STRING
+# define ASN1_GENERALSTRING ASN1_STRING
+# define ASN1_UNIVERSALSTRING ASN1_STRING
+# define ASN1_BMPSTRING ASN1_STRING
+# define ASN1_VISIBLESTRING ASN1_STRING
+# define ASN1_UTF8STRING ASN1_STRING
+# define ASN1_BOOLEAN int
+# define ASN1_NULL int
+# else
+typedef struct asn1_string_st ASN1_INTEGER;
+typedef struct asn1_string_st ASN1_ENUMERATED;
+typedef struct asn1_string_st ASN1_BIT_STRING;
+typedef struct asn1_string_st ASN1_OCTET_STRING;
+typedef struct asn1_string_st ASN1_PRINTABLESTRING;
+typedef struct asn1_string_st ASN1_T61STRING;
+typedef struct asn1_string_st ASN1_IA5STRING;
+typedef struct asn1_string_st ASN1_GENERALSTRING;
+typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
+typedef struct asn1_string_st ASN1_BMPSTRING;
+typedef struct asn1_string_st ASN1_UTCTIME;
+typedef struct asn1_string_st ASN1_TIME;
+typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
+typedef struct asn1_string_st ASN1_VISIBLESTRING;
+typedef struct asn1_string_st ASN1_UTF8STRING;
+typedef struct asn1_string_st ASN1_STRING;
+typedef int ASN1_BOOLEAN;
+typedef int ASN1_NULL;
+# endif
+
+typedef struct asn1_object_st ASN1_OBJECT;
+
+typedef struct ASN1_ITEM_st ASN1_ITEM;
+typedef struct asn1_pctx_st ASN1_PCTX;
+typedef struct asn1_sctx_st ASN1_SCTX;
+
+# ifdef OPENSSL_SYS_WIN32
+# undef X509_NAME
+# undef X509_EXTENSIONS
+# undef PKCS7_ISSUER_AND_SERIAL
+# undef OCSP_REQUEST
+# undef OCSP_RESPONSE
+# endif
+
+# ifdef BIGNUM
+# undef BIGNUM
+# endif
+typedef struct bignum_st BIGNUM;
+typedef struct bignum_ctx BN_CTX;
+typedef struct bn_blinding_st BN_BLINDING;
+typedef struct bn_mont_ctx_st BN_MONT_CTX;
+typedef struct bn_recp_ctx_st BN_RECP_CTX;
+typedef struct bn_gencb_st BN_GENCB;
+
+typedef struct buf_mem_st BUF_MEM;
+
+typedef struct evp_cipher_st EVP_CIPHER;
+typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
+typedef struct env_md_st EVP_MD;
+typedef struct env_md_ctx_st EVP_MD_CTX;
+typedef struct evp_pkey_st EVP_PKEY;
+
+typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+
+typedef struct dh_st DH;
+typedef struct dh_method DH_METHOD;
+
+typedef struct dsa_st DSA;
+typedef struct dsa_method DSA_METHOD;
+
+typedef struct rsa_st RSA;
+typedef struct rsa_meth_st RSA_METHOD;
+
+typedef struct rand_meth_st RAND_METHOD;
+
+typedef struct ecdh_method ECDH_METHOD;
+typedef struct ecdsa_method ECDSA_METHOD;
+
+typedef struct x509_st X509;
+typedef struct X509_algor_st X509_ALGOR;
+typedef struct X509_crl_st X509_CRL;
+typedef struct x509_crl_method_st X509_CRL_METHOD;
+typedef struct x509_revoked_st X509_REVOKED;
+typedef struct X509_name_st X509_NAME;
+typedef struct X509_pubkey_st X509_PUBKEY;
+typedef struct x509_store_st X509_STORE;
+typedef struct x509_store_ctx_st X509_STORE_CTX;
+
+typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
+
+typedef struct v3_ext_ctx X509V3_CTX;
+typedef struct conf_st CONF;
+
+typedef struct store_st STORE;
+typedef struct store_method_st STORE_METHOD;
+
+typedef struct ui_st UI;
+typedef struct ui_method_st UI_METHOD;
+
+typedef struct st_ERR_FNS ERR_FNS;
+
+typedef struct engine_st ENGINE;
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
+
+typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
+typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
+typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
+typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
+
+typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
+typedef struct DIST_POINT_st DIST_POINT;
+typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
+typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
+
+typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
+/* Callback types for crypto.h */
+typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+ int idx, long argl, void *argp);
+typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+ int idx, long argl, void *argp);
+typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
+ void *from_d, int idx, long argl, void *argp);
+
+typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
+typedef struct ocsp_response_st OCSP_RESPONSE;
+typedef struct ocsp_responder_id_st OCSP_RESPID;
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* def HEADER_OPENSSL_TYPES_H */
--- /dev/null
+/* crypto/pem/pem.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PEM_H
+# define HEADER_PEM_H
+
+# include <openssl/e_os2.h>
+# include <openssl/bio.h>
+# include <openssl/stack.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem2.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define PEM_BUFSIZE 1024
+
+# define PEM_OBJ_UNDEF 0
+# define PEM_OBJ_X509 1
+# define PEM_OBJ_X509_REQ 2
+# define PEM_OBJ_CRL 3
+# define PEM_OBJ_SSL_SESSION 4
+# define PEM_OBJ_PRIV_KEY 10
+# define PEM_OBJ_PRIV_RSA 11
+# define PEM_OBJ_PRIV_DSA 12
+# define PEM_OBJ_PRIV_DH 13
+# define PEM_OBJ_PUB_RSA 14
+# define PEM_OBJ_PUB_DSA 15
+# define PEM_OBJ_PUB_DH 16
+# define PEM_OBJ_DHPARAMS 17
+# define PEM_OBJ_DSAPARAMS 18
+# define PEM_OBJ_PRIV_RSA_PUBLIC 19
+# define PEM_OBJ_PRIV_ECDSA 20
+# define PEM_OBJ_PUB_ECDSA 21
+# define PEM_OBJ_ECPARAMETERS 22
+
+# define PEM_ERROR 30
+# define PEM_DEK_DES_CBC 40
+# define PEM_DEK_IDEA_CBC 45
+# define PEM_DEK_DES_EDE 50
+# define PEM_DEK_DES_ECB 60
+# define PEM_DEK_RSA 70
+# define PEM_DEK_RSA_MD2 80
+# define PEM_DEK_RSA_MD5 90
+
+# define PEM_MD_MD2 NID_md2
+# define PEM_MD_MD5 NID_md5
+# define PEM_MD_SHA NID_sha
+# define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
+# define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
+# define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
+
+# define PEM_STRING_X509_OLD "X509 CERTIFICATE"
+# define PEM_STRING_X509 "CERTIFICATE"
+# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
+# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
+# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
+# define PEM_STRING_X509_CRL "X509 CRL"
+# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
+# define PEM_STRING_PUBLIC "PUBLIC KEY"
+# define PEM_STRING_RSA "RSA PRIVATE KEY"
+# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
+# define PEM_STRING_DSA "DSA PRIVATE KEY"
+# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
+# define PEM_STRING_PKCS7 "PKCS7"
+# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
+# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
+# define PEM_STRING_PKCS8INF "PRIVATE KEY"
+# define PEM_STRING_DHPARAMS "DH PARAMETERS"
+# define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS"
+# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
+# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
+# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
+# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
+# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
+# define PEM_STRING_PARAMETERS "PARAMETERS"
+# define PEM_STRING_CMS "CMS"
+
+ /*
+ * Note that this structure is initialised by PEM_SealInit and cleaned up
+ * by PEM_SealFinal (at least for now)
+ */
+typedef struct PEM_Encode_Seal_st {
+ EVP_ENCODE_CTX encode;
+ EVP_MD_CTX md;
+ EVP_CIPHER_CTX cipher;
+} PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+# define PEM_TYPE_ENCRYPTED 10
+# define PEM_TYPE_MIC_ONLY 20
+# define PEM_TYPE_MIC_CLEAR 30
+# define PEM_TYPE_CLEAR 40
+
+typedef struct pem_recip_st {
+ char *name;
+ X509_NAME *dn;
+ int cipher;
+ int key_enc;
+ /* char iv[8]; unused and wrong size */
+} PEM_USER;
+
+typedef struct pem_ctx_st {
+ int type; /* what type of object */
+ struct {
+ int version;
+ int mode;
+ } proc_type;
+
+ char *domain;
+
+ struct {
+ int cipher;
+ /*-
+ unused, and wrong size
+ unsigned char iv[8]; */
+ } DEK_info;
+
+ PEM_USER *originator;
+
+ int num_recipient;
+ PEM_USER **recipient;
+
+/*-
+ XXX(ben): don#t think this is used!
+ STACK *x509_chain; / * certificate chain */
+ EVP_MD *md; /* signature type */
+
+ int md_enc; /* is the md encrypted or not? */
+ int md_len; /* length of md_data */
+ char *md_data; /* message digest, could be pkey encrypted */
+
+ EVP_CIPHER *dec; /* date encryption cipher */
+ int key_len; /* key length */
+ unsigned char *key; /* key */
+ /*-
+ unused, and wrong size
+ unsigned char iv[8]; */
+
+ int data_enc; /* is the data encrypted */
+ int data_len;
+ unsigned char *data;
+} PEM_CTX;
+
+/*
+ * These macros make the PEM_read/PEM_write functions easier to maintain and
+ * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
+ * IMPLEMENT_PEM_rw_cb(...)
+ */
+
+# ifdef OPENSSL_NO_STDIO
+
+# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
+# else
+
+# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
+type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
+{ \
+return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
+}
+
+# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x) \
+{ \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, const type *x) \
+{ \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, \
+ void *u) \
+ { \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
+ }
+
+# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, \
+ void *u) \
+ { \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
+ }
+
+# endif
+
+# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
+{ \
+return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
+}
+
+# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x) \
+{ \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, const type *x) \
+{ \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
+ { \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
+ }
+
+# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
+ { \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
+ }
+
+# define IMPLEMENT_PEM_write(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb(name, type, str, asn1)
+
+/* These are the same except they are for the declarations */
+
+# if defined(OPENSSL_NO_STDIO)
+
+# define DECLARE_PEM_read_fp(name, type) /**/
+# define DECLARE_PEM_write_fp(name, type) /**/
+# define DECLARE_PEM_write_cb_fp(name, type) /**/
+# else
+
+# define DECLARE_PEM_read_fp(name, type) \
+ type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
+
+# define DECLARE_PEM_write_fp(name, type) \
+ int PEM_write_##name(FILE *fp, type *x);
+
+# define DECLARE_PEM_write_fp_const(name, type) \
+ int PEM_write_##name(FILE *fp, const type *x);
+
+# define DECLARE_PEM_write_cb_fp(name, type) \
+ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
+
+# endif
+
+# define DECLARE_PEM_read_bio(name, type) \
+ type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
+
+# define DECLARE_PEM_write_bio(name, type) \
+ int PEM_write_bio_##name(BIO *bp, type *x);
+
+# define DECLARE_PEM_write_bio_const(name, type) \
+ int PEM_write_bio_##name(BIO *bp, const type *x);
+
+# define DECLARE_PEM_write_cb_bio(name, type) \
+ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
+
+# define DECLARE_PEM_write(name, type) \
+ DECLARE_PEM_write_bio(name, type) \
+ DECLARE_PEM_write_fp(name, type)
+# define DECLARE_PEM_write_const(name, type) \
+ DECLARE_PEM_write_bio_const(name, type) \
+ DECLARE_PEM_write_fp_const(name, type)
+# define DECLARE_PEM_write_cb(name, type) \
+ DECLARE_PEM_write_cb_bio(name, type) \
+ DECLARE_PEM_write_cb_fp(name, type)
+# define DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_read_bio(name, type) \
+ DECLARE_PEM_read_fp(name, type)
+# define DECLARE_PEM_rw(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write(name, type)
+# define DECLARE_PEM_rw_const(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write_const(name, type)
+# define DECLARE_PEM_rw_cb(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write_cb(name, type)
+typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
+
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
+ pem_password_cb *callback, void *u);
+
+int PEM_read_bio(BIO *bp, char **name, char **header,
+ unsigned char **data, long *len);
+int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
+ const unsigned char *data, long len);
+int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+ const char *name, BIO *bp, pem_password_cb *cb,
+ void *u);
+void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
+ pem_password_cb *cb, void *u);
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
+ const EVP_CIPHER *enc, unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+
+STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u);
+int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cd, void *u);
+
+int PEM_read(FILE *fp, char **name, char **header,
+ unsigned char **data, long *len);
+int PEM_write(FILE *fp, const char *name, const char *hdr,
+ const unsigned char *data, long len);
+void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+ pem_password_cb *cb, void *u);
+int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
+ void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+ int klen, pem_password_cb *callback, void *u);
+STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u);
+
+int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+ EVP_MD *md_type, unsigned char **ek, int *ekl,
+ unsigned char *iv, EVP_PKEY **pubk, int npubk);
+int PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+ unsigned char *in, int inl);
+int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
+ unsigned char *out, int *outl, EVP_PKEY *priv);
+
+int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ unsigned int *siglen, EVP_PKEY *pkey);
+
+int PEM_def_callback(char *buf, int num, int w, void *key);
+void PEM_proc_type(char *buf, int type);
+void PEM_dek_info(char *buf, const char *type, int len, char *str);
+
+# include <openssl/symhacks.h>
+
+DECLARE_PEM_rw(X509, X509)
+DECLARE_PEM_rw(X509_AUX, X509)
+DECLARE_PEM_rw(X509_REQ, X509_REQ)
+DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
+DECLARE_PEM_rw(X509_CRL, X509_CRL)
+DECLARE_PEM_rw(PKCS7, PKCS7)
+DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
+DECLARE_PEM_rw(PKCS8, X509_SIG)
+DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
+# ifndef OPENSSL_NO_RSA
+DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
+DECLARE_PEM_rw_const(RSAPublicKey, RSA)
+DECLARE_PEM_rw(RSA_PUBKEY, RSA)
+# endif
+# ifndef OPENSSL_NO_DSA
+DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
+DECLARE_PEM_rw(DSA_PUBKEY, DSA)
+DECLARE_PEM_rw_const(DSAparams, DSA)
+# endif
+# ifndef OPENSSL_NO_EC
+DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
+DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
+# endif
+# ifndef OPENSSL_NO_DH
+DECLARE_PEM_rw_const(DHparams, DH)
+DECLARE_PEM_write_const(DHxparams, DH)
+# endif
+DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
+DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
+
+int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
+ char *, int, pem_password_cb *, void *);
+int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u);
+
+int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+
+EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u);
+
+int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen, pem_password_cb *cd,
+ void *u);
+
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
+EVP_PKEY *b2i_PublicKey_bio(BIO *in);
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
+# ifndef OPENSSL_NO_RC4
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PEM_strings(void);
+
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+# define PEM_F_B2I_DSS 127
+# define PEM_F_B2I_PVK_BIO 128
+# define PEM_F_B2I_RSA 129
+# define PEM_F_CHECK_BITLEN_DSA 130
+# define PEM_F_CHECK_BITLEN_RSA 131
+# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
+# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
+# define PEM_F_DO_B2I 132
+# define PEM_F_DO_B2I_BIO 133
+# define PEM_F_DO_BLOB_HEADER 134
+# define PEM_F_DO_PK8PKEY 126
+# define PEM_F_DO_PK8PKEY_FP 125
+# define PEM_F_DO_PVK_BODY 135
+# define PEM_F_DO_PVK_HEADER 136
+# define PEM_F_I2B_PVK 137
+# define PEM_F_I2B_PVK_BIO 138
+# define PEM_F_LOAD_IV 101
+# define PEM_F_PEM_ASN1_READ 102
+# define PEM_F_PEM_ASN1_READ_BIO 103
+# define PEM_F_PEM_ASN1_WRITE 104
+# define PEM_F_PEM_ASN1_WRITE_BIO 105
+# define PEM_F_PEM_DEF_CALLBACK 100
+# define PEM_F_PEM_DO_HEADER 106
+# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
+# define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+# define PEM_F_PEM_PK8PKEY 119
+# define PEM_F_PEM_READ 108
+# define PEM_F_PEM_READ_BIO 109
+# define PEM_F_PEM_READ_BIO_DHPARAMS 141
+# define PEM_F_PEM_READ_BIO_PARAMETERS 140
+# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
+# define PEM_F_PEM_READ_DHPARAMS 142
+# define PEM_F_PEM_READ_PRIVATEKEY 124
+# define PEM_F_PEM_SEALFINAL 110
+# define PEM_F_PEM_SEALINIT 111
+# define PEM_F_PEM_SIGNFINAL 112
+# define PEM_F_PEM_WRITE 113
+# define PEM_F_PEM_WRITE_BIO 114
+# define PEM_F_PEM_WRITE_PRIVATEKEY 139
+# define PEM_F_PEM_X509_INFO_READ 115
+# define PEM_F_PEM_X509_INFO_READ_BIO 116
+# define PEM_F_PEM_X509_INFO_WRITE_BIO 117
+
+/* Reason codes. */
+# define PEM_R_BAD_BASE64_DECODE 100
+# define PEM_R_BAD_DECRYPT 101
+# define PEM_R_BAD_END_LINE 102
+# define PEM_R_BAD_IV_CHARS 103
+# define PEM_R_BAD_MAGIC_NUMBER 116
+# define PEM_R_BAD_PASSWORD_READ 104
+# define PEM_R_BAD_VERSION_NUMBER 117
+# define PEM_R_BIO_WRITE_FAILURE 118
+# define PEM_R_CIPHER_IS_NULL 127
+# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
+# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
+# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
+# define PEM_R_INCONSISTENT_HEADER 121
+# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
+# define PEM_R_KEYBLOB_TOO_SHORT 123
+# define PEM_R_NOT_DEK_INFO 105
+# define PEM_R_NOT_ENCRYPTED 106
+# define PEM_R_NOT_PROC_TYPE 107
+# define PEM_R_NO_START_LINE 108
+# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+# define PEM_R_PUBLIC_KEY_NO_RSA 110
+# define PEM_R_PVK_DATA_TOO_SHORT 124
+# define PEM_R_PVK_TOO_SHORT 125
+# define PEM_R_READ_KEY 111
+# define PEM_R_SHORT_HEADER 112
+# define PEM_R_UNSUPPORTED_CIPHER 113
+# define PEM_R_UNSUPPORTED_ENCRYPTION 114
+# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * This header only exists to break a circular dependency between pem and err
+ * Ben 30 Jan 1999.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef HEADER_PEM_H
+void ERR_load_PEM_strings(void);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
--- /dev/null
+/* pkcs12.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_PKCS12_H
+# define HEADER_PKCS12_H
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define PKCS12_KEY_ID 1
+# define PKCS12_IV_ID 2
+# define PKCS12_MAC_ID 3
+
+/* Default iteration count */
+# ifndef PKCS12_DEFAULT_ITER
+# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
+# endif
+
+# define PKCS12_MAC_KEY_LENGTH 20
+
+# define PKCS12_SALT_LEN 8
+
+/* Uncomment out next line for unicode password and names, otherwise ASCII */
+
+/*
+ * #define PBE_UNICODE
+ */
+
+# ifdef PBE_UNICODE
+# define PKCS12_key_gen PKCS12_key_gen_uni
+# define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
+# else
+# define PKCS12_key_gen PKCS12_key_gen_asc
+# define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
+# endif
+
+/* MS key usage constants */
+
+# define KEY_EX 0x10
+# define KEY_SIG 0x80
+
+typedef struct {
+ X509_SIG *dinfo;
+ ASN1_OCTET_STRING *salt;
+ ASN1_INTEGER *iter; /* defaults to 1 */
+} PKCS12_MAC_DATA;
+
+typedef struct {
+ ASN1_INTEGER *version;
+ PKCS12_MAC_DATA *mac;
+ PKCS7 *authsafes;
+} PKCS12;
+
+typedef struct {
+ ASN1_OBJECT *type;
+ union {
+ struct pkcs12_bag_st *bag; /* secret, crl and certbag */
+ struct pkcs8_priv_key_info_st *keybag; /* keybag */
+ X509_SIG *shkeybag; /* shrouded key bag */
+ STACK_OF(PKCS12_SAFEBAG) *safes;
+ ASN1_TYPE *other;
+ } value;
+ STACK_OF(X509_ATTRIBUTE) *attrib;
+} PKCS12_SAFEBAG;
+
+DECLARE_STACK_OF(PKCS12_SAFEBAG)
+
+typedef struct pkcs12_bag_st {
+ ASN1_OBJECT *type;
+ union {
+ ASN1_OCTET_STRING *x509cert;
+ ASN1_OCTET_STRING *x509crl;
+ ASN1_OCTET_STRING *octet;
+ ASN1_IA5STRING *sdsicert;
+ ASN1_TYPE *other; /* Secret or other bag */
+ } value;
+} PKCS12_BAGS;
+
+# define PKCS12_ERROR 0
+# define PKCS12_OK 1
+
+/* Compatibility macros */
+
+# define M_PKCS12_x5092certbag PKCS12_x5092certbag
+# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
+
+# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
+# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
+
+# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
+# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
+# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
+# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
+
+# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
+# define M_PKCS8_decrypt PKCS8_decrypt
+
+# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
+# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
+# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
+
+# define PKCS12_get_attr(bag, attr_nid) \
+ PKCS12_get_attr_gen(bag->attrib, attr_nid)
+
+# define PKCS8_get_attr(p8, attr_nid) \
+ PKCS12_get_attr_gen(p8->attributes, attr_nid)
+
+# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
+
+PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
+PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
+X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
+X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
+
+PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
+ int nid1, int nid2);
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
+PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
+ int passlen);
+PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
+ const char *pass, int passlen);
+X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
+ const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
+ int passlen, unsigned char *salt,
+ int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8);
+PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ STACK_OF(PKCS12_SAFEBAG) *bags);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
+ int passlen);
+
+int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
+STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
+
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
+ int namelen);
+int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
+int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
+ const unsigned char *name, int namelen);
+int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
+ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
+char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
+unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
+ int passlen, unsigned char *in, int inlen,
+ unsigned char **data, int *datalen,
+ int en_de);
+void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ ASN1_OCTET_STRING *oct, int zbuf);
+ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
+ const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ void *obj, int zbuf);
+PKCS12 *PKCS12_init(int mode);
+int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type);
+int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md_type, int en_de);
+int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *mac, unsigned int *maclen);
+int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
+int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *md_type);
+int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
+ int saltlen, const EVP_MD *md_type);
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
+ unsigned char **uni, int *unilen);
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
+
+DECLARE_ASN1_FUNCTIONS(PKCS12)
+DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
+DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+
+void PKCS12_PBE_add(void);
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+ STACK_OF(X509) **ca);
+PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
+ STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
+ int mac_iter, int keytype);
+
+PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
+PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
+ EVP_PKEY *key, int key_usage, int iter,
+ int key_nid, char *pass);
+int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
+ int safe_nid, int iter, char *pass);
+PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
+
+int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
+int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
+PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
+PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
+int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PKCS12_strings(void);
+
+/* Error codes for the PKCS12 functions. */
+
+/* Function codes. */
+# define PKCS12_F_PARSE_BAG 129
+# define PKCS12_F_PARSE_BAGS 103
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
+# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
+# define PKCS12_F_PKCS12_CREATE 105
+# define PKCS12_F_PKCS12_GEN_MAC 107
+# define PKCS12_F_PKCS12_INIT 109
+# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
+# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
+# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
+# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
+# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
+# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
+# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
+# define PKCS12_F_PKCS12_NEWPASS 128
+# define PKCS12_F_PKCS12_PACK_P7DATA 114
+# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
+# define PKCS12_F_PKCS12_PARSE 118
+# define PKCS12_F_PKCS12_PBE_CRYPT 119
+# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
+# define PKCS12_F_PKCS12_SETUP_MAC 122
+# define PKCS12_F_PKCS12_SET_MAC 123
+# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
+# define PKCS12_F_PKCS12_UNPACK_P7DATA 131
+# define PKCS12_F_PKCS12_VERIFY_MAC 126
+# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
+# define PKCS12_F_PKCS8_ENCRYPT 125
+
+/* Reason codes. */
+# define PKCS12_R_CANT_PACK_STRUCTURE 100
+# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
+# define PKCS12_R_DECODE_ERROR 101
+# define PKCS12_R_ENCODE_ERROR 102
+# define PKCS12_R_ENCRYPT_ERROR 103
+# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
+# define PKCS12_R_INVALID_NULL_ARGUMENT 104
+# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
+# define PKCS12_R_IV_GEN_ERROR 106
+# define PKCS12_R_KEY_GEN_ERROR 107
+# define PKCS12_R_MAC_ABSENT 108
+# define PKCS12_R_MAC_GENERATION_ERROR 109
+# define PKCS12_R_MAC_SETUP_ERROR 110
+# define PKCS12_R_MAC_STRING_SET_ERROR 111
+# define PKCS12_R_MAC_VERIFY_ERROR 112
+# define PKCS12_R_MAC_VERIFY_FAILURE 113
+# define PKCS12_R_PARSE_ERROR 114
+# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
+# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
+# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
+# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
+# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/pkcs7/pkcs7.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PKCS7_H
+# define HEADER_PKCS7_H
+
+# include <openssl/asn1.h>
+# include <openssl/bio.h>
+# include <openssl/e_os2.h>
+
+# include <openssl/symhacks.h>
+# include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_SYS_WIN32
+/* Under Win32 thes are defined in wincrypt.h */
+# undef PKCS7_ISSUER_AND_SERIAL
+# undef PKCS7_SIGNER_INFO
+# endif
+
+/*-
+Encryption_ID DES-CBC
+Digest_ID MD5
+Digest_Encryption_ID rsaEncryption
+Key_Encryption_ID rsaEncryption
+*/
+
+typedef struct pkcs7_issuer_and_serial_st {
+ X509_NAME *issuer;
+ ASN1_INTEGER *serial;
+} PKCS7_ISSUER_AND_SERIAL;
+
+typedef struct pkcs7_signer_info_st {
+ ASN1_INTEGER *version; /* version 1 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *digest_alg;
+ STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
+ X509_ALGOR *digest_enc_alg;
+ ASN1_OCTET_STRING *enc_digest;
+ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
+ /* The private key to sign with */
+ EVP_PKEY *pkey;
+} PKCS7_SIGNER_INFO;
+
+DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
+
+typedef struct pkcs7_recip_info_st {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *key_enc_algor;
+ ASN1_OCTET_STRING *enc_key;
+ X509 *cert; /* get the pub-key from this */
+} PKCS7_RECIP_INFO;
+
+DECLARE_STACK_OF(PKCS7_RECIP_INFO)
+
+typedef struct pkcs7_signed_st {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK_OF(X509_ALGOR) *md_algs; /* md used */
+ STACK_OF(X509) *cert; /* [ 0 ] */
+ STACK_OF(X509_CRL) *crl; /* [ 1 ] */
+ STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
+ struct pkcs7_st *contents;
+} PKCS7_SIGNED;
+/*
+ * The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
+ * merging the two
+ */
+
+typedef struct pkcs7_enc_content_st {
+ ASN1_OBJECT *content_type;
+ X509_ALGOR *algorithm;
+ ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
+ const EVP_CIPHER *cipher;
+} PKCS7_ENC_CONTENT;
+
+typedef struct pkcs7_enveloped_st {
+ ASN1_INTEGER *version; /* version 0 */
+ STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
+ PKCS7_ENC_CONTENT *enc_data;
+} PKCS7_ENVELOPE;
+
+typedef struct pkcs7_signedandenveloped_st {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK_OF(X509_ALGOR) *md_algs; /* md used */
+ STACK_OF(X509) *cert; /* [ 0 ] */
+ STACK_OF(X509_CRL) *crl; /* [ 1 ] */
+ STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
+ PKCS7_ENC_CONTENT *enc_data;
+ STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
+} PKCS7_SIGN_ENVELOPE;
+
+typedef struct pkcs7_digest_st {
+ ASN1_INTEGER *version; /* version 0 */
+ X509_ALGOR *md; /* md used */
+ struct pkcs7_st *contents;
+ ASN1_OCTET_STRING *digest;
+} PKCS7_DIGEST;
+
+typedef struct pkcs7_encrypted_st {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ENC_CONTENT *enc_data;
+} PKCS7_ENCRYPT;
+
+typedef struct pkcs7_st {
+ /*
+ * The following is non NULL if it contains ASN1 encoding of this
+ * structure
+ */
+ unsigned char *asn1;
+ long length;
+# define PKCS7_S_HEADER 0
+# define PKCS7_S_BODY 1
+# define PKCS7_S_TAIL 2
+ int state; /* used during processing */
+ int detached;
+ ASN1_OBJECT *type;
+ /* content as defined by the type */
+ /*
+ * all encryption/message digests are applied to the 'contents', leaving
+ * out the 'type' field.
+ */
+ union {
+ char *ptr;
+ /* NID_pkcs7_data */
+ ASN1_OCTET_STRING *data;
+ /* NID_pkcs7_signed */
+ PKCS7_SIGNED *sign;
+ /* NID_pkcs7_enveloped */
+ PKCS7_ENVELOPE *enveloped;
+ /* NID_pkcs7_signedAndEnveloped */
+ PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
+ /* NID_pkcs7_digest */
+ PKCS7_DIGEST *digest;
+ /* NID_pkcs7_encrypted */
+ PKCS7_ENCRYPT *encrypted;
+ /* Anything else */
+ ASN1_TYPE *other;
+ } d;
+} PKCS7;
+
+DECLARE_STACK_OF(PKCS7)
+
+# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
+# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
+
+# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
+# define PKCS7_get_attributes(si) ((si)->unauth_attr)
+
+# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
+# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
+# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
+# define PKCS7_type_is_signedAndEnveloped(a) \
+ (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
+# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
+# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
+
+# define PKCS7_set_detached(p,v) \
+ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
+# define PKCS7_get_detached(p) \
+ PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
+
+# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
+
+/* S/MIME related flags */
+
+# define PKCS7_TEXT 0x1
+# define PKCS7_NOCERTS 0x2
+# define PKCS7_NOSIGS 0x4
+# define PKCS7_NOCHAIN 0x8
+# define PKCS7_NOINTERN 0x10
+# define PKCS7_NOVERIFY 0x20
+# define PKCS7_DETACHED 0x40
+# define PKCS7_BINARY 0x80
+# define PKCS7_NOATTR 0x100
+# define PKCS7_NOSMIMECAP 0x200
+# define PKCS7_NOOLDMIMETYPE 0x400
+# define PKCS7_CRLFEOL 0x800
+# define PKCS7_STREAM 0x1000
+# define PKCS7_NOCRL 0x2000
+# define PKCS7_PARTIAL 0x4000
+# define PKCS7_REUSE_DIGEST 0x8000
+
+/* Flags: for compatibility with older code */
+
+# define SMIME_TEXT PKCS7_TEXT
+# define SMIME_NOCERTS PKCS7_NOCERTS
+# define SMIME_NOSIGS PKCS7_NOSIGS
+# define SMIME_NOCHAIN PKCS7_NOCHAIN
+# define SMIME_NOINTERN PKCS7_NOINTERN
+# define SMIME_NOVERIFY PKCS7_NOVERIFY
+# define SMIME_DETACHED PKCS7_DETACHED
+# define SMIME_BINARY PKCS7_BINARY
+# define SMIME_NOATTR PKCS7_NOATTR
+
+/* CRLF ASCII canonicalisation */
+# define SMIME_ASCIICRLF 0x80000
+
+DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
+
+int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+ const EVP_MD *type, unsigned char *md,
+ unsigned int *len);
+# ifndef OPENSSL_NO_STDIO
+PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
+int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
+# endif
+PKCS7 *PKCS7_dup(PKCS7 *p7);
+PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
+int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+DECLARE_ASN1_FUNCTIONS(PKCS7)
+
+DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
+DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
+
+DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
+DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
+
+long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
+
+int PKCS7_set_type(PKCS7 *p7, int type);
+int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
+int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+ const EVP_MD *dgst);
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+int PKCS7_content_new(PKCS7 *p7, int nid);
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
+ BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
+ X509 *x509);
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
+int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
+BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
+ EVP_PKEY *pkey, const EVP_MD *dgst);
+X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
+STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
+
+PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+ X509_ALGOR **pdig, X509_ALGOR **psig);
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
+int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
+int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
+int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
+ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
+int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
+ void *data);
+int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
+ void *value);
+ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
+ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
+int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
+ STACK_OF(X509_ATTRIBUTE) *sk);
+int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
+ STACK_OF(X509_ATTRIBUTE) *sk);
+
+PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+ BIO *data, int flags);
+
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
+ X509 *signcert, EVP_PKEY *pkey,
+ const EVP_MD *md, int flags);
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
+int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
+ BIO *indata, BIO *out, int flags);
+STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
+ int flags);
+PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
+ int flags);
+int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
+ int flags);
+
+int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
+ STACK_OF(X509_ALGOR) *cap);
+STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
+int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
+
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+ const unsigned char *md, int mdlen);
+
+int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
+PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
+
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PKCS7_strings(void);
+
+/* Error codes for the PKCS7 functions. */
+
+/* Function codes. */
+# define PKCS7_F_B64_READ_PKCS7 120
+# define PKCS7_F_B64_WRITE_PKCS7 121
+# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
+# define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
+# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
+# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
+# define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
+# define PKCS7_F_PKCS7_ADD_CRL 101
+# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
+# define PKCS7_F_PKCS7_ADD_SIGNATURE 131
+# define PKCS7_F_PKCS7_ADD_SIGNER 103
+# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
+# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
+# define PKCS7_F_PKCS7_CTRL 104
+# define PKCS7_F_PKCS7_DATADECODE 112
+# define PKCS7_F_PKCS7_DATAFINAL 128
+# define PKCS7_F_PKCS7_DATAINIT 105
+# define PKCS7_F_PKCS7_DATASIGN 106
+# define PKCS7_F_PKCS7_DATAVERIFY 107
+# define PKCS7_F_PKCS7_DECRYPT 114
+# define PKCS7_F_PKCS7_DECRYPT_RINFO 133
+# define PKCS7_F_PKCS7_ENCODE_RINFO 132
+# define PKCS7_F_PKCS7_ENCRYPT 115
+# define PKCS7_F_PKCS7_FINAL 134
+# define PKCS7_F_PKCS7_FIND_DIGEST 127
+# define PKCS7_F_PKCS7_GET0_SIGNERS 124
+# define PKCS7_F_PKCS7_RECIP_INFO_SET 130
+# define PKCS7_F_PKCS7_SET_CIPHER 108
+# define PKCS7_F_PKCS7_SET_CONTENT 109
+# define PKCS7_F_PKCS7_SET_DIGEST 126
+# define PKCS7_F_PKCS7_SET_TYPE 110
+# define PKCS7_F_PKCS7_SIGN 116
+# define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
+# define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
+# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
+# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
+# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
+# define PKCS7_F_PKCS7_VERIFY 117
+# define PKCS7_F_SMIME_READ_PKCS7 122
+# define PKCS7_F_SMIME_TEXT 123
+
+/* Reason codes. */
+# define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
+# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
+# define PKCS7_R_CIPHER_NOT_INITIALIZED 116
+# define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
+# define PKCS7_R_CTRL_ERROR 152
+# define PKCS7_R_DECODE_ERROR 130
+# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
+# define PKCS7_R_DECRYPT_ERROR 119
+# define PKCS7_R_DIGEST_FAILURE 101
+# define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
+# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
+# define PKCS7_R_ERROR_ADDING_RECIPIENT 120
+# define PKCS7_R_ERROR_SETTING_CIPHER 121
+# define PKCS7_R_INVALID_MIME_TYPE 131
+# define PKCS7_R_INVALID_NULL_POINTER 143
+# define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
+# define PKCS7_R_MIME_NO_CONTENT_TYPE 132
+# define PKCS7_R_MIME_PARSE_ERROR 133
+# define PKCS7_R_MIME_SIG_PARSE_ERROR 134
+# define PKCS7_R_MISSING_CERIPEND_INFO 103
+# define PKCS7_R_NO_CONTENT 122
+# define PKCS7_R_NO_CONTENT_TYPE 135
+# define PKCS7_R_NO_DEFAULT_DIGEST 151
+# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
+# define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
+# define PKCS7_R_NO_MULTIPART_BOUNDARY 137
+# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
+# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146
+# define PKCS7_R_NO_SIGNATURES_ON_DATA 123
+# define PKCS7_R_NO_SIGNERS 142
+# define PKCS7_R_NO_SIG_CONTENT_TYPE 138
+# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
+# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
+# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
+# define PKCS7_R_PKCS7_DATAFINAL 126
+# define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
+# define PKCS7_R_PKCS7_DATASIGN 145
+# define PKCS7_R_PKCS7_PARSE_ERROR 139
+# define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140
+# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
+# define PKCS7_R_SIGNATURE_FAILURE 105
+# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
+# define PKCS7_R_SIGNING_CTRL_FAILURE 147
+# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
+# define PKCS7_R_SIG_INVALID_MIME_TYPE 141
+# define PKCS7_R_SMIME_TEXT_ERROR 129
+# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
+# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
+# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
+# define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
+# define PKCS7_R_UNKNOWN_OPERATION 110
+# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
+# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
+# define PKCS7_R_WRONG_CONTENT_TYPE 113
+# define PKCS7_R_WRONG_PKCS7_TYPE 114
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/pqueue/pqueue.h */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_PQUEUE_H
+# define HEADER_PQUEUE_H
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+typedef struct _pqueue *pqueue;
+
+typedef struct _pitem {
+ unsigned char priority[8]; /* 64-bit value in big-endian encoding */
+ void *data;
+ struct _pitem *next;
+} pitem;
+
+typedef struct _pitem *piterator;
+
+pitem *pitem_new(unsigned char *prio64be, void *data);
+void pitem_free(pitem *item);
+
+pqueue pqueue_new(void);
+void pqueue_free(pqueue pq);
+
+pitem *pqueue_insert(pqueue pq, pitem *item);
+pitem *pqueue_peek(pqueue pq);
+pitem *pqueue_pop(pqueue pq);
+pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
+pitem *pqueue_iterator(pqueue pq);
+pitem *pqueue_next(piterator *iter);
+
+void pqueue_print(pqueue pq);
+int pqueue_size(pqueue pq);
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* ! HEADER_PQUEUE_H */
--- /dev/null
+/* crypto/rand/rand.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RAND_H
+# define HEADER_RAND_H
+
+# include <stdlib.h>
+# include <openssl/ossl_typ.h>
+# include <openssl/e_os2.h>
+
+# if defined(OPENSSL_SYS_WINDOWS)
+# include <windows.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct rand_meth_st RAND_METHOD; */
+
+struct rand_meth_st {
+ int (*seed) (const void *buf, int num);
+ int (*bytes) (unsigned char *buf, int num);
+ void (*cleanup) (void);
+ int (*add) (const void *buf, int num, double entropy);
+ int (*pseudorand) (unsigned char *buf, int num);
+ int (*status) (void);
+};
+
+# ifdef BN_DEBUG
+extern int rand_predictable;
+# endif
+
+int RAND_set_rand_method(const RAND_METHOD *meth);
+const RAND_METHOD *RAND_get_rand_method(void);
+# ifndef OPENSSL_NO_ENGINE
+int RAND_set_rand_engine(ENGINE *engine);
+# endif
+RAND_METHOD *RAND_SSLeay(void);
+void RAND_cleanup(void);
+int RAND_bytes(unsigned char *buf, int num);
+#ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(int RAND_pseudo_bytes(unsigned char *buf, int num));
+#endif
+void RAND_seed(const void *buf, int num);
+void RAND_add(const void *buf, int num, double entropy);
+int RAND_load_file(const char *file, long max_bytes);
+int RAND_write_file(const char *file);
+const char *RAND_file_name(char *file, size_t num);
+int RAND_status(void);
+int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
+int RAND_egd(const char *path);
+int RAND_egd_bytes(const char *path, int bytes);
+int RAND_poll(void);
+
+# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+
+void RAND_screen(void);
+int RAND_event(UINT, WPARAM, LPARAM);
+
+# endif
+
+# ifdef OPENSSL_FIPS
+int RAND_init_fips(void);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_RAND_strings(void);
+
+/* Error codes for the RAND functions. */
+
+/* Function codes. */
+# define RAND_F_FIPS_RAND 102
+# define RAND_F_FIPS_RAND_SET_DT 103
+# define RAND_F_FIPS_SET_PRNG_SEED 104
+# define RAND_F_FIPS_SET_TEST_MODE 105
+# define RAND_F_FIPS_X931_SET_DT 106
+# define RAND_F_RAND_GET_RAND_METHOD 101
+# define RAND_F_SSLEAY_RAND_BYTES 100
+
+/* Reason codes. */
+# define RAND_R_NOT_IN_TEST_MODE 101
+# define RAND_R_NO_KEY_SET 102
+# define RAND_R_PRNG_ERROR 103
+# define RAND_R_PRNG_KEYED 104
+# define RAND_R_PRNG_NOT_SEEDED 100
+# define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 105
+# define RAND_R_PRNG_STUCK 106
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/rc2/rc2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC2_H
+# define HEADER_RC2_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_RC2, RC2_INT */
+# ifdef OPENSSL_NO_RC2
+# error RC2 is disabled.
+# endif
+
+# define RC2_ENCRYPT 1
+# define RC2_DECRYPT 0
+
+# define RC2_BLOCK 8
+# define RC2_KEY_LENGTH 16
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct rc2_key_st {
+ RC2_INT data[64];
+} RC2_KEY;
+
+void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
+void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ RC2_KEY *key, int enc);
+void RC2_encrypt(unsigned long *data, RC2_KEY *key);
+void RC2_decrypt(unsigned long *data, RC2_KEY *key);
+void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+ RC2_KEY *ks, unsigned char *iv, int enc);
+void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, RC2_KEY *schedule, unsigned char *ivec,
+ int *num, int enc);
+void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, RC2_KEY *schedule, unsigned char *ivec,
+ int *num);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/rc4/rc4.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC4_H
+# define HEADER_RC4_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_RC4, RC4_INT */
+# ifdef OPENSSL_NO_RC4
+# error RC4 is disabled.
+# endif
+
+# include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct rc4_key_st {
+ RC4_INT x, y;
+ RC4_INT data[256];
+} RC4_KEY;
+
+const char *RC4_options(void);
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
+ unsigned char *outdata);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/rc5/rc5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC5_H
+# define HEADER_RC5_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_RC5 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_RC5
+# error RC5 is disabled.
+# endif
+
+# define RC5_ENCRYPT 1
+# define RC5_DECRYPT 0
+
+# define RC5_32_INT unsigned int
+
+# define RC5_32_BLOCK 8
+# define RC5_32_KEY_LENGTH 16/* This is a default, max is 255 */
+
+/*
+ * This are the only values supported. Tweak the code if you want more The
+ * most supported modes will be RC5-32/12/16 RC5-32/16/8
+ */
+# define RC5_8_ROUNDS 8
+# define RC5_12_ROUNDS 12
+# define RC5_16_ROUNDS 16
+
+typedef struct rc5_key_st {
+ /* Number of rounds */
+ int rounds;
+ RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
+} RC5_32_KEY;
+
+void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
+ int rounds);
+void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ RC5_32_KEY *key, int enc);
+void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key);
+void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key);
+void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ long length, RC5_32_KEY *ks, unsigned char *iv,
+ int enc);
+void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, RC5_32_KEY *schedule,
+ unsigned char *ivec, int *num, int enc);
+void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, RC5_32_KEY *schedule,
+ unsigned char *ivec, int *num);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/ripemd/ripemd.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RIPEMD_H
+# define HEADER_RIPEMD_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_RMD160
+# error RIPEMD is disabled.
+# endif
+
+# define RIPEMD160_LONG unsigned int
+
+# define RIPEMD160_CBLOCK 64
+# define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
+# define RIPEMD160_DIGEST_LENGTH 20
+
+typedef struct RIPEMD160state_st {
+ RIPEMD160_LONG A, B, C, D, E;
+ RIPEMD160_LONG Nl, Nh;
+ RIPEMD160_LONG data[RIPEMD160_LBLOCK];
+ unsigned int num;
+} RIPEMD160_CTX;
+
+int RIPEMD160_Init(RIPEMD160_CTX *c);
+int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
+int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md);
+void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/rsa/rsa.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RSA_H
+# define HEADER_RSA_H
+
+# include <openssl/asn1.h>
+
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/ossl_typ.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/bn.h>
+# endif
+
+# ifdef OPENSSL_NO_RSA
+# error RSA is disabled.
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Declared already in ossl_typ.h */
+/* typedef struct rsa_st RSA; */
+/* typedef struct rsa_meth_st RSA_METHOD; */
+
+struct rsa_meth_st {
+ const char *name;
+ int (*rsa_pub_enc) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_pub_dec) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_priv_enc) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_priv_dec) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ /* Can be null */
+ int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
+ /* Can be null */
+ int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ /* called at new */
+ int (*init) (RSA *rsa);
+ /* called at free */
+ int (*finish) (RSA *rsa);
+ /* RSA_METHOD_FLAG_* things */
+ int flags;
+ /* may be needed! */
+ char *app_data;
+ /*
+ * New sign and verify functions: some libraries don't allow arbitrary
+ * data to be signed/verified: this allows them to be used. Note: for
+ * this to work the RSA_public_decrypt() and RSA_private_encrypt() should
+ * *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
+ * for backwards compatibility this functionality is only enabled if the
+ * RSA_FLAG_SIGN_VER option is set in 'flags'.
+ */
+ int (*rsa_sign) (int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen,
+ const RSA *rsa);
+ int (*rsa_verify) (int dtype, const unsigned char *m,
+ unsigned int m_length, const unsigned char *sigbuf,
+ unsigned int siglen, const RSA *rsa);
+ /*
+ * If this callback is NULL, the builtin software RSA key-gen will be
+ * used. This is for behavioural compatibility whilst the code gets
+ * rewired, but one day it would be nice to assume there are no such
+ * things as "builtin software" implementations.
+ */
+ int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+};
+
+struct rsa_st {
+ /*
+ * The first parameter is used to pickup errors where this is passed
+ * instead of aEVP_PKEY, it is set to 0
+ */
+ int pad;
+ long version;
+ const RSA_METHOD *meth;
+ /* functional reference if 'meth' is ENGINE-provided */
+ ENGINE *engine;
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+ /* be careful using this if the RSA structure is shared */
+ CRYPTO_EX_DATA ex_data;
+ int references;
+ int flags;
+ /* Used to cache montgomery values */
+ BN_MONT_CTX *_method_mod_n;
+ BN_MONT_CTX *_method_mod_p;
+ BN_MONT_CTX *_method_mod_q;
+ /*
+ * all BIGNUM values are actually in the following data, if it is not
+ * NULL
+ */
+ char *bignum_data;
+ BN_BLINDING *blinding;
+ BN_BLINDING *mt_blinding;
+};
+
+# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
+# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
+# endif
+
+# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
+
+# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
+# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
+# endif
+# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
+
+/* exponent limit enforced for "large" modulus only */
+# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
+# endif
+
+# define RSA_3 0x3L
+# define RSA_F4 0x10001L
+
+# define RSA_METHOD_FLAG_NO_CHECK 0x0001/* don't check pub/private
+ * match */
+
+# define RSA_FLAG_CACHE_PUBLIC 0x0002
+# define RSA_FLAG_CACHE_PRIVATE 0x0004
+# define RSA_FLAG_BLINDING 0x0008
+# define RSA_FLAG_THREAD_SAFE 0x0010
+/*
+ * This flag means the private key operations will be handled by rsa_mod_exp
+ * and that they do not depend on the private key components being present:
+ * for example a key stored in external hardware. Without this flag
+ * bn_mod_exp gets called when private key components are absent.
+ */
+# define RSA_FLAG_EXT_PKEY 0x0020
+
+/*
+ * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
+ * functions.
+ */
+# define RSA_FLAG_SIGN_VER 0x0040
+
+/*
+ * new with 0.9.6j and 0.9.7b; the built-in
+ * RSA implementation now uses blinding by
+ * default (ignoring RSA_FLAG_BLINDING),
+ * but other engines might not need it
+ */
+# define RSA_FLAG_NO_BLINDING 0x0080
+/*
+ * new with 0.9.8f; the built-in RSA
+ * implementation now uses constant time
+ * operations by default in private key operations,
+ * e.g., constant time modular exponentiation,
+ * modular inverse without leaking branches,
+ * division without leaking branches. This
+ * flag disables these constant time
+ * operations and results in faster RSA
+ * private key operations.
+ */
+# define RSA_FLAG_NO_CONSTTIME 0x0100
+# ifdef OPENSSL_USE_DEPRECATED
+/* deprecated name for the flag*/
+/*
+ * new with 0.9.7h; the built-in RSA
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
+# endif
+
+# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
+ pad, NULL)
+
+# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
+ EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
+
+# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
+ len, NULL)
+
+# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+ EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
+ 0, plen)
+
+# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
+
+# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+
+# define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+ EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+ EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
+ EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+ EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+ EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
+ EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
+ EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
+
+# define EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
+ EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
+
+# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
+
+# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
+
+# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
+
+# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
+
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
+
+# define RSA_PKCS1_PADDING 1
+# define RSA_SSLV23_PADDING 2
+# define RSA_NO_PADDING 3
+# define RSA_PKCS1_OAEP_PADDING 4
+# define RSA_X931_PADDING 5
+/* EVP_PKEY_ only */
+# define RSA_PKCS1_PSS_PADDING 6
+
+# define RSA_PKCS1_PADDING_SIZE 11
+
+# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
+# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
+
+RSA *RSA_new(void);
+RSA *RSA_new_method(ENGINE *engine);
+int RSA_size(const RSA *rsa);
+int RSA_security_bits(const RSA *rsa);
+
+/* Deprecated version */
+# ifdef OPENSSL_USE_DEPRECATED
+DECLARE_DEPRECATED(RSA *RSA_generate_key(int bits, unsigned long e, void
+ (*callback) (int, int, void *),
+ void *cb_arg));
+# endif /* defined(OPENSSL_USE_DEPRECATED) */
+
+/* New version */
+int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1,
+ BIGNUM *q2, const BIGNUM *Xp1, const BIGNUM *Xp2,
+ const BIGNUM *Xp, const BIGNUM *Xq1, const BIGNUM *Xq2,
+ const BIGNUM *Xq, const BIGNUM *e, BN_GENCB *cb);
+int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e,
+ BN_GENCB *cb);
+
+int RSA_check_key(const RSA *);
+int RSA_check_key_ex(const RSA *, BN_GENCB *cb);
+ /* next 4 return -1 on error */
+int RSA_public_encrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+int RSA_private_encrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+int RSA_public_decrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+int RSA_private_decrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+void RSA_free(RSA *r);
+/* "up" the RSA object's reference count */
+int RSA_up_ref(RSA *r);
+
+int RSA_flags(const RSA *r);
+
+void RSA_set_default_method(const RSA_METHOD *meth);
+const RSA_METHOD *RSA_get_default_method(void);
+const RSA_METHOD *RSA_get_method(const RSA *rsa);
+int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+/* This function needs the memory locking malloc callbacks to be installed */
+int RSA_memory_lock(RSA *r);
+
+/* these are the actual SSLeay RSA functions */
+const RSA_METHOD *RSA_PKCS1_SSLeay(void);
+
+const RSA_METHOD *RSA_null_method(void);
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
+
+typedef struct rsa_pss_params_st {
+ X509_ALGOR *hashAlgorithm;
+ X509_ALGOR *maskGenAlgorithm;
+ ASN1_INTEGER *saltLength;
+ ASN1_INTEGER *trailerField;
+} RSA_PSS_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
+typedef struct rsa_oaep_params_st {
+ X509_ALGOR *hashFunc;
+ X509_ALGOR *maskGenFunc;
+ X509_ALGOR *pSourceFunc;
+} RSA_OAEP_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+# ifndef OPENSSL_NO_STDIO
+int RSA_print_fp(FILE *fp, const RSA *r, int offset);
+# endif
+
+int RSA_print(BIO *bp, const RSA *r, int offset);
+
+# ifndef OPENSSL_NO_RC4
+int i2d_RSA_NET(const RSA *a, unsigned char **pp,
+ int (*cb) (char *buf, int len, const char *prompt,
+ int verify), int sgckey);
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
+ int (*cb) (char *buf, int len, const char *prompt,
+ int verify), int sgckey);
+
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
+ int (*cb) (char *buf, int len, const char *prompt,
+ int verify));
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
+ int (*cb) (char *buf, int len, const char *prompt,
+ int verify));
+# endif
+
+/*
+ * The following 2 functions sign and verify a X509_SIG ASN1 object inside
+ * PKCS#1 padded RSA encryption
+ */
+int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
+ const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+/*
+ * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
+ * PKCS#1 padded RSA encryption
+ */
+int RSA_sign_ASN1_OCTET_STRING(int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen,
+ RSA *rsa);
+int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
+ unsigned int m_length, unsigned char *sigbuf,
+ unsigned int siglen, RSA *rsa);
+
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+void RSA_blinding_off(RSA *rsa);
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
+
+int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+ const unsigned char *f, int fl);
+int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len);
+int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+ const unsigned char *f, int fl);
+int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len);
+int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
+ long seedlen, const EVP_MD *dgst);
+int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ const unsigned char *p, int pl);
+int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+ const unsigned char *f, int fl, int rsa_len,
+ const unsigned char *p, int pl);
+int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+ const unsigned char *from, int flen,
+ const unsigned char *param, int plen,
+ const EVP_MD *md, const EVP_MD *mgf1md);
+int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+ const unsigned char *from, int flen,
+ int num, const unsigned char *param,
+ int plen, const EVP_MD *md,
+ const EVP_MD *mgf1md);
+int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+ const unsigned char *f, int fl);
+int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+ const unsigned char *f, int fl, int rsa_len);
+int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
+ int fl);
+int RSA_padding_check_none(unsigned char *to, int tlen,
+ const unsigned char *f, int fl, int rsa_len);
+int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
+ int fl);
+int RSA_padding_check_X931(unsigned char *to, int tlen,
+ const unsigned char *f, int fl, int rsa_len);
+int RSA_X931_hash_id(int nid);
+
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const unsigned char *EM,
+ int sLen);
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash, const EVP_MD *Hash,
+ int sLen);
+
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ const unsigned char *EM, int sLen);
+
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ int sLen);
+
+int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int RSA_set_ex_data(RSA *r, int idx, void *arg);
+void *RSA_get_ex_data(const RSA *r, int idx);
+
+RSA *RSAPublicKey_dup(RSA *rsa);
+RSA *RSAPrivateKey_dup(RSA *rsa);
+
+/*
+ * If this flag is set the RSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define RSA_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
+/*
+ * Application has decided PRNG is good enough to generate a key: don't
+ * check.
+ */
+# define RSA_FLAG_CHECKED 0x0800
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_RSA_strings(void);
+
+/* Error codes for the RSA functions. */
+
+/* Function codes. */
+# define RSA_F_CHECK_PADDING_MD 140
+# define RSA_F_DO_RSA_PRINT 146
+# define RSA_F_FIPS_RSA_SIGN_DIGEST 149
+# define RSA_F_FIPS_RSA_VERIFY 150
+# define RSA_F_FIPS_RSA_VERIFY_DIGEST 151
+# define RSA_F_INT_RSA_VERIFY 145
+# define RSA_F_MEMORY_LOCK 100
+# define RSA_F_OLD_RSA_PRIV_DECODE 147
+# define RSA_F_PKEY_RSA_CTRL 143
+# define RSA_F_PKEY_RSA_CTRL_STR 144
+# define RSA_F_PKEY_RSA_SIGN 142
+# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
+# define RSA_F_RSA_ALGOR_TO_MD 156
+# define RSA_F_RSA_BUILTIN_KEYGEN 129
+# define RSA_F_RSA_CHECK_KEY 123
+# define RSA_F_RSA_CHECK_KEY_EX 160
+# define RSA_F_RSA_CMS_DECRYPT 159
+# define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
+# define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
+# define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
+# define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
+# define RSA_F_RSA_GENERATE_KEY 105
+# define RSA_F_RSA_ITEM_VERIFY 148
+# define RSA_F_RSA_MEMORY_LOCK 130
+# define RSA_F_RSA_MGF1_TO_MD 157
+# define RSA_F_RSA_NEW_METHOD 106
+# define RSA_F_RSA_NULL 124
+# define RSA_F_RSA_NULL_MOD_EXP 131
+# define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
+# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
+# define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
+# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
+# define RSA_F_RSA_OAEP_TO_CTX 158
+# define RSA_F_RSA_PADDING_ADD_NONE 107
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 154
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 152
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
+# define RSA_F_RSA_PADDING_ADD_SSLV23 110
+# define RSA_F_RSA_PADDING_ADD_X931 127
+# define RSA_F_RSA_PADDING_CHECK_NONE 111
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 153
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
+# define RSA_F_RSA_PADDING_CHECK_SSLV23 114
+# define RSA_F_RSA_PADDING_CHECK_X931 128
+# define RSA_F_RSA_PRINT 115
+# define RSA_F_RSA_PRINT_FP 116
+# define RSA_F_RSA_PRIV_DECODE 137
+# define RSA_F_RSA_PRIV_ENCODE 138
+# define RSA_F_RSA_PSS_TO_CTX 155
+# define RSA_F_RSA_PUB_DECODE 139
+# define RSA_F_RSA_SETUP_BLINDING 136
+# define RSA_F_RSA_SIGN 117
+# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
+# define RSA_F_RSA_VERIFY 119
+# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
+# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 126
+
+/* Reason codes. */
+# define RSA_R_ALGORITHM_MISMATCH 100
+# define RSA_R_BAD_E_VALUE 101
+# define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
+# define RSA_R_BAD_PAD_BYTE_COUNT 103
+# define RSA_R_BAD_SIGNATURE 104
+# define RSA_R_BLOCK_TYPE_IS_NOT_01 106
+# define RSA_R_BLOCK_TYPE_IS_NOT_02 107
+# define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
+# define RSA_R_DATA_TOO_LARGE 109
+# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
+# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
+# define RSA_R_DATA_TOO_SMALL 111
+# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
+# define RSA_R_DIGEST_DOES_NOT_MATCH 158
+# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
+# define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
+# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
+# define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
+# define RSA_R_FIRST_OCTET_INVALID 133
+# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
+# define RSA_R_INVALID_DIGEST 157
+# define RSA_R_INVALID_DIGEST_LENGTH 143
+# define RSA_R_INVALID_HEADER 137
+# define RSA_R_INVALID_KEYBITS 145
+# define RSA_R_INVALID_LABEL 160
+# define RSA_R_INVALID_MESSAGE_LENGTH 131
+# define RSA_R_INVALID_MGF1_MD 156
+# define RSA_R_INVALID_OAEP_PARAMETERS 161
+# define RSA_R_INVALID_PADDING 138
+# define RSA_R_INVALID_PADDING_MODE 141
+# define RSA_R_INVALID_PSS_PARAMETERS 149
+# define RSA_R_INVALID_PSS_SALTLEN 146
+# define RSA_R_INVALID_SALT_LENGTH 150
+# define RSA_R_INVALID_TRAILER 139
+# define RSA_R_INVALID_X931_DIGEST 142
+# define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
+# define RSA_R_KEY_SIZE_TOO_SMALL 120
+# define RSA_R_LAST_OCTET_INVALID 134
+# define RSA_R_MODULUS_TOO_LARGE 105
+# define RSA_R_NO_PUBLIC_EXPONENT 140
+# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
+# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
+# define RSA_R_OAEP_DECODING_ERROR 121
+# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
+# define RSA_R_PADDING_CHECK_FAILED 114
+# define RSA_R_PKCS_DECODING_ERROR 159
+# define RSA_R_P_NOT_PRIME 128
+# define RSA_R_Q_NOT_PRIME 129
+# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
+# define RSA_R_SLEN_CHECK_FAILED 136
+# define RSA_R_SLEN_RECOVERY_FAILED 135
+# define RSA_R_SSLV3_ROLLBACK_ATTACK 115
+# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+# define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
+# define RSA_R_UNKNOWN_DIGEST 166
+# define RSA_R_UNKNOWN_MASK_DIGEST 151
+# define RSA_R_UNKNOWN_PADDING_TYPE 118
+# define RSA_R_UNKNOWN_PSS_DIGEST 152
+# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 162
+# define RSA_R_UNSUPPORTED_LABEL_SOURCE 163
+# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
+# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
+# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
+# define RSA_R_VALUE_MISSING 147
+# define RSA_R_WRONG_SIGNATURE_LENGTH 119
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* automatically generated by util/mkstack.pl */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SAFESTACK_H
+# define HEADER_SAFESTACK_H
+
+# include <openssl/stack.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifndef CHECKED_PTR_OF
+# define CHECKED_PTR_OF(type, p) ((void*) (1 ? p : (type*)0))
+# endif
+
+/*
+ * In C++ we get problems because an explicit cast is needed from (void *) we
+ * use CHECKED_STACK_OF to ensure the correct type is passed in the macros
+ * below.
+ */
+
+# define CHECKED_STACK_OF(type, p) \
+ ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
+
+# define CHECKED_SK_COPY_FUNC(type, p) \
+ ((void *(*)(void *)) ((1 ? p : (type *(*)(const type *))0)))
+
+# define CHECKED_SK_FREE_FUNC(type, p) \
+ ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
+
+# define CHECKED_SK_CMP_FUNC(type, p) \
+ ((int (*)(const void *, const void *)) \
+ ((1 ? p : (int (*)(const type * const *, const type * const *))0)))
+
+# define STACK_OF(type) struct stack_st_##type
+# define PREDECLARE_STACK_OF(type) STACK_OF(type);
+
+# define DECLARE_STACK_OF(type) STACK_OF(type);
+# define DECLARE_SPECIAL_STACK_OF(type, type2) STACK_OF(type);
+
+/*-
+ * Strings are special: normally an lhash entry will point to a single
+ * (somewhat) mutable object. In the case of strings:
+ *
+ * a) Instead of a single char, there is an array of chars, NUL-terminated.
+ * b) The string may have be immutable.
+ *
+ * So, they need their own declarations. Especially important for
+ * type-checking tools, such as Deputy.
+ *
+ * In practice, however, it appears to be hard to have a const
+ * string. For now, I'm settling for dealing with the fact it is a
+ * string at all.
+ */
+typedef char *OPENSSL_STRING;
+typedef const char *OPENSSL_CSTRING;
+
+/*-
+ * Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
+ * STACK_OF(STRING) is really more like STACK_OF(char), only, as mentioned
+ * above, instead of a single char each entry is a NUL-terminated array of
+ * chars. So, we have to implement STRING specially for STACK_OF. This is
+ * dealt with in the autogenerated macros below.
+ */
+DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
+
+/*
+ * Similarly, we sometimes use a block of characters, NOT nul-terminated.
+ * These should also be distinguished from "normal" stacks.
+ */
+typedef void *OPENSSL_BLOCK;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
+
+/*
+ * This file is automatically generated by util/mkstack.pl
+ * Do not edit!
+ */
+
+/*
+ * SKM_sk_... stack macros are internal to safestack.h: never use them
+ * directly, use sk_<type>_... instead
+ */
+# define SKM_sk_new(type, cmp) \
+ ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
+# define SKM_sk_new_null(type) \
+ ((STACK_OF(type) *)sk_new_null())
+# define SKM_sk_free(type, st) \
+ sk_free(CHECKED_STACK_OF(type, st))
+# define SKM_sk_num(type, st) \
+ sk_num(CHECKED_STACK_OF(type, st))
+# define SKM_sk_value(type, st,i) \
+ ((type *)sk_value(CHECKED_STACK_OF(type, st), i))
+# define SKM_sk_set(type, st,i,val) \
+ sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val))
+# define SKM_sk_zero(type, st) \
+ sk_zero(CHECKED_STACK_OF(type, st))
+# define SKM_sk_push(type, st, val) \
+ sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_unshift(type, st, val) \
+ sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_find(type, st, val) \
+ sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_find_ex(type, st, val) \
+ sk_find_ex(CHECKED_STACK_OF(type, st), \
+ CHECKED_PTR_OF(type, val))
+# define SKM_sk_delete(type, st, i) \
+ (type *)sk_delete(CHECKED_STACK_OF(type, st), i)
+# define SKM_sk_delete_ptr(type, st, ptr) \
+ (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr))
+# define SKM_sk_insert(type, st,val, i) \
+ sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i)
+# define SKM_sk_set_cmp_func(type, st, cmp) \
+ ((int (*)(const type * const *,const type * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp)))
+# define SKM_sk_dup(type, st) \
+ (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st))
+# define SKM_sk_pop_free(type, st, free_func) \
+ sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func))
+# define SKM_sk_deep_copy(type, st, copy_func, free_func) \
+ (STACK_OF(type) *)sk_deep_copy(CHECKED_STACK_OF(type, st), CHECKED_SK_COPY_FUNC(type, copy_func), CHECKED_SK_FREE_FUNC(type, free_func))
+# define SKM_sk_shift(type, st) \
+ (type *)sk_shift(CHECKED_STACK_OF(type, st))
+# define SKM_sk_pop(type, st) \
+ (type *)sk_pop(CHECKED_STACK_OF(type, st))
+# define SKM_sk_sort(type, st) \
+ sk_sort(CHECKED_STACK_OF(type, st))
+# define SKM_sk_is_sorted(type, st) \
+ sk_is_sorted(CHECKED_STACK_OF(type, st))
+
+# define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+ (STACK_OF(type) *)d2i_ASN1_SET( \
+ (STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
+ pp, length, \
+ CHECKED_D2I_OF(type, d2i_func), \
+ CHECKED_SK_FREE_FUNC(type, free_func), \
+ ex_tag, ex_class)
+# define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
+ i2d_ASN1_SET(CHECKED_STACK_OF(type, st), pp, \
+ CHECKED_I2D_OF(type, i2d_func), \
+ ex_tag, ex_class, is_set)
+
+# define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
+ ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
+ CHECKED_I2D_OF(type, i2d_func), buf, len)
+# define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
+ (STACK_OF(type) *)ASN1_seq_unpack(buf, \
+ len, CHECKED_D2I_OF(type, d2i_func), \
+ CHECKED_SK_FREE_FUNC(type, free_func))
+# define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
+ (STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
+ CHECKED_D2I_OF(type, d2i_func), \
+ CHECKED_SK_FREE_FUNC(type, free_func), \
+ pass, passlen, oct, seq)
+
+# define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp))
+# define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
+# define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
+# define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
+# define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
+# define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
+# define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
+# define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
+# define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
+# define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
+# define sk_ACCESS_DESCRIPTION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ACCESS_DESCRIPTION, (st), (copy_func), (free_func))
+# define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
+
+# define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp))
+# define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange)
+# define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st))
+# define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st))
+# define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i))
+# define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val))
+# define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st))
+# define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i))
+# define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr))
+# define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i))
+# define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp))
+# define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st)
+# define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func))
+# define sk_ASIdOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASIdOrRange, (st), (copy_func), (free_func))
+# define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st))
+# define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st))
+# define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st))
+# define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st))
+
+# define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp))
+# define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
+# define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i))
+# define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val))
+# define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i))
+# define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr))
+# define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i))
+# define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp))
+# define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st)
+# define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func))
+# define sk_ASN1_GENERALSTRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_GENERALSTRING, (st), (copy_func), (free_func))
+# define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
+
+# define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp))
+# define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
+# define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
+# define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
+# define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
+# define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
+# define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
+# define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
+# define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
+# define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
+# define sk_ASN1_INTEGER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_INTEGER, (st), (copy_func), (free_func))
+# define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
+
+# define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp))
+# define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
+# define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
+# define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
+# define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
+# define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
+# define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
+# define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
+# define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
+# define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
+# define sk_ASN1_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_OBJECT, (st), (copy_func), (free_func))
+# define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
+
+# define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp))
+# define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
+# define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
+# define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
+# define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
+# define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
+# define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
+# define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
+# define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
+# define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
+# define sk_ASN1_STRING_TABLE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_STRING_TABLE, (st), (copy_func), (free_func))
+# define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
+
+# define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp))
+# define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
+# define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
+# define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
+# define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
+# define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
+# define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
+# define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
+# define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
+# define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
+# define sk_ASN1_TYPE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_TYPE, (st), (copy_func), (free_func))
+# define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
+
+# define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp))
+# define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING)
+# define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i))
+# define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val))
+# define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i))
+# define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr))
+# define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i))
+# define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp))
+# define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st)
+# define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func))
+# define sk_ASN1_UTF8STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_UTF8STRING, (st), (copy_func), (free_func))
+# define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st))
+
+# define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp))
+# define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
+# define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
+# define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
+# define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
+# define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
+# define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
+# define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
+# define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
+# define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
+# define sk_ASN1_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_VALUE, (st), (copy_func), (free_func))
+# define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
+
+# define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp))
+# define sk_BIO_new_null() SKM_sk_new_null(BIO)
+# define sk_BIO_free(st) SKM_sk_free(BIO, (st))
+# define sk_BIO_num(st) SKM_sk_num(BIO, (st))
+# define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
+# define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
+# define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
+# define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
+# define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
+# define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
+# define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val))
+# define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
+# define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
+# define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
+# define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
+# define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
+# define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
+# define sk_BIO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BIO, (st), (copy_func), (free_func))
+# define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
+# define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
+# define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
+# define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
+
+# define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp))
+# define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY)
+# define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i))
+# define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val))
+# define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i))
+# define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr))
+# define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i))
+# define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp))
+# define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st)
+# define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func))
+# define sk_BY_DIR_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_ENTRY, (st), (copy_func), (free_func))
+# define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st))
+
+# define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp))
+# define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH)
+# define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i))
+# define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val))
+# define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i))
+# define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr))
+# define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i))
+# define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp))
+# define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st)
+# define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func))
+# define sk_BY_DIR_HASH_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_HASH, (st), (copy_func), (free_func))
+# define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st))
+
+# define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp))
+# define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices)
+# define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i))
+# define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val))
+# define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i))
+# define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr))
+# define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i))
+# define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp))
+# define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st)
+# define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func))
+# define sk_CMS_CertificateChoices_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_CertificateChoices, (st), (copy_func), (free_func))
+# define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st))
+
+# define sk_CMS_RecipientEncryptedKey_new(cmp) SKM_sk_new(CMS_RecipientEncryptedKey, (cmp))
+# define sk_CMS_RecipientEncryptedKey_new_null() SKM_sk_new_null(CMS_RecipientEncryptedKey)
+# define sk_CMS_RecipientEncryptedKey_free(st) SKM_sk_free(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_num(st) SKM_sk_num(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_value(st, i) SKM_sk_value(CMS_RecipientEncryptedKey, (st), (i))
+# define sk_CMS_RecipientEncryptedKey_set(st, i, val) SKM_sk_set(CMS_RecipientEncryptedKey, (st), (i), (val))
+# define sk_CMS_RecipientEncryptedKey_zero(st) SKM_sk_zero(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_push(st, val) SKM_sk_push(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_unshift(st, val) SKM_sk_unshift(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_find(st, val) SKM_sk_find(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_delete(st, i) SKM_sk_delete(CMS_RecipientEncryptedKey, (st), (i))
+# define sk_CMS_RecipientEncryptedKey_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientEncryptedKey, (st), (ptr))
+# define sk_CMS_RecipientEncryptedKey_insert(st, val, i) SKM_sk_insert(CMS_RecipientEncryptedKey, (st), (val), (i))
+# define sk_CMS_RecipientEncryptedKey_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientEncryptedKey, (st), (cmp))
+# define sk_CMS_RecipientEncryptedKey_dup(st) SKM_sk_dup(CMS_RecipientEncryptedKey, st)
+# define sk_CMS_RecipientEncryptedKey_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientEncryptedKey, (st), (free_func))
+# define sk_CMS_RecipientEncryptedKey_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientEncryptedKey, (st), (copy_func), (free_func))
+# define sk_CMS_RecipientEncryptedKey_shift(st) SKM_sk_shift(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_pop(st) SKM_sk_pop(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_sort(st) SKM_sk_sort(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientEncryptedKey, (st))
+
+# define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp))
+# define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo)
+# define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i))
+# define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val))
+# define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i))
+# define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr))
+# define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i))
+# define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp))
+# define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st)
+# define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func))
+# define sk_CMS_RecipientInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientInfo, (st), (copy_func), (free_func))
+# define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st))
+
+# define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp))
+# define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice)
+# define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i))
+# define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val))
+# define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i))
+# define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr))
+# define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i))
+# define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp))
+# define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st)
+# define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func))
+# define sk_CMS_RevocationInfoChoice_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RevocationInfoChoice, (st), (copy_func), (free_func))
+# define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st))
+
+# define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp))
+# define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo)
+# define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i))
+# define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val))
+# define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i))
+# define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr))
+# define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i))
+# define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp))
+# define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st)
+# define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func))
+# define sk_CMS_SignerInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_SignerInfo, (st), (copy_func), (free_func))
+# define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st))
+
+# define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp))
+# define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
+# define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i))
+# define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val))
+# define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i))
+# define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr))
+# define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i))
+# define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp))
+# define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st)
+# define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func))
+# define sk_CONF_IMODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_IMODULE, (st), (copy_func), (free_func))
+# define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
+
+# define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp))
+# define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
+# define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
+# define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
+# define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i))
+# define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val))
+# define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st))
+# define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i))
+# define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr))
+# define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i))
+# define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp))
+# define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st)
+# define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func))
+# define sk_CONF_MODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_MODULE, (st), (copy_func), (free_func))
+# define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st))
+# define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
+# define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
+# define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
+
+# define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp))
+# define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
+# define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
+# define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
+# define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
+# define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
+# define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
+# define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
+# define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
+# define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
+# define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
+# define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
+# define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
+# define sk_CONF_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_VALUE, (st), (copy_func), (free_func))
+# define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
+# define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
+# define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
+# define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
+
+# define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
+# define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
+# define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
+# define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
+# define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
+# define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
+# define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
+# define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
+# define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
+# define sk_CRYPTO_EX_DATA_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_EX_DATA_FUNCS, (st), (copy_func), (free_func))
+# define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
+
+# define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
+# define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
+# define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
+# define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
+# define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
+# define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
+# define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
+# define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
+# define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
+# define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
+# define sk_CRYPTO_dynlock_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_dynlock, (st), (copy_func), (free_func))
+# define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
+
+# define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp))
+# define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
+# define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
+# define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
+# define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
+# define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
+# define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
+# define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
+# define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
+# define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
+# define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
+# define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
+# define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
+# define sk_DIST_POINT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(DIST_POINT, (st), (copy_func), (free_func))
+# define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
+# define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
+# define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
+# define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
+
+# define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp))
+# define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
+# define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
+# define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
+# define sk_ENGINE_value(st, i) SKM_sk_value(ENGINE, (st), (i))
+# define sk_ENGINE_set(st, i, val) SKM_sk_set(ENGINE, (st), (i), (val))
+# define sk_ENGINE_zero(st) SKM_sk_zero(ENGINE, (st))
+# define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val))
+# define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val))
+# define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val))
+# define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val))
+# define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i))
+# define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr))
+# define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i))
+# define sk_ENGINE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE, (st), (cmp))
+# define sk_ENGINE_dup(st) SKM_sk_dup(ENGINE, st)
+# define sk_ENGINE_pop_free(st, free_func) SKM_sk_pop_free(ENGINE, (st), (free_func))
+# define sk_ENGINE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE, (st), (copy_func), (free_func))
+# define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st))
+# define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
+# define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
+# define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
+
+# define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp))
+# define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
+# define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_value(st, i) SKM_sk_value(ENGINE_CLEANUP_ITEM, (st), (i))
+# define sk_ENGINE_CLEANUP_ITEM_set(st, i, val) SKM_sk_set(ENGINE_CLEANUP_ITEM, (st), (i), (val))
+# define sk_ENGINE_CLEANUP_ITEM_zero(st) SKM_sk_zero(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i))
+# define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr))
+# define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i))
+# define sk_ENGINE_CLEANUP_ITEM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE_CLEANUP_ITEM, (st), (cmp))
+# define sk_ENGINE_CLEANUP_ITEM_dup(st) SKM_sk_dup(ENGINE_CLEANUP_ITEM, st)
+# define sk_ENGINE_CLEANUP_ITEM_pop_free(st, free_func) SKM_sk_pop_free(ENGINE_CLEANUP_ITEM, (st), (free_func))
+# define sk_ENGINE_CLEANUP_ITEM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE_CLEANUP_ITEM, (st), (copy_func), (free_func))
+# define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
+
+# define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp))
+# define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID)
+# define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i))
+# define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val))
+# define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i))
+# define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr))
+# define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i))
+# define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp))
+# define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st)
+# define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func))
+# define sk_ESS_CERT_ID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ESS_CERT_ID, (st), (copy_func), (free_func))
+# define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st))
+
+# define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp))
+# define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD)
+# define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st))
+# define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st))
+# define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i))
+# define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val))
+# define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st))
+# define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val))
+# define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val))
+# define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val))
+# define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val))
+# define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i))
+# define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr))
+# define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i))
+# define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp))
+# define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st)
+# define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func))
+# define sk_EVP_MD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_MD, (st), (copy_func), (free_func))
+# define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st))
+# define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st))
+# define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st))
+# define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st))
+
+# define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp))
+# define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL)
+# define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i))
+# define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val))
+# define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i))
+# define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr))
+# define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i))
+# define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp))
+# define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st)
+# define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func))
+# define sk_EVP_PBE_CTL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PBE_CTL, (st), (copy_func), (free_func))
+# define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st))
+
+# define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp))
+# define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD)
+# define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr))
+# define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp))
+# define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st)
+# define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func))
+# define sk_EVP_PKEY_ASN1_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_ASN1_METHOD, (st), (copy_func), (free_func))
+# define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st))
+
+# define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp))
+# define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD)
+# define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i))
+# define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val))
+# define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i))
+# define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr))
+# define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i))
+# define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp))
+# define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st)
+# define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func))
+# define sk_EVP_PKEY_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_METHOD, (st), (copy_func), (free_func))
+# define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
+
+# define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
+# define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
+# define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
+# define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
+# define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
+# define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
+# define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
+# define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
+# define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
+# define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
+# define sk_GENERAL_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAME, (st), (copy_func), (free_func))
+# define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
+
+# define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp))
+# define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES)
+# define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i))
+# define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val))
+# define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i))
+# define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr))
+# define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i))
+# define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp))
+# define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st)
+# define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func))
+# define sk_GENERAL_NAMES_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAMES, (st), (copy_func), (free_func))
+# define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st))
+
+# define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp))
+# define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
+# define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i))
+# define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val))
+# define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i))
+# define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr))
+# define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i))
+# define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp))
+# define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st)
+# define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func))
+# define sk_GENERAL_SUBTREE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_SUBTREE, (st), (copy_func), (free_func))
+# define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
+
+# define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp))
+# define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily)
+# define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st))
+# define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st))
+# define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i))
+# define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val))
+# define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st))
+# define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i))
+# define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr))
+# define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i))
+# define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp))
+# define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st)
+# define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func))
+# define sk_IPAddressFamily_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressFamily, (st), (copy_func), (free_func))
+# define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st))
+# define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st))
+# define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st))
+# define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st))
+
+# define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp))
+# define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange)
+# define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i))
+# define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val))
+# define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i))
+# define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr))
+# define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i))
+# define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp))
+# define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st)
+# define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func))
+# define sk_IPAddressOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressOrRange, (st), (copy_func), (free_func))
+# define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st))
+
+# define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp))
+# define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
+# define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_value(st, i) SKM_sk_value(KRB5_APREQBODY, (st), (i))
+# define sk_KRB5_APREQBODY_set(st, i, val) SKM_sk_set(KRB5_APREQBODY, (st), (i), (val))
+# define sk_KRB5_APREQBODY_zero(st) SKM_sk_zero(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i))
+# define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr))
+# define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i))
+# define sk_KRB5_APREQBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_APREQBODY, (st), (cmp))
+# define sk_KRB5_APREQBODY_dup(st) SKM_sk_dup(KRB5_APREQBODY, st)
+# define sk_KRB5_APREQBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_APREQBODY, (st), (free_func))
+# define sk_KRB5_APREQBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_APREQBODY, (st), (copy_func), (free_func))
+# define sk_KRB5_APREQBODY_shift(st) SKM_sk_shift(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
+
+# define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp))
+# define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
+# define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_value(st, i) SKM_sk_value(KRB5_AUTHDATA, (st), (i))
+# define sk_KRB5_AUTHDATA_set(st, i, val) SKM_sk_set(KRB5_AUTHDATA, (st), (i), (val))
+# define sk_KRB5_AUTHDATA_zero(st) SKM_sk_zero(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i))
+# define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr))
+# define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i))
+# define sk_KRB5_AUTHDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHDATA, (st), (cmp))
+# define sk_KRB5_AUTHDATA_dup(st) SKM_sk_dup(KRB5_AUTHDATA, st)
+# define sk_KRB5_AUTHDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHDATA, (st), (free_func))
+# define sk_KRB5_AUTHDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHDATA, (st), (copy_func), (free_func))
+# define sk_KRB5_AUTHDATA_shift(st) SKM_sk_shift(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
+
+# define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp))
+# define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
+# define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_value(st, i) SKM_sk_value(KRB5_AUTHENTBODY, (st), (i))
+# define sk_KRB5_AUTHENTBODY_set(st, i, val) SKM_sk_set(KRB5_AUTHENTBODY, (st), (i), (val))
+# define sk_KRB5_AUTHENTBODY_zero(st) SKM_sk_zero(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i))
+# define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr))
+# define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i))
+# define sk_KRB5_AUTHENTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHENTBODY, (st), (cmp))
+# define sk_KRB5_AUTHENTBODY_dup(st) SKM_sk_dup(KRB5_AUTHENTBODY, st)
+# define sk_KRB5_AUTHENTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHENTBODY, (st), (free_func))
+# define sk_KRB5_AUTHENTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHENTBODY, (st), (copy_func), (free_func))
+# define sk_KRB5_AUTHENTBODY_shift(st) SKM_sk_shift(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
+
+# define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp))
+# define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
+# define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_value(st, i) SKM_sk_value(KRB5_CHECKSUM, (st), (i))
+# define sk_KRB5_CHECKSUM_set(st, i, val) SKM_sk_set(KRB5_CHECKSUM, (st), (i), (val))
+# define sk_KRB5_CHECKSUM_zero(st) SKM_sk_zero(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_find_ex(st, val) SKM_sk_find_ex(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i))
+# define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr))
+# define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i))
+# define sk_KRB5_CHECKSUM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_CHECKSUM, (st), (cmp))
+# define sk_KRB5_CHECKSUM_dup(st) SKM_sk_dup(KRB5_CHECKSUM, st)
+# define sk_KRB5_CHECKSUM_pop_free(st, free_func) SKM_sk_pop_free(KRB5_CHECKSUM, (st), (free_func))
+# define sk_KRB5_CHECKSUM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_CHECKSUM, (st), (copy_func), (free_func))
+# define sk_KRB5_CHECKSUM_shift(st) SKM_sk_shift(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
+
+# define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp))
+# define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
+# define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_value(st, i) SKM_sk_value(KRB5_ENCDATA, (st), (i))
+# define sk_KRB5_ENCDATA_set(st, i, val) SKM_sk_set(KRB5_ENCDATA, (st), (i), (val))
+# define sk_KRB5_ENCDATA_zero(st) SKM_sk_zero(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i))
+# define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr))
+# define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i))
+# define sk_KRB5_ENCDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCDATA, (st), (cmp))
+# define sk_KRB5_ENCDATA_dup(st) SKM_sk_dup(KRB5_ENCDATA, st)
+# define sk_KRB5_ENCDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCDATA, (st), (free_func))
+# define sk_KRB5_ENCDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCDATA, (st), (copy_func), (free_func))
+# define sk_KRB5_ENCDATA_shift(st) SKM_sk_shift(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
+
+# define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp))
+# define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
+# define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_value(st, i) SKM_sk_value(KRB5_ENCKEY, (st), (i))
+# define sk_KRB5_ENCKEY_set(st, i, val) SKM_sk_set(KRB5_ENCKEY, (st), (i), (val))
+# define sk_KRB5_ENCKEY_zero(st) SKM_sk_zero(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i))
+# define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr))
+# define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i))
+# define sk_KRB5_ENCKEY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCKEY, (st), (cmp))
+# define sk_KRB5_ENCKEY_dup(st) SKM_sk_dup(KRB5_ENCKEY, st)
+# define sk_KRB5_ENCKEY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCKEY, (st), (free_func))
+# define sk_KRB5_ENCKEY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCKEY, (st), (copy_func), (free_func))
+# define sk_KRB5_ENCKEY_shift(st) SKM_sk_shift(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
+
+# define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp))
+# define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
+# define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_value(st, i) SKM_sk_value(KRB5_PRINCNAME, (st), (i))
+# define sk_KRB5_PRINCNAME_set(st, i, val) SKM_sk_set(KRB5_PRINCNAME, (st), (i), (val))
+# define sk_KRB5_PRINCNAME_zero(st) SKM_sk_zero(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_find_ex(st, val) SKM_sk_find_ex(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i))
+# define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr))
+# define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i))
+# define sk_KRB5_PRINCNAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_PRINCNAME, (st), (cmp))
+# define sk_KRB5_PRINCNAME_dup(st) SKM_sk_dup(KRB5_PRINCNAME, st)
+# define sk_KRB5_PRINCNAME_pop_free(st, free_func) SKM_sk_pop_free(KRB5_PRINCNAME, (st), (free_func))
+# define sk_KRB5_PRINCNAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_PRINCNAME, (st), (copy_func), (free_func))
+# define sk_KRB5_PRINCNAME_shift(st) SKM_sk_shift(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
+
+# define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp))
+# define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
+# define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_value(st, i) SKM_sk_value(KRB5_TKTBODY, (st), (i))
+# define sk_KRB5_TKTBODY_set(st, i, val) SKM_sk_set(KRB5_TKTBODY, (st), (i), (val))
+# define sk_KRB5_TKTBODY_zero(st) SKM_sk_zero(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i))
+# define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr))
+# define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i))
+# define sk_KRB5_TKTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_TKTBODY, (st), (cmp))
+# define sk_KRB5_TKTBODY_dup(st) SKM_sk_dup(KRB5_TKTBODY, st)
+# define sk_KRB5_TKTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_TKTBODY, (st), (free_func))
+# define sk_KRB5_TKTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_TKTBODY, (st), (copy_func), (free_func))
+# define sk_KRB5_TKTBODY_shift(st) SKM_sk_shift(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
+
+# define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp))
+# define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA)
+# define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i))
+# define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val))
+# define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i))
+# define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr))
+# define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i))
+# define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp))
+# define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st)
+# define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func))
+# define sk_MEM_OBJECT_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MEM_OBJECT_DATA, (st), (copy_func), (free_func))
+# define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st))
+
+# define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp))
+# define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
+# define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
+# define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
+# define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
+# define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
+# define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
+# define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
+# define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
+# define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
+# define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
+# define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
+# define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
+# define sk_MIME_HEADER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_HEADER, (st), (copy_func), (free_func))
+# define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
+# define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
+# define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
+# define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
+
+# define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp))
+# define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
+# define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
+# define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
+# define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
+# define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
+# define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
+# define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
+# define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
+# define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
+# define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
+# define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
+# define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
+# define sk_MIME_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_PARAM, (st), (copy_func), (free_func))
+# define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
+# define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
+# define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
+# define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
+
+# define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp))
+# define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
+# define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
+# define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
+# define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
+# define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
+# define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
+# define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
+# define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
+# define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
+# define sk_NAME_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(NAME_FUNCS, (st), (copy_func), (free_func))
+# define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
+
+# define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp))
+# define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
+# define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i))
+# define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val))
+# define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i))
+# define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr))
+# define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i))
+# define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp))
+# define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st)
+# define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func))
+# define sk_OCSP_CERTID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_CERTID, (st), (copy_func), (free_func))
+# define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
+
+# define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp))
+# define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
+# define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i))
+# define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val))
+# define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i))
+# define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr))
+# define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i))
+# define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp))
+# define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st)
+# define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func))
+# define sk_OCSP_ONEREQ_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_ONEREQ, (st), (copy_func), (free_func))
+# define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
+
+# define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp))
+# define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID)
+# define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i))
+# define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val))
+# define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i))
+# define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr))
+# define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i))
+# define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp))
+# define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st)
+# define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func))
+# define sk_OCSP_RESPID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_RESPID, (st), (copy_func), (free_func))
+# define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st))
+
+# define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp))
+# define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
+# define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i))
+# define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val))
+# define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i))
+# define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr))
+# define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i))
+# define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp))
+# define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st)
+# define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func))
+# define sk_OCSP_SINGLERESP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_SINGLERESP, (st), (copy_func), (free_func))
+# define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
+
+# define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp))
+# define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
+# define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
+# define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
+# define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
+# define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
+# define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
+# define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
+# define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
+# define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
+# define sk_PKCS12_SAFEBAG_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS12_SAFEBAG, (st), (copy_func), (free_func))
+# define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
+
+# define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp))
+# define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
+# define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
+# define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
+# define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
+# define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
+# define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
+# define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
+# define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
+# define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
+# define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val))
+# define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
+# define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
+# define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
+# define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
+# define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
+# define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
+# define sk_PKCS7_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7, (st), (copy_func), (free_func))
+# define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
+# define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
+# define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
+# define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
+
+# define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp))
+# define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
+# define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
+# define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
+# define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
+# define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
+# define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
+# define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
+# define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
+# define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
+# define sk_PKCS7_RECIP_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_RECIP_INFO, (st), (copy_func), (free_func))
+# define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
+
+# define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp))
+# define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
+# define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
+# define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
+# define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
+# define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
+# define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
+# define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
+# define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
+# define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
+# define sk_PKCS7_SIGNER_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_SIGNER_INFO, (st), (copy_func), (free_func))
+# define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
+
+# define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp))
+# define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
+# define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
+# define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
+# define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
+# define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
+# define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
+# define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
+# define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
+# define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
+# define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
+# define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
+# define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
+# define sk_POLICYINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYINFO, (st), (copy_func), (free_func))
+# define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
+# define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
+# define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
+# define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
+
+# define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp))
+# define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
+# define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
+# define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
+# define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
+# define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
+# define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
+# define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
+# define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
+# define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
+# define sk_POLICYQUALINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYQUALINFO, (st), (copy_func), (free_func))
+# define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
+
+# define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp))
+# define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
+# define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i))
+# define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val))
+# define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i))
+# define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr))
+# define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i))
+# define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp))
+# define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st)
+# define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func))
+# define sk_POLICY_MAPPING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICY_MAPPING, (st), (copy_func), (free_func))
+# define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
+
+# define sk_SCT_new(cmp) SKM_sk_new(SCT, (cmp))
+# define sk_SCT_new_null() SKM_sk_new_null(SCT)
+# define sk_SCT_free(st) SKM_sk_free(SCT, (st))
+# define sk_SCT_num(st) SKM_sk_num(SCT, (st))
+# define sk_SCT_value(st, i) SKM_sk_value(SCT, (st), (i))
+# define sk_SCT_set(st, i, val) SKM_sk_set(SCT, (st), (i), (val))
+# define sk_SCT_zero(st) SKM_sk_zero(SCT, (st))
+# define sk_SCT_push(st, val) SKM_sk_push(SCT, (st), (val))
+# define sk_SCT_unshift(st, val) SKM_sk_unshift(SCT, (st), (val))
+# define sk_SCT_find(st, val) SKM_sk_find(SCT, (st), (val))
+# define sk_SCT_find_ex(st, val) SKM_sk_find_ex(SCT, (st), (val))
+# define sk_SCT_delete(st, i) SKM_sk_delete(SCT, (st), (i))
+# define sk_SCT_delete_ptr(st, ptr) SKM_sk_delete_ptr(SCT, (st), (ptr))
+# define sk_SCT_insert(st, val, i) SKM_sk_insert(SCT, (st), (val), (i))
+# define sk_SCT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SCT, (st), (cmp))
+# define sk_SCT_dup(st) SKM_sk_dup(SCT, st)
+# define sk_SCT_pop_free(st, free_func) SKM_sk_pop_free(SCT, (st), (free_func))
+# define sk_SCT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SCT, (st), (copy_func), (free_func))
+# define sk_SCT_shift(st) SKM_sk_shift(SCT, (st))
+# define sk_SCT_pop(st) SKM_sk_pop(SCT, (st))
+# define sk_SCT_sort(st) SKM_sk_sort(SCT, (st))
+# define sk_SCT_is_sorted(st) SKM_sk_is_sorted(SCT, (st))
+
+# define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
+# define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
+# define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
+# define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
+# define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
+# define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
+# define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
+# define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
+# define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
+# define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
+# define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
+# define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
+# define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
+# define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
+# define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
+# define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
+# define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
+# define sk_SRP_gN_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN, (st), (copy_func), (free_func))
+# define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
+# define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
+# define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
+# define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
+
+# define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
+# define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
+# define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
+# define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
+# define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
+# define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
+# define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
+# define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
+# define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
+# define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
+# define sk_SRP_gN_cache_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN_cache, (st), (copy_func), (free_func))
+# define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
+
+# define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
+# define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
+# define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
+# define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
+# define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
+# define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
+# define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
+# define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
+# define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
+# define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
+# define sk_SRP_user_pwd_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_user_pwd, (st), (copy_func), (free_func))
+# define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
+
+# define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
+# define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
+# define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
+# define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
+# define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
+# define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
+# define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
+# define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
+# define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
+# define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
+# define sk_SRTP_PROTECTION_PROFILE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRTP_PROTECTION_PROFILE, (st), (copy_func), (free_func))
+# define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
+
+# define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
+# define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
+# define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
+# define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
+# define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
+# define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
+# define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
+# define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
+# define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
+# define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
+# define sk_SSL_CIPHER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_CIPHER, (st), (copy_func), (free_func))
+# define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
+
+# define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp))
+# define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
+# define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
+# define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
+# define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
+# define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
+# define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
+# define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
+# define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
+# define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
+# define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
+# define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
+# define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
+# define sk_SSL_COMP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_COMP, (st), (copy_func), (free_func))
+# define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
+# define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
+# define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
+# define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
+
+# define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp))
+# define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY)
+# define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr))
+# define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp))
+# define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st)
+# define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func))
+# define sk_STACK_OF_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STACK_OF_X509_NAME_ENTRY, (st), (copy_func), (free_func))
+# define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st))
+
+# define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp))
+# define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO)
+# define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i))
+# define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val))
+# define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i))
+# define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr))
+# define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i))
+# define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp))
+# define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st)
+# define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func))
+# define sk_STORE_ATTR_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_ATTR_INFO, (st), (copy_func), (free_func))
+# define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st))
+
+# define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp))
+# define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
+# define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i))
+# define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val))
+# define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i))
+# define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr))
+# define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i))
+# define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp))
+# define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st)
+# define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func))
+# define sk_STORE_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_OBJECT, (st), (copy_func), (free_func))
+# define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
+
+# define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp))
+# define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
+# define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
+# define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
+# define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
+# define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
+# define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
+# define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
+# define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
+# define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
+# define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val))
+# define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
+# define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
+# define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
+# define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
+# define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
+# define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
+# define sk_SXNETID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SXNETID, (st), (copy_func), (free_func))
+# define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
+# define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
+# define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
+# define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
+
+# define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp))
+# define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
+# define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
+# define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
+# define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i))
+# define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val))
+# define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st))
+# define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val))
+# define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val))
+# define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val))
+# define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val))
+# define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i))
+# define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr))
+# define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i))
+# define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp))
+# define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st)
+# define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func))
+# define sk_UI_STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(UI_STRING, (st), (copy_func), (free_func))
+# define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
+# define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
+# define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
+# define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
+
+# define sk_X509_new(cmp) SKM_sk_new(X509, (cmp))
+# define sk_X509_new_null() SKM_sk_new_null(X509)
+# define sk_X509_free(st) SKM_sk_free(X509, (st))
+# define sk_X509_num(st) SKM_sk_num(X509, (st))
+# define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
+# define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
+# define sk_X509_zero(st) SKM_sk_zero(X509, (st))
+# define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
+# define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
+# define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
+# define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val))
+# define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
+# define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
+# define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
+# define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
+# define sk_X509_dup(st) SKM_sk_dup(X509, st)
+# define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
+# define sk_X509_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509, (st), (copy_func), (free_func))
+# define sk_X509_shift(st) SKM_sk_shift(X509, (st))
+# define sk_X509_pop(st) SKM_sk_pop(X509, (st))
+# define sk_X509_sort(st) SKM_sk_sort(X509, (st))
+# define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
+
+# define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp))
+# define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
+# define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
+# define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
+# define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
+# define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
+# define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
+# define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
+# define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
+# define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
+# define sk_X509V3_EXT_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509V3_EXT_METHOD, (st), (copy_func), (free_func))
+# define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
+
+# define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp))
+# define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
+# define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
+# define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
+# define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
+# define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
+# define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
+# define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
+# define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
+# define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
+# define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
+# define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
+# define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
+# define sk_X509_ALGOR_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ALGOR, (st), (copy_func), (free_func))
+# define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
+# define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
+# define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
+# define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
+
+# define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp))
+# define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
+# define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
+# define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
+# define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
+# define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
+# define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
+# define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
+# define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
+# define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
+# define sk_X509_ATTRIBUTE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ATTRIBUTE, (st), (copy_func), (free_func))
+# define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
+
+# define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp))
+# define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
+# define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
+# define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
+# define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
+# define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
+# define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
+# define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
+# define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
+# define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
+# define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val))
+# define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
+# define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
+# define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
+# define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
+# define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
+# define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
+# define sk_X509_CRL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_CRL, (st), (copy_func), (free_func))
+# define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
+# define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
+# define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
+# define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
+
+# define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp))
+# define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
+# define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
+# define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
+# define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
+# define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
+# define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
+# define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
+# define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
+# define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
+# define sk_X509_EXTENSION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_EXTENSION, (st), (copy_func), (free_func))
+# define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
+
+# define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp))
+# define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
+# define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
+# define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
+# define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
+# define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
+# define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
+# define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
+# define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
+# define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
+# define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val))
+# define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
+# define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
+# define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
+# define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
+# define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
+# define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
+# define sk_X509_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_INFO, (st), (copy_func), (free_func))
+# define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
+# define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
+# define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
+# define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
+
+# define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp))
+# define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
+# define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
+# define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
+# define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
+# define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
+# define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
+# define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
+# define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
+# define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
+# define sk_X509_LOOKUP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_LOOKUP, (st), (copy_func), (free_func))
+# define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
+
+# define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp))
+# define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
+# define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
+# define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
+# define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
+# define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
+# define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
+# define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
+# define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
+# define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
+# define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val))
+# define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
+# define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
+# define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
+# define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
+# define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
+# define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
+# define sk_X509_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME, (st), (copy_func), (free_func))
+# define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
+# define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
+# define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
+# define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
+
+# define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp))
+# define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
+# define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
+# define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
+# define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
+# define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
+# define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
+# define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
+# define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
+# define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
+# define sk_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME_ENTRY, (st), (copy_func), (free_func))
+# define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
+
+# define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp))
+# define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
+# define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
+# define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
+# define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
+# define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
+# define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
+# define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
+# define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
+# define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
+# define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
+# define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
+# define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
+# define sk_X509_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_OBJECT, (st), (copy_func), (free_func))
+# define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
+# define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
+# define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
+# define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
+
+# define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp))
+# define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
+# define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i))
+# define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val))
+# define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i))
+# define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr))
+# define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i))
+# define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp))
+# define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st)
+# define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func))
+# define sk_X509_POLICY_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_DATA, (st), (copy_func), (free_func))
+# define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
+
+# define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp))
+# define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
+# define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i))
+# define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val))
+# define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i))
+# define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr))
+# define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i))
+# define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp))
+# define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st)
+# define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func))
+# define sk_X509_POLICY_NODE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_NODE, (st), (copy_func), (free_func))
+# define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
+
+# define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp))
+# define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
+# define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
+# define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
+# define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
+# define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
+# define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
+# define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
+# define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
+# define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
+# define sk_X509_PURPOSE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_PURPOSE, (st), (copy_func), (free_func))
+# define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
+
+# define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp))
+# define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
+# define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
+# define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
+# define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
+# define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
+# define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
+# define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
+# define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
+# define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
+# define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
+# define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
+# define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
+# define sk_X509_REVOKED_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_REVOKED, (st), (copy_func), (free_func))
+# define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
+# define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
+# define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
+# define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
+
+# define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp))
+# define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
+# define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
+# define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
+# define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
+# define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
+# define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
+# define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
+# define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
+# define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
+# define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
+# define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
+# define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
+# define sk_X509_TRUST_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_TRUST, (st), (copy_func), (free_func))
+# define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
+# define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
+# define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
+# define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
+
+# define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp))
+# define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
+# define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i))
+# define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val))
+# define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i))
+# define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr))
+# define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i))
+# define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp))
+# define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st)
+# define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func))
+# define sk_X509_VERIFY_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_VERIFY_PARAM, (st), (copy_func), (free_func))
+# define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
+
+# define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp))
+# define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple)
+# define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st))
+# define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st))
+# define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i))
+# define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val))
+# define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st))
+# define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val))
+# define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val))
+# define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val))
+# define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val))
+# define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i))
+# define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr))
+# define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i))
+# define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp))
+# define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st)
+# define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func))
+# define sk_nid_triple_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(nid_triple, (st), (copy_func), (free_func))
+# define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st))
+# define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st))
+# define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st))
+# define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st))
+
+# define sk_void_new(cmp) SKM_sk_new(void, (cmp))
+# define sk_void_new_null() SKM_sk_new_null(void)
+# define sk_void_free(st) SKM_sk_free(void, (st))
+# define sk_void_num(st) SKM_sk_num(void, (st))
+# define sk_void_value(st, i) SKM_sk_value(void, (st), (i))
+# define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val))
+# define sk_void_zero(st) SKM_sk_zero(void, (st))
+# define sk_void_push(st, val) SKM_sk_push(void, (st), (val))
+# define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val))
+# define sk_void_find(st, val) SKM_sk_find(void, (st), (val))
+# define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val))
+# define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i))
+# define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr))
+# define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i))
+# define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp))
+# define sk_void_dup(st) SKM_sk_dup(void, st)
+# define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func))
+# define sk_void_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(void, (st), (copy_func), (free_func))
+# define sk_void_shift(st) SKM_sk_shift(void, (st))
+# define sk_void_pop(st) SKM_sk_pop(void, (st))
+# define sk_void_sort(st) SKM_sk_sort(void, (st))
+# define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
+
+# define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
+# define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
+# define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
+# define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC(char, free_func))
+# define sk_OPENSSL_STRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_STRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_COPY_FUNC(char, copy_func), CHECKED_SK_FREE_FUNC(char, free_func)))
+# define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
+# define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
+# define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
+# define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \
+ ((int (*)(const char * const *,const char * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
+# define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
+# define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
+
+# define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
+# define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
+# define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
+# define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC(void, free_func))
+# define sk_OPENSSL_BLOCK_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_BLOCK) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_COPY_FUNC(void, copy_func), CHECKED_SK_FREE_FUNC(void, free_func)))
+# define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
+# define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
+# define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
+# define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \
+ ((int (*)(const void * const *,const void * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
+# define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
+# define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
+
+# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
+# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
+# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))
+# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)))
+# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
+# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
+# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
+# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
+ ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
+# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
+
+# define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
+# define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn)
+# define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg)
+# define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh)
+
+# define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info)
+# define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst)
+# define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst)
+# define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst)
+# define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn)
+# define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg)
+# define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh)
+# define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh)
+# define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh)
+# define lh_APP_INFO_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_stats_bio(lh,out) \
+ LHM_lh_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh)
+
+# define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value)
+# define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn)
+# define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg)
+# define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh)
+# define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh)
+# define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh)
+# define lh_CONF_VALUE_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_stats_bio(lh,out) \
+ LHM_lh_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh)
+
+# define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile)
+# define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn)
+# define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg)
+# define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh)
+
+# define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state)
+# define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn)
+# define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg)
+# define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh)
+# define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh)
+# define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh)
+# define lh_ERR_STATE_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh)
+
+# define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data)
+# define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn)
+# define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg)
+# define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh)
+
+# define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item)
+# define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn)
+# define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg)
+# define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_stats_bio(lh,out) \
+ LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh)
+
+# define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function)
+# define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst)
+# define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst)
+# define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst)
+# define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn)
+# define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg)
+# define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh)
+# define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh)
+# define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh)
+# define lh_FUNCTION_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_stats_bio(lh,out) \
+ LHM_lh_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh)
+
+# define lh_MEM_new() LHM_lh_new(MEM,mem)
+# define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst)
+# define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst)
+# define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst)
+# define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn)
+# define lh_MEM_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg)
+# define lh_MEM_error(lh) LHM_lh_error(MEM,lh)
+# define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh)
+# define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh)
+# define lh_MEM_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(MEM,lh,out)
+# define lh_MEM_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(MEM,lh,out)
+# define lh_MEM_stats_bio(lh,out) \
+ LHM_lh_stats_bio(MEM,lh,out)
+# define lh_MEM_free(lh) LHM_lh_free(MEM,lh)
+
+# define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name)
+# define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn)
+# define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg)
+# define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh)
+# define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh)
+# define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh)
+# define lh_OBJ_NAME_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_stats_bio(lh,out) \
+ LHM_lh_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh)
+
+# define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring)
+# define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn)
+# define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg)
+# define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_stats_bio(lh,out) \
+ LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh)
+
+# define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string)
+# define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn)
+# define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg)
+# define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_stats_bio(lh,out) \
+ LHM_lh_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh)
+
+# define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session)
+# define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn)
+# define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg)
+# define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh)
+# define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh)
+# define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh)
+# define lh_SSL_SESSION_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_stats_bio(lh,out) \
+ LHM_lh_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh)
+
+# ifdef __cplusplus
+}
+# endif
+#endif
--- /dev/null
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SEED_H
+# define HEADER_SEED_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/e_os2.h>
+# include <openssl/crypto.h>
+
+# ifdef OPENSSL_NO_SEED
+# error SEED is disabled.
+# endif
+
+/* look whether we need 'long' to get 32 bits */
+# ifdef AES_LONG
+# ifndef SEED_LONG
+# define SEED_LONG 1
+# endif
+# endif
+
+# if !defined(NO_SYS_TYPES_H)
+# include <sys/types.h>
+# endif
+
+# define SEED_BLOCK_SIZE 16
+# define SEED_KEY_LENGTH 16
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct seed_key_st {
+# ifdef SEED_LONG
+ unsigned long data[32];
+# else
+ unsigned int data[32];
+# endif
+} SEED_KEY_SCHEDULE;
+
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+ SEED_KEY_SCHEDULE *ks);
+
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks);
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks);
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const SEED_KEY_SCHEDULE *ks, int enc);
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
+ const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int enc);
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int *num,
+ int enc);
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int *num);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HEADER_SEED_H */
--- /dev/null
+/* crypto/sha/sha.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SHA_H
+# define HEADER_SHA_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! SHA_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define SHA_LONG unsigned int
+
+# define SHA_LBLOCK 16
+# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
+ * contiguous array of 32 bit wide
+ * big-endian values. */
+# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
+# define SHA_DIGEST_LENGTH 20
+
+typedef struct SHAstate_st {
+ SHA_LONG h0, h1, h2, h3, h4;
+ SHA_LONG Nl, Nh;
+ SHA_LONG data[SHA_LBLOCK];
+ unsigned int num;
+} SHA_CTX;
+
+int SHA1_Init(SHA_CTX *c);
+int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+int SHA1_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
+void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
+
+# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
+ * contiguous array of 32 bit wide
+ * big-endian values. */
+
+typedef struct SHA256state_st {
+ SHA_LONG h[8];
+ SHA_LONG Nl, Nh;
+ SHA_LONG data[SHA_LBLOCK];
+ unsigned int num, md_len;
+} SHA256_CTX;
+
+int SHA224_Init(SHA256_CTX *c);
+int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
+int SHA256_Init(SHA256_CTX *c);
+int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
+void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
+
+# define SHA224_DIGEST_LENGTH 28
+# define SHA256_DIGEST_LENGTH 32
+# define SHA384_DIGEST_LENGTH 48
+# define SHA512_DIGEST_LENGTH 64
+
+/*
+ * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
+ * being exactly 64-bit wide. See Implementation Notes in sha512.c
+ * for further details.
+ */
+/*
+ * SHA-512 treats input data as a
+ * contiguous array of 64 bit
+ * wide big-endian values.
+ */
+# define SHA512_CBLOCK (SHA_LBLOCK*8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define SHA_LONG64 unsigned __int64
+# define U64(C) C##UI64
+# elif defined(__arch64__)
+# define SHA_LONG64 unsigned long
+# define U64(C) C##UL
+# else
+# define SHA_LONG64 unsigned long long
+# define U64(C) C##ULL
+# endif
+
+typedef struct SHA512state_st {
+ SHA_LONG64 h[8];
+ SHA_LONG64 Nl, Nh;
+ union {
+ SHA_LONG64 d[SHA_LBLOCK];
+ unsigned char p[SHA512_CBLOCK];
+ } u;
+ unsigned int num, md_len;
+} SHA512_CTX;
+
+int SHA384_Init(SHA512_CTX *c);
+int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
+int SHA512_Init(SHA512_CTX *c);
+int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
+void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/srp/srp.h */
+/*
+ * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef __SRP_H__
+# define __SRP_H__
+
+# ifndef OPENSSL_NO_SRP
+
+# include <stdio.h>
+# include <string.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/safestack.h>
+# include <openssl/bn.h>
+# include <openssl/crypto.h>
+
+typedef struct SRP_gN_cache_st {
+ char *b64_bn;
+ BIGNUM *bn;
+} SRP_gN_cache;
+
+
+DECLARE_STACK_OF(SRP_gN_cache)
+
+typedef struct SRP_user_pwd_st {
+ char *id;
+ BIGNUM *s;
+ BIGNUM *v;
+ const BIGNUM *g;
+ const BIGNUM *N;
+ char *info;
+} SRP_user_pwd;
+
+DECLARE_STACK_OF(SRP_user_pwd)
+
+typedef struct SRP_VBASE_st {
+ STACK_OF(SRP_user_pwd) *users_pwd;
+ STACK_OF(SRP_gN_cache) *gN_cache;
+/* to simulate a user */
+ char *seed_key;
+ BIGNUM *default_g;
+ BIGNUM *default_N;
+} SRP_VBASE;
+
+/*
+ * Structure interne pour retenir les couples N et g
+ */
+typedef struct SRP_gN_st {
+ char *id;
+ BIGNUM *g;
+ BIGNUM *N;
+} SRP_gN;
+
+DECLARE_STACK_OF(SRP_gN)
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key);
+int SRP_VBASE_free(SRP_VBASE *vb);
+int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
+char *SRP_create_verifier(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g);
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, const BIGNUM *N,
+ const BIGNUM *g);
+
+# define SRP_NO_ERROR 0
+# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
+# define SRP_ERR_VBASE_BN_LIB 2
+# define SRP_ERR_OPEN_FILE 3
+# define SRP_ERR_MEMORY 4
+
+# define DB_srptype 0
+# define DB_srpverifier 1
+# define DB_srpsalt 2
+# define DB_srpid 3
+# define DB_srpgN 4
+# define DB_srpinfo 5
+# undef DB_NUMBER
+# define DB_NUMBER 6
+
+# define DB_SRP_INDEX 'I'
+# define DB_SRP_VALID 'V'
+# define DB_SRP_REVOKED 'R'
+# define DB_SRP_MODIF 'v'
+
+/* see srp.c */
+char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
+SRP_gN *SRP_get_default_gN(const char *id);
+
+/* server side .... */
+BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
+ BIGNUM *N);
+BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
+int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
+BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
+
+/* client side .... */
+BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
+BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
+BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
+ BIGNUM *a, BIGNUM *u);
+int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
+
+# define SRP_MINIMAL_N 1024
+
+#ifdef __cplusplus
+}
+#endif
+
+# endif
+#endif
--- /dev/null
+/* ssl/srtp.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/*
+ * DTLS code by Eric Rescorla <ekr@rtfm.com>
+ *
+ * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
+ */
+
+#ifndef HEADER_D1_SRTP_H
+# define HEADER_D1_SRTP_H
+
+# include <openssl/ssl.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define SRTP_AES128_CM_SHA1_80 0x0001
+# define SRTP_AES128_CM_SHA1_32 0x0002
+# define SRTP_AES128_F8_SHA1_80 0x0003
+# define SRTP_AES128_F8_SHA1_32 0x0004
+# define SRTP_NULL_SHA1_80 0x0005
+# define SRTP_NULL_SHA1_32 0x0006
+
+# ifndef OPENSSL_NO_SRTP
+
+__owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+__owur int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
+
+__owur STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+__owur SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
+
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* ssl/ssl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_SSL_H
+# define HEADER_SSL_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+# endif
+# include <openssl/bio.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/x509.h>
+# include <openssl/crypto.h>
+# include <openssl/lhash.h>
+# include <openssl/buffer.h>
+# endif
+# include <openssl/pem.h>
+# include <openssl/hmac.h>
+
+# include <openssl/kssl.h>
+# include <openssl/safestack.h>
+# include <openssl/symhacks.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* SSLeay version number for ASN.1 encoding of the session information */
+/*-
+ * Version 0 - initial version
+ * Version 1 - added the optional peer certificate
+ */
+# define SSL_SESSION_ASN1_VERSION 0x0001
+
+/* text strings for the ciphers */
+
+/*
+ * VRS Additional Kerberos5 entries
+ */
+# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
+# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+# define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA
+# define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
+# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
+# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
+# define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5
+# define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
+
+# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
+# define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA
+# define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA
+# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
+# define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5
+# define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5
+
+# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
+# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
+# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
+# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
+# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
+# define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
+
+# define SSL_MAX_SSL_SESSION_ID_LENGTH 32
+# define SSL_MAX_SID_CTX_LENGTH 32
+
+# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
+# define SSL_MAX_KEY_ARG_LENGTH 8
+# define SSL_MAX_MASTER_KEY_LENGTH 48
+
+/* These are used to specify which ciphers to use and not to use */
+
+# define SSL_TXT_EXP40 "EXPORT40"
+# define SSL_TXT_EXP56 "EXPORT56"
+# define SSL_TXT_LOW "LOW"
+# define SSL_TXT_MEDIUM "MEDIUM"
+# define SSL_TXT_HIGH "HIGH"
+# define SSL_TXT_FIPS "FIPS"
+
+# define SSL_TXT_aNULL "aNULL"
+# define SSL_TXT_eNULL "eNULL"
+# define SSL_TXT_NULL "NULL"
+
+# define SSL_TXT_kRSA "kRSA"
+# define SSL_TXT_kDHr "kDHr"
+# define SSL_TXT_kDHd "kDHd"
+# define SSL_TXT_kDH "kDH"
+# define SSL_TXT_kEDH "kEDH"/* alias for kDHE */
+# define SSL_TXT_kDHE "kDHE"
+# define SSL_TXT_kKRB5 "kKRB5"
+# define SSL_TXT_kECDHr "kECDHr"
+# define SSL_TXT_kECDHe "kECDHe"
+# define SSL_TXT_kECDH "kECDH"
+# define SSL_TXT_kEECDH "kEECDH"/* alias for kECDHE */
+# define SSL_TXT_kECDHE "kECDHE"
+# define SSL_TXT_kPSK "kPSK"
+# define SSL_TXT_kGOST "kGOST"
+# define SSL_TXT_kSRP "kSRP"
+
+# define SSL_TXT_aRSA "aRSA"
+# define SSL_TXT_aDSS "aDSS"
+# define SSL_TXT_aDH "aDH"
+# define SSL_TXT_aECDH "aECDH"
+# define SSL_TXT_aKRB5 "aKRB5"
+# define SSL_TXT_aECDSA "aECDSA"
+# define SSL_TXT_aPSK "aPSK"
+# define SSL_TXT_aGOST94 "aGOST94"
+# define SSL_TXT_aGOST01 "aGOST01"
+# define SSL_TXT_aGOST "aGOST"
+# define SSL_TXT_aSRP "aSRP"
+
+# define SSL_TXT_DSS "DSS"
+# define SSL_TXT_DH "DH"
+# define SSL_TXT_DHE "DHE"/* same as "kDHE:-ADH" */
+# define SSL_TXT_EDH "EDH"/* alias for DHE */
+# define SSL_TXT_ADH "ADH"
+# define SSL_TXT_RSA "RSA"
+# define SSL_TXT_ECDH "ECDH"
+# define SSL_TXT_EECDH "EECDH"/* alias for ECDHE" */
+# define SSL_TXT_ECDHE "ECDHE"/* same as "kECDHE:-AECDH" */
+# define SSL_TXT_AECDH "AECDH"
+# define SSL_TXT_ECDSA "ECDSA"
+# define SSL_TXT_KRB5 "KRB5"
+# define SSL_TXT_PSK "PSK"
+# define SSL_TXT_SRP "SRP"
+
+# define SSL_TXT_DES "DES"
+# define SSL_TXT_3DES "3DES"
+# define SSL_TXT_RC4 "RC4"
+# define SSL_TXT_RC2 "RC2"
+# define SSL_TXT_IDEA "IDEA"
+# define SSL_TXT_SEED "SEED"
+# define SSL_TXT_AES128 "AES128"
+# define SSL_TXT_AES256 "AES256"
+# define SSL_TXT_AES "AES"
+# define SSL_TXT_AES_GCM "AESGCM"
+# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
+# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
+# define SSL_TXT_CAMELLIA "CAMELLIA"
+
+# define SSL_TXT_MD5 "MD5"
+# define SSL_TXT_SHA1 "SHA1"
+# define SSL_TXT_SHA "SHA"/* same as "SHA1" */
+# define SSL_TXT_GOST94 "GOST94"
+# define SSL_TXT_GOST89MAC "GOST89MAC"
+# define SSL_TXT_SHA256 "SHA256"
+# define SSL_TXT_SHA384 "SHA384"
+
+# define SSL_TXT_SSLV3 "SSLv3"
+# define SSL_TXT_TLSV1 "TLSv1"
+# define SSL_TXT_TLSV1_1 "TLSv1.1"
+# define SSL_TXT_TLSV1_2 "TLSv1.2"
+
+# define SSL_TXT_EXP "EXP"
+# define SSL_TXT_EXPORT "EXPORT"
+
+# define SSL_TXT_ALL "ALL"
+
+/*-
+ * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+ * ciphers normally not being used.
+ * Example: "RC4" will activate all ciphers using RC4 including ciphers
+ * without authentication, which would normally disabled by DEFAULT (due
+ * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+ * will make sure that it is also disabled in the specific selection.
+ * COMPLEMENTOF* identifiers are portable between version, as adjustments
+ * to the default cipher setup will also be included here.
+ *
+ * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+ * DEFAULT gets, as only selection is being done and no sorting as needed
+ * for DEFAULT.
+ */
+# define SSL_TXT_CMPALL "COMPLEMENTOFALL"
+# define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
+
+/*
+ * The following cipher list is used by default. It also is substituted when
+ * an application-defined cipher list string starts with 'DEFAULT'.
+ */
+# define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL"
+/*
+ * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+ * starts with a reasonable order, and all we have to do for DEFAULT is
+ * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+ * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+ */
+
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+# define SSL_SENT_SHUTDOWN 1
+# define SSL_RECEIVED_SHUTDOWN 2
+
+#ifdef __cplusplus
+}
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
+# define SSL_FILETYPE_PEM X509_FILETYPE_PEM
+
+/*
+ * This is needed to stop compilers complaining about the 'struct ssl_st *'
+ * function parameters used to prototype callbacks in SSL_CTX.
+ */
+typedef struct ssl_st *ssl_crock_st;
+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
+typedef struct ssl_method_st SSL_METHOD;
+typedef struct ssl_cipher_st SSL_CIPHER;
+typedef struct ssl_session_st SSL_SESSION;
+typedef struct tls_sigalgs_st TLS_SIGALGS;
+typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
+
+DECLARE_STACK_OF(SSL_CIPHER)
+
+/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
+typedef struct srtp_protection_profile_st {
+ const char *name;
+ unsigned long id;
+} SRTP_PROTECTION_PROFILE;
+
+DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
+ const unsigned char *data,
+ int len, void *arg);
+typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
+ int *secret_len,
+ STACK_OF(SSL_CIPHER) *peer_ciphers,
+ SSL_CIPHER **cipher, void *arg);
+
+# ifndef OPENSSL_NO_TLSEXT
+
+/* Typedefs for handling custom extensions */
+
+typedef int (*custom_ext_add_cb) (SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *add_arg);
+
+typedef void (*custom_ext_free_cb) (SSL *s, unsigned int ext_type,
+ const unsigned char *out, void *add_arg);
+
+typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *parse_arg);
+
+# endif
+
+/* Allow initial connection to servers that don't support RI */
+# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
+/* Removed from OpenSSL 0.9.8q and 1.0.0c */
+# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0L
+# define SSL_OP_TLSEXT_PADDING 0x00000010L
+# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
+# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L
+# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
+# define SSL_OP_TLS_D5_BUG 0x00000100L
+# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
+
+/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
+# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
+/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
+# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
+/* Related to removed SSLv2 */
+# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
+# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
+
+/*
+ * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+ * OpenSSL 0.9.6d. Usually (depending on the application protocol) the
+ * workaround is not needed. Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include it in
+ * SSL_OP_ALL.
+ */
+/* added in 0.9.6e */
+# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L
+
+/*
+ * SSL_OP_ALL: various bug workarounds that should be rather harmless. This
+ * used to be 0x000FFFFFL before 0.9.7.
+ */
+# define SSL_OP_ALL 0x80000BFFL
+
+/* DTLS options */
+# define SSL_OP_NO_QUERY_MTU 0x00001000L
+/* Turn on Cookie Exchange (on relevant for servers) */
+# define SSL_OP_COOKIE_EXCHANGE 0x00002000L
+/* Don't use RFC4507 ticket extension */
+# define SSL_OP_NO_TICKET 0x00004000L
+/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
+# define SSL_OP_CISCO_ANYCONNECT 0x00008000L
+
+/* As server, disallow session resumption on renegotiation */
+# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
+/* Don't use compression even if supported */
+# define SSL_OP_NO_COMPRESSION 0x00020000L
+/* Permit unsafe legacy renegotiation */
+# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
+/* If set, always create a new key when using tmp_ecdh parameters */
+# define SSL_OP_SINGLE_ECDH_USE 0x00080000L
+/* If set, always create a new key when using tmp_dh parameters */
+# define SSL_OP_SINGLE_DH_USE 0x00100000L
+/* Does nothing: retained for compatibiity */
+# define SSL_OP_EPHEMERAL_RSA 0x0
+/*
+ * Set on servers to choose the cipher according to the server's preferences
+ */
+# define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
+/*
+ * If set, a server will allow a client to issue a SSLv3.0 version number as
+ * latest version supported in the premaster secret, even when TLSv1.0
+ * (version 3.1) was announced in the client hello. Normally this is
+ * forbidden to prevent version rollback attacks.
+ */
+# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
+
+# define SSL_OP_NO_SSLv2 0x00000000L
+# define SSL_OP_NO_SSLv3 0x02000000L
+# define SSL_OP_NO_TLSv1 0x04000000L
+# define SSL_OP_NO_TLSv1_2 0x08000000L
+# define SSL_OP_NO_TLSv1_1 0x10000000L
+
+# define SSL_OP_NO_DTLSv1 0x04000000L
+# define SSL_OP_NO_DTLSv1_2 0x08000000L
+
+# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
+ SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
+
+/*
+ * These next two were never actually used for anything since SSLeay zap so
+ * we have some more flags.
+ */
+/*
+ * The next flag deliberately changes the ciphertest, this is a check for the
+ * PKCS#1 attack
+ */
+# define SSL_OP_PKCS1_CHECK_1 0x0
+# define SSL_OP_PKCS1_CHECK_2 0x0
+
+/* Removed as of OpenSSL 1.1.0 */
+# define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
+/* Removed as of OpenSSL 1.1.0 */
+# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0L
+/*
+ * Make server add server-hello extension from early version of cryptopro
+ * draft, when GOST ciphersuite is negotiated. Required for interoperability
+ * with CryptoPro CSP 3.x
+ */
+# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
+
+/*
+ * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+ * when just a single record has been written):
+ */
+# define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
+/*
+ * Make it possible to retry SSL_write() with changed buffer location (buffer
+ * contents must stay the same!); this is not the default to avoid the
+ * misconception that non-blocking SSL_write() behaves like non-blocking
+ * write():
+ */
+# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
+/*
+ * Never bother the application with retries if the transport is blocking:
+ */
+# define SSL_MODE_AUTO_RETRY 0x00000004L
+/* Don't attempt to automatically build certificate chain */
+# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
+/*
+ * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+ * TLS only.) "Released" buffers are put onto a free-list in the context or
+ * just freed (depending on the context's setting for freelist_max_len).
+ */
+# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
+/*
+ * Send the current time in the Random fields of the ClientHello and
+ * ServerHello records for compatibility with hypothetical implementations
+ * that require it.
+ */
+# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
+# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
+/*
+ * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+ * that reconnect with a downgraded protocol version; see
+ * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+ * application attempts a normal handshake. Only use this in explicit
+ * fallback retries, following the guidance in
+ * draft-ietf-tls-downgrade-scsv-00.
+ */
+# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
+
+/* Cert related flags */
+/*
+ * Many implementations ignore some aspects of the TLS standards such as
+ * enforcing certifcate chain algorithms. When this is set we enforce them.
+ */
+# define SSL_CERT_FLAG_TLS_STRICT 0x00000001L
+
+/* Suite B modes, takes same values as certificate verify flags */
+# define SSL_CERT_FLAG_SUITEB_128_LOS_ONLY 0x10000
+/* Suite B 192 bit only mode */
+# define SSL_CERT_FLAG_SUITEB_192_LOS 0x20000
+/* Suite B 128 bit mode allowing 192 bit algorithms */
+# define SSL_CERT_FLAG_SUITEB_128_LOS 0x30000
+
+/* Perform all sorts of protocol violations for testing purposes */
+# define SSL_CERT_FLAG_BROKEN_PROTOCOL 0x10000000
+
+/* Flags for building certificate chains */
+/* Treat any existing certificates as untrusted CAs */
+# define SSL_BUILD_CHAIN_FLAG_UNTRUSTED 0x1
+/* Don't include root CA in chain */
+# define SSL_BUILD_CHAIN_FLAG_NO_ROOT 0x2
+/* Just check certificates already there */
+# define SSL_BUILD_CHAIN_FLAG_CHECK 0x4
+/* Ignore verification errors */
+# define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR 0x8
+/* Clear verification errors from queue */
+# define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR 0x10
+
+/* Flags returned by SSL_check_chain */
+/* Certificate can be used with this session */
+# define CERT_PKEY_VALID 0x1
+/* Certificate can also be used for signing */
+# define CERT_PKEY_SIGN 0x2
+/* EE certificate signing algorithm OK */
+# define CERT_PKEY_EE_SIGNATURE 0x10
+/* CA signature algorithms OK */
+# define CERT_PKEY_CA_SIGNATURE 0x20
+/* EE certificate parameters OK */
+# define CERT_PKEY_EE_PARAM 0x40
+/* CA certificate parameters OK */
+# define CERT_PKEY_CA_PARAM 0x80
+/* Signing explicitly allowed as opposed to SHA1 fallback */
+# define CERT_PKEY_EXPLICIT_SIGN 0x100
+/* Client CA issuer names match (always set for server cert) */
+# define CERT_PKEY_ISSUER_NAME 0x200
+/* Cert type matches client types (always set for server cert) */
+# define CERT_PKEY_CERT_TYPE 0x400
+/* Cert chain suitable to Suite B */
+# define CERT_PKEY_SUITEB 0x800
+
+# define SSL_CONF_FLAG_CMDLINE 0x1
+# define SSL_CONF_FLAG_FILE 0x2
+# define SSL_CONF_FLAG_CLIENT 0x4
+# define SSL_CONF_FLAG_SERVER 0x8
+# define SSL_CONF_FLAG_SHOW_ERRORS 0x10
+# define SSL_CONF_FLAG_CERTIFICATE 0x20
+# define SSL_CONF_FLAG_REQUIRE_PRIVATE 0x40
+/* Configuration value types */
+# define SSL_CONF_TYPE_UNKNOWN 0x0
+# define SSL_CONF_TYPE_STRING 0x1
+# define SSL_CONF_TYPE_FILE 0x2
+# define SSL_CONF_TYPE_DIR 0x3
+
+/*
+ * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, they
+ * cannot be used to clear bits.
+ */
+
+# define SSL_CTX_set_options(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+# define SSL_CTX_clear_options(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
+# define SSL_CTX_get_options(ctx) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
+# define SSL_set_options(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
+# define SSL_clear_options(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
+# define SSL_get_options(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
+
+# define SSL_CTX_set_mode(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+# define SSL_CTX_clear_mode(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_CTX_get_mode(ctx) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+# define SSL_clear_mode(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_set_mode(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+# define SSL_get_mode(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+# define SSL_set_mtu(ssl, mtu) \
+ SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+# define DTLS_set_link_mtu(ssl, mtu) \
+ SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+# define DTLS_get_link_min_mtu(ssl) \
+ SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
+
+# define SSL_get_secure_renegotiation_support(ssl) \
+ SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_heartbeat(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
+# endif
+
+# define SSL_CTX_set_cert_flags(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
+# define SSL_set_cert_flags(s,op) \
+ SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
+# define SSL_CTX_clear_cert_flags(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+# define SSL_clear_cert_flags(s,op) \
+ SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg));
+void SSL_set_msg_callback(SSL *ssl,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg));
+# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+
+# define SSL_get_extms_support(s) \
+ SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL)
+
+# ifndef OPENSSL_NO_SRP
+
+/* see tls_srp.c */
+__owur int SSL_SRP_CTX_init(SSL *s);
+__owur int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+__owur int SSL_srp_server_param_with_username(SSL *s, int *ad);
+__owur int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
+__owur int SRP_Calc_A_param(SSL *s);
+__owur int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
+
+# endif
+
+# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
+# define SSL_MAX_CERT_LIST_DEFAULT 1024*30
+ /* 30k max cert list :-) */
+# else
+# define SSL_MAX_CERT_LIST_DEFAULT 1024*100
+ /* 100k max cert list :-) */
+# endif
+
+# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
+
+/*
+ * This callback type is used inside SSL_CTX, SSL, and in the functions that
+ * set them. It is used to override the generation of SSL/TLS session IDs in
+ * a server. Return value should be zero on an error, non-zero to proceed.
+ * Also, callbacks should themselves check if the id they generate is unique
+ * otherwise the SSL handshake will fail with an error - callbacks can do
+ * this using the 'ssl' value they're passed by;
+ * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in
+ * is set at the maximum size the session ID can be. In SSLv3/TLSv1 it is 32
+ * bytes. The callback can alter this length to be less if desired. It is
+ * also an error for the callback to set the size to zero.
+ */
+typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
+ unsigned int *id_len);
+
+typedef struct ssl_comp_st SSL_COMP;
+
+
+# define SSL_SESS_CACHE_OFF 0x0000
+# define SSL_SESS_CACHE_CLIENT 0x0001
+# define SSL_SESS_CACHE_SERVER 0x0002
+# define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
+# define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
+/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
+# define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
+# define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
+# define SSL_SESS_CACHE_NO_INTERNAL \
+ (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
+
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
+# define SSL_CTX_sess_number(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+# define SSL_CTX_sess_connect(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+# define SSL_CTX_sess_connect_good(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+# define SSL_CTX_sess_connect_renegotiate(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+# define SSL_CTX_sess_accept_renegotiate(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept_good(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+# define SSL_CTX_sess_hits(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+# define SSL_CTX_sess_cb_hits(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+# define SSL_CTX_sess_misses(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+# define SSL_CTX_sess_timeouts(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+# define SSL_CTX_sess_cache_full(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+ int (*new_session_cb) (struct ssl_st *ssl,
+ SSL_SESSION *sess));
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+ SSL_SESSION *sess);
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+ void (*remove_session_cb) (struct ssl_ctx_st
+ *ctx,
+ SSL_SESSION
+ *sess));
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx,
+ SSL_SESSION *sess);
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+ SSL_SESSION *(*get_session_cb) (struct ssl_st
+ *ssl,
+ unsigned char
+ *data, int len,
+ int *copy));
+SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+ unsigned char *Data,
+ int len, int *copy);
+void SSL_CTX_set_info_callback(SSL_CTX *ctx,
+ void (*cb) (const SSL *ssl, int type,
+ int val));
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
+ int val);
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+ int (*client_cert_cb) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey));
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey);
+# ifndef OPENSSL_NO_ENGINE
+__owur int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
+# endif
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+ int (*app_gen_cookie_cb) (SSL *ssl,
+ unsigned char
+ *cookie,
+ unsigned int
+ *cookie_len));
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+ int (*app_verify_cookie_cb) (SSL *ssl,
+ unsigned char
+ *cookie,
+ unsigned int
+ cookie_len));
+# ifndef OPENSSL_NO_NEXTPROTONEG
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
+ int (*cb) (SSL *ssl,
+ const unsigned char
+ **out,
+ unsigned int *outlen,
+ void *arg), void *arg);
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
+ int (*cb) (SSL *ssl,
+ unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg);
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+ unsigned *len);
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+__owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+ const unsigned char *in, unsigned int inlen,
+ const unsigned char *client,
+ unsigned int client_len);
+# endif
+
+# define OPENSSL_NPN_UNSUPPORTED 0
+# define OPENSSL_NPN_NEGOTIATED 1
+# define OPENSSL_NPN_NO_OVERLAP 2
+
+__owur int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+ unsigned protos_len);
+__owur int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+ unsigned protos_len);
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl,
+ const unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg);
+void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+ unsigned *len);
+
+# ifndef OPENSSL_NO_PSK
+/*
+ * the maximum length of the buffer given to callbacks containing the
+ * resulting identity/psk
+ */
+# define PSK_MAX_IDENTITY_LEN 128
+# define PSK_MAX_PSK_LEN 256
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+ unsigned int (*psk_client_callback) (SSL
+ *ssl,
+ const
+ char
+ *hint,
+ char
+ *identity,
+ unsigned
+ int
+ max_identity_len,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_set_psk_client_callback(SSL *ssl,
+ unsigned int (*psk_client_callback) (SSL
+ *ssl,
+ const
+ char
+ *hint,
+ char
+ *identity,
+ unsigned
+ int
+ max_identity_len,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+ unsigned int (*psk_server_callback) (SSL
+ *ssl,
+ const
+ char
+ *identity,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_set_psk_server_callback(SSL *ssl,
+ unsigned int (*psk_server_callback) (SSL
+ *ssl,
+ const
+ char
+ *identity,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+__owur int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
+__owur int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
+const char *SSL_get_psk_identity_hint(const SSL *s);
+const char *SSL_get_psk_identity(const SSL *s);
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+/* Register callbacks to handle custom TLS Extensions for client or server. */
+
+__owur int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+ custom_ext_add_cb add_cb,
+ custom_ext_free_cb free_cb,
+ void *add_arg,
+ custom_ext_parse_cb parse_cb,
+ void *parse_arg);
+
+__owur int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+ custom_ext_add_cb add_cb,
+ custom_ext_free_cb free_cb,
+ void *add_arg,
+ custom_ext_parse_cb parse_cb,
+ void *parse_arg);
+
+__owur int SSL_extension_supported(unsigned int ext_type);
+
+# endif
+
+# define SSL_NOTHING 1
+# define SSL_WRITING 2
+# define SSL_READING 3
+# define SSL_X509_LOOKUP 4
+
+/* These will only be used when doing non-blocking IO */
+# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
+# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
+# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
+# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+
+# define SSL_MAC_FLAG_READ_MAC_STREAM 1
+# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+
+#ifdef __cplusplus
+}
+#endif
+
+# include <openssl/ssl2.h>
+# include <openssl/ssl3.h>
+# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
+# include <openssl/dtls1.h> /* Datagram TLS */
+# include <openssl/ssl23.h>
+# include <openssl/srtp.h> /* Support for the use_srtp extension */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* compatibility */
+# define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
+# define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
+# define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
+# define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
+# define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
+# define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
+
+/*
+ * The following are the possible values for ssl->state are are used to
+ * indicate where we are up to in the SSL connection establishment. The
+ * macros that follow are about the only things you should need to use and
+ * even then, only when using non-blocking IO. It can also be useful to work
+ * out where you were when the connection failed
+ */
+
+# define SSL_ST_CONNECT 0x1000
+# define SSL_ST_ACCEPT 0x2000
+# define SSL_ST_MASK 0x0FFF
+# define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
+# define SSL_ST_BEFORE 0x4000
+# define SSL_ST_OK 0x03
+# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
+
+# define SSL_CB_LOOP 0x01
+# define SSL_CB_EXIT 0x02
+# define SSL_CB_READ 0x04
+# define SSL_CB_WRITE 0x08
+# define SSL_CB_ALERT 0x4000/* used in callback */
+# define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
+# define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
+# define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
+# define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
+# define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
+# define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
+# define SSL_CB_HANDSHAKE_START 0x10
+# define SSL_CB_HANDSHAKE_DONE 0x20
+
+/* Is the SSL_connection established? */
+# define SSL_get_state(a) SSL_state(a)
+# define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
+# define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
+# define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
+# define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
+# define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
+
+/*
+ * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
+ * should not need these
+ */
+# define SSL_ST_READ_HEADER 0xF0
+# define SSL_ST_READ_BODY 0xF1
+# define SSL_ST_READ_DONE 0xF2
+
+/*-
+ * Obtain latest Finished message
+ * -- that we sent (SSL_get_finished)
+ * -- that we expected from peer (SSL_get_peer_finished).
+ * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+ */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
+
+/*
+ * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options are
+ * 'ored' with SSL_VERIFY_PEER if they are desired
+ */
+# define SSL_VERIFY_NONE 0x00
+# define SSL_VERIFY_PEER 0x01
+# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+# define SSL_VERIFY_CLIENT_ONCE 0x04
+
+# define OpenSSL_add_ssl_algorithms() SSL_library_init()
+# define SSLeay_add_ssl_algorithms() SSL_library_init()
+
+/* More backward compatibility */
+# define SSL_get_cipher(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_cipher_bits(s,np) \
+ SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+# define SSL_get_cipher_version(s) \
+ SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+# define SSL_get_cipher_name(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_time(a) SSL_SESSION_get_time(a)
+# define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
+# define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
+# define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
+
+# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+# define SSL_AD_REASON_OFFSET 1000/* offset to get SSL_R_... value
+ * from SSL_AD_... */
+/* These alert types are for SSLv3 and TLSv1 */
+# define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
+/* fatal */
+# define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE
+/* fatal */
+# define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC
+# define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
+# define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
+/* fatal */
+# define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE
+/* fatal */
+# define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE
+/* Not for TLS */
+# define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE
+# define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
+# define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
+# define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
+# define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
+# define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
+/* fatal */
+# define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER
+/* fatal */
+# define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA
+/* fatal */
+# define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED
+/* fatal */
+# define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR
+# define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
+/* fatal */
+# define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION
+/* fatal */
+# define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION
+/* fatal */
+# define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY
+/* fatal */
+# define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR
+# define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
+# define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
+# define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
+# define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
+# define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
+# define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
+# define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
+/* fatal */
+# define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
+/* fatal */
+# define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK
+# define SSL_ERROR_NONE 0
+# define SSL_ERROR_SSL 1
+# define SSL_ERROR_WANT_READ 2
+# define SSL_ERROR_WANT_WRITE 3
+# define SSL_ERROR_WANT_X509_LOOKUP 4
+# define SSL_ERROR_SYSCALL 5/* look at error stack/return
+ * value/errno */
+# define SSL_ERROR_ZERO_RETURN 6
+# define SSL_ERROR_WANT_CONNECT 7
+# define SSL_ERROR_WANT_ACCEPT 8
+# define SSL_CTRL_NEED_TMP_RSA 1
+# define SSL_CTRL_SET_TMP_RSA 2
+# define SSL_CTRL_SET_TMP_DH 3
+# define SSL_CTRL_SET_TMP_ECDH 4
+# define SSL_CTRL_SET_TMP_RSA_CB 5
+# define SSL_CTRL_SET_TMP_DH_CB 6
+# define SSL_CTRL_SET_TMP_ECDH_CB 7
+# define SSL_CTRL_GET_SESSION_REUSED 8
+# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
+# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
+# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
+# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
+# define SSL_CTRL_GET_FLAGS 13
+# define SSL_CTRL_EXTRA_CHAIN_CERT 14
+# define SSL_CTRL_SET_MSG_CALLBACK 15
+# define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
+/* only applies to datagram connections */
+# define SSL_CTRL_SET_MTU 17
+/* Stats */
+# define SSL_CTRL_SESS_NUMBER 20
+# define SSL_CTRL_SESS_CONNECT 21
+# define SSL_CTRL_SESS_CONNECT_GOOD 22
+# define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
+# define SSL_CTRL_SESS_ACCEPT 24
+# define SSL_CTRL_SESS_ACCEPT_GOOD 25
+# define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
+# define SSL_CTRL_SESS_HIT 27
+# define SSL_CTRL_SESS_CB_HIT 28
+# define SSL_CTRL_SESS_MISSES 29
+# define SSL_CTRL_SESS_TIMEOUTS 30
+# define SSL_CTRL_SESS_CACHE_FULL 31
+# define SSL_CTRL_OPTIONS 32
+# define SSL_CTRL_MODE 33
+# define SSL_CTRL_GET_READ_AHEAD 40
+# define SSL_CTRL_SET_READ_AHEAD 41
+# define SSL_CTRL_SET_SESS_CACHE_SIZE 42
+# define SSL_CTRL_GET_SESS_CACHE_SIZE 43
+# define SSL_CTRL_SET_SESS_CACHE_MODE 44
+# define SSL_CTRL_GET_SESS_CACHE_MODE 45
+# define SSL_CTRL_GET_MAX_CERT_LIST 50
+# define SSL_CTRL_SET_MAX_CERT_LIST 51
+# define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
+/* see tls1.h for macros based on these */
+# ifndef OPENSSL_NO_TLSEXT
+# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
+# define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
+# define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
+# define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
+# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
+# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
+# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
+/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60 */
+/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61 */
+/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 */
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
+# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
+# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
+# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
+# define SSL_CTRL_SET_SRP_ARG 78
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
+# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
+# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
+# define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
+# define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
+# endif
+# endif /* OPENSSL_NO_TLSEXT */
+# define DTLS_CTRL_GET_TIMEOUT 73
+# define DTLS_CTRL_HANDLE_TIMEOUT 74
+# define DTLS_CTRL_LISTEN 75
+# define SSL_CTRL_GET_RI_SUPPORT 76
+# define SSL_CTRL_CLEAR_OPTIONS 77
+# define SSL_CTRL_CLEAR_MODE 78
+# define SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB 79
+# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
+# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
+# define SSL_CTRL_CHAIN 88
+# define SSL_CTRL_CHAIN_CERT 89
+# define SSL_CTRL_GET_CURVES 90
+# define SSL_CTRL_SET_CURVES 91
+# define SSL_CTRL_SET_CURVES_LIST 92
+# define SSL_CTRL_GET_SHARED_CURVE 93
+# define SSL_CTRL_SET_ECDH_AUTO 94
+# define SSL_CTRL_SET_SIGALGS 97
+# define SSL_CTRL_SET_SIGALGS_LIST 98
+# define SSL_CTRL_CERT_FLAGS 99
+# define SSL_CTRL_CLEAR_CERT_FLAGS 100
+# define SSL_CTRL_SET_CLIENT_SIGALGS 101
+# define SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102
+# define SSL_CTRL_GET_CLIENT_CERT_TYPES 103
+# define SSL_CTRL_SET_CLIENT_CERT_TYPES 104
+# define SSL_CTRL_BUILD_CERT_CHAIN 105
+# define SSL_CTRL_SET_VERIFY_CERT_STORE 106
+# define SSL_CTRL_SET_CHAIN_CERT_STORE 107
+# define SSL_CTRL_GET_PEER_SIGNATURE_NID 108
+# define SSL_CTRL_GET_SERVER_TMP_KEY 109
+# define SSL_CTRL_GET_RAW_CIPHERLIST 110
+# define SSL_CTRL_GET_EC_POINT_FORMATS 111
+# define SSL_CTRL_GET_CHAIN_CERTS 115
+# define SSL_CTRL_SELECT_CURRENT_CERT 116
+# define SSL_CTRL_SET_CURRENT_CERT 117
+# define SSL_CTRL_SET_DH_AUTO 118
+# define SSL_CTRL_CHECK_PROTO_VERSION 119
+# define DTLS_CTRL_SET_LINK_MTU 120
+# define DTLS_CTRL_GET_LINK_MIN_MTU 121
+# define SSL_CTRL_GET_EXTMS_SUPPORT 122
+# define SSL_CERT_SET_FIRST 1
+# define SSL_CERT_SET_NEXT 2
+# define SSL_CERT_SET_SERVER 3
+# define DTLSv1_get_timeout(ssl, arg) \
+ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
+# define DTLSv1_handle_timeout(ssl) \
+ SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+# define DTLSv1_listen(ssl, peer) \
+ SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
+# define SSL_session_reused(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
+# define SSL_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_clear_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_total_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+# define SSL_CTX_need_tmp_RSA(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+# define SSL_CTX_set_tmp_rsa(ctx,rsa) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+# define SSL_CTX_set_tmp_dh(ctx,dh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
+# define SSL_CTX_set_dh_auto(ctx, onoff) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+# define SSL_set_dh_auto(s, onoff) \
+ SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+# define SSL_need_tmp_RSA(ssl) \
+ SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+# define SSL_set_tmp_rsa(ssl,rsa) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+# define SSL_set_tmp_dh(ssl,dh) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+# define SSL_set_tmp_ecdh(ssl,ecdh) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
+# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
+# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+# define SSL_CTX_get_extra_chain_certs_only(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
+# define SSL_CTX_clear_extra_chain_certs(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
+# define SSL_CTX_set0_chain(ctx,sk) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
+# define SSL_CTX_set1_chain(ctx,sk) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
+# define SSL_CTX_add0_chain_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
+# define SSL_CTX_add1_chain_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
+# define SSL_CTX_get0_chain_certs(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+# define SSL_CTX_clear_chain_certs(ctx) \
+ SSL_CTX_set0_chain(ctx,NULL)
+# define SSL_CTX_build_cert_chain(ctx, flags) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+# define SSL_CTX_select_current_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
+# define SSL_CTX_set_current_cert(ctx, op) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+# define SSL_CTX_set0_verify_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
+# define SSL_CTX_set1_verify_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
+# define SSL_CTX_set0_chain_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
+# define SSL_CTX_set1_chain_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
+# define SSL_set0_chain(ctx,sk) \
+ SSL_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
+# define SSL_set1_chain(ctx,sk) \
+ SSL_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
+# define SSL_add0_chain_cert(ctx,x509) \
+ SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
+# define SSL_add1_chain_cert(ctx,x509) \
+ SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
+# define SSL_get0_chain_certs(ctx,px509) \
+ SSL_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+# define SSL_clear_chain_certs(ctx) \
+ SSL_set0_chain(ctx,NULL)
+# define SSL_build_cert_chain(s, flags) \
+ SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+# define SSL_select_current_cert(ctx,x509) \
+ SSL_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
+# define SSL_set_current_cert(ctx,op) \
+ SSL_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+# define SSL_set0_verify_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
+# define SSL_set1_verify_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
+# define SSL_set0_chain_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
+# define SSL_set1_chain_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
+# define SSL_get1_curves(ctx, s) \
+ SSL_ctrl(ctx,SSL_CTRL_GET_CURVES,0,(char *)s)
+# define SSL_CTX_set1_curves(ctx, clist, clistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
+# define SSL_CTX_set1_curves_list(ctx, s) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
+# define SSL_set1_curves(ctx, clist, clistlen) \
+ SSL_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
+# define SSL_set1_curves_list(ctx, s) \
+ SSL_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
+# define SSL_get_shared_curve(s, n) \
+ SSL_ctrl(s,SSL_CTRL_GET_SHARED_CURVE,n,NULL)
+# define SSL_CTX_set_ecdh_auto(ctx, onoff) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
+# define SSL_set_ecdh_auto(s, onoff) \
+ SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
+# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
+# define SSL_CTX_set1_sigalgs_list(ctx, s) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
+# define SSL_set1_sigalgs(ctx, slist, slistlen) \
+ SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist)
+# define SSL_set1_sigalgs_list(ctx, s) \
+ SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
+# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)slist)
+# define SSL_CTX_set1_client_sigalgs_list(ctx, s) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
+# define SSL_set1_client_sigalgs(ctx, slist, slistlen) \
+ SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,clistlen,(int *)slist)
+# define SSL_set1_client_sigalgs_list(ctx, s) \
+ SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
+# define SSL_get0_certificate_types(s, clist) \
+ SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)clist)
+# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
+# define SSL_set1_client_certificate_types(s, clist, clistlen) \
+ SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
+# define SSL_get_peer_signature_nid(s, pn) \
+ SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
+# define SSL_get_server_tmp_key(s, pk) \
+ SSL_ctrl(s,SSL_CTRL_GET_SERVER_TMP_KEY,0,pk)
+# define SSL_get0_raw_cipherlist(s, plst) \
+ SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
+# define SSL_get0_ec_point_formats(s, plst) \
+ SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
+
+__owur BIO_METHOD *BIO_f_ssl(void);
+__owur BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+__owur BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+__owur BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+__owur int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+void BIO_ssl_shutdown(BIO *ssl_bio);
+
+__owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
+__owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
+void SSL_CTX_free(SSL_CTX *);
+__owur long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+__owur long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+__owur X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
+void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
+__owur int SSL_want(const SSL *s);
+__owur int SSL_clear(SSL *s);
+
+void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
+
+__owur const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
+__owur int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
+__owur char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
+__owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
+__owur unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
+
+__owur int SSL_get_fd(const SSL *s);
+__owur int SSL_get_rfd(const SSL *s);
+__owur int SSL_get_wfd(const SSL *s);
+__owur const char *SSL_get_cipher_list(const SSL *s, int n);
+__owur char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
+__owur int SSL_get_read_ahead(const SSL *s);
+__owur int SSL_pending(const SSL *s);
+# ifndef OPENSSL_NO_SOCK
+__owur int SSL_set_fd(SSL *s, int fd);
+__owur int SSL_set_rfd(SSL *s, int fd);
+__owur int SSL_set_wfd(SSL *s, int fd);
+# endif
+void SSL_set_rbio(SSL *s, BIO *rbio);
+void SSL_set_wbio(SSL *s, BIO *wbio);
+void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
+__owur BIO *SSL_get_rbio(const SSL *s);
+__owur BIO *SSL_get_wbio(const SSL *s);
+__owur int SSL_set_cipher_list(SSL *s, const char *str);
+void SSL_set_read_ahead(SSL *s, int yes);
+__owur int SSL_get_verify_mode(const SSL *s);
+__owur int SSL_get_verify_depth(const SSL *s);
+__owur int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *);
+void SSL_set_verify(SSL *s, int mode,
+ int (*callback) (int ok, X509_STORE_CTX *ctx));
+void SSL_set_verify_depth(SSL *s, int depth);
+void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
+# ifndef OPENSSL_NO_RSA
+__owur int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+# endif
+__owur int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len);
+__owur int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+__owur int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
+ long len);
+__owur int SSL_use_certificate(SSL *ssl, X509 *x);
+__owur int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
+
+# ifndef OPENSSL_NO_TLSEXT
+/* Set serverinfo data for the current active cert. */
+__owur int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+ size_t serverinfo_length);
+# ifndef OPENSSL_NO_STDIO
+__owur int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
+# endif /* NO_STDIO */
+
+# endif
+
+# ifndef OPENSSL_NO_STDIO
+__owur int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+__owur int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+__owur int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+__owur int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+__owur int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+__owur int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+/* PEM type */
+__owur int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+__owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+ const char *file);
+# ifndef OPENSSL_SYS_VMS
+int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+ const char *dir);
+# endif
+
+# endif
+
+void SSL_load_error_strings(void);
+__owur const char *SSL_state_string(const SSL *s);
+__owur const char *SSL_rstate_string(const SSL *s);
+__owur const char *SSL_state_string_long(const SSL *s);
+__owur const char *SSL_rstate_string_long(const SSL *s);
+__owur long SSL_SESSION_get_time(const SSL_SESSION *s);
+__owur long SSL_SESSION_set_time(SSL_SESSION *s, long t);
+__owur long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+__owur long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
+__owur int SSL_SESSION_has_ticket(const SSL_SESSION *s);
+__owur unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
+void SSL_SESSION_get0_ticket(const SSL_SESSION *s, unsigned char **tick,
+ size_t *len);
+__owur int SSL_copy_session_id(SSL *to, const SSL *from);
+__owur X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
+__owur int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+__owur SSL_SESSION *SSL_SESSION_new(void);
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+ unsigned int *len);
+__owur unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
+# ifndef OPENSSL_NO_STDIO
+int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+# endif
+int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x);
+void SSL_SESSION_free(SSL_SESSION *ses);
+__owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
+__owur int SSL_set_session(SSL *to, SSL_SESSION *session);
+__owur int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
+__owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
+__owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
+__owur int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+ unsigned int id_len);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+ long length);
+
+# ifdef HEADER_X509_H
+__owur X509 *SSL_get_peer_certificate(const SSL *s);
+# endif
+
+__owur STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
+
+__owur int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+__owur int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+__owur int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int,
+ X509_STORE_CTX *);
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
+ int (*callback) (int, X509_STORE_CTX *));
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
+ int (*cb) (X509_STORE_CTX *, void *),
+ void *arg);
+void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
+ void *arg);
+# ifndef OPENSSL_NO_RSA
+__owur int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+# endif
+__owur int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
+ long len);
+__owur int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+__owur int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
+ const unsigned char *d, long len);
+__owur int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+__owur int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
+ const unsigned char *d);
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+
+__owur int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+__owur int SSL_check_private_key(const SSL *ctx);
+
+__owur int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+SSL *SSL_new(SSL_CTX *ctx);
+__owur int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+__owur int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
+__owur int SSL_set_purpose(SSL *s, int purpose);
+__owur int SSL_CTX_set_trust(SSL_CTX *s, int trust);
+__owur int SSL_set_trust(SSL *s, int trust);
+
+__owur int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
+__owur int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+
+__owur X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
+__owur X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
+# ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+ char *(*cb) (SSL *, void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, int *, void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+ BIGNUM *sa, BIGNUM *v, char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+ const char *grp);
+
+__owur BIGNUM *SSL_get_srp_g(SSL *s);
+__owur BIGNUM *SSL_get_srp_N(SSL *s);
+
+__owur char *SSL_get_srp_username(SSL *s);
+__owur char *SSL_get_srp_userinfo(SSL *s);
+# endif
+
+void SSL_certs_clear(SSL *s);
+void SSL_free(SSL *ssl);
+__owur int SSL_accept(SSL *ssl);
+__owur int SSL_connect(SSL *ssl);
+__owur int SSL_read(SSL *ssl, void *buf, int num);
+__owur int SSL_peek(SSL *ssl, void *buf, int num);
+__owur int SSL_write(SSL *ssl, const void *buf, int num);
+long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+long SSL_callback_ctrl(SSL *, int, void (*)(void));
+long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
+
+__owur int SSL_get_error(const SSL *s, int ret_code);
+__owur const char *SSL_get_version(const SSL *s);
+
+/* This sets the 'default' SSL version that SSL_new() will create */
+__owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
+
+# ifndef OPENSSL_NO_SSL3_METHOD
+__owur const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
+__owur const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
+__owur const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
+# endif
+
+__owur const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS
+ * version */
+__owur const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available
+ * SSL/TLS version */
+__owur const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available
+ * SSL/TLS version */
+
+__owur const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
+__owur const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
+__owur const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
+
+__owur const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
+__owur const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
+__owur const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
+
+__owur const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
+__owur const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
+__owur const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
+
+__owur const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
+__owur const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
+__owur const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
+
+__owur const SSL_METHOD *DTLSv1_2_method(void); /* DTLSv1.2 */
+__owur const SSL_METHOD *DTLSv1_2_server_method(void); /* DTLSv1.2 */
+__owur const SSL_METHOD *DTLSv1_2_client_method(void); /* DTLSv1.2 */
+
+__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
+__owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
+__owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
+
+__owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
+__owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+
+__owur int SSL_do_handshake(SSL *s);
+int SSL_renegotiate(SSL *s);
+__owur int SSL_renegotiate_abbreviated(SSL *s);
+__owur int SSL_renegotiate_pending(SSL *s);
+int SSL_shutdown(SSL *s);
+
+__owur const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx);
+__owur const SSL_METHOD *SSL_get_ssl_method(SSL *s);
+__owur int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+__owur const char *SSL_alert_type_string_long(int value);
+__owur const char *SSL_alert_type_string(int value);
+__owur const char *SSL_alert_desc_string_long(int value);
+__owur const char *SSL_alert_desc_string(int value);
+
+void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+__owur STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+__owur STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+__owur int SSL_add_client_CA(SSL *ssl, X509 *x);
+__owur int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
+
+void SSL_set_connect_state(SSL *s);
+void SSL_set_accept_state(SSL *s);
+
+__owur long SSL_get_default_timeout(const SSL *s);
+
+int SSL_library_init(void);
+
+__owur char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
+__owur STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
+
+__owur SSL *SSL_dup(SSL *ssl);
+
+__owur X509 *SSL_get_certificate(const SSL *ssl);
+/*
+ * EVP_PKEY
+ */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
+
+__owur X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+__owur EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+__owur int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+__owur int SSL_get_quiet_shutdown(const SSL *ssl);
+void SSL_set_shutdown(SSL *ssl, int mode);
+__owur int SSL_get_shutdown(const SSL *ssl);
+__owur int SSL_version(const SSL *ssl);
+__owur int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+__owur int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+ const char *CApath);
+# define SSL_get0_session SSL_get_session/* just peek at pointer */
+__owur SSL_SESSION *SSL_get_session(const SSL *ssl);
+__owur SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
+__owur SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
+void SSL_set_info_callback(SSL *ssl,
+ void (*cb) (const SSL *ssl, int type, int val));
+void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
+ int val);
+__owur int SSL_state(const SSL *ssl);
+void SSL_set_state(SSL *ssl, int state);
+
+void SSL_set_verify_result(SSL *ssl, long v);
+__owur long SSL_get_verify_result(const SSL *ssl);
+
+__owur int SSL_set_ex_data(SSL *ssl, int idx, void *data);
+void *SSL_get_ex_data(const SSL *ssl, int idx);
+__owur int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+
+__owur int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
+__owur int SSL_SESSION_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+__owur int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
+void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
+__owur int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+__owur int SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+# define SSL_CTX_sess_set_cache_size(ctx,t) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+# define SSL_CTX_sess_get_cache_size(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+# define SSL_CTX_set_session_cache_mode(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+# define SSL_CTX_get_session_cache_mode(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+
+# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+# define SSL_CTX_get_read_ahead(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+# define SSL_CTX_set_read_ahead(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+# define SSL_CTX_get_max_cert_list(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_CTX_set_max_cert_list(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+# define SSL_get_max_cert_list(ssl) \
+ SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_set_max_cert_list(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+
+# define SSL_CTX_set_max_send_fragment(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+# define SSL_set_max_send_fragment(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+
+ /* NB: the keylength is only applicable when is_export is true */
+# ifndef OPENSSL_NO_RSA
+void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
+ RSA *(*cb) (SSL *ssl, int is_export,
+ int keylength));
+
+void SSL_set_tmp_rsa_callback(SSL *ssl,
+ RSA *(*cb) (SSL *ssl, int is_export,
+ int keylength));
+# endif
+# ifndef OPENSSL_NO_DH
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength));
+void SSL_set_tmp_dh_callback(SSL *ssl,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength));
+# endif
+# ifndef OPENSSL_NO_EC
+void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
+ EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+ int keylength));
+void SSL_set_tmp_ecdh_callback(SSL *ssl,
+ EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+ int keylength));
+# endif
+
+# ifndef OPENSSL_NO_COMP
+__owur const COMP_METHOD *SSL_get_current_compression(SSL *s);
+__owur const COMP_METHOD *SSL_get_current_expansion(SSL *s);
+__owur const char *SSL_COMP_get_name(const COMP_METHOD *comp);
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+ *meths);
+void SSL_COMP_free_compression_methods(void);
+__owur int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+# else
+__owur const void *SSL_get_current_compression(SSL *s);
+__owur const void *SSL_get_current_expansion(SSL *s);
+__owur const char *SSL_COMP_get_name(const void *comp);
+void *SSL_COMP_get_compression_methods(void);
+__owur int SSL_COMP_add_compression_method(int id, void *cm);
+# endif
+
+const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+
+/* TLS extensions functions */
+__owur int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
+
+__owur int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+ void *arg);
+
+/* Pre-shared secret session resumption functions */
+__owur int SSL_set_session_secret_cb(SSL *s,
+ tls_session_secret_cb_fn tls_session_secret_cb,
+ void *arg);
+
+void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl,
+ int
+ is_forward_secure));
+
+void SSL_set_not_resumable_session_callback(SSL *ssl,
+ int (*cb) (SSL *ssl,
+ int
+ is_forward_secure));
+
+void SSL_set_debug(SSL *s, int debug);
+__owur int SSL_cache_hit(SSL *s);
+__owur int SSL_is_server(SSL *s);
+
+__owur __owur SSL_CONF_CTX *SSL_CONF_CTX_new(void);
+int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx);
+void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);
+unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+__owur unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+__owur int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre);
+
+void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);
+void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
+
+__owur int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
+__owur int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv);
+__owur int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);
+
+# ifndef OPENSSL_NO_SSL_TRACE
+void SSL_trace(int write_p, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl, void *arg);
+__owur const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c);
+# endif
+
+/* What the "other" parameter contains in security callback */
+/* Mask for type */
+# define SSL_SECOP_OTHER_TYPE 0xffff0000
+# define SSL_SECOP_OTHER_NONE 0
+# define SSL_SECOP_OTHER_CIPHER (1 << 16)
+# define SSL_SECOP_OTHER_CURVE (2 << 16)
+# define SSL_SECOP_OTHER_DH (3 << 16)
+# define SSL_SECOP_OTHER_PKEY (4 << 16)
+# define SSL_SECOP_OTHER_SIGALG (5 << 16)
+# define SSL_SECOP_OTHER_CERT (6 << 16)
+
+/* Indicated operation refers to peer key or certificate */
+# define SSL_SECOP_PEER 0x1000
+
+/* Values for "op" parameter in security callback */
+
+/* Called to filter ciphers */
+/* Ciphers client supports */
+# define SSL_SECOP_CIPHER_SUPPORTED (1 | SSL_SECOP_OTHER_CIPHER)
+/* Cipher shared by client/server */
+# define SSL_SECOP_CIPHER_SHARED (2 | SSL_SECOP_OTHER_CIPHER)
+/* Sanity check of cipher server selects */
+# define SSL_SECOP_CIPHER_CHECK (3 | SSL_SECOP_OTHER_CIPHER)
+/* Curves supported by client */
+# define SSL_SECOP_CURVE_SUPPORTED (4 | SSL_SECOP_OTHER_CURVE)
+/* Curves shared by client/server */
+# define SSL_SECOP_CURVE_SHARED (5 | SSL_SECOP_OTHER_CURVE)
+/* Sanity check of curve server selects */
+# define SSL_SECOP_CURVE_CHECK (6 | SSL_SECOP_OTHER_CURVE)
+/* Temporary DH key */
+# define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_DH)
+/* SSL/TLS version */
+# define SSL_SECOP_VERSION (9 | SSL_SECOP_OTHER_NONE)
+/* Session tickets */
+# define SSL_SECOP_TICKET (10 | SSL_SECOP_OTHER_NONE)
+/* Supported signature algorithms sent to peer */
+# define SSL_SECOP_SIGALG_SUPPORTED (11 | SSL_SECOP_OTHER_SIGALG)
+/* Shared signature algorithm */
+# define SSL_SECOP_SIGALG_SHARED (12 | SSL_SECOP_OTHER_SIGALG)
+/* Sanity check signature algorithm allowed */
+# define SSL_SECOP_SIGALG_CHECK (13 | SSL_SECOP_OTHER_SIGALG)
+/* Used to get mask of supported public key signature algorithms */
+# define SSL_SECOP_SIGALG_MASK (14 | SSL_SECOP_OTHER_SIGALG)
+/* Use to see if compression is allowed */
+# define SSL_SECOP_COMPRESSION (15 | SSL_SECOP_OTHER_NONE)
+/* EE key in certificate */
+# define SSL_SECOP_EE_KEY (16 | SSL_SECOP_OTHER_CERT)
+/* CA key in certificate */
+# define SSL_SECOP_CA_KEY (17 | SSL_SECOP_OTHER_CERT)
+/* CA digest algorithm in certificate */
+# define SSL_SECOP_CA_MD (18 | SSL_SECOP_OTHER_CERT)
+/* Peer EE key in certificate */
+# define SSL_SECOP_PEER_EE_KEY (SSL_SECOP_EE_KEY | SSL_SECOP_PEER)
+/* Peer CA key in certificate */
+# define SSL_SECOP_PEER_CA_KEY (SSL_SECOP_CA_KEY | SSL_SECOP_PEER)
+/* Peer CA digest algorithm in certificate */
+# define SSL_SECOP_PEER_CA_MD (SSL_SECOP_CA_MD | SSL_SECOP_PEER)
+
+void SSL_set_security_level(SSL *s, int level);
+__owur int SSL_get_security_level(const SSL *s);
+void SSL_set_security_callback(SSL *s,
+ int (*cb) (SSL *s, SSL_CTX *ctx, int op,
+ int bits, int nid, void *other,
+ void *ex));
+int (*SSL_get_security_callback(const SSL *s)) (SSL *s, SSL_CTX *ctx, int op,
+ int bits, int nid,
+ void *other, void *ex);
+void SSL_set0_security_ex_data(SSL *s, void *ex);
+__owur void *SSL_get0_security_ex_data(const SSL *s);
+
+void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+__owur int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *s, SSL_CTX *ctx, int op,
+ int bits, int nid, void *other,
+ void *ex));
+int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (SSL *s,
+ SSL_CTX *ctx,
+ int op, int bits,
+ int nid,
+ void *other,
+ void *ex);
+void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+__owur void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+
+# ifndef OPENSSL_NO_UNIT_TEST
+__owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_SSL_strings(void);
+
+/* Error codes for the SSL functions. */
+
+/* Function codes. */
+# define SSL_F_CHECK_SUITEB_CIPHER_LIST 331
+# define SSL_F_D2I_SSL_SESSION 103
+# define SSL_F_DO_DTLS1_WRITE 245
+# define SSL_F_DO_SSL3_WRITE 104
+# define SSL_F_DTLS1_ACCEPT 246
+# define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
+# define SSL_F_DTLS1_BUFFER_RECORD 247
+# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 318
+# define SSL_F_DTLS1_CLIENT_HELLO 248
+# define SSL_F_DTLS1_CONNECT 249
+# define SSL_F_DTLS1_ENC 250
+# define SSL_F_DTLS1_GET_HELLO_VERIFY 251
+# define SSL_F_DTLS1_GET_MESSAGE 252
+# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
+# define SSL_F_DTLS1_GET_RECORD 254
+# define SSL_F_DTLS1_HANDLE_TIMEOUT 297
+# define SSL_F_DTLS1_HEARTBEAT 305
+# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
+# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
+# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
+# define SSL_F_DTLS1_PROCESS_RECORD 257
+# define SSL_F_DTLS1_READ_BYTES 258
+# define SSL_F_DTLS1_READ_FAILED 259
+# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260
+# define SSL_F_DTLS1_SEND_CHANGE_CIPHER_SPEC 342
+# define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261
+# define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262
+# define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263
+# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264
+# define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265
+# define SSL_F_DTLS1_SEND_SERVER_HELLO 266
+# define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267
+# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
+# define SSL_F_SSL23_ACCEPT 115
+# define SSL_F_SSL23_CLIENT_HELLO 116
+# define SSL_F_SSL23_CONNECT 117
+# define SSL_F_SSL23_GET_CLIENT_HELLO 118
+# define SSL_F_SSL23_GET_SERVER_HELLO 119
+# define SSL_F_SSL23_PEEK 237
+# define SSL_F_SSL23_READ 120
+# define SSL_F_SSL23_WRITE 121
+# define SSL_F_SSL3_ACCEPT 128
+# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
+# define SSL_F_SSL3_CALLBACK_CTRL 233
+# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
+# define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
+# define SSL_F_SSL3_CLIENT_HELLO 131
+# define SSL_F_SSL3_CONNECT 132
+# define SSL_F_SSL3_CTRL 213
+# define SSL_F_SSL3_CTX_CTRL 133
+# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
+# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
+# define SSL_F_SSL3_ENC 134
+# define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
+# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
+# define SSL_F_SSL3_GET_CERT_STATUS 289
+# define SSL_F_SSL3_GET_CERT_VERIFY 136
+# define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
+# define SSL_F_SSL3_GET_CLIENT_HELLO 138
+# define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
+# define SSL_F_SSL3_GET_FINISHED 140
+# define SSL_F_SSL3_GET_KEY_EXCHANGE 141
+# define SSL_F_SSL3_GET_MESSAGE 142
+# define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
+# define SSL_F_SSL3_GET_NEXT_PROTO 306
+# define SSL_F_SSL3_GET_RECORD 143
+# define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
+# define SSL_F_SSL3_GET_SERVER_DONE 145
+# define SSL_F_SSL3_GET_SERVER_HELLO 146
+# define SSL_F_SSL3_HANDSHAKE_MAC 285
+# define SSL_F_SSL3_NEW_SESSION_TICKET 287
+# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+# define SSL_F_SSL3_PEEK 235
+# define SSL_F_SSL3_READ_BYTES 148
+# define SSL_F_SSL3_READ_N 149
+# define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
+# define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
+# define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
+# define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
+# define SSL_F_SSL3_SEND_FINISHED 343
+# define SSL_F_SSL3_SEND_HELLO_REQUEST 344
+# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
+# define SSL_F_SSL3_SEND_SERVER_DONE 345
+# define SSL_F_SSL3_SEND_SERVER_HELLO 242
+# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
+# define SSL_F_SSL3_SETUP_KEY_BLOCK 157
+# define SSL_F_SSL3_SETUP_READ_BUFFER 156
+# define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
+# define SSL_F_SSL3_WRITE_BYTES 158
+# define SSL_F_SSL3_WRITE_PENDING 159
+# define SSL_F_SSL_ADD_CERT_CHAIN 316
+# define SSL_F_SSL_ADD_CERT_TO_BUF 319
+# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
+# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
+# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
+# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
+# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
+# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
+# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
+# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
+# define SSL_F_SSL_BAD_METHOD 160
+# define SSL_F_SSL_BUILD_CERT_CHAIN 332
+# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+# define SSL_F_SSL_CERT_ADD0_CHAIN_CERT 339
+# define SSL_F_SSL_CERT_DUP 221
+# define SSL_F_SSL_CERT_INST 222
+# define SSL_F_SSL_CERT_INSTANTIATE 214
+# define SSL_F_SSL_CERT_NEW 162
+# define SSL_F_SSL_CERT_SET0_CHAIN 340
+# define SSL_F_SSL_CHECK_PRIVATE_KEY 163
+# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
+# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
+# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
+# define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
+# define SSL_F_SSL_CLEAR 164
+# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
+# define SSL_F_SSL_CONF_CMD 334
+# define SSL_F_SSL_CREATE_CIPHER_LIST 166
+# define SSL_F_SSL_CTRL 232
+# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
+# define SSL_F_SSL_CTX_MAKE_PROFILES 309
+# define SSL_F_SSL_CTX_NEW 169
+# define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
+# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
+# define SSL_F_SSL_CTX_SET_PURPOSE 226
+# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
+# define SSL_F_SSL_CTX_SET_SSL_VERSION 170
+# define SSL_F_SSL_CTX_SET_TRUST 229
+# define SSL_F_SSL_CTX_USE_CERTIFICATE 171
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
+# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
+# define SSL_F_SSL_CTX_USE_SERVERINFO 336
+# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE 337
+# define SSL_F_SSL_DO_HANDSHAKE 180
+# define SSL_F_SSL_GET_NEW_SESSION 181
+# define SSL_F_SSL_GET_PREV_SESSION 217
+# define SSL_F_SSL_GET_SERVER_CERT_INDEX 322
+# define SSL_F_SSL_GET_SERVER_SEND_CERT 182
+# define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
+# define SSL_F_SSL_GET_SIGN_PKEY 183
+# define SSL_F_SSL_INIT_WBIO_BUFFER 184
+# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
+# define SSL_F_SSL_NEW 186
+# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
+# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
+# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
+# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
+# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
+# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
+# define SSL_F_SSL_PEEK 270
+# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
+# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
+# define SSL_F_SSL_READ 223
+# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320
+# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321
+# define SSL_F_SSL_SESSION_NEW 189
+# define SSL_F_SSL_SESSION_PRINT_FP 190
+# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
+# define SSL_F_SSL_SESS_CERT_NEW 225
+# define SSL_F_SSL_SET_CERT 191
+# define SSL_F_SSL_SET_CIPHER_LIST 271
+# define SSL_F_SSL_SET_FD 192
+# define SSL_F_SSL_SET_PKEY 193
+# define SSL_F_SSL_SET_PURPOSE 227
+# define SSL_F_SSL_SET_RFD 194
+# define SSL_F_SSL_SET_SESSION 195
+# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
+# define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
+# define SSL_F_SSL_SET_TRUST 228
+# define SSL_F_SSL_SET_WFD 196
+# define SSL_F_SSL_SHUTDOWN 224
+# define SSL_F_SSL_SRP_CTX_INIT 313
+# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
+# define SSL_F_SSL_UNDEFINED_FUNCTION 197
+# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
+# define SSL_F_SSL_USE_CERTIFICATE 198
+# define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
+# define SSL_F_SSL_USE_CERTIFICATE_FILE 200
+# define SSL_F_SSL_USE_PRIVATEKEY 201
+# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
+# define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
+# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
+# define SSL_F_SSL_USE_RSAPRIVATEKEY 204
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
+# define SSL_F_SSL_VERIFY_CERT_CHAIN 207
+# define SSL_F_SSL_WRITE 208
+# define SSL_F_TLS12_CHECK_PEER_SIGALG 333
+# define SSL_F_TLS1_CERT_VERIFY_MAC 286
+# define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
+# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
+# define SSL_F_TLS1_ENC 210
+# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
+# define SSL_F_TLS1_GET_CURVELIST 338
+# define SSL_F_TLS1_HEARTBEAT 315
+# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
+# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
+# define SSL_F_TLS1_PRF 284
+# define SSL_F_TLS1_PROCESS_HEARTBEAT 341
+# define SSL_F_TLS1_SETUP_KEY_BLOCK 211
+# define SSL_F_TLS1_SET_SERVER_SIGALGS 335
+
+/* Reason codes. */
+# define SSL_R_APP_DATA_IN_HANDSHAKE 100
+# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+# define SSL_R_BAD_ALERT_RECORD 101
+# define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+# define SSL_R_BAD_DATA 390
+# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+# define SSL_R_BAD_DECOMPRESSION 107
+# define SSL_R_BAD_DH_G_LENGTH 108
+# define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
+# define SSL_R_BAD_DH_P_LENGTH 110
+# define SSL_R_BAD_DIGEST_LENGTH 111
+# define SSL_R_BAD_DSA_SIGNATURE 112
+# define SSL_R_BAD_ECC_CERT 304
+# define SSL_R_BAD_ECDSA_SIGNATURE 305
+# define SSL_R_BAD_ECPOINT 306
+# define SSL_R_BAD_HANDSHAKE_LENGTH 332
+# define SSL_R_BAD_HELLO_REQUEST 105
+# define SSL_R_BAD_LENGTH 271
+# define SSL_R_BAD_MAC_LENGTH 333
+# define SSL_R_BAD_MESSAGE_TYPE 114
+# define SSL_R_BAD_PACKET_LENGTH 115
+# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
+# define SSL_R_BAD_RSA_DECRYPT 118
+# define SSL_R_BAD_RSA_ENCRYPT 119
+# define SSL_R_BAD_RSA_E_LENGTH 120
+# define SSL_R_BAD_RSA_MODULUS_LENGTH 121
+# define SSL_R_BAD_RSA_SIGNATURE 122
+# define SSL_R_BAD_SIGNATURE 123
+# define SSL_R_BAD_SRP_A_LENGTH 347
+# define SSL_R_BAD_SRP_B_LENGTH 348
+# define SSL_R_BAD_SRP_G_LENGTH 349
+# define SSL_R_BAD_SRP_N_LENGTH 350
+# define SSL_R_BAD_SRP_PARAMETERS 371
+# define SSL_R_BAD_SRP_S_LENGTH 351
+# define SSL_R_BAD_SRTP_MKI_VALUE 352
+# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
+# define SSL_R_BAD_SSL_FILETYPE 124
+# define SSL_R_BAD_VALUE 384
+# define SSL_R_BAD_WRITE_RETRY 127
+# define SSL_R_BIO_NOT_SET 128
+# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
+# define SSL_R_BN_LIB 130
+# define SSL_R_CA_DN_LENGTH_MISMATCH 131
+# define SSL_R_CA_DN_TOO_LONG 132
+# define SSL_R_CA_KEY_TOO_SMALL 397
+# define SSL_R_CA_MD_TOO_WEAK 398
+# define SSL_R_CCS_RECEIVED_EARLY 133
+# define SSL_R_CERTIFICATE_VERIFY_FAILED 134
+# define SSL_R_CERT_CB_ERROR 377
+# define SSL_R_CERT_LENGTH_MISMATCH 135
+# define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
+# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
+# define SSL_R_CLIENTHELLO_TLSEXT 226
+# define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
+# define SSL_R_COMPRESSION_DISABLED 343
+# define SSL_R_COMPRESSION_FAILURE 141
+# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
+# define SSL_R_COMPRESSION_LIBRARY_ERROR 142
+# define SSL_R_CONNECTION_TYPE_NOT_SET 144
+# define SSL_R_COOKIE_MISMATCH 308
+# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
+# define SSL_R_DATA_LENGTH_TOO_LONG 146
+# define SSL_R_DECRYPTION_FAILED 147
+# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
+# define SSL_R_DH_KEY_TOO_SMALL 394
+# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
+# define SSL_R_DIGEST_CHECK_FAILED 149
+# define SSL_R_DTLS_MESSAGE_TOO_BIG 334
+# define SSL_R_DUPLICATE_COMPRESSION_ID 309
+# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
+# define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
+# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
+# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
+# define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE 374
+# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
+# define SSL_R_EE_KEY_TOO_SMALL 399
+# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
+# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
+# define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
+# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
+# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
+# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
+# define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
+# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
+# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
+# define SSL_R_HTTPS_PROXY_REQUEST 155
+# define SSL_R_HTTP_REQUEST 156
+# define SSL_R_ILLEGAL_SUITEB_DIGEST 380
+# define SSL_R_INAPPROPRIATE_FALLBACK 373
+# define SSL_R_INCONSISTENT_COMPRESSION 340
+# define SSL_R_INVALID_COMMAND 280
+# define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
+# define SSL_R_INVALID_NULL_CMD_NAME 385
+# define SSL_R_INVALID_PURPOSE 278
+# define SSL_R_INVALID_SERVERINFO_DATA 388
+# define SSL_R_INVALID_SRP_USERNAME 357
+# define SSL_R_INVALID_STATUS_RESPONSE 328
+# define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
+# define SSL_R_INVALID_TRUST 279
+# define SSL_R_KRB5 285
+# define SSL_R_KRB5_C_CC_PRINC 286
+# define SSL_R_KRB5_C_GET_CRED 287
+# define SSL_R_KRB5_C_INIT 288
+# define SSL_R_KRB5_C_MK_REQ 289
+# define SSL_R_KRB5_S_BAD_TICKET 290
+# define SSL_R_KRB5_S_INIT 291
+# define SSL_R_KRB5_S_RD_REQ 292
+# define SSL_R_KRB5_S_TKT_EXPIRED 293
+# define SSL_R_KRB5_S_TKT_NYV 294
+# define SSL_R_KRB5_S_TKT_SKEW 295
+# define SSL_R_LENGTH_MISMATCH 159
+# define SSL_R_LENGTH_TOO_SHORT 160
+# define SSL_R_LIBRARY_BUG 274
+# define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
+# define SSL_R_MISSING_DH_DSA_CERT 162
+# define SSL_R_MISSING_DH_KEY 163
+# define SSL_R_MISSING_DH_RSA_CERT 164
+# define SSL_R_MISSING_DSA_SIGNING_CERT 165
+# define SSL_R_MISSING_ECDH_CERT 382
+# define SSL_R_MISSING_ECDSA_SIGNING_CERT 381
+# define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
+# define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
+# define SSL_R_MISSING_RSA_CERTIFICATE 168
+# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
+# define SSL_R_MISSING_RSA_SIGNING_CERT 170
+# define SSL_R_MISSING_SRP_PARAM 358
+# define SSL_R_MISSING_TMP_DH_KEY 171
+# define SSL_R_MISSING_TMP_ECDH_KEY 311
+# define SSL_R_MISSING_TMP_RSA_KEY 172
+# define SSL_R_MISSING_TMP_RSA_PKEY 173
+# define SSL_R_MISSING_VERIFY_MESSAGE 174
+# define SSL_R_MULTIPLE_SGC_RESTARTS 346
+# define SSL_R_NO_CERTIFICATES_RETURNED 176
+# define SSL_R_NO_CERTIFICATE_ASSIGNED 177
+# define SSL_R_NO_CERTIFICATE_RETURNED 178
+# define SSL_R_NO_CERTIFICATE_SET 179
+# define SSL_R_NO_CIPHERS_AVAILABLE 181
+# define SSL_R_NO_CIPHERS_PASSED 182
+# define SSL_R_NO_CIPHERS_SPECIFIED 183
+# define SSL_R_NO_CIPHER_MATCH 185
+# define SSL_R_NO_CLIENT_CERT_METHOD 331
+# define SSL_R_NO_CLIENT_CERT_RECEIVED 186
+# define SSL_R_NO_COMPRESSION_SPECIFIED 187
+# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
+# define SSL_R_NO_METHOD_SPECIFIED 188
+# define SSL_R_NO_PEM_EXTENSIONS 389
+# define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
+# define SSL_R_NO_PROTOCOLS_AVAILABLE 191
+# define SSL_R_NO_RENEGOTIATION 339
+# define SSL_R_NO_REQUIRED_DIGEST 324
+# define SSL_R_NO_SHARED_CIPHER 193
+# define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS 376
+# define SSL_R_NO_SRTP_PROFILES 359
+# define SSL_R_NO_VERIFY_CALLBACK 194
+# define SSL_R_NULL_SSL_CTX 195
+# define SSL_R_NULL_SSL_METHOD_PASSED 196
+# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
+# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+# define SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE 387
+# define SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE 379
+# define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
+# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
+# define SSL_R_PACKET_LENGTH_TOO_LONG 198
+# define SSL_R_PARSE_TLSEXT 227
+# define SSL_R_PATH_TOO_LONG 270
+# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
+# define SSL_R_PEM_NAME_BAD_PREFIX 391
+# define SSL_R_PEM_NAME_TOO_SHORT 392
+# define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
+# define SSL_R_PROTOCOL_IS_SHUTDOWN 207
+# define SSL_R_PSK_IDENTITY_NOT_FOUND 223
+# define SSL_R_PSK_NO_CLIENT_CB 224
+# define SSL_R_PSK_NO_SERVER_CB 225
+# define SSL_R_READ_BIO_NOT_SET 211
+# define SSL_R_READ_TIMEOUT_EXPIRED 312
+# define SSL_R_RECORD_LENGTH_MISMATCH 213
+# define SSL_R_RECORD_TOO_LARGE 214
+# define SSL_R_RECORD_TOO_SMALL 298
+# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
+# define SSL_R_RENEGOTIATION_ENCODING_ERR 336
+# define SSL_R_RENEGOTIATION_MISMATCH 337
+# define SSL_R_REQUIRED_CIPHER_MISSING 215
+# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
+# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
+# define SSL_R_SERVERHELLO_TLSEXT 275
+# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
+# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
+# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+# define SSL_R_SRP_A_CALC 361
+# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
+# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
+# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
+# define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
+# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
+# define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
+# define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
+# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
+# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
+# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
+# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
+# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
+# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
+# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
+# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
+# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
+# define SSL_R_SSL_HANDSHAKE_FAILURE 229
+# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
+# define SSL_R_SSL_NEGATIVE_LENGTH 372
+# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
+# define SSL_R_SSL_SESSION_ID_CONFLICT 302
+# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
+# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
+# define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
+# define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
+# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
+# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
+# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
+# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
+# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
+# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
+# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
+# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
+# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
+# define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
+# define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
+# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
+# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
+# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
+# define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
+# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
+# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
+# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
+# define SSL_R_TLS_HEARTBEAT_PENDING 366
+# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
+# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
+# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
+# define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
+# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
+# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
+# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
+# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
+# define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
+# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
+# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
+# define SSL_R_UNEXPECTED_MESSAGE 244
+# define SSL_R_UNEXPECTED_RECORD 245
+# define SSL_R_UNINITIALIZED 276
+# define SSL_R_UNKNOWN_ALERT_TYPE 246
+# define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
+# define SSL_R_UNKNOWN_CIPHER_RETURNED 248
+# define SSL_R_UNKNOWN_CIPHER_TYPE 249
+# define SSL_R_UNKNOWN_CMD_NAME 386
+# define SSL_R_UNKNOWN_DIGEST 368
+# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
+# define SSL_R_UNKNOWN_PKEY_TYPE 251
+# define SSL_R_UNKNOWN_PROTOCOL 252
+# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
+# define SSL_R_UNKNOWN_SSL_VERSION 254
+# define SSL_R_UNKNOWN_STATE 255
+# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
+# define SSL_R_UNSUPPORTED_CIPHER 256
+# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
+# define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
+# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
+# define SSL_R_UNSUPPORTED_PROTOCOL 258
+# define SSL_R_UNSUPPORTED_SSL_VERSION 259
+# define SSL_R_UNSUPPORTED_STATUS_TYPE 329
+# define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
+# define SSL_R_VERSION_TOO_LOW 396
+# define SSL_R_WRONG_CERTIFICATE_TYPE 383
+# define SSL_R_WRONG_CIPHER_RETURNED 261
+# define SSL_R_WRONG_CURVE 378
+# define SSL_R_WRONG_MESSAGE_TYPE 262
+# define SSL_R_WRONG_SIGNATURE_LENGTH 264
+# define SSL_R_WRONG_SIGNATURE_SIZE 265
+# define SSL_R_WRONG_SIGNATURE_TYPE 370
+# define SSL_R_WRONG_SSL_VERSION 266
+# define SSL_R_WRONG_VERSION_NUMBER 267
+# define SSL_R_X509_LIB 268
+# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ssl/ssl2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL2_H
+# define HEADER_SSL2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define SSL2_VERSION 0x0002
+
+# define SSL2_MT_CLIENT_HELLO 1
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ssl/ssl23.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL23_H
+# define HEADER_SSL23_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * client
+ */
+/* write to server */
+# define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
+# define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
+/* read from server */
+# define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
+# define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
+
+/* server */
+/* read from client */
+# define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
+# define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ssl/ssl3.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_SSL3_H
+# define HEADER_SSL3_H
+
+# ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+# endif
+# include <openssl/buffer.h>
+# include <openssl/evp.h>
+# include <openssl/ssl.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Signalling cipher suite value from RFC 5746
+ * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
+ */
+# define SSL3_CK_SCSV 0x030000FF
+
+/*
+ * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
+ * (TLS_FALLBACK_SCSV)
+ */
+# define SSL3_CK_FALLBACK_SCSV 0x03005600
+
+# define SSL3_CK_RSA_NULL_MD5 0x03000001
+# define SSL3_CK_RSA_NULL_SHA 0x03000002
+# define SSL3_CK_RSA_RC4_40_MD5 0x03000003
+# define SSL3_CK_RSA_RC4_128_MD5 0x03000004
+# define SSL3_CK_RSA_RC4_128_SHA 0x03000005
+# define SSL3_CK_RSA_RC2_40_MD5 0x03000006
+# define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
+# define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
+# define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
+# define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
+
+# define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
+# define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
+# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
+# define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
+# define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
+# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
+
+# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA 0x03000011
+# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA SSL3_CK_DHE_DSS_DES_40_CBC_SHA
+# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA 0x03000012
+# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA SSL3_CK_DHE_DSS_DES_64_CBC_SHA
+# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA 0x03000013
+# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA SSL3_CK_DHE_DSS_DES_192_CBC3_SHA
+# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA 0x03000014
+# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA SSL3_CK_DHE_RSA_DES_40_CBC_SHA
+# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA 0x03000015
+# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA SSL3_CK_DHE_RSA_DES_64_CBC_SHA
+# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA 0x03000016
+# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA SSL3_CK_DHE_RSA_DES_192_CBC3_SHA
+
+# define SSL3_CK_ADH_RC4_40_MD5 0x03000017
+# define SSL3_CK_ADH_RC4_128_MD5 0x03000018
+# define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
+# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
+# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
+
+/*
+ * VRS Additional Kerberos5 entries
+ */
+# define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
+# define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
+# define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
+# define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
+# define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
+# define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
+# define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
+# define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
+
+# define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
+# define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
+# define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
+# define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
+# define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
+# define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
+
+# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
+# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
+# define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
+# define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
+# define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
+# define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
+# define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
+# define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
+# define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
+# define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
+
+# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
+
+# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA "EXP-DHE-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA "DHE-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA "DHE-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA "EXP-DHE-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA "DHE-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA "DHE-RSA-DES-CBC3-SHA"
+
+/*
+ * This next block of six "EDH" labels is for backward compatibility with
+ * older versions of OpenSSL. New code should use the six "DHE" labels above
+ * instead:
+ */
+# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
+
+# define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
+# define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
+# define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
+# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
+# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
+
+# define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
+# define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
+# define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
+# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
+# define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
+# define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
+# define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
+# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
+
+# define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
+# define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
+# define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
+# define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
+# define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
+# define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
+
+# define SSL3_SSL_SESSION_ID_LENGTH 32
+# define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
+
+# define SSL3_MASTER_SECRET_SIZE 48
+# define SSL3_RANDOM_SIZE 32
+# define SSL3_SESSION_ID_SIZE 32
+# define SSL3_RT_HEADER_LENGTH 5
+
+# define SSL3_HM_HEADER_LENGTH 4
+
+# ifndef SSL3_ALIGN_PAYLOAD
+ /*
+ * Some will argue that this increases memory footprint, but it's not
+ * actually true. Point is that malloc has to return at least 64-bit aligned
+ * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
+ * Suggested pre-gaping simply moves these wasted bytes from the end of
+ * allocated region to its front, but makes data payload aligned, which
+ * improves performance:-)
+ */
+# define SSL3_ALIGN_PAYLOAD 8
+# else
+# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
+# error "insane SSL3_ALIGN_PAYLOAD"
+# undef SSL3_ALIGN_PAYLOAD
+# endif
+# endif
+
+/*
+ * This is the maximum MAC (digest) size used by the SSL library. Currently
+ * maximum of 20 is used by SHA1, but we reserve for future extension for
+ * 512-bit hashes.
+ */
+
+# define SSL3_RT_MAX_MD_SIZE 64
+
+/*
+ * Maximum block size used in all ciphersuites. Currently 16 for AES.
+ */
+
+# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
+
+# define SSL3_RT_MAX_EXTRA (16384)
+
+/* Maximum plaintext length: defined by SSL/TLS standards */
+# define SSL3_RT_MAX_PLAIN_LENGTH 16384
+/* Maximum compression overhead: defined by SSL/TLS standards */
+# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
+
+/*
+ * The standards give a maximum encryption overhead of 1024 bytes. In
+ * practice the value is lower than this. The overhead is the maximum number
+ * of padding bytes (256) plus the mac size.
+ */
+# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
+
+/*
+ * OpenSSL currently only uses a padding length of at most one block so the
+ * send overhead is smaller.
+ */
+
+# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
+ (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
+
+/* If compression isn't used don't include the compression overhead */
+
+# ifdef OPENSSL_NO_COMP
+# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
+# else
+# define SSL3_RT_MAX_COMPRESSED_LENGTH \
+ (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
+# endif
+# define SSL3_RT_MAX_ENCRYPTED_LENGTH \
+ (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
+# define SSL3_RT_MAX_PACKET_SIZE \
+ (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
+
+# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
+# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
+
+# define SSL3_VERSION 0x0300
+# define SSL3_VERSION_MAJOR 0x03
+# define SSL3_VERSION_MINOR 0x00
+
+# define SSL3_RT_CHANGE_CIPHER_SPEC 20
+# define SSL3_RT_ALERT 21
+# define SSL3_RT_HANDSHAKE 22
+# define SSL3_RT_APPLICATION_DATA 23
+# define TLS1_RT_HEARTBEAT 24
+
+/* Pseudo content types to indicate additional parameters */
+# define TLS1_RT_CRYPTO 0x1000
+# define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
+# define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
+# define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
+# define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
+
+# define TLS1_RT_CRYPTO_READ 0x0000
+# define TLS1_RT_CRYPTO_WRITE 0x0100
+# define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
+# define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
+# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
+# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
+
+/* Pseudo content type for SSL/TLS header info */
+# define SSL3_RT_HEADER 0x100
+
+# define SSL3_AL_WARNING 1
+# define SSL3_AL_FATAL 2
+
+# define SSL3_AD_CLOSE_NOTIFY 0
+# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */
+# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */
+# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */
+# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */
+# define SSL3_AD_NO_CERTIFICATE 41
+# define SSL3_AD_BAD_CERTIFICATE 42
+# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+# define SSL3_AD_CERTIFICATE_REVOKED 44
+# define SSL3_AD_CERTIFICATE_EXPIRED 45
+# define SSL3_AD_CERTIFICATE_UNKNOWN 46
+# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */
+
+# define TLS1_HB_REQUEST 1
+# define TLS1_HB_RESPONSE 2
+
+
+# define SSL3_CT_RSA_SIGN 1
+# define SSL3_CT_DSS_SIGN 2
+# define SSL3_CT_RSA_FIXED_DH 3
+# define SSL3_CT_DSS_FIXED_DH 4
+# define SSL3_CT_RSA_EPHEMERAL_DH 5
+# define SSL3_CT_DSS_EPHEMERAL_DH 6
+# define SSL3_CT_FORTEZZA_DMS 20
+/*
+ * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
+ * contain all of the cert types defined either for SSLv3 and TLSv1.
+ */
+# define SSL3_CT_NUMBER 9
+
+# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
+# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
+# define SSL3_FLAGS_POP_BUFFER 0x0004
+# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
+# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
+# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
+/*
+ * Set when the handshake is ready to process peer's ChangeCipherSpec message.
+ * Cleared after the message has been processed.
+ */
+# define SSL3_FLAGS_CCS_OK 0x0080
+
+/* Set if we encrypt then mac instead of usual mac then encrypt */
+# define TLS1_FLAGS_ENCRYPT_THEN_MAC 0x0100
+
+
+/* SSLv3 */
+/*
+ * client
+ */
+/* extra state */
+# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
+# ifndef OPENSSL_NO_SCTP
+# define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
+# define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
+# endif
+/* write to server */
+# define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
+/* read from server */
+# define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
+# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
+# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
+# define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
+# define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
+/* write to server */
+# define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
+# define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
+# define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
+# ifndef OPENSSL_NO_NEXTPROTONEG
+# define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
+# define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
+# endif
+# define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
+# define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
+/* read from server */
+# define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
+# define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT)
+
+/* server */
+/* extra state */
+# define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
+# ifndef OPENSSL_NO_SCTP
+# define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
+# define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
+# endif
+/* read from client */
+/* Do not change the number values, they do matter */
+# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CLNT_HELLO_D (0x115|SSL_ST_ACCEPT)
+/* write to client */
+# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
+# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
+/* read from client */
+# define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
+# ifndef OPENSSL_NO_NEXTPROTONEG
+# define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
+# endif
+# define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
+/* write to client */
+# define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT)
+
+# define SSL3_MT_HELLO_REQUEST 0
+# define SSL3_MT_CLIENT_HELLO 1
+# define SSL3_MT_SERVER_HELLO 2
+# define SSL3_MT_NEWSESSION_TICKET 4
+# define SSL3_MT_CERTIFICATE 11
+# define SSL3_MT_SERVER_KEY_EXCHANGE 12
+# define SSL3_MT_CERTIFICATE_REQUEST 13
+# define SSL3_MT_SERVER_DONE 14
+# define SSL3_MT_CERTIFICATE_VERIFY 15
+# define SSL3_MT_CLIENT_KEY_EXCHANGE 16
+# define SSL3_MT_FINISHED 20
+# define SSL3_MT_CERTIFICATE_STATUS 22
+# ifndef OPENSSL_NO_NEXTPROTONEG
+# define SSL3_MT_NEXT_PROTO 67
+# endif
+# define DTLS1_MT_HELLO_VERIFY_REQUEST 3
+
+# define SSL3_MT_CCS 1
+
+/* These are used when changing over to a new cipher */
+# define SSL3_CC_READ 0x01
+# define SSL3_CC_WRITE 0x02
+# define SSL3_CC_CLIENT 0x10
+# define SSL3_CC_SERVER 0x20
+# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
+# define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
+# define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
+# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/stack/stack.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_STACK_H
+# define HEADER_STACK_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct stack_st _STACK; /* Use STACK_OF(...) instead */
+
+int sk_num(const _STACK *);
+void *sk_value(const _STACK *, int);
+
+void *sk_set(_STACK *, int, void *);
+
+_STACK *sk_new(int (*cmp) (const void *, const void *));
+_STACK *sk_new_null(void);
+void sk_free(_STACK *);
+void sk_pop_free(_STACK *st, void (*func) (void *));
+_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
+int sk_insert(_STACK *sk, void *data, int where);
+void *sk_delete(_STACK *st, int loc);
+void *sk_delete_ptr(_STACK *st, void *p);
+int sk_find(_STACK *st, void *data);
+int sk_find_ex(_STACK *st, void *data);
+int sk_push(_STACK *st, void *data);
+int sk_unshift(_STACK *st, void *data);
+void *sk_shift(_STACK *st);
+void *sk_pop(_STACK *st);
+void sk_zero(_STACK *st);
+int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+ (const void *, const void *);
+_STACK *sk_dup(_STACK *st);
+void sk_sort(_STACK *st);
+int sk_is_sorted(const _STACK *st);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/store/store.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_STORE_H
+# define HEADER_STORE_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_STORE
+# error STORE is disabled.
+# endif
+
+# include <openssl/ossl_typ.h>
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/x509.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct store_st STORE; */
+/* typedef struct store_method_st STORE_METHOD; */
+
+/*
+ * All the following functions return 0, a negative number or NULL on error.
+ * When everything is fine, they return a positive value or a non-NULL
+ * pointer, all depending on their purpose.
+ */
+
+/* Creators and destructor. */
+STORE *STORE_new_method(const STORE_METHOD *method);
+STORE *STORE_new_engine(ENGINE *engine);
+void STORE_free(STORE *ui);
+
+/*
+ * Give a user interface parametrised control commands. This can be used to
+ * send down an integer, a data pointer or a function pointer, as well as be
+ * used to get information from a STORE.
+ */
+int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void));
+
+/*
+ * A control to set the directory with keys and certificates. Used by the
+ * built-in directory level method.
+ */
+# define STORE_CTRL_SET_DIRECTORY 0x0001
+/*
+ * A control to set a file to load. Used by the built-in file level method.
+ */
+# define STORE_CTRL_SET_FILE 0x0002
+/*
+ * A control to set a configuration file to load. Can be used by any method
+ * that wishes to load a configuration file.
+ */
+# define STORE_CTRL_SET_CONF_FILE 0x0003
+/*
+ * A control to set a the section of the loaded configuration file. Can be
+ * used by any method that wishes to load a configuration file.
+ */
+# define STORE_CTRL_SET_CONF_SECTION 0x0004
+
+/* Some methods may use extra data */
+# define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg)
+# define STORE_get_app_data(s) STORE_get_ex_data(s,0)
+int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int STORE_set_ex_data(STORE *r, int idx, void *arg);
+void *STORE_get_ex_data(STORE *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+const STORE_METHOD *STORE_get_method(STORE *store);
+const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
+
+/* The standard OpenSSL methods. */
+/*
+ * This is the in-memory method. It does everything except revoking and
+ * updating, and is of course volatile. It's used by other methods that have
+ * an in-memory cache.
+ */
+const STORE_METHOD *STORE_Memory(void);
+# if 0 /* Not yet implemented */
+/*
+ * This is the directory store. It does everything except revoking and
+ * updating, and uses STORE_Memory() to cache things in memory.
+ */
+const STORE_METHOD *STORE_Directory(void);
+/*
+ * This is the file store. It does everything except revoking and updating,
+ * and uses STORE_Memory() to cache things in memory. Certificates are added
+ * to it with the store operation, and it will only get cached certificates.
+ */
+const STORE_METHOD *STORE_File(void);
+# endif
+
+/*
+ * Store functions take a type code for the type of data they should store or
+ * fetch
+ */
+typedef enum STORE_object_types {
+ STORE_OBJECT_TYPE_X509_CERTIFICATE = 0x01, /* X509 * */
+ STORE_OBJECT_TYPE_X509_CRL = 0x02, /* X509_CRL * */
+ STORE_OBJECT_TYPE_PRIVATE_KEY = 0x03, /* EVP_PKEY * */
+ STORE_OBJECT_TYPE_PUBLIC_KEY = 0x04, /* EVP_PKEY * */
+ STORE_OBJECT_TYPE_NUMBER = 0x05, /* BIGNUM * */
+ STORE_OBJECT_TYPE_ARBITRARY = 0x06, /* BUF_MEM * */
+ STORE_OBJECT_TYPE_NUM = 0x06 /* The amount of known object types */
+} STORE_OBJECT_TYPES;
+/* List of text strings corresponding to the object types. */
+extern const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1];
+
+/*
+ * Some store functions take a parameter list. Those parameters come with
+ * one of the following codes. The comments following the codes below
+ * indicate what type the value should be a pointer to.
+ */
+typedef enum STORE_params {
+ STORE_PARAM_EVP_TYPE = 0x01, /* int */
+ STORE_PARAM_BITS = 0x02, /* size_t */
+ STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */
+ STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */
+ STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */
+ STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */
+ STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */
+} STORE_PARAM_TYPES;
+/*
+ * Parameter value sizes. -1 means unknown, anything else is the required
+ * size.
+ */
+extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1];
+
+/*
+ * Store functions take attribute lists. Those attributes come with codes.
+ * The comments following the codes below indicate what type the value should
+ * be a pointer to.
+ */
+typedef enum STORE_attribs {
+ STORE_ATTR_END = 0x00,
+ STORE_ATTR_FRIENDLYNAME = 0x01, /* C string */
+ STORE_ATTR_KEYID = 0x02, /* 160 bit string (SHA1) */
+ STORE_ATTR_ISSUERKEYID = 0x03, /* 160 bit string (SHA1) */
+ STORE_ATTR_SUBJECTKEYID = 0x04, /* 160 bit string (SHA1) */
+ STORE_ATTR_ISSUERSERIALHASH = 0x05, /* 160 bit string (SHA1) */
+ STORE_ATTR_ISSUER = 0x06, /* X509_NAME * */
+ STORE_ATTR_SERIAL = 0x07, /* BIGNUM * */
+ STORE_ATTR_SUBJECT = 0x08, /* X509_NAME * */
+ STORE_ATTR_CERTHASH = 0x09, /* 160 bit string (SHA1) */
+ STORE_ATTR_EMAIL = 0x0a, /* C string */
+ STORE_ATTR_FILENAME = 0x0b, /* C string */
+ STORE_ATTR_TYPE_NUM = 0x0b, /* The amount of known attribute types */
+ STORE_ATTR_OR = 0xff /* This is a special separator, which
+ * expresses the OR operation. */
+} STORE_ATTR_TYPES;
+/*
+ * Attribute value sizes. -1 means unknown, anything else is the required
+ * size.
+ */
+extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1];
+
+typedef enum STORE_certificate_status {
+ STORE_X509_VALID = 0x00,
+ STORE_X509_EXPIRED = 0x01,
+ STORE_X509_SUSPENDED = 0x02,
+ STORE_X509_REVOKED = 0x03
+} STORE_CERTIFICATE_STATUS;
+
+/*
+ * Engine store functions will return a structure that contains all the
+ * necessary information, including revokation status for certificates. This
+ * is really not needed for application authors, as the ENGINE framework
+ * functions will extract the OpenSSL-specific information when at all
+ * possible. However, for engine authors, it's crucial to know this
+ * structure.
+ */
+typedef struct STORE_OBJECT_st {
+ STORE_OBJECT_TYPES type;
+ union {
+ struct {
+ STORE_CERTIFICATE_STATUS status;
+ X509 *certificate;
+ } x509;
+ X509_CRL *crl;
+ EVP_PKEY *key;
+ BIGNUM *number;
+ BUF_MEM *arbitrary;
+ } data;
+} STORE_OBJECT;
+DECLARE_STACK_OF(STORE_OBJECT)
+STORE_OBJECT *STORE_OBJECT_new(void);
+void STORE_OBJECT_free(STORE_OBJECT *data);
+
+/*
+ * The following functions handle the storage. They return 0, a negative
+ * number or NULL on error, anything else on success.
+ */
+X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+X509 *STORE_list_certificate_next(STORE *e, void *handle);
+int STORE_list_certificate_end(STORE *e, void *handle);
+int STORE_list_certificate_endp(STORE *e, void *handle);
+EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_private_key(STORE *e, EVP_PKEY *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
+int STORE_list_private_key_end(STORE *e, void *handle);
+int STORE_list_private_key_endp(STORE *e, void *handle);
+EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_public_key(STORE *e, EVP_PKEY *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
+int STORE_list_public_key_end(STORE *e, void *handle);
+int STORE_list_public_key_endp(STORE *e, void *handle);
+X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
+int STORE_list_crl_end(STORE *e, void *handle);
+int STORE_list_crl_endp(STORE *e, void *handle);
+int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_sttributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+
+/* Create and manipulate methods */
+STORE_METHOD *STORE_create_method(char *name);
+void STORE_destroy_method(STORE_METHOD *store_method);
+
+/* These callback types are use for store handlers */
+typedef int (*STORE_INITIALISE_FUNC_PTR) (STORE *);
+typedef void (*STORE_CLEANUP_FUNC_PTR) (STORE *);
+typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *,
+ STORE_OBJECT_TYPES
+ type,
+ OPENSSL_ITEM
+ attributes[],
+ OPENSSL_ITEM
+ parameters[]);
+typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *,
+ STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
+typedef int (*STORE_END_OBJECT_FUNC_PTR) (STORE *, void *handle);
+typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_STORE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+ STORE_OBJECT *data,
+ OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+ OPENSSL_ITEM search_attributes[],
+ OPENSSL_ITEM add_attributes[],
+ OPENSSL_ITEM modify_attributes[],
+ OPENSSL_ITEM delete_attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_GENERIC_FUNC_PTR) (STORE *, OPENSSL_ITEM attributes[],
+ OPENSSL_ITEM parameters[]);
+typedef int (*STORE_CTRL_FUNC_PTR) (STORE *, int cmd, long l, void *p,
+ void (*f) (void));
+
+int STORE_method_set_initialise_function(STORE_METHOD *sm,
+ STORE_INITIALISE_FUNC_PTR init_f);
+int STORE_method_set_cleanup_function(STORE_METHOD *sm,
+ STORE_CLEANUP_FUNC_PTR clean_f);
+int STORE_method_set_generate_function(STORE_METHOD *sm,
+ STORE_GENERATE_OBJECT_FUNC_PTR
+ generate_f);
+int STORE_method_set_get_function(STORE_METHOD *sm,
+ STORE_GET_OBJECT_FUNC_PTR get_f);
+int STORE_method_set_store_function(STORE_METHOD *sm,
+ STORE_STORE_OBJECT_FUNC_PTR store_f);
+int STORE_method_set_modify_function(STORE_METHOD *sm,
+ STORE_MODIFY_OBJECT_FUNC_PTR store_f);
+int STORE_method_set_revoke_function(STORE_METHOD *sm,
+ STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
+int STORE_method_set_delete_function(STORE_METHOD *sm,
+ STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
+int STORE_method_set_list_start_function(STORE_METHOD *sm,
+ STORE_START_OBJECT_FUNC_PTR
+ list_start_f);
+int STORE_method_set_list_next_function(STORE_METHOD *sm,
+ STORE_NEXT_OBJECT_FUNC_PTR
+ list_next_f);
+int STORE_method_set_list_end_function(STORE_METHOD *sm,
+ STORE_END_OBJECT_FUNC_PTR list_end_f);
+int STORE_method_set_update_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_lock_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
+ STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_ctrl_function(STORE_METHOD *sm,
+ STORE_CTRL_FUNC_PTR ctrl_f);
+
+STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
+ *sm);
+STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
+STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
+ *sm);
+STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
+STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
+STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
+ *sm);
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
+ *sm);
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
+ *sm);
+STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
+ *sm);
+STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
+ *sm);
+STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD
+ *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
+ *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
+ *sm);
+STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
+
+/* Method helper structures and functions. */
+
+/*
+ * This structure is the result of parsing through the information in a list
+ * of OPENSSL_ITEMs. It stores all the necessary information in a structured
+ * way.
+ */
+typedef struct STORE_attr_info_st STORE_ATTR_INFO;
+
+/*
+ * Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
+ * Note that we do this in the list form, since the list of OPENSSL_ITEMs can
+ * come in blocks separated with STORE_ATTR_OR. Note that the value returned
+ * by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free().
+ */
+void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
+STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
+int STORE_parse_attrs_end(void *handle);
+int STORE_parse_attrs_endp(void *handle);
+
+/* Creator and destructor */
+STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
+int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
+
+/* Manipulators */
+char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code);
+int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ char *cstr, size_t cstr_size);
+int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ unsigned char *sha1str, size_t sha1str_size);
+int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ X509_NAME *dn);
+int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ BIGNUM *number);
+int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ char *cstr, size_t cstr_size);
+int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code,
+ unsigned char *sha1str,
+ size_t sha1str_size);
+int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+ X509_NAME *dn);
+int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
+ STORE_ATTR_TYPES code, BIGNUM *number);
+
+/*
+ * Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values in
+ * each contained attribute.
+ */
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
+ const STORE_ATTR_INFO *const *b);
+/*
+ * Check if the set of attributes in a is within the range of attributes set
+ * in b.
+ */
+int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+/* Check if the set of attributes in a are also set in b. */
+int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
+int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_STORE_strings(void);
+
+/* Error codes for the STORE functions. */
+
+/* Function codes. */
+# define STORE_F_MEM_DELETE 134
+# define STORE_F_MEM_GENERATE 135
+# define STORE_F_MEM_LIST_END 168
+# define STORE_F_MEM_LIST_NEXT 136
+# define STORE_F_MEM_LIST_START 137
+# define STORE_F_MEM_MODIFY 169
+# define STORE_F_MEM_STORE 138
+# define STORE_F_STORE_ATTR_INFO_GET0_CSTR 139
+# define STORE_F_STORE_ATTR_INFO_GET0_DN 140
+# define STORE_F_STORE_ATTR_INFO_GET0_NUMBER 141
+# define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR 142
+# define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR 143
+# define STORE_F_STORE_ATTR_INFO_MODIFY_DN 144
+# define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER 145
+# define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR 146
+# define STORE_F_STORE_ATTR_INFO_SET_CSTR 147
+# define STORE_F_STORE_ATTR_INFO_SET_DN 148
+# define STORE_F_STORE_ATTR_INFO_SET_NUMBER 149
+# define STORE_F_STORE_ATTR_INFO_SET_SHA1STR 150
+# define STORE_F_STORE_CERTIFICATE 170
+# define STORE_F_STORE_CTRL 161
+# define STORE_F_STORE_DELETE_ARBITRARY 158
+# define STORE_F_STORE_DELETE_CERTIFICATE 102
+# define STORE_F_STORE_DELETE_CRL 103
+# define STORE_F_STORE_DELETE_NUMBER 104
+# define STORE_F_STORE_DELETE_PRIVATE_KEY 105
+# define STORE_F_STORE_DELETE_PUBLIC_KEY 106
+# define STORE_F_STORE_GENERATE_CRL 107
+# define STORE_F_STORE_GENERATE_KEY 108
+# define STORE_F_STORE_GET_ARBITRARY 159
+# define STORE_F_STORE_GET_CERTIFICATE 109
+# define STORE_F_STORE_GET_CRL 110
+# define STORE_F_STORE_GET_NUMBER 111
+# define STORE_F_STORE_GET_PRIVATE_KEY 112
+# define STORE_F_STORE_GET_PUBLIC_KEY 113
+# define STORE_F_STORE_LIST_CERTIFICATE_END 114
+# define STORE_F_STORE_LIST_CERTIFICATE_ENDP 153
+# define STORE_F_STORE_LIST_CERTIFICATE_NEXT 115
+# define STORE_F_STORE_LIST_CERTIFICATE_START 116
+# define STORE_F_STORE_LIST_CRL_END 117
+# define STORE_F_STORE_LIST_CRL_ENDP 154
+# define STORE_F_STORE_LIST_CRL_NEXT 118
+# define STORE_F_STORE_LIST_CRL_START 119
+# define STORE_F_STORE_LIST_PRIVATE_KEY_END 120
+# define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP 155
+# define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT 121
+# define STORE_F_STORE_LIST_PRIVATE_KEY_START 122
+# define STORE_F_STORE_LIST_PUBLIC_KEY_END 123
+# define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP 156
+# define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT 124
+# define STORE_F_STORE_LIST_PUBLIC_KEY_START 125
+# define STORE_F_STORE_MODIFY_ARBITRARY 162
+# define STORE_F_STORE_MODIFY_CERTIFICATE 163
+# define STORE_F_STORE_MODIFY_CRL 164
+# define STORE_F_STORE_MODIFY_NUMBER 165
+# define STORE_F_STORE_MODIFY_PRIVATE_KEY 166
+# define STORE_F_STORE_MODIFY_PUBLIC_KEY 167
+# define STORE_F_STORE_NEW_ENGINE 133
+# define STORE_F_STORE_NEW_METHOD 132
+# define STORE_F_STORE_PARSE_ATTRS_END 151
+# define STORE_F_STORE_PARSE_ATTRS_ENDP 172
+# define STORE_F_STORE_PARSE_ATTRS_NEXT 152
+# define STORE_F_STORE_PARSE_ATTRS_START 171
+# define STORE_F_STORE_REVOKE_CERTIFICATE 129
+# define STORE_F_STORE_REVOKE_PRIVATE_KEY 130
+# define STORE_F_STORE_REVOKE_PUBLIC_KEY 131
+# define STORE_F_STORE_STORE_ARBITRARY 157
+# define STORE_F_STORE_STORE_CERTIFICATE 100
+# define STORE_F_STORE_STORE_CRL 101
+# define STORE_F_STORE_STORE_NUMBER 126
+# define STORE_F_STORE_STORE_PRIVATE_KEY 127
+# define STORE_F_STORE_STORE_PUBLIC_KEY 128
+
+/* Reason codes. */
+# define STORE_R_ALREADY_HAS_A_VALUE 127
+# define STORE_R_FAILED_DELETING_ARBITRARY 132
+# define STORE_R_FAILED_DELETING_CERTIFICATE 100
+# define STORE_R_FAILED_DELETING_KEY 101
+# define STORE_R_FAILED_DELETING_NUMBER 102
+# define STORE_R_FAILED_GENERATING_CRL 103
+# define STORE_R_FAILED_GENERATING_KEY 104
+# define STORE_R_FAILED_GETTING_ARBITRARY 133
+# define STORE_R_FAILED_GETTING_CERTIFICATE 105
+# define STORE_R_FAILED_GETTING_KEY 106
+# define STORE_R_FAILED_GETTING_NUMBER 107
+# define STORE_R_FAILED_LISTING_CERTIFICATES 108
+# define STORE_R_FAILED_LISTING_KEYS 109
+# define STORE_R_FAILED_MODIFYING_ARBITRARY 138
+# define STORE_R_FAILED_MODIFYING_CERTIFICATE 139
+# define STORE_R_FAILED_MODIFYING_CRL 140
+# define STORE_R_FAILED_MODIFYING_NUMBER 141
+# define STORE_R_FAILED_MODIFYING_PRIVATE_KEY 142
+# define STORE_R_FAILED_MODIFYING_PUBLIC_KEY 143
+# define STORE_R_FAILED_REVOKING_CERTIFICATE 110
+# define STORE_R_FAILED_REVOKING_KEY 111
+# define STORE_R_FAILED_STORING_ARBITRARY 134
+# define STORE_R_FAILED_STORING_CERTIFICATE 112
+# define STORE_R_FAILED_STORING_KEY 113
+# define STORE_R_FAILED_STORING_NUMBER 114
+# define STORE_R_NOT_IMPLEMENTED 128
+# define STORE_R_NO_CONTROL_FUNCTION 144
+# define STORE_R_NO_DELETE_ARBITRARY_FUNCTION 135
+# define STORE_R_NO_DELETE_NUMBER_FUNCTION 115
+# define STORE_R_NO_DELETE_OBJECT_FUNCTION 116
+# define STORE_R_NO_GENERATE_CRL_FUNCTION 117
+# define STORE_R_NO_GENERATE_OBJECT_FUNCTION 118
+# define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION 136
+# define STORE_R_NO_GET_OBJECT_FUNCTION 119
+# define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION 120
+# define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION 131
+# define STORE_R_NO_LIST_OBJECT_END_FUNCTION 121
+# define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION 122
+# define STORE_R_NO_LIST_OBJECT_START_FUNCTION 123
+# define STORE_R_NO_MODIFY_OBJECT_FUNCTION 145
+# define STORE_R_NO_REVOKE_OBJECT_FUNCTION 124
+# define STORE_R_NO_STORE 129
+# define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION 137
+# define STORE_R_NO_STORE_OBJECT_FUNCTION 125
+# define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION 126
+# define STORE_R_NO_VALUE 130
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SYMHACKS_H
+# define HEADER_SYMHACKS_H
+
+# include <openssl/e_os2.h>
+
+/*
+ * Hacks to solve the problem with linkers incapable of handling very long
+ * symbol names. In the case of VMS, the limit is 31 characters on VMS for
+ * VAX.
+ */
+/*
+ * Note that this affects util/libeay.num and util/ssleay.num... you may
+ * change those manually, but that's not recommended, as those files are
+ * controlled centrally and updated on Unix, and the central definition may
+ * disagree with yours, which in turn may come with shareable library
+ * incompatibilities.
+ */
+# ifdef OPENSSL_SYS_VMS
+
+/* Hack a long name in crypto/ex_data.c */
+# undef CRYPTO_get_ex_data_implementation
+# define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl
+# undef CRYPTO_set_ex_data_implementation
+# define CRYPTO_set_ex_data_implementation CRYPTO_set_ex_data_impl
+
+/* Hack a long name in crypto/asn1/a_mbstr.c */
+# undef ASN1_STRING_set_default_mask_asc
+# define ASN1_STRING_set_default_mask_asc ASN1_STRING_set_def_mask_asc
+
+/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
+# undef PEM_read_NETSCAPE_CERT_SEQUENCE
+# define PEM_read_NETSCAPE_CERT_SEQUENCE PEM_read_NS_CERT_SEQ
+# undef PEM_write_NETSCAPE_CERT_SEQUENCE
+# define PEM_write_NETSCAPE_CERT_SEQUENCE PEM_write_NS_CERT_SEQ
+# undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
+# define PEM_read_bio_NETSCAPE_CERT_SEQUENCE PEM_read_bio_NS_CERT_SEQ
+# undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
+# define PEM_write_bio_NETSCAPE_CERT_SEQUENCE PEM_write_bio_NS_CERT_SEQ
+# undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
+# define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE PEM_write_cb_bio_NS_CERT_SEQ
+
+/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
+# undef PEM_read_PKCS8_PRIV_KEY_INFO
+# define PEM_read_PKCS8_PRIV_KEY_INFO PEM_read_P8_PRIV_KEY_INFO
+# undef PEM_write_PKCS8_PRIV_KEY_INFO
+# define PEM_write_PKCS8_PRIV_KEY_INFO PEM_write_P8_PRIV_KEY_INFO
+# undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
+# define PEM_read_bio_PKCS8_PRIV_KEY_INFO PEM_read_bio_P8_PRIV_KEY_INFO
+# undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
+# define PEM_write_bio_PKCS8_PRIV_KEY_INFO PEM_write_bio_P8_PRIV_KEY_INFO
+# undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
+# define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
+
+/* Hack other PEM names */
+# undef PEM_write_bio_PKCS8PrivateKey_nid
+# define PEM_write_bio_PKCS8PrivateKey_nid PEM_write_bio_PKCS8PrivKey_nid
+
+/* Hack some long X509 names */
+# undef X509_REVOKED_get_ext_by_critical
+# define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic
+# undef X509_policy_tree_get0_user_policies
+# define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies
+# undef X509_policy_node_get0_qualifiers
+# define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
+# undef X509_STORE_CTX_get_explicit_policy
+# define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy
+# undef X509_STORE_CTX_get0_current_issuer
+# define X509_STORE_CTX_get0_current_issuer X509_STORE_CTX_get0_cur_issuer
+
+/* Hack some long CRYPTO names */
+# undef CRYPTO_set_dynlock_destroy_callback
+# define CRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_destroy_cb
+# undef CRYPTO_set_dynlock_create_callback
+# define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb
+# undef CRYPTO_set_dynlock_lock_callback
+# define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
+# undef CRYPTO_get_dynlock_lock_callback
+# define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
+# undef CRYPTO_get_dynlock_destroy_callback
+# define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb
+# undef CRYPTO_get_dynlock_create_callback
+# define CRYPTO_get_dynlock_create_callback CRYPTO_get_dynlock_create_cb
+# undef CRYPTO_set_locked_mem_ex_functions
+# define CRYPTO_set_locked_mem_ex_functions CRYPTO_set_locked_mem_ex_funcs
+# undef CRYPTO_get_locked_mem_ex_functions
+# define CRYPTO_get_locked_mem_ex_functions CRYPTO_get_locked_mem_ex_funcs
+
+/* Hack some long SSL/TLS names */
+# undef SSL_CTX_set_default_verify_paths
+# define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
+# undef SSL_get_ex_data_X509_STORE_CTX_idx
+# define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx
+# undef SSL_add_file_cert_subjects_to_stack
+# define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk
+# undef SSL_add_dir_cert_subjects_to_stack
+# define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk
+# undef SSL_CTX_use_certificate_chain_file
+# define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
+# undef SSL_CTX_set_cert_verify_callback
+# define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
+# undef SSL_CTX_set_default_passwd_cb_userdata
+# define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
+# undef SSL_COMP_get_compression_methods
+# define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
+# undef ssl_add_clienthello_renegotiate_ext
+# define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
+# undef ssl_add_serverhello_renegotiate_ext
+# define ssl_add_serverhello_renegotiate_ext ssl_add_serverhello_reneg_ext
+# undef ssl_parse_clienthello_renegotiate_ext
+# define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
+# undef ssl_parse_serverhello_renegotiate_ext
+# define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
+# undef SSL_srp_server_param_with_username
+# define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
+# undef SSL_CTX_set_srp_client_pwd_callback
+# define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
+# undef SSL_CTX_set_srp_verify_param_callback
+# define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
+# undef SSL_CTX_set_srp_username_callback
+# define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
+# undef ssl_add_clienthello_use_srtp_ext
+# define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
+# undef ssl_add_serverhello_use_srtp_ext
+# define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
+# undef ssl_parse_clienthello_use_srtp_ext
+# define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
+# undef ssl_parse_serverhello_use_srtp_ext
+# define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
+# undef SSL_CTX_set_next_protos_advertised_cb
+# define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
+# undef SSL_CTX_set_next_proto_select_cb
+# define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
+# undef SSL_CTX_set_not_resumable_session_callback
+# define SSL_CTX_set_not_resumable_session_callback \
+ SSL_CTX_set_not_resumbl_sess_cb
+# undef SSL_set_not_resumable_session_callback
+# define SSL_set_not_resumable_session_callback SSL_set_not_resumbl_sess_cb
+# undef ssl_check_clienthello_tlsext_late
+# define ssl_check_clienthello_tlsext_late ssl_chk_clienthello_tlsext_late
+# undef ssl3_cbc_record_digest_supported
+# define ssl3_cbc_record_digest_supported ssl3_cbc_rcd_digest_supported
+# undef SSL_COMP_set0_compression_methods
+# define SSL_COMP_set0_compression_methods SSL_COMP_set0_compr_methods
+# undef SSL_COMP_free_compression_methods
+# define SSL_COMP_free_compression_methods SSL_COMP_free_compr_methods
+
+/* Hack some long ENGINE names */
+# undef ENGINE_get_default_BN_mod_exp_crt
+# define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt
+# undef ENGINE_set_default_BN_mod_exp_crt
+# define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt
+# undef ENGINE_set_load_privkey_function
+# define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
+# undef ENGINE_get_load_privkey_function
+# define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
+# undef ENGINE_unregister_pkey_asn1_meths
+# define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths
+# undef ENGINE_register_all_pkey_asn1_meths
+# define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths
+# undef ENGINE_set_default_pkey_asn1_meths
+# define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths
+# undef ENGINE_get_pkey_asn1_meth_engine
+# define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng
+# undef ENGINE_set_load_ssl_client_cert_function
+# define ENGINE_set_load_ssl_client_cert_function \
+ ENGINE_set_ld_ssl_clnt_cert_fn
+# undef ENGINE_get_ssl_client_cert_function
+# define ENGINE_get_ssl_client_cert_function ENGINE_get_ssl_client_cert_fn
+
+/* Hack some long OCSP names */
+# undef OCSP_REQUEST_get_ext_by_critical
+# define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
+# undef OCSP_BASICRESP_get_ext_by_critical
+# define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit
+# undef OCSP_SINGLERESP_get_ext_by_critical
+# define OCSP_SINGLERESP_get_ext_by_critical OCSP_SINGLERESP_get_ext_by_crit
+
+/* Hack some long EVP names */
+# undef OPENSSL_add_all_algorithms_noconf
+# define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf
+# undef OPENSSL_add_all_algorithms_conf
+# define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf
+# undef EVP_PKEY_meth_set_verify_recover
+# define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover
+
+/* Hack some long EC names */
+# undef EC_GROUP_set_point_conversion_form
+# define EC_GROUP_set_point_conversion_form EC_GROUP_set_point_conv_form
+# undef EC_GROUP_get_point_conversion_form
+# define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
+# undef EC_GROUP_clear_free_all_extra_data
+# define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
+# undef EC_KEY_set_public_key_affine_coordinates
+# define EC_KEY_set_public_key_affine_coordinates \
+ EC_KEY_set_pub_key_aff_coords
+# undef EC_POINT_set_Jprojective_coordinates_GFp
+# define EC_POINT_set_Jprojective_coordinates_GFp \
+ EC_POINT_set_Jproj_coords_GFp
+# undef EC_POINT_get_Jprojective_coordinates_GFp
+# define EC_POINT_get_Jprojective_coordinates_GFp \
+ EC_POINT_get_Jproj_coords_GFp
+# undef EC_POINT_set_affine_coordinates_GFp
+# define EC_POINT_set_affine_coordinates_GFp EC_POINT_set_affine_coords_GFp
+# undef EC_POINT_get_affine_coordinates_GFp
+# define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp
+# undef EC_POINT_set_compressed_coordinates_GFp
+# define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp
+# undef EC_POINT_set_affine_coordinates_GF2m
+# define EC_POINT_set_affine_coordinates_GF2m EC_POINT_set_affine_coords_GF2m
+# undef EC_POINT_get_affine_coordinates_GF2m
+# define EC_POINT_get_affine_coordinates_GF2m EC_POINT_get_affine_coords_GF2m
+# undef EC_POINT_set_compressed_coordinates_GF2m
+# define EC_POINT_set_compressed_coordinates_GF2m \
+ EC_POINT_set_compr_coords_GF2m
+# undef ec_GF2m_simple_group_clear_finish
+# define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
+# undef ec_GF2m_simple_group_check_discriminant
+# define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
+# undef ec_GF2m_simple_point_clear_finish
+# define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
+# undef ec_GF2m_simple_point_set_to_infinity
+# define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
+# undef ec_GF2m_simple_points_make_affine
+# define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
+# undef ec_GF2m_simple_point_set_affine_coordinates
+# define ec_GF2m_simple_point_set_affine_coordinates \
+ ec_GF2m_smp_pt_set_af_coords
+# undef ec_GF2m_simple_point_get_affine_coordinates
+# define ec_GF2m_simple_point_get_affine_coordinates \
+ ec_GF2m_smp_pt_get_af_coords
+# undef ec_GF2m_simple_set_compressed_coordinates
+# define ec_GF2m_simple_set_compressed_coordinates \
+ ec_GF2m_smp_set_compr_coords
+# undef ec_GFp_simple_group_set_curve_GFp
+# define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp
+# undef ec_GFp_simple_group_get_curve_GFp
+# define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
+# undef ec_GFp_simple_group_clear_finish
+# define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
+# undef ec_GFp_simple_group_set_generator
+# define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator
+# undef ec_GFp_simple_group_get0_generator
+# define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator
+# undef ec_GFp_simple_group_get_cofactor
+# define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
+# undef ec_GFp_simple_point_clear_finish
+# define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
+# undef ec_GFp_simple_point_set_to_infinity
+# define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
+# undef ec_GFp_simple_points_make_affine
+# define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
+# undef ec_GFp_simple_set_Jprojective_coordinates_GFp
+# define ec_GFp_simple_set_Jprojective_coordinates_GFp \
+ ec_GFp_smp_set_Jproj_coords_GFp
+# undef ec_GFp_simple_get_Jprojective_coordinates_GFp
+# define ec_GFp_simple_get_Jprojective_coordinates_GFp \
+ ec_GFp_smp_get_Jproj_coords_GFp
+# undef ec_GFp_simple_point_set_affine_coordinates_GFp
+# define ec_GFp_simple_point_set_affine_coordinates_GFp \
+ ec_GFp_smp_pt_set_af_coords_GFp
+# undef ec_GFp_simple_point_get_affine_coordinates_GFp
+# define ec_GFp_simple_point_get_affine_coordinates_GFp \
+ ec_GFp_smp_pt_get_af_coords_GFp
+# undef ec_GFp_simple_set_compressed_coordinates_GFp
+# define ec_GFp_simple_set_compressed_coordinates_GFp \
+ ec_GFp_smp_set_compr_coords_GFp
+# undef ec_GFp_simple_point_set_affine_coordinates
+# define ec_GFp_simple_point_set_affine_coordinates \
+ ec_GFp_smp_pt_set_af_coords
+# undef ec_GFp_simple_point_get_affine_coordinates
+# define ec_GFp_simple_point_get_affine_coordinates \
+ ec_GFp_smp_pt_get_af_coords
+# undef ec_GFp_simple_set_compressed_coordinates
+# define ec_GFp_simple_set_compressed_coordinates \
+ ec_GFp_smp_set_compr_coords
+# undef ec_GFp_simple_group_check_discriminant
+# define ec_GFp_simple_group_check_discriminant ec_GFp_simple_grp_chk_discrim
+
+/* Hack som long STORE names */
+# undef STORE_method_set_initialise_function
+# define STORE_method_set_initialise_function STORE_meth_set_initialise_fn
+# undef STORE_method_set_cleanup_function
+# define STORE_method_set_cleanup_function STORE_meth_set_cleanup_fn
+# undef STORE_method_set_generate_function
+# define STORE_method_set_generate_function STORE_meth_set_generate_fn
+# undef STORE_method_set_modify_function
+# define STORE_method_set_modify_function STORE_meth_set_modify_fn
+# undef STORE_method_set_revoke_function
+# define STORE_method_set_revoke_function STORE_meth_set_revoke_fn
+# undef STORE_method_set_delete_function
+# define STORE_method_set_delete_function STORE_meth_set_delete_fn
+# undef STORE_method_set_list_start_function
+# define STORE_method_set_list_start_function STORE_meth_set_list_start_fn
+# undef STORE_method_set_list_next_function
+# define STORE_method_set_list_next_function STORE_meth_set_list_next_fn
+# undef STORE_method_set_list_end_function
+# define STORE_method_set_list_end_function STORE_meth_set_list_end_fn
+# undef STORE_method_set_update_store_function
+# define STORE_method_set_update_store_function STORE_meth_set_update_store_fn
+# undef STORE_method_set_lock_store_function
+# define STORE_method_set_lock_store_function STORE_meth_set_lock_store_fn
+# undef STORE_method_set_unlock_store_function
+# define STORE_method_set_unlock_store_function STORE_meth_set_unlock_store_fn
+# undef STORE_method_get_initialise_function
+# define STORE_method_get_initialise_function STORE_meth_get_initialise_fn
+# undef STORE_method_get_cleanup_function
+# define STORE_method_get_cleanup_function STORE_meth_get_cleanup_fn
+# undef STORE_method_get_generate_function
+# define STORE_method_get_generate_function STORE_meth_get_generate_fn
+# undef STORE_method_get_modify_function
+# define STORE_method_get_modify_function STORE_meth_get_modify_fn
+# undef STORE_method_get_revoke_function
+# define STORE_method_get_revoke_function STORE_meth_get_revoke_fn
+# undef STORE_method_get_delete_function
+# define STORE_method_get_delete_function STORE_meth_get_delete_fn
+# undef STORE_method_get_list_start_function
+# define STORE_method_get_list_start_function STORE_meth_get_list_start_fn
+# undef STORE_method_get_list_next_function
+# define STORE_method_get_list_next_function STORE_meth_get_list_next_fn
+# undef STORE_method_get_list_end_function
+# define STORE_method_get_list_end_function STORE_meth_get_list_end_fn
+# undef STORE_method_get_update_store_function
+# define STORE_method_get_update_store_function STORE_meth_get_update_store_fn
+# undef STORE_method_get_lock_store_function
+# define STORE_method_get_lock_store_function STORE_meth_get_lock_store_fn
+# undef STORE_method_get_unlock_store_function
+# define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn
+
+/* Hack some long TS names */
+# undef TS_RESP_CTX_set_status_info_cond
+# define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond
+# undef TS_RESP_CTX_set_clock_precision_digits
+# define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits
+# undef TS_CONF_set_clock_precision_digits
+# define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits
+
+/* Hack some long CMS names */
+# undef CMS_RecipientInfo_ktri_get0_algs
+# define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs
+# undef CMS_RecipientInfo_ktri_get0_signer_id
+# define CMS_RecipientInfo_ktri_get0_signer_id CMS_RecipInfo_ktri_get0_sigr_id
+# undef CMS_OtherRevocationInfoFormat_it
+# define CMS_OtherRevocationInfoFormat_it CMS_OtherRevocInfoFormat_it
+# undef CMS_KeyAgreeRecipientIdentifier_it
+# define CMS_KeyAgreeRecipientIdentifier_it CMS_KeyAgreeRecipIdentifier_it
+# undef CMS_OriginatorIdentifierOrKey_it
+# define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it
+# undef cms_SignerIdentifier_get0_signer_id
+# define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id
+# undef CMS_RecipientInfo_kari_get0_orig_id
+# define CMS_RecipientInfo_kari_get0_orig_id CMS_RecipInfo_kari_get0_orig_id
+# undef CMS_RecipientInfo_kari_get0_reks
+# define CMS_RecipientInfo_kari_get0_reks CMS_RecipInfo_kari_get0_reks
+# undef CMS_RecipientInfo_kari_set0_pkey
+# define CMS_RecipientInfo_kari_set0_pkey CMS_RecipInfo_kari_set0_pkey
+# undef CMS_RecipientInfo_kari_orig_id_cmp
+# define CMS_RecipientInfo_kari_orig_id_cmp CMS_RecipInfo_kari_orig_id_cmp
+# undef CMS_RecipientEncryptedKey_cert_cmp
+# define CMS_RecipientEncryptedKey_cert_cmp CMS_RecipEncryptedKey_cert_cmp
+# undef CMS_RecipientEncryptedKey_get0_id
+# define CMS_RecipientEncryptedKey_get0_id CMS_RecipEncryptedKey_get0_id
+
+/* Hack some long DTLS1 names */
+# undef dtls1_retransmit_buffered_messages
+# define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
+
+/* Hack some long SRP names */
+# undef SRP_generate_server_master_secret
+# define SRP_generate_server_master_secret SRP_gen_server_master_secret
+# undef SRP_generate_client_master_secret
+# define SRP_generate_client_master_secret SRP_gen_client_master_secret
+
+/* Hack some long UI names */
+# undef UI_method_get_prompt_constructor
+# define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
+# undef UI_method_set_prompt_constructor
+# define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
+
+/* Hack some long RSA names */
+# undef RSA_padding_check_PKCS1_OAEP_mgf1
+# define RSA_padding_check_PKCS1_OAEP_mgf1 RSA_padding_chk_PKCS1_OAEP_mgf1
+
+# endif /* defined OPENSSL_SYS_VMS */
+
+/* Case insensitive linking causes problems.... */
+# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
+# undef ERR_load_CRYPTO_strings
+# define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
+# undef OCSP_crlID_new
+# define OCSP_crlID_new OCSP_crlID2_new
+
+# undef d2i_ECPARAMETERS
+# define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
+# undef i2d_ECPARAMETERS
+# define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
+# undef d2i_ECPKPARAMETERS
+# define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
+# undef i2d_ECPKPARAMETERS
+# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
+
+/*
+ * These functions do not seem to exist! However, I'm paranoid... Original
+ * command in x509v3.h: These functions are being redefined in another
+ * directory, and clash when the linker is case-insensitive, so let's hide
+ * them a little, by giving them an extra 'o' at the beginning of the name...
+ */
+# undef X509v3_cleanup_extensions
+# define X509v3_cleanup_extensions oX509v3_cleanup_extensions
+# undef X509v3_add_extension
+# define X509v3_add_extension oX509v3_add_extension
+# undef X509v3_add_netscape_extensions
+# define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
+# undef X509v3_add_standard_extensions
+# define X509v3_add_standard_extensions oX509v3_add_standard_extensions
+
+/* This one clashes with CMS_data_create */
+# undef cms_Data_create
+# define cms_Data_create priv_cms_Data_create
+
+# endif
+
+#endif /* ! defined HEADER_VMS_IDHACKS_H */
--- /dev/null
+/* ssl/tls1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_TLS1_H
+# define HEADER_TLS1_H
+
+# include <openssl/buffer.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Default security level if not overriden at config time */
+# ifndef OPENSSL_TLS_SECURITY_LEVEL
+# define OPENSSL_TLS_SECURITY_LEVEL 1
+# endif
+
+# define TLS1_VERSION 0x0301
+# define TLS1_1_VERSION 0x0302
+# define TLS1_2_VERSION 0x0303
+# define TLS_MAX_VERSION TLS1_2_VERSION
+
+# define TLS1_VERSION_MAJOR 0x03
+# define TLS1_VERSION_MINOR 0x01
+
+# define TLS1_1_VERSION_MAJOR 0x03
+# define TLS1_1_VERSION_MINOR 0x02
+
+# define TLS1_2_VERSION_MAJOR 0x03
+# define TLS1_2_VERSION_MINOR 0x03
+
+# define TLS1_get_version(s) \
+ ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
+
+# define TLS1_get_client_version(s) \
+ ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
+
+# define TLS1_AD_DECRYPTION_FAILED 21
+# define TLS1_AD_RECORD_OVERFLOW 22
+# define TLS1_AD_UNKNOWN_CA 48/* fatal */
+# define TLS1_AD_ACCESS_DENIED 49/* fatal */
+# define TLS1_AD_DECODE_ERROR 50/* fatal */
+# define TLS1_AD_DECRYPT_ERROR 51
+# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */
+# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
+# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
+# define TLS1_AD_INTERNAL_ERROR 80/* fatal */
+# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
+# define TLS1_AD_USER_CANCELLED 90
+# define TLS1_AD_NO_RENEGOTIATION 100
+/* codes 110-114 are from RFC3546 */
+# define TLS1_AD_UNSUPPORTED_EXTENSION 110
+# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
+# define TLS1_AD_UNRECOGNIZED_NAME 112
+# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
+# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
+# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
+
+/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
+# define TLSEXT_TYPE_server_name 0
+# define TLSEXT_TYPE_max_fragment_length 1
+# define TLSEXT_TYPE_client_certificate_url 2
+# define TLSEXT_TYPE_trusted_ca_keys 3
+# define TLSEXT_TYPE_truncated_hmac 4
+# define TLSEXT_TYPE_status_request 5
+/* ExtensionType values from RFC4681 */
+# define TLSEXT_TYPE_user_mapping 6
+/* ExtensionType values from RFC5878 */
+# define TLSEXT_TYPE_client_authz 7
+# define TLSEXT_TYPE_server_authz 8
+/* ExtensionType values from RFC6091 */
+# define TLSEXT_TYPE_cert_type 9
+
+/* ExtensionType values from RFC4492 */
+# define TLSEXT_TYPE_elliptic_curves 10
+# define TLSEXT_TYPE_ec_point_formats 11
+
+/* ExtensionType value from RFC5054 */
+# define TLSEXT_TYPE_srp 12
+
+/* ExtensionType values from RFC5246 */
+# define TLSEXT_TYPE_signature_algorithms 13
+
+/* ExtensionType value from RFC5764 */
+# define TLSEXT_TYPE_use_srtp 14
+
+/* ExtensionType value from RFC5620 */
+# define TLSEXT_TYPE_heartbeat 15
+
+/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */
+# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
+
+/*
+ * ExtensionType value for TLS padding extension.
+ * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
+ * http://tools.ietf.org/html/draft-agl-tls-padding-03
+ */
+# define TLSEXT_TYPE_padding 21
+/*
+ * Extension type for Encrypt-then-MAC
+ * http://www.ietf.org/id/draft-ietf-tls-encrypt-then-mac-02.txt
+ */
+# define TLSEXT_TYPE_encrypt_then_mac 22
+/*
+ * Extended master secret extension.
+ * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
+ * https://tools.ietf.org/id/draft-ietf-tls-session-hash-03.txt
+ */
+# define TLSEXT_TYPE_extended_master_secret 23
+
+/* ExtensionType value from RFC4507 */
+# define TLSEXT_TYPE_session_ticket 35
+
+/* Temporary extension type */
+# define TLSEXT_TYPE_renegotiate 0xff01
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This is not an IANA defined extension number */
+# define TLSEXT_TYPE_next_proto_neg 13172
+# endif
+
+/* NameType value from RFC 3546 */
+# define TLSEXT_NAMETYPE_host_name 0
+/* status request value from RFC 3546 */
+# define TLSEXT_STATUSTYPE_ocsp 1
+
+/* ECPointFormat values from draft-ietf-tls-ecc-12 */
+# define TLSEXT_ECPOINTFORMAT_first 0
+# define TLSEXT_ECPOINTFORMAT_uncompressed 0
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
+# define TLSEXT_ECPOINTFORMAT_last 2
+
+/* Signature and hash algorithms from RFC 5246 */
+
+# define TLSEXT_signature_anonymous 0
+# define TLSEXT_signature_rsa 1
+# define TLSEXT_signature_dsa 2
+# define TLSEXT_signature_ecdsa 3
+
+/* Total number of different signature algorithms */
+# define TLSEXT_signature_num 4
+
+# define TLSEXT_hash_none 0
+# define TLSEXT_hash_md5 1
+# define TLSEXT_hash_sha1 2
+# define TLSEXT_hash_sha224 3
+# define TLSEXT_hash_sha256 4
+# define TLSEXT_hash_sha384 5
+# define TLSEXT_hash_sha512 6
+
+/* Total number of different digest algorithms */
+
+# define TLSEXT_hash_num 7
+
+/* Flag set for unrecognised algorithms */
+# define TLSEXT_nid_unknown 0x1000000
+
+/* ECC curves */
+
+# define TLSEXT_curve_P_256 23
+# define TLSEXT_curve_P_384 24
+
+# ifndef OPENSSL_NO_TLSEXT
+
+# define TLSEXT_MAXLEN_host_name 255
+
+__owur const char *SSL_get_servername(const SSL *s, const int type);
+__owur int SSL_get_servername_type(const SSL *s);
+/*
+ * SSL_export_keying_material exports a value derived from the master secret,
+ * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+ * optional context. (Since a zero length context is allowed, the |use_context|
+ * flag controls whether a context is included.) It returns 1 on success and
+ * zero otherwise.
+ */
+__owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *p, size_t plen,
+ int use_context);
+
+int SSL_get_sigalgs(SSL *s, int idx,
+ int *psign, int *phash, int *psignandhash,
+ unsigned char *rsig, unsigned char *rhash);
+
+int SSL_get_shared_sigalgs(SSL *s, int idx,
+ int *psign, int *phash, int *psignandhash,
+ unsigned char *rsig, unsigned char *rhash);
+
+__owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
+
+# define SSL_set_tlsext_host_name(s,name) \
+SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
+
+# define SSL_set_tlsext_debug_callback(ssl, cb) \
+SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
+
+# define SSL_set_tlsext_debug_arg(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
+
+# define SSL_set_tlsext_status_type(ssl, type) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
+
+# define SSL_get_tlsext_status_exts(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
+
+# define SSL_set_tlsext_status_exts(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
+
+# define SSL_get_tlsext_status_ids(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
+
+# define SSL_set_tlsext_status_ids(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
+
+# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
+
+# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
+
+# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
+SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
+
+# define SSL_TLSEXT_ERR_OK 0
+# define SSL_TLSEXT_ERR_ALERT_WARNING 1
+# define SSL_TLSEXT_ERR_ALERT_FATAL 2
+# define SSL_TLSEXT_ERR_NOACK 3
+
+# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
+
+# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
+# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
+
+# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
+SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
+
+# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
+
+# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
+
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_TLSEXT_HB_ENABLED 0x01
+# define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
+# define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
+
+# define SSL_get_tlsext_heartbeat_pending(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
+# define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
+ SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
+# endif
+# endif
+
+/* PSK ciphersuites from 4279 */
+# define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
+# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
+# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
+# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
+
+/* AES ciphersuites from RFC3268 */
+
+# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
+# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
+# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
+# define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
+
+# define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
+# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
+# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
+# define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
+# define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
+# define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
+# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
+# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
+# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
+# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
+# define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
+# define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
+# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
+
+/* SEED ciphersuites from RFC4162 */
+# define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
+# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
+# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
+# define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
+# define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
+# define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
+# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
+# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
+# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
+# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
+# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
+# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
+# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
+# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
+# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
+# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
+# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
+# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
+
+# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
+# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
+
+/*
+ * ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
+ * draft 13
+ */
+# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
+# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
+# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
+
+# define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
+# define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
+# define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
+
+# define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
+# define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
+# define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
+
+# define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
+# define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
+# define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
+
+# define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
+# define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
+# define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
+# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
+# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
+
+/* SRP ciphersuites from RFC 5054 */
+# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
+# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
+# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
+# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
+# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
+
+/* Camellia-CBC ciphersuites from RFC6367 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
+# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
+# define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C074
+# define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C075
+# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C076
+# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C077
+# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
+# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
+
+/*
+ * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
+ * ciphers names with "EDH" instead of "DHE". Going forward, we should be
+ * using DHE everywhere, though we may indefinitely maintain aliases for
+ * users or configurations that used "EDH"
+ */
+# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
+# define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
+# define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
+# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
+# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
+# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
+
+/* AES ciphersuites from RFC3268 */
+# define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
+# define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
+
+# define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
+# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
+
+/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
+# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
+
+# define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
+
+# define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
+
+# define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
+
+# define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
+
+/* PSK ciphersuites from RFC 4279 */
+# define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
+# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
+
+/* SRP ciphersuite from RFC 5054 */
+# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
+
+# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
+
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
+
+# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
+
+/* SEED ciphersuites from RFC4162 */
+# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
+# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
+# define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
+# define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
+
+/* Camellia-CBC ciphersuites from RFC6367 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-ECDSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-ECDSA-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-RSA-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
+
+# define TLS_CT_RSA_SIGN 1
+# define TLS_CT_DSS_SIGN 2
+# define TLS_CT_RSA_FIXED_DH 3
+# define TLS_CT_DSS_FIXED_DH 4
+# define TLS_CT_ECDSA_SIGN 64
+# define TLS_CT_RSA_FIXED_ECDH 65
+# define TLS_CT_ECDSA_FIXED_ECDH 66
+# define TLS_CT_GOST94_SIGN 21
+# define TLS_CT_GOST01_SIGN 22
+/*
+ * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+ * comment there)
+ */
+# define TLS_CT_NUMBER 9
+
+# define TLS1_FINISH_MAC_LENGTH 12
+
+# define TLS_MD_MAX_CONST_SIZE 22
+# define TLS_MD_CLIENT_FINISH_CONST "client finished"
+# define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
+# define TLS_MD_SERVER_FINISH_CONST "server finished"
+# define TLS_MD_SERVER_FINISH_CONST_SIZE 15
+# define TLS_MD_KEY_EXPANSION_CONST "key expansion"
+# define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
+# define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
+# define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
+# define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
+# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
+# define TLS_MD_IV_BLOCK_CONST "IV block"
+# define TLS_MD_IV_BLOCK_CONST_SIZE 8
+# define TLS_MD_MASTER_SECRET_CONST "master secret"
+# define TLS_MD_MASTER_SECRET_CONST_SIZE 13
+# define TLS_MD_EXTENDED_MASTER_SECRET_CONST "extended master secret"
+# define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE 22
+
+# ifdef CHARSET_EBCDIC
+# undef TLS_MD_CLIENT_FINISH_CONST
+/*
+ * client finished
+ */
+# define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
+# undef TLS_MD_SERVER_FINISH_CONST
+/*
+ * server finished
+ */
+# define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
+# undef TLS_MD_SERVER_WRITE_KEY_CONST
+/*
+ * server write key
+ */
+# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+# undef TLS_MD_KEY_EXPANSION_CONST
+/*
+ * key expansion
+ */
+# define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
+
+# undef TLS_MD_CLIENT_WRITE_KEY_CONST
+/*
+ * client write key
+ */
+# define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+# undef TLS_MD_SERVER_WRITE_KEY_CONST
+/*
+ * server write key
+ */
+# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+# undef TLS_MD_IV_BLOCK_CONST
+/*
+ * IV block
+ */
+# define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
+
+# undef TLS_MD_MASTER_SECRET_CONST
+/*
+ * master secret
+ */
+# define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
+# undef TLS_MD_EXTENDED_MASTER_SECRET_CONST
+/*
+ * extended master secret
+ */
+# define TLS_MD_EXTENDED_MASTER_SECRET_CONST "\x65\x78\x74\x65\x63\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
+# endif
+
+/* TLS Session Ticket extension struct */
+struct tls_session_ticket_ext_st {
+ unsigned short length;
+ void *data;
+};
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/ts/ts.h */
+/*
+ * Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL project
+ * 2002, 2003, 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_TS_H
+# define HEADER_TS_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+# include <openssl/buffer.h>
+# include <openssl/evp.h>
+# include <openssl/bio.h>
+# include <openssl/stack.h>
+# include <openssl/asn1.h>
+# include <openssl/safestack.h>
+
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# endif
+
+# ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+# endif
+
+# ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef WIN32
+/* Under Win32 this is defined in wincrypt.h */
+# undef X509_NAME
+# endif
+
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+
+/*-
+MessageImprint ::= SEQUENCE {
+ hashAlgorithm AlgorithmIdentifier,
+ hashedMessage OCTET STRING }
+*/
+
+typedef struct TS_msg_imprint_st {
+ X509_ALGOR *hash_algo;
+ ASN1_OCTET_STRING *hashed_msg;
+} TS_MSG_IMPRINT;
+
+/*-
+TimeStampReq ::= SEQUENCE {
+ version INTEGER { v1(1) },
+ messageImprint MessageImprint,
+ --a hash algorithm OID and the hash value of the data to be
+ --time-stamped
+ reqPolicy TSAPolicyId OPTIONAL,
+ nonce INTEGER OPTIONAL,
+ certReq BOOLEAN DEFAULT FALSE,
+ extensions [0] IMPLICIT Extensions OPTIONAL }
+*/
+
+typedef struct TS_req_st {
+ ASN1_INTEGER *version;
+ TS_MSG_IMPRINT *msg_imprint;
+ ASN1_OBJECT *policy_id; /* OPTIONAL */
+ ASN1_INTEGER *nonce; /* OPTIONAL */
+ ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */
+ STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
+} TS_REQ;
+
+/*-
+Accuracy ::= SEQUENCE {
+ seconds INTEGER OPTIONAL,
+ millis [0] INTEGER (1..999) OPTIONAL,
+ micros [1] INTEGER (1..999) OPTIONAL }
+*/
+
+typedef struct TS_accuracy_st {
+ ASN1_INTEGER *seconds;
+ ASN1_INTEGER *millis;
+ ASN1_INTEGER *micros;
+} TS_ACCURACY;
+
+/*-
+TSTInfo ::= SEQUENCE {
+ version INTEGER { v1(1) },
+ policy TSAPolicyId,
+ messageImprint MessageImprint,
+ -- MUST have the same value as the similar field in
+ -- TimeStampReq
+ serialNumber INTEGER,
+ -- Time-Stamping users MUST be ready to accommodate integers
+ -- up to 160 bits.
+ genTime GeneralizedTime,
+ accuracy Accuracy OPTIONAL,
+ ordering BOOLEAN DEFAULT FALSE,
+ nonce INTEGER OPTIONAL,
+ -- MUST be present if the similar field was present
+ -- in TimeStampReq. In that case it MUST have the same value.
+ tsa [0] GeneralName OPTIONAL,
+ extensions [1] IMPLICIT Extensions OPTIONAL }
+*/
+
+typedef struct TS_tst_info_st {
+ ASN1_INTEGER *version;
+ ASN1_OBJECT *policy_id;
+ TS_MSG_IMPRINT *msg_imprint;
+ ASN1_INTEGER *serial;
+ ASN1_GENERALIZEDTIME *time;
+ TS_ACCURACY *accuracy;
+ ASN1_BOOLEAN ordering;
+ ASN1_INTEGER *nonce;
+ GENERAL_NAME *tsa;
+ STACK_OF(X509_EXTENSION) *extensions;
+} TS_TST_INFO;
+
+/*-
+PKIStatusInfo ::= SEQUENCE {
+ status PKIStatus,
+ statusString PKIFreeText OPTIONAL,
+ failInfo PKIFailureInfo OPTIONAL }
+
+From RFC 1510 - section 3.1.1:
+PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
+ -- text encoded as UTF-8 String (note: each UTF8String SHOULD
+ -- include an RFC 1766 language tag to indicate the language
+ -- of the contained text)
+*/
+
+/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
+
+# define TS_STATUS_GRANTED 0
+# define TS_STATUS_GRANTED_WITH_MODS 1
+# define TS_STATUS_REJECTION 2
+# define TS_STATUS_WAITING 3
+# define TS_STATUS_REVOCATION_WARNING 4
+# define TS_STATUS_REVOCATION_NOTIFICATION 5
+
+/*
+ * Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c
+ */
+
+# define TS_INFO_BAD_ALG 0
+# define TS_INFO_BAD_REQUEST 2
+# define TS_INFO_BAD_DATA_FORMAT 5
+# define TS_INFO_TIME_NOT_AVAILABLE 14
+# define TS_INFO_UNACCEPTED_POLICY 15
+# define TS_INFO_UNACCEPTED_EXTENSION 16
+# define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
+# define TS_INFO_SYSTEM_FAILURE 25
+
+typedef struct TS_status_info_st {
+ ASN1_INTEGER *status;
+ STACK_OF(ASN1_UTF8STRING) *text;
+ ASN1_BIT_STRING *failure_info;
+} TS_STATUS_INFO;
+
+DECLARE_STACK_OF(ASN1_UTF8STRING)
+
+/*-
+TimeStampResp ::= SEQUENCE {
+ status PKIStatusInfo,
+ timeStampToken TimeStampToken OPTIONAL }
+*/
+
+typedef struct TS_resp_st {
+ TS_STATUS_INFO *status_info;
+ PKCS7 *token;
+ TS_TST_INFO *tst_info;
+} TS_RESP;
+
+/* The structure below would belong to the ESS component. */
+
+/*-
+IssuerSerial ::= SEQUENCE {
+ issuer GeneralNames,
+ serialNumber CertificateSerialNumber
+ }
+*/
+
+typedef struct ESS_issuer_serial {
+ STACK_OF(GENERAL_NAME) *issuer;
+ ASN1_INTEGER *serial;
+} ESS_ISSUER_SERIAL;
+
+/*-
+ESSCertID ::= SEQUENCE {
+ certHash Hash,
+ issuerSerial IssuerSerial OPTIONAL
+}
+*/
+
+typedef struct ESS_cert_id {
+ ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
+ ESS_ISSUER_SERIAL *issuer_serial;
+} ESS_CERT_ID;
+
+DECLARE_STACK_OF(ESS_CERT_ID)
+
+/*-
+SigningCertificate ::= SEQUENCE {
+ certs SEQUENCE OF ESSCertID,
+ policies SEQUENCE OF PolicyInformation OPTIONAL
+}
+*/
+
+typedef struct ESS_signing_cert {
+ STACK_OF(ESS_CERT_ID) *cert_ids;
+ STACK_OF(POLICYINFO) *policy_info;
+} ESS_SIGNING_CERT;
+
+TS_REQ *TS_REQ_new(void);
+void TS_REQ_free(TS_REQ *a);
+int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
+TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
+
+TS_REQ *TS_REQ_dup(TS_REQ *a);
+
+TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
+int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
+TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
+int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
+
+TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
+void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
+int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
+ const unsigned char **pp, long length);
+
+TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
+
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
+int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
+int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
+
+TS_RESP *TS_RESP_new(void);
+void TS_RESP_free(TS_RESP *a);
+int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
+TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
+TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
+TS_RESP *TS_RESP_dup(TS_RESP *a);
+
+TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
+int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
+TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
+int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
+
+TS_STATUS_INFO *TS_STATUS_INFO_new(void);
+void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
+int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
+TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
+ const unsigned char **pp, long length);
+TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
+
+TS_TST_INFO *TS_TST_INFO_new(void);
+void TS_TST_INFO_free(TS_TST_INFO *a);
+int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
+TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
+ long length);
+TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
+
+TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
+int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
+TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
+int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
+
+TS_ACCURACY *TS_ACCURACY_new(void);
+void TS_ACCURACY_free(TS_ACCURACY *a);
+int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
+TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
+ long length);
+TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
+
+ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
+void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
+int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp);
+ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
+ const unsigned char **pp,
+ long length);
+ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
+
+ESS_CERT_ID *ESS_CERT_ID_new(void);
+void ESS_CERT_ID_free(ESS_CERT_ID *a);
+int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
+ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
+ long length);
+ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
+
+ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
+void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
+int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp);
+ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
+ const unsigned char **pp, long length);
+ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
+
+void ERR_load_TS_strings(void);
+
+int TS_REQ_set_version(TS_REQ *a, long version);
+long TS_REQ_get_version(const TS_REQ *a);
+
+int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
+
+int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
+X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
+
+int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
+ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
+
+int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
+ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
+
+int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
+
+int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
+int TS_REQ_get_cert_req(const TS_REQ *a);
+
+STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
+void TS_REQ_ext_free(TS_REQ *a);
+int TS_REQ_get_ext_count(TS_REQ *a);
+int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
+int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
+int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
+X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
+X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
+int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
+void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
+
+/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
+
+int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
+
+int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
+TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
+
+/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
+PKCS7 *TS_RESP_get_token(TS_RESP *a);
+TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
+
+int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
+long TS_TST_INFO_get_version(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
+ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
+const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
+const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
+TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
+
+int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
+const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
+const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
+const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
+
+int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
+int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
+GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
+
+STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
+void TS_TST_INFO_ext_free(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
+int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
+int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
+X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
+X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
+int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
+void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
+
+/*
+ * Declarations related to response generation, defined in ts/ts_resp_sign.c.
+ */
+
+/* Optional flags for response generation. */
+
+/* Don't include the TSA name in response. */
+# define TS_TSA_NAME 0x01
+
+/* Set ordering to true in response. */
+# define TS_ORDERING 0x02
+
+/*
+ * Include the signer certificate and the other specified certificates in
+ * the ESS signing certificate attribute beside the PKCS7 signed data.
+ * Only the signer certificates is included by default.
+ */
+# define TS_ESS_CERT_ID_CHAIN 0x04
+
+/* Forward declaration. */
+struct TS_resp_ctx;
+
+/* This must return a unique number less than 160 bits long. */
+typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
+
+/*
+ * This must return the seconds and microseconds since Jan 1, 1970 in the sec
+ * and usec variables allocated by the caller. Return non-zero for success
+ * and zero for failure.
+ */
+typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
+ long *usec);
+
+/*
+ * This must process the given extension. It can modify the TS_TST_INFO
+ * object of the context. Return values: !0 (processed), 0 (error, it must
+ * set the status info/failure info of the response).
+ */
+typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
+ void *);
+
+typedef struct TS_resp_ctx {
+ X509 *signer_cert;
+ EVP_PKEY *signer_key;
+ STACK_OF(X509) *certs; /* Certs to include in signed data. */
+ STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
+ ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
+ STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */
+ ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */
+ ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */
+ ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */
+ unsigned clock_precision_digits; /* fraction of seconds in time stamp
+ * token. */
+ unsigned flags; /* Optional info, see values above. */
+ /* Callback functions. */
+ TS_serial_cb serial_cb;
+ void *serial_cb_data; /* User data for serial_cb. */
+ TS_time_cb time_cb;
+ void *time_cb_data; /* User data for time_cb. */
+ TS_extension_cb extension_cb;
+ void *extension_cb_data; /* User data for extension_cb. */
+ /* These members are used only while creating the response. */
+ TS_REQ *request;
+ TS_RESP *response;
+ TS_TST_INFO *tst_info;
+} TS_RESP_CTX;
+
+DECLARE_STACK_OF(EVP_MD)
+
+/* Creates a response context that can be used for generating responses. */
+TS_RESP_CTX *TS_RESP_CTX_new(void);
+void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
+
+/* No additional certs are included in the response by default. */
+int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
+
+/*
+ * Adds a new acceptable policy, only the default policy is accepted by
+ * default.
+ */
+int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
+
+/*
+ * Adds a new acceptable message digest. Note that no message digests are
+ * accepted by default. The md argument is shared with the caller.
+ */
+int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
+
+/* Accuracy is not included by default. */
+int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
+ int secs, int millis, int micros);
+
+/*
+ * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
+ * '3' msec, '6' usec, and so on. Default is 0.
+ */
+int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
+ unsigned clock_precision_digits);
+/* At most we accept usec precision. */
+# define TS_MAX_CLOCK_PRECISION_DIGITS 6
+
+/* No flags are set by default. */
+void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
+
+/* Default callback always returns a constant. */
+void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
+
+/* Default callback uses the gettimeofday() and gmtime() system calls. */
+void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
+
+/*
+ * Default callback rejects all extensions. The extension callback is called
+ * when the TS_TST_INFO object is already set up and not signed yet.
+ */
+/* FIXME: extension handling is not tested yet. */
+void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
+ TS_extension_cb cb, void *data);
+
+/* The following methods can be used in the callbacks. */
+int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
+ int status, const char *text);
+
+/* Sets the status info only if it is still TS_STATUS_GRANTED. */
+int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
+ int status, const char *text);
+
+int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
+
+/* The get methods below can be used in the extension callback. */
+TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
+
+TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
+
+/*
+ * Creates the signed TS_TST_INFO and puts it in TS_RESP.
+ * In case of errors it sets the status info properly.
+ * Returns NULL only in case of memory allocation/fatal error.
+ */
+TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
+
+/*
+ * Declarations related to response verification,
+ * they are defined in ts/ts_resp_verify.c.
+ */
+
+int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+ X509_STORE *store, X509 **signer_out);
+
+/* Context structure for the generic verify method. */
+
+/* Verify the signer's certificate and the signature of the response. */
+# define TS_VFY_SIGNATURE (1u << 0)
+/* Verify the version number of the response. */
+# define TS_VFY_VERSION (1u << 1)
+/* Verify if the policy supplied by the user matches the policy of the TSA. */
+# define TS_VFY_POLICY (1u << 2)
+/*
+ * Verify the message imprint provided by the user. This flag should not be
+ * specified with TS_VFY_DATA.
+ */
+# define TS_VFY_IMPRINT (1u << 3)
+/*
+ * Verify the message imprint computed by the verify method from the user
+ * provided data and the MD algorithm of the response. This flag should not
+ * be specified with TS_VFY_IMPRINT.
+ */
+# define TS_VFY_DATA (1u << 4)
+/* Verify the nonce value. */
+# define TS_VFY_NONCE (1u << 5)
+/* Verify if the TSA name field matches the signer certificate. */
+# define TS_VFY_SIGNER (1u << 6)
+/* Verify if the TSA name field equals to the user provided name. */
+# define TS_VFY_TSA_NAME (1u << 7)
+
+/* You can use the following convenience constants. */
+# define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \
+ | TS_VFY_VERSION \
+ | TS_VFY_POLICY \
+ | TS_VFY_IMPRINT \
+ | TS_VFY_NONCE \
+ | TS_VFY_SIGNER \
+ | TS_VFY_TSA_NAME)
+# define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \
+ | TS_VFY_VERSION \
+ | TS_VFY_POLICY \
+ | TS_VFY_DATA \
+ | TS_VFY_NONCE \
+ | TS_VFY_SIGNER \
+ | TS_VFY_TSA_NAME)
+
+typedef struct TS_verify_ctx {
+ /* Set this to the union of TS_VFY_... flags you want to carry out. */
+ unsigned flags;
+ /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
+ X509_STORE *store;
+ STACK_OF(X509) *certs;
+ /* Must be set only with TS_VFY_POLICY. */
+ ASN1_OBJECT *policy;
+ /*
+ * Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the
+ * algorithm from the response is used.
+ */
+ X509_ALGOR *md_alg;
+ unsigned char *imprint;
+ unsigned imprint_len;
+ /* Must be set only with TS_VFY_DATA. */
+ BIO *data;
+ /* Must be set only with TS_VFY_TSA_NAME. */
+ ASN1_INTEGER *nonce;
+ /* Must be set only with TS_VFY_TSA_NAME. */
+ GENERAL_NAME *tsa_name;
+} TS_VERIFY_CTX;
+
+int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
+int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
+
+/*
+ * Declarations related to response verification context,
+ * they are defined in ts/ts_verify_ctx.c.
+ */
+
+/* Set all fields to zero. */
+TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
+void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
+
+/*-
+ * If ctx is NULL, it allocates and returns a new object, otherwise
+ * it returns ctx. It initialises all the members as follows:
+ * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
+ * certs = NULL
+ * store = NULL
+ * policy = policy from the request or NULL if absent (in this case
+ * TS_VFY_POLICY is cleared from flags as well)
+ * md_alg = MD algorithm from request
+ * imprint, imprint_len = imprint from request
+ * data = NULL
+ * nonce, nonce_len = nonce from the request or NULL if absent (in this case
+ * TS_VFY_NONCE is cleared from flags as well)
+ * tsa_name = NULL
+ * Important: after calling this method TS_VFY_SIGNATURE should be added!
+ */
+TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
+
+int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
+int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
+int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
+
+/* Common utility functions defined in ts/ts_lib.c */
+
+int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
+int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
+int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
+int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
+int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
+
+/*
+ * Function declarations for handling configuration options, defined in
+ * ts/ts_conf.c
+ */
+
+X509 *TS_CONF_load_cert(const char *file);
+STACK_OF(X509) *TS_CONF_load_certs(const char *file);
+EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
+const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
+int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_crypto_device(CONF *conf, const char *section,
+ const char *device);
+int TS_CONF_set_default_engine(const char *name);
+int TS_CONF_set_signer_cert(CONF *conf, const char *section,
+ const char *cert, TS_RESP_CTX *ctx);
+int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_signer_key(CONF *conf, const char *section,
+ const char *key, const char *pass,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_def_policy(CONF *conf, const char *section,
+ const char *policy, TS_RESP_CTX *ctx);
+int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
+ TS_RESP_CTX *ctx);
+
+/* -------------------------------------------------- */
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_TS_strings(void);
+
+/* Error codes for the TS functions. */
+
+/* Function codes. */
+# define TS_F_D2I_TS_RESP 147
+# define TS_F_DEF_SERIAL_CB 110
+# define TS_F_DEF_TIME_CB 111
+# define TS_F_ESS_ADD_SIGNING_CERT 112
+# define TS_F_ESS_CERT_ID_NEW_INIT 113
+# define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
+# define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
+# define TS_F_PKCS7_TO_TS_TST_INFO 148
+# define TS_F_TS_ACCURACY_SET_MICROS 115
+# define TS_F_TS_ACCURACY_SET_MILLIS 116
+# define TS_F_TS_ACCURACY_SET_SECONDS 117
+# define TS_F_TS_CHECK_IMPRINTS 100
+# define TS_F_TS_CHECK_NONCES 101
+# define TS_F_TS_CHECK_POLICY 102
+# define TS_F_TS_CHECK_SIGNING_CERTS 103
+# define TS_F_TS_CHECK_STATUS_INFO 104
+# define TS_F_TS_COMPUTE_IMPRINT 145
+# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
+# define TS_F_TS_GET_STATUS_TEXT 105
+# define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
+# define TS_F_TS_REQ_SET_MSG_IMPRINT 119
+# define TS_F_TS_REQ_SET_NONCE 120
+# define TS_F_TS_REQ_SET_POLICY_ID 121
+# define TS_F_TS_RESP_CREATE_RESPONSE 122
+# define TS_F_TS_RESP_CREATE_TST_INFO 123
+# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
+# define TS_F_TS_RESP_CTX_ADD_MD 125
+# define TS_F_TS_RESP_CTX_ADD_POLICY 126
+# define TS_F_TS_RESP_CTX_NEW 127
+# define TS_F_TS_RESP_CTX_SET_ACCURACY 128
+# define TS_F_TS_RESP_CTX_SET_CERTS 129
+# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
+# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
+# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
+# define TS_F_TS_RESP_GET_POLICY 133
+# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
+# define TS_F_TS_RESP_SET_STATUS_INFO 135
+# define TS_F_TS_RESP_SET_TST_INFO 150
+# define TS_F_TS_RESP_SIGN 136
+# define TS_F_TS_RESP_VERIFY_SIGNATURE 106
+# define TS_F_TS_RESP_VERIFY_TOKEN 107
+# define TS_F_TS_TST_INFO_SET_ACCURACY 137
+# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
+# define TS_F_TS_TST_INFO_SET_NONCE 139
+# define TS_F_TS_TST_INFO_SET_POLICY_ID 140
+# define TS_F_TS_TST_INFO_SET_SERIAL 141
+# define TS_F_TS_TST_INFO_SET_TIME 142
+# define TS_F_TS_TST_INFO_SET_TSA 143
+# define TS_F_TS_VERIFY 108
+# define TS_F_TS_VERIFY_CERT 109
+# define TS_F_TS_VERIFY_CTX_NEW 144
+
+/* Reason codes. */
+# define TS_R_BAD_PKCS7_TYPE 132
+# define TS_R_BAD_TYPE 133
+# define TS_R_CERTIFICATE_VERIFY_ERROR 100
+# define TS_R_COULD_NOT_SET_ENGINE 127
+# define TS_R_COULD_NOT_SET_TIME 115
+# define TS_R_D2I_TS_RESP_INT_FAILED 128
+# define TS_R_DETACHED_CONTENT 134
+# define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
+# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
+# define TS_R_INVALID_NULL_POINTER 102
+# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
+# define TS_R_MESSAGE_IMPRINT_MISMATCH 103
+# define TS_R_NONCE_MISMATCH 104
+# define TS_R_NONCE_NOT_RETURNED 105
+# define TS_R_NO_CONTENT 106
+# define TS_R_NO_TIME_STAMP_TOKEN 107
+# define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
+# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
+# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
+# define TS_R_POLICY_MISMATCH 108
+# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
+# define TS_R_RESPONSE_SETUP_ERROR 121
+# define TS_R_SIGNATURE_FAILURE 109
+# define TS_R_THERE_MUST_BE_ONE_SIGNER 110
+# define TS_R_TIME_SYSCALL_ERROR 122
+# define TS_R_TOKEN_NOT_PRESENT 130
+# define TS_R_TOKEN_PRESENT 131
+# define TS_R_TSA_NAME_MISMATCH 111
+# define TS_R_TSA_UNTRUSTED 112
+# define TS_R_TST_INFO_SETUP_ERROR 123
+# define TS_R_TS_DATASIGN 124
+# define TS_R_UNACCEPTABLE_POLICY 125
+# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
+# define TS_R_UNSUPPORTED_VERSION 113
+# define TS_R_WRONG_CONTENT_TYPE 114
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/txt_db/txt_db.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TXT_DB_H
+# define HEADER_TXT_DB_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/bio.h>
+# include <openssl/stack.h>
+# include <openssl/lhash.h>
+
+# define DB_ERROR_OK 0
+# define DB_ERROR_MALLOC 1
+# define DB_ERROR_INDEX_CLASH 2
+# define DB_ERROR_INDEX_OUT_OF_RANGE 3
+# define DB_ERROR_NO_INDEX 4
+# define DB_ERROR_INSERT_INDEX_CLASH 5
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef OPENSSL_STRING *OPENSSL_PSTRING;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
+typedef struct txt_db_st {
+ int num_fields;
+ STACK_OF(OPENSSL_PSTRING) *data;
+ LHASH_OF(OPENSSL_STRING) **index;
+ int (**qual) (OPENSSL_STRING *);
+ long error;
+ long arg1;
+ long arg2;
+ OPENSSL_STRING *arg_row;
+} TXT_DB;
+
+TXT_DB *TXT_DB_read(BIO *in, int num);
+long TXT_DB_write(BIO *out, TXT_DB *db);
+int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
+ LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
+void TXT_DB_free(TXT_DB *db);
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+ OPENSSL_STRING *value);
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_H
+# define HEADER_UI_H
+
+# ifdef OPENSSL_USE_DEPRECATED
+# include <openssl/crypto.h>
+# endif
+# include <openssl/safestack.h>
+# include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Declared already in ossl_typ.h */
+/* typedef struct ui_st UI; */
+/* typedef struct ui_method_st UI_METHOD; */
+
+/*
+ * All the following functions return -1 or NULL on error and in some cases
+ * (UI_process()) -2 if interrupted or in some other way cancelled. When
+ * everything is fine, they return 0, a positive value or a non-NULL pointer,
+ * all depending on their purpose.
+ */
+
+/* Creators and destructor. */
+UI *UI_new(void);
+UI *UI_new_method(const UI_METHOD *method);
+void UI_free(UI *ui);
+
+/*-
+ The following functions are used to add strings to be printed and prompt
+ strings to prompt for data. The names are UI_{add,dup}_<function>_string
+ and UI_{add,dup}_input_boolean.
+
+ UI_{add,dup}_<function>_string have the following meanings:
+ add add a text or prompt string. The pointers given to these
+ functions are used verbatim, no copying is done.
+ dup make a copy of the text or prompt string, then add the copy
+ to the collection of strings in the user interface.
+ <function>
+ The function is a name for the functionality that the given
+ string shall be used for. It can be one of:
+ input use the string as data prompt.
+ verify use the string as verification prompt. This
+ is used to verify a previous input.
+ info use the string for informational output.
+ error use the string for error output.
+ Honestly, there's currently no difference between info and error for the
+ moment.
+
+ UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
+ and are typically used when one wants to prompt for a yes/no response.
+
+ All of the functions in this group take a UI and a prompt string.
+ The string input and verify addition functions also take a flag argument,
+ a buffer for the result to end up with, a minimum input size and a maximum
+ input size (the result buffer MUST be large enough to be able to contain
+ the maximum number of characters). Additionally, the verify addition
+ functions takes another buffer to compare the result against.
+ The boolean input functions take an action description string (which should
+ be safe to ignore if the expected user action is obvious, for example with
+ a dialog box with an OK button and a Cancel button), a string of acceptable
+ characters to mean OK and to mean Cancel. The two last strings are checked
+ to make sure they don't have common characters. Additionally, the same
+ flag argument as for the string input is taken, as well as a result buffer.
+ The result buffer is required to be at least one byte long. Depending on
+ the answer, the first character from the OK or the Cancel character strings
+ will be stored in the first byte of the result buffer. No NUL will be
+ added, so the result is *not* a string.
+
+ On success, the all return an index of the added information. That index
+ is usefull when retrieving results with UI_get0_result(). */
+int UI_add_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize);
+int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize);
+int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf);
+int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf);
+int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf);
+int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf);
+int UI_add_info_string(UI *ui, const char *text);
+int UI_dup_info_string(UI *ui, const char *text);
+int UI_add_error_string(UI *ui, const char *text);
+int UI_dup_error_string(UI *ui, const char *text);
+
+/* These are the possible flags. They can be or'ed together. */
+/* Use to have echoing of input */
+# define UI_INPUT_FLAG_ECHO 0x01
+/*
+ * Use a default password. Where that password is found is completely up to
+ * the application, it might for example be in the user data set with
+ * UI_add_user_data(). It is not recommended to have more than one input in
+ * each UI being marked with this flag, or the application might get
+ * confused.
+ */
+# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
+
+/*-
+ * The user of these routines may want to define flags of their own. The core
+ * UI won't look at those, but will pass them on to the method routines. They
+ * must use higher bits so they don't get confused with the UI bits above.
+ * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
+ * example of use is this:
+ *
+ * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
+ *
+*/
+# define UI_INPUT_FLAG_USER_BASE 16
+
+/*-
+ * The following function helps construct a prompt. object_desc is a
+ * textual short description of the object, for example "pass phrase",
+ * and object_name is the name of the object (might be a card name or
+ * a file name.
+ * The returned string shall always be allocated on the heap with
+ * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+ *
+ * If the ui_method doesn't contain a pointer to a user-defined prompt
+ * constructor, a default string is built, looking like this:
+ *
+ * "Enter {object_desc} for {object_name}:"
+ *
+ * So, if object_desc has the value "pass phrase" and object_name has
+ * the value "foo.key", the resulting string is:
+ *
+ * "Enter pass phrase for foo.key:"
+*/
+char *UI_construct_prompt(UI *ui_method,
+ const char *object_desc, const char *object_name);
+
+/*
+ * The following function is used to store a pointer to user-specific data.
+ * Any previous such pointer will be returned and replaced.
+ *
+ * For callback purposes, this function makes a lot more sense than using
+ * ex_data, since the latter requires that different parts of OpenSSL or
+ * applications share the same ex_data index.
+ *
+ * Note that the UI_OpenSSL() method completely ignores the user data. Other
+ * methods may not, however.
+ */
+void *UI_add_user_data(UI *ui, void *user_data);
+/* We need a user data retrieving function as well. */
+void *UI_get0_user_data(UI *ui);
+
+/* Return the result associated with a prompt given with the index i. */
+const char *UI_get0_result(UI *ui, int i);
+
+/* When all strings have been added, process the whole thing. */
+int UI_process(UI *ui);
+
+/*
+ * Give a user interface parametrised control commands. This can be used to
+ * send down an integer, a data pointer or a function pointer, as well as be
+ * used to get information from a UI.
+ */
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
+
+/* The commands */
+/*
+ * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
+ * OpenSSL error stack before printing any info or added error messages and
+ * before any prompting.
+ */
+# define UI_CTRL_PRINT_ERRORS 1
+/*
+ * Check if a UI_process() is possible to do again with the same instance of
+ * a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
+ * if not.
+ */
+# define UI_CTRL_IS_REDOABLE 2
+
+/* Some methods may use extra data */
+# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
+# define UI_get_app_data(s) UI_get_ex_data(s,0)
+int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int UI_set_ex_data(UI *r, int idx, void *arg);
+void *UI_get_ex_data(UI *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+void UI_set_default_method(const UI_METHOD *meth);
+const UI_METHOD *UI_get_default_method(void);
+const UI_METHOD *UI_get_method(UI *ui);
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void);
+
+/* ---------- For method writers ---------- */
+/*-
+ A method contains a number of functions that implement the low level
+ of the User Interface. The functions are:
+
+ an opener This function starts a session, maybe by opening
+ a channel to a tty, or by opening a window.
+ a writer This function is called to write a given string,
+ maybe to the tty, maybe as a field label in a
+ window.
+ a flusher This function is called to flush everything that
+ has been output so far. It can be used to actually
+ display a dialog box after it has been built.
+ a reader This function is called to read a given prompt,
+ maybe from the tty, maybe from a field in a
+ window. Note that it's called wth all string
+ structures, not only the prompt ones, so it must
+ check such things itself.
+ a closer This function closes the session, maybe by closing
+ the channel to the tty, or closing the window.
+
+ All these functions are expected to return:
+
+ 0 on error.
+ 1 on success.
+ -1 on out-of-band events, for example if some prompting has
+ been canceled (by pressing Ctrl-C, for example). This is
+ only checked when returned by the flusher or the reader.
+
+ The way this is used, the opener is first called, then the writer for all
+ strings, then the flusher, then the reader for all strings and finally the
+ closer. Note that if you want to prompt from a terminal or other command
+ line interface, the best is to have the reader also write the prompts
+ instead of having the writer do it. If you want to prompt from a dialog
+ box, the writer can be used to build up the contents of the box, and the
+ flusher to actually display the box and run the event loop until all data
+ has been given, after which the reader only grabs the given data and puts
+ them back into the UI strings.
+
+ All method functions take a UI as argument. Additionally, the writer and
+ the reader take a UI_STRING.
+*/
+
+/*
+ * The UI_STRING type is the data structure that contains all the needed info
+ * about a string or a prompt, including test data for a verification prompt.
+ */
+typedef struct ui_string_st UI_STRING;
+DECLARE_STACK_OF(UI_STRING)
+
+/*
+ * The different types of strings that are currently supported. This is only
+ * needed by method authors.
+ */
+enum UI_string_types {
+ UIT_NONE = 0,
+ UIT_PROMPT, /* Prompt for a string */
+ UIT_VERIFY, /* Prompt for a string and verify */
+ UIT_BOOLEAN, /* Prompt for a yes/no response */
+ UIT_INFO, /* Send info to the user */
+ UIT_ERROR /* Send an error message to the user */
+};
+
+/* Create and manipulate methods */
+UI_METHOD *UI_create_method(char *name);
+void UI_destroy_method(UI_METHOD *ui_method);
+int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+int UI_method_set_writer(UI_METHOD *method,
+ int (*writer) (UI *ui, UI_STRING *uis));
+int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+int UI_method_set_reader(UI_METHOD *method,
+ int (*reader) (UI *ui, UI_STRING *uis));
+int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+ char *(*prompt_constructor) (UI *ui,
+ const char
+ *object_desc,
+ const char
+ *object_name));
+int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
+int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
+int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
+char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
+ const char *,
+ const char *);
+
+/*
+ * The following functions are helpers for method writers to access relevant
+ * data from a UI_STRING.
+ */
+
+/* Return type of the UI_STRING */
+enum UI_string_types UI_get_string_type(UI_STRING *uis);
+/* Return input flags of the UI_STRING */
+int UI_get_input_flags(UI_STRING *uis);
+/* Return the actual string to output (the prompt, info or error) */
+const char *UI_get0_output_string(UI_STRING *uis);
+/*
+ * Return the optional action string to output (the boolean promtp
+ * instruction)
+ */
+const char *UI_get0_action_string(UI_STRING *uis);
+/* Return the result of a prompt */
+const char *UI_get0_result_string(UI_STRING *uis);
+/*
+ * Return the string to test the result against. Only useful with verifies.
+ */
+const char *UI_get0_test_string(UI_STRING *uis);
+/* Return the required minimum size of the result */
+int UI_get_result_minsize(UI_STRING *uis);
+/* Return the required maximum size of the result */
+int UI_get_result_maxsize(UI_STRING *uis);
+/* Set the result of a UI_STRING. */
+int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+
+/* A couple of popular utility functions */
+int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+ int verify);
+int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+ int verify);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_UI_strings(void);
+
+/* Error codes for the UI functions. */
+
+/* Function codes. */
+# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
+# define UI_F_GENERAL_ALLOCATE_PROMPT 109
+# define UI_F_GENERAL_ALLOCATE_STRING 100
+# define UI_F_UI_CTRL 111
+# define UI_F_UI_DUP_ERROR_STRING 101
+# define UI_F_UI_DUP_INFO_STRING 102
+# define UI_F_UI_DUP_INPUT_BOOLEAN 110
+# define UI_F_UI_DUP_INPUT_STRING 103
+# define UI_F_UI_DUP_VERIFY_STRING 106
+# define UI_F_UI_GET0_RESULT 107
+# define UI_F_UI_NEW_METHOD 104
+# define UI_F_UI_SET_RESULT 105
+
+/* Reason codes. */
+# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
+# define UI_R_INDEX_TOO_LARGE 102
+# define UI_R_INDEX_TOO_SMALL 103
+# define UI_R_NO_RESULT_BUFFER 105
+# define UI_R_RESULT_TOO_LARGE 100
+# define UI_R_RESULT_TOO_SMALL 101
+# define UI_R_UNKNOWN_CONTROL_COMMAND 106
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+#ifndef HEADER_WHRLPOOL_H
+# define HEADER_WHRLPOOL_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define WHIRLPOOL_DIGEST_LENGTH (512/8)
+# define WHIRLPOOL_BBLOCK 512
+# define WHIRLPOOL_COUNTER (256/8)
+
+typedef struct {
+ union {
+ unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
+ /* double q is here to ensure 64-bit alignment */
+ double q[WHIRLPOOL_DIGEST_LENGTH / sizeof(double)];
+ } H;
+ unsigned char data[WHIRLPOOL_BBLOCK / 8];
+ unsigned int bitoff;
+ size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
+} WHIRLPOOL_CTX;
+
+# ifndef OPENSSL_NO_WHIRLPOOL
+int WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
+int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *inp, size_t bytes);
+void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp, size_t bits);
+int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c);
+unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md);
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- /dev/null
+/* crypto/x509/x509.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_X509_H
+# define HEADER_X509_H
+
+# include <openssl/e_os2.h>
+# include <openssl/symhacks.h>
+# include <openssl/buffer.h>
+# include <openssl/evp.h>
+# include <openssl/bio.h>
+# include <openssl/stack.h>
+# include <openssl/asn1.h>
+# include <openssl/safestack.h>
+
+# ifndef OPENSSL_NO_EC
+# include <openssl/ec.h>
+# include <openssl/ecdsa.h>
+# include <openssl/ecdh.h>
+# endif
+
+# ifdef OPENSSL_USE_DEPRECATED
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# endif
+# ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+# endif
+# ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+# endif
+# endif
+
+# include <openssl/sha.h>
+# include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_SYS_WIN32
+/* Under Win32 these are defined in wincrypt.h */
+# undef X509_NAME
+# undef X509_EXTENSIONS
+# endif
+
+# define X509_FILETYPE_PEM 1
+# define X509_FILETYPE_ASN1 2
+# define X509_FILETYPE_DEFAULT 3
+
+# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
+# define X509v3_KU_NON_REPUDIATION 0x0040
+# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
+# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
+# define X509v3_KU_KEY_AGREEMENT 0x0008
+# define X509v3_KU_KEY_CERT_SIGN 0x0004
+# define X509v3_KU_CRL_SIGN 0x0002
+# define X509v3_KU_ENCIPHER_ONLY 0x0001
+# define X509v3_KU_DECIPHER_ONLY 0x8000
+# define X509v3_KU_UNDEF 0xffff
+
+typedef struct X509_objects_st {
+ int nid;
+ int (*a2i) (void);
+ int (*i2a) (void);
+} X509_OBJECTS;
+
+struct X509_algor_st {
+ ASN1_OBJECT *algorithm;
+ ASN1_TYPE *parameter;
+} /* X509_ALGOR */ ;
+
+typedef STACK_OF(X509_ALGOR) X509_ALGORS;
+
+typedef struct X509_val_st {
+ ASN1_TIME *notBefore;
+ ASN1_TIME *notAfter;
+} X509_VAL;
+
+struct X509_pubkey_st {
+ X509_ALGOR *algor;
+ ASN1_BIT_STRING *public_key;
+ EVP_PKEY *pkey;
+};
+
+typedef struct X509_sig_st {
+ X509_ALGOR *algor;
+ ASN1_OCTET_STRING *digest;
+} X509_SIG;
+
+typedef struct X509_name_entry_st X509_NAME_ENTRY;
+
+DECLARE_STACK_OF(X509_NAME_ENTRY)
+
+DECLARE_STACK_OF(X509_NAME)
+
+# define X509_EX_V_NETSCAPE_HACK 0x8000
+# define X509_EX_V_INIT 0x0001
+typedef struct X509_extension_st X509_EXTENSION;
+
+typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+
+DECLARE_STACK_OF(X509_EXTENSION)
+
+typedef struct x509_attributes_st X509_ATTRIBUTE;
+
+DECLARE_STACK_OF(X509_ATTRIBUTE)
+
+typedef struct X509_req_info_st {
+ ASN1_ENCODING enc;
+ ASN1_INTEGER *version;
+ X509_NAME *subject;
+ X509_PUBKEY *pubkey;
+ /* d=2 hl=2 l= 0 cons: cont: 00 */
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} X509_REQ_INFO;
+
+typedef struct X509_req_st {
+ X509_REQ_INFO *req_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+} X509_REQ;
+
+typedef struct x509_cinf_st {
+ ASN1_INTEGER *version; /* [ 0 ] default of v1 */
+ ASN1_INTEGER *serialNumber;
+ X509_ALGOR *signature;
+ X509_NAME *issuer;
+ X509_VAL *validity;
+ X509_NAME *subject;
+ X509_PUBKEY *key;
+ ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
+ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
+ STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
+ ASN1_ENCODING enc;
+} X509_CINF;
+
+/*
+ * This stuff is certificate "auxiliary info" it contains details which are
+ * useful in certificate stores and databases. When used this is tagged onto
+ * the end of the certificate itself
+ */
+
+typedef struct x509_cert_aux_st {
+ STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
+ STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
+ ASN1_UTF8STRING *alias; /* "friendly name" */
+ ASN1_OCTET_STRING *keyid; /* key id of private key */
+ STACK_OF(X509_ALGOR) *other; /* other unspecified info */
+} X509_CERT_AUX;
+
+struct x509_st {
+ X509_CINF *cert_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int valid;
+ int references;
+ char *name;
+ CRYPTO_EX_DATA ex_data;
+ /* These contain copies of various extension values */
+ long ex_pathlen;
+ long ex_pcpathlen;
+ unsigned long ex_flags;
+ unsigned long ex_kusage;
+ unsigned long ex_xkusage;
+ unsigned long ex_nscert;
+ ASN1_OCTET_STRING *skid;
+ AUTHORITY_KEYID *akid;
+ X509_POLICY_CACHE *policy_cache;
+ STACK_OF(DIST_POINT) *crldp;
+ STACK_OF(GENERAL_NAME) *altname;
+ NAME_CONSTRAINTS *nc;
+ STACK_OF(IPAddressFamily) *rfc3779_addr;
+ struct ASIdentifiers_st *rfc3779_asid;
+ unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+ X509_CERT_AUX *aux;
+} /* X509 */ ;
+
+DECLARE_STACK_OF(X509)
+
+/* This is used for a table of trust checking functions */
+
+typedef struct x509_trust_st {
+ int trust;
+ int flags;
+ int (*check_trust) (struct x509_trust_st *, X509 *, int);
+ char *name;
+ int arg1;
+ void *arg2;
+} X509_TRUST;
+
+DECLARE_STACK_OF(X509_TRUST)
+
+/* standard trust ids */
+
+# define X509_TRUST_DEFAULT -1/* Only valid in purpose settings */
+
+# define X509_TRUST_COMPAT 1
+# define X509_TRUST_SSL_CLIENT 2
+# define X509_TRUST_SSL_SERVER 3
+# define X509_TRUST_EMAIL 4
+# define X509_TRUST_OBJECT_SIGN 5
+# define X509_TRUST_OCSP_SIGN 6
+# define X509_TRUST_OCSP_REQUEST 7
+# define X509_TRUST_TSA 8
+
+/* Keep these up to date! */
+# define X509_TRUST_MIN 1
+# define X509_TRUST_MAX 8
+
+/* trust_flags values */
+# define X509_TRUST_DYNAMIC 1
+# define X509_TRUST_DYNAMIC_NAME 2
+
+/* check_trust return codes */
+
+# define X509_TRUST_TRUSTED 1
+# define X509_TRUST_REJECTED 2
+# define X509_TRUST_UNTRUSTED 3
+
+/* Flags for X509_print_ex() */
+
+# define X509_FLAG_COMPAT 0
+# define X509_FLAG_NO_HEADER 1L
+# define X509_FLAG_NO_VERSION (1L << 1)
+# define X509_FLAG_NO_SERIAL (1L << 2)
+# define X509_FLAG_NO_SIGNAME (1L << 3)
+# define X509_FLAG_NO_ISSUER (1L << 4)
+# define X509_FLAG_NO_VALIDITY (1L << 5)
+# define X509_FLAG_NO_SUBJECT (1L << 6)
+# define X509_FLAG_NO_PUBKEY (1L << 7)
+# define X509_FLAG_NO_EXTENSIONS (1L << 8)
+# define X509_FLAG_NO_SIGDUMP (1L << 9)
+# define X509_FLAG_NO_AUX (1L << 10)
+# define X509_FLAG_NO_ATTRIBUTES (1L << 11)
+# define X509_FLAG_NO_IDS (1L << 12)
+
+/* Flags specific to X509_NAME_print_ex() */
+
+/* The field separator information */
+
+# define XN_FLAG_SEP_MASK (0xf << 16)
+
+# define XN_FLAG_COMPAT 0/* Traditional SSLeay: use old
+ * X509_NAME_print */
+# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */
+# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */
+# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */
+# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */
+
+# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */
+
+/* How the field name is shown */
+
+# define XN_FLAG_FN_MASK (0x3 << 21)
+
+# define XN_FLAG_FN_SN 0/* Object short name */
+# define XN_FLAG_FN_LN (1 << 21)/* Object long name */
+# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */
+# define XN_FLAG_FN_NONE (3 << 21)/* No field names */
+
+# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */
+
+/*
+ * This determines if we dump fields we don't recognise: RFC2253 requires
+ * this.
+ */
+
+# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
+
+# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20
+ * characters */
+
+/* Complete set of RFC2253 flags */
+
+# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
+ XN_FLAG_SEP_COMMA_PLUS | \
+ XN_FLAG_DN_REV | \
+ XN_FLAG_FN_SN | \
+ XN_FLAG_DUMP_UNKNOWN_FIELDS)
+
+/* readable oneline form */
+
+# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
+ ASN1_STRFLGS_ESC_QUOTE | \
+ XN_FLAG_SEP_CPLUS_SPC | \
+ XN_FLAG_SPC_EQ | \
+ XN_FLAG_FN_SN)
+
+/* readable multiline form */
+
+# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
+ ASN1_STRFLGS_ESC_MSB | \
+ XN_FLAG_SEP_MULTILINE | \
+ XN_FLAG_SPC_EQ | \
+ XN_FLAG_FN_LN | \
+ XN_FLAG_FN_ALIGN)
+
+struct x509_revoked_st {
+ ASN1_INTEGER *serialNumber;
+ ASN1_TIME *revocationDate;
+ STACK_OF(X509_EXTENSION) /* optional */ *extensions;
+ /* Set up if indirect CRL */
+ STACK_OF(GENERAL_NAME) *issuer;
+ /* Revocation reason */
+ int reason;
+ int sequence; /* load sequence */
+};
+
+DECLARE_STACK_OF(X509_REVOKED)
+
+typedef struct X509_crl_info_st {
+ ASN1_INTEGER *version;
+ X509_ALGOR *sig_alg;
+ X509_NAME *issuer;
+ ASN1_TIME *lastUpdate;
+ ASN1_TIME *nextUpdate;
+ STACK_OF(X509_REVOKED) *revoked;
+ STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
+ ASN1_ENCODING enc;
+} X509_CRL_INFO;
+
+struct X509_crl_st {
+ /* actual signature */
+ X509_CRL_INFO *crl;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+ int flags;
+ /* Copies of various extensions */
+ AUTHORITY_KEYID *akid;
+ ISSUING_DIST_POINT *idp;
+ /* Convenient breakdown of IDP */
+ int idp_flags;
+ int idp_reasons;
+ /* CRL and base CRL numbers for delta processing */
+ ASN1_INTEGER *crl_number;
+ ASN1_INTEGER *base_crl_number;
+ unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+ STACK_OF(GENERAL_NAMES) *issuers;
+ const X509_CRL_METHOD *meth;
+ void *meth_data;
+} /* X509_CRL */ ;
+
+DECLARE_STACK_OF(X509_CRL)
+
+typedef struct private_key_st {
+ int version;
+ /* The PKCS#8 data types */
+ X509_ALGOR *enc_algor;
+ ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
+ /* When decrypted, the following will not be NULL */
+ EVP_PKEY *dec_pkey;
+ /* used to encrypt and decrypt */
+ int key_length;
+ char *key_data;
+ int key_free; /* true if we should auto free key_data */
+ /* expanded version of 'enc_algor' */
+ EVP_CIPHER_INFO cipher;
+ int references;
+} X509_PKEY;
+
+typedef struct X509_info_st {
+ X509 *x509;
+ X509_CRL *crl;
+ X509_PKEY *x_pkey;
+ EVP_CIPHER_INFO enc_cipher;
+ int enc_len;
+ char *enc_data;
+ int references;
+} X509_INFO;
+
+DECLARE_STACK_OF(X509_INFO)
+
+/*
+ * The next 2 structures and their 8 routines were sent to me by Pat Richard
+ * <patr@x509.com> and are used to manipulate Netscapes spki structures -
+ * useful if you are writing a CA web page
+ */
+typedef struct Netscape_spkac_st {
+ X509_PUBKEY *pubkey;
+ ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
+} NETSCAPE_SPKAC;
+
+typedef struct Netscape_spki_st {
+ NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
+ X509_ALGOR *sig_algor;
+ ASN1_BIT_STRING *signature;
+} NETSCAPE_SPKI;
+
+/* Netscape certificate sequence structure */
+typedef struct Netscape_certificate_sequence {
+ ASN1_OBJECT *type;
+ STACK_OF(X509) *certs;
+} NETSCAPE_CERT_SEQUENCE;
+
+/*- Unused (and iv length is wrong)
+typedef struct CBCParameter_st
+ {
+ unsigned char iv[8];
+ } CBC_PARAM;
+*/
+
+/* Password based encryption structure */
+
+typedef struct PBEPARAM_st {
+ ASN1_OCTET_STRING *salt;
+ ASN1_INTEGER *iter;
+} PBEPARAM;
+
+/* Password based encryption V2 structures */
+
+typedef struct PBE2PARAM_st {
+ X509_ALGOR *keyfunc;
+ X509_ALGOR *encryption;
+} PBE2PARAM;
+
+typedef struct PBKDF2PARAM_st {
+/* Usually OCTET STRING but could be anything */
+ ASN1_TYPE *salt;
+ ASN1_INTEGER *iter;
+ ASN1_INTEGER *keylength;
+ X509_ALGOR *prf;
+} PBKDF2PARAM;
+
+/* PKCS#8 private key info structure */
+
+struct pkcs8_priv_key_info_st {
+ /* Flag for various broken formats */
+ int broken;
+# define PKCS8_OK 0
+# define PKCS8_NO_OCTET 1
+# define PKCS8_EMBEDDED_PARAM 2
+# define PKCS8_NS_DB 3
+# define PKCS8_NEG_PRIVKEY 4
+ ASN1_INTEGER *version;
+ X509_ALGOR *pkeyalg;
+ /* Should be OCTET STRING but some are broken */
+ ASN1_TYPE *pkey;
+ STACK_OF(X509_ATTRIBUTE) *attributes;
+};
+
+#ifdef __cplusplus
+}
+#endif
+
+# include <openssl/x509_vfy.h>
+# include <openssl/pkcs7.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define X509_EXT_PACK_UNKNOWN 1
+# define X509_EXT_PACK_STRING 2
+
+# define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
+/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
+# define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
+# define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
+# define X509_extract_key(x) X509_get_pubkey(x)/*****/
+# define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
+# define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
+# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
+# define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
+
+# define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
+# define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
+# define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
+# define X509_CRL_get_issuer(x) ((x)->crl->issuer)
+# define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
+
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
+X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
+ int (*crl_free) (X509_CRL *crl),
+ int (*crl_lookup) (X509_CRL *crl,
+ X509_REVOKED **ret,
+ ASN1_INTEGER *ser,
+ X509_NAME *issuer),
+ int (*crl_verify) (X509_CRL *crl,
+ EVP_PKEY *pk));
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
+void *X509_CRL_get_meth_data(X509_CRL *crl);
+
+/*
+ * This one is only used so that a binary form can output, as in
+ * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
+ */
+# define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
+
+const char *X509_verify_cert_error_string(long n);
+
+int X509_verify(X509 *a, EVP_PKEY *r);
+
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len);
+char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
+EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
+int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
+
+int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
+
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
+int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert);
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
+
+int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_digest(const X509 *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+
+# ifndef OPENSSL_NO_STDIO
+X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+int i2d_X509_fp(FILE *fp, X509 *x509);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+# ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+# endif
+# ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+# endif
+# ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+# endif
+X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+ PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+# endif
+
+X509 *d2i_X509_bio(BIO *bp, X509 **x509);
+int i2d_X509_bio(BIO *bp, X509 *x509);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
+int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
+int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
+# ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
+RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
+int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
+# endif
+# ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
+int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+# endif
+# ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
+# endif
+X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
+int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
+ PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
+int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+
+X509 *X509_dup(X509 *x509);
+X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
+X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
+X509_CRL *X509_CRL_dup(X509_CRL *crl);
+X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
+X509_REQ *X509_REQ_dup(X509_REQ *req);
+X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
+int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
+ void *pval);
+void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+ X509_ALGOR *algor);
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
+
+X509_NAME *X509_NAME_dup(X509_NAME *xn);
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
+
+int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+int X509_cmp_current_time(const ASN1_TIME *s);
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+ int offset_day, long offset_sec, time_t *t);
+ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
+
+const char *X509_get_default_cert_area(void);
+const char *X509_get_default_cert_dir(void);
+const char *X509_get_default_cert_file(void);
+const char *X509_get_default_cert_dir_env(void);
+const char *X509_get_default_cert_file_env(void);
+const char *X509_get_default_private_dir(void);
+
+X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey);
+
+DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+DECLARE_ASN1_FUNCTIONS(X509_VAL)
+
+DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
+
+int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
+int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+# ifndef OPENSSL_NO_RSA
+int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
+RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
+# endif
+# ifndef OPENSSL_NO_DSA
+int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp);
+DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
+# endif
+# ifndef OPENSSL_NO_EC
+int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
+EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length);
+# endif
+
+DECLARE_ASN1_FUNCTIONS(X509_SIG)
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_REQ)
+
+DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
+X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
+
+DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME)
+
+int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(X509_CINF)
+
+DECLARE_ASN1_FUNCTIONS(X509)
+DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
+
+int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int X509_set_ex_data(X509 *r, int idx, void *arg);
+void *X509_get_ex_data(X509 *r, int idx);
+int i2d_X509_AUX(X509 *a, unsigned char **pp);
+X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
+
+int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
+
+void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
+ const X509 *x);
+int X509_get_signature_nid(const X509 *x);
+
+int X509_alias_set1(X509 *x, unsigned char *name, int len);
+int X509_keyid_set1(X509 *x, unsigned char *id, int len);
+unsigned char *X509_alias_get0(X509 *x, int *len);
+unsigned char *X509_keyid_get0(X509 *x, int *len);
+int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
+ int);
+int X509_TRUST_set(int *t, int trust);
+int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
+int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
+void X509_trust_clear(X509 *x);
+void X509_reject_clear(X509 *x);
+
+DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
+DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_CRL)
+
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+ X509_REVOKED **ret, ASN1_INTEGER *serial);
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+X509_PKEY *X509_PKEY_new(void);
+void X509_PKEY_free(X509_PKEY *a);
+
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
+
+X509_INFO *X509_INFO_new(void);
+void X509_INFO_free(X509_INFO *a);
+char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
+
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
+
+int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+ unsigned char *md, unsigned int *len);
+
+int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ char *data, EVP_PKEY *pkey, const EVP_MD *type);
+
+int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
+ unsigned char *md, unsigned int *len);
+
+int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
+
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
+ EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ void *asn, EVP_MD_CTX *ctx);
+
+int X509_set_version(X509 *x, long version);
+int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
+ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+int X509_set_issuer_name(X509 *x, X509_NAME *name);
+X509_NAME *X509_get_issuer_name(X509 *a);
+int X509_set_subject_name(X509 *x, X509_NAME *name);
+X509_NAME *X509_get_subject_name(X509 *a);
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
+int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+EVP_PKEY *X509_get_pubkey(X509 *x);
+ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
+int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
+
+int X509_REQ_set_version(X509_REQ *x, long version);
+int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+int X509_REQ_extension_nid(int nid);
+int *X509_REQ_get_extension_nids(void);
+void X509_REQ_set_extension_nids(int *nids);
+STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+ int nid);
+int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+int X509_REQ_get_attr_count(const X509_REQ *req);
+int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
+int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
+X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
+int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
+int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_NID(X509_REQ *req,
+ int nid, int type,
+ const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_txt(X509_REQ *req,
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
+
+int X509_CRL_set_version(X509_CRL *x, long version);
+int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_sort(X509_CRL *crl);
+
+int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
+int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
+ EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
+
+int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
+
+int X509_check_private_key(X509 *x509, EVP_PKEY *pkey);
+int X509_chain_check_suiteb(int *perror_depth,
+ X509 *x, STACK_OF(X509) *chain,
+ unsigned long flags);
+int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags);
+STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
+
+int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_and_serial_hash(X509 *a);
+
+int X509_issuer_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_name_hash(X509 *a);
+
+int X509_subject_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_subject_name_hash(X509 *x);
+
+# ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *a);
+unsigned long X509_subject_name_hash_old(X509 *x);
+# endif
+
+int X509_cmp(const X509 *a, const X509 *b);
+int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
+unsigned long X509_NAME_hash(X509_NAME *x);
+unsigned long X509_NAME_hash_old(X509_NAME *x);
+
+int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
+# ifndef OPENSSL_NO_STDIO
+int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_print_fp(FILE *bp, X509 *x);
+int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
+int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
+int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
+ unsigned long flags);
+# endif
+
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
+ unsigned long flags);
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_print(BIO *bp, X509 *x);
+int X509_ocspid_print(BIO *bp, X509 *x);
+int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
+int X509_CRL_print(BIO *bp, X509_CRL *x);
+int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_REQ_print(BIO *bp, X509_REQ *req);
+
+int X509_NAME_entry_count(X509_NAME *name);
+int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+ char *buf, int len);
+
+/*
+ * NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
+ * lastpos, search after that position on.
+ */
+int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+ int lastpos);
+X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
+ int loc, int set);
+int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
+ unsigned char *bytes, int len, int loc,
+ int set);
+int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+ unsigned char *bytes, int len, int loc,
+ int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
+ const char *field, int type,
+ const unsigned char *bytes,
+ int len);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+ int type, unsigned char *bytes,
+ int len);
+int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+ const unsigned char *bytes, int len, int loc,
+ int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+ ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes,
+ int len);
+int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
+int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+ const unsigned char *bytes, int len);
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
+
+int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+ int nid, int lastpos);
+int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+ ASN1_OBJECT *obj, int lastpos);
+int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+ int crit, int lastpos);
+X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+ X509_EXTENSION *ex, int loc);
+
+int X509_get_ext_count(X509 *x);
+int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
+int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos);
+int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
+X509_EXTENSION *X509_get_ext(X509 *x, int loc);
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
+int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+int X509_CRL_get_ext_count(X509_CRL *x);
+int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
+int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos);
+int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
+X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
+int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+int X509_REVOKED_get_ext_count(X509_REVOKED *x);
+int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
+int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
+ int lastpos);
+int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
+X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
+void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
+int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+ int nid, int crit,
+ ASN1_OCTET_STRING *data);
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+ ASN1_OBJECT *obj, int crit,
+ ASN1_OCTET_STRING *data);
+int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj);
+int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
+int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
+
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+ int lastpos);
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+ ASN1_OBJECT *obj, int lastpos);
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+ X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+ **x, const ASN1_OBJECT *obj,
+ int type,
+ const unsigned char *bytes,
+ int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+ **x, int nid, int type,
+ const unsigned char *bytes,
+ int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+ **x, const char *attrname,
+ int type,
+ const unsigned char *bytes,
+ int len);
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
+ int lastpos, int type);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
+ int atrtype, const void *data,
+ int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
+ const ASN1_OBJECT *obj,
+ int atrtype, const void *data,
+ int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+ const char *atrname, int type,
+ const unsigned char *bytes,
+ int len);
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
+ const void *data, int len);
+void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
+ void *data);
+int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
+ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
+ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
+
+int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
+int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
+ int nid, int type,
+ const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
+
+int X509_verify_cert(X509_STORE_CTX *ctx);
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
+ ASN1_INTEGER *serial);
+X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+ const unsigned char *salt, int saltlen);
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+ const unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen,
+ unsigned char *aiv, int prf_nid);
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen);
+
+/* PKCS#8 utilities */
+
+DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
+PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
+
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+ int version, int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+ int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, X509_PUBKEY *pub);
+
+int X509_check_trust(X509 *x, int id, int flags);
+int X509_TRUST_get_count(void);
+X509_TRUST *X509_TRUST_get0(int idx);
+int X509_TRUST_get_by_id(int id);
+int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
+ char *name, int arg1, void *arg2);
+void X509_TRUST_cleanup(void);
+int X509_TRUST_get_flags(X509_TRUST *xp);
+char *X509_TRUST_get0_name(X509_TRUST *xp);
+int X509_TRUST_get_trust(X509_TRUST *xp);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_X509_strings(void);
+
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+# define X509_F_ADD_CERT_DIR 100
+# define X509_F_BY_FILE_CTRL 101
+# define X509_F_CHECK_POLICY 145
+# define X509_F_DIR_CTRL 102
+# define X509_F_GET_CERT_BY_SUBJECT 103
+# define X509_F_NETSCAPE_SPKI_B64_DECODE 129
+# define X509_F_NETSCAPE_SPKI_B64_ENCODE 130
+# define X509_F_X509AT_ADD1_ATTR 135
+# define X509_F_X509V3_ADD_EXT 104
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
+# define X509_F_X509_ATTRIBUTE_GET0_DATA 139
+# define X509_F_X509_ATTRIBUTE_SET1_DATA 138
+# define X509_F_X509_CHECK_PRIVATE_KEY 128
+# define X509_F_X509_CRL_DIFF 105
+# define X509_F_X509_CRL_PRINT_FP 147
+# define X509_F_X509_EXTENSION_CREATE_BY_NID 108
+# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
+# define X509_F_X509_GET_PUBKEY_PARAMETERS 110
+# define X509_F_X509_LOAD_CERT_CRL_FILE 132
+# define X509_F_X509_LOAD_CERT_FILE 111
+# define X509_F_X509_LOAD_CRL_FILE 112
+# define X509_F_X509_NAME_ADD_ENTRY 113
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131
+# define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
+# define X509_F_X509_NAME_ONELINE 116
+# define X509_F_X509_NAME_PRINT 117
+# define X509_F_X509_PRINT_EX_FP 118
+# define X509_F_X509_PUBKEY_GET 119
+# define X509_F_X509_PUBKEY_SET 120
+# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144
+# define X509_F_X509_REQ_PRINT_EX 121
+# define X509_F_X509_REQ_PRINT_FP 122
+# define X509_F_X509_REQ_TO_X509 123
+# define X509_F_X509_STORE_ADD_CERT 124
+# define X509_F_X509_STORE_ADD_CRL 125
+# define X509_F_X509_STORE_CTX_GET1_ISSUER 146
+# define X509_F_X509_STORE_CTX_INIT 143
+# define X509_F_X509_STORE_CTX_NEW 142
+# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
+# define X509_F_X509_TO_X509_REQ 126
+# define X509_F_X509_TRUST_ADD 133
+# define X509_F_X509_TRUST_SET 141
+# define X509_F_X509_VERIFY_CERT 127
+
+/* Reason codes. */
+# define X509_R_AKID_MISMATCH 110
+# define X509_R_BAD_X509_FILETYPE 100
+# define X509_R_BASE64_DECODE_ERROR 118
+# define X509_R_CANT_CHECK_DH_KEY 114
+# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+# define X509_R_CRL_ALREADY_DELTA 127
+# define X509_R_CRL_VERIFY_FAILURE 131
+# define X509_R_ERR_ASN1_LIB 102
+# define X509_R_IDP_MISMATCH 128
+# define X509_R_INVALID_DIRECTORY 113
+# define X509_R_INVALID_FIELD_NAME 119
+# define X509_R_INVALID_TRUST 123
+# define X509_R_ISSUER_MISMATCH 129
+# define X509_R_KEY_TYPE_MISMATCH 115
+# define X509_R_KEY_VALUES_MISMATCH 116
+# define X509_R_LOADING_CERT_DIR 103
+# define X509_R_LOADING_DEFAULTS 104
+# define X509_R_METHOD_NOT_SUPPORTED 124
+# define X509_R_NEWER_CRL_NOT_NEWER 132
+# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+# define X509_R_NO_CRL_NUMBER 130
+# define X509_R_PUBLIC_KEY_DECODE_ERROR 125
+# define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
+# define X509_R_SHOULD_RETRY 106
+# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
+# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
+# define X509_R_UNKNOWN_KEY_TYPE 117
+# define X509_R_UNKNOWN_NID 109
+# define X509_R_UNKNOWN_PURPOSE_ID 121
+# define X509_R_UNKNOWN_TRUST_ID 120
+# define X509_R_UNSUPPORTED_ALGORITHM 111
+# define X509_R_WRONG_LOOKUP_TYPE 112
+# define X509_R_WRONG_TYPE 122
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/x509/x509_vfy.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_H
+# include <openssl/x509.h>
+/*
+ * openssl/x509.h ends up #include-ing this file at about the only
+ * appropriate moment.
+ */
+#endif
+
+#ifndef HEADER_X509_VFY_H
+# define HEADER_X509_VFY_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/lhash.h>
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/symhacks.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct x509_file_st {
+ int num_paths; /* number of paths to files or directories */
+ int num_alloced;
+ char **paths; /* the list of paths or directories */
+ int *path_type;
+} X509_CERT_FILE_CTX;
+
+/*******************************/
+/*-
+SSL_CTX -> X509_STORE
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+
+SSL -> X509_STORE_CTX
+ ->X509_STORE
+
+The X509_STORE holds the tables etc for verification stuff.
+A X509_STORE_CTX is used while validating a single certificate.
+The X509_STORE has X509_LOOKUPs for looking up certs.
+The X509_STORE then calls a function to actually verify the
+certificate chain.
+*/
+
+# define X509_LU_RETRY -1
+# define X509_LU_FAIL 0
+# define X509_LU_X509 1
+# define X509_LU_CRL 2
+# define X509_LU_PKEY 3
+
+typedef struct x509_object_st {
+ /* one of the above types */
+ int type;
+ union {
+ char *ptr;
+ X509 *x509;
+ X509_CRL *crl;
+ EVP_PKEY *pkey;
+ } data;
+} X509_OBJECT;
+
+typedef struct x509_lookup_st X509_LOOKUP;
+
+DECLARE_STACK_OF(X509_LOOKUP)
+DECLARE_STACK_OF(X509_OBJECT)
+
+/* This is a static that defines the function interface */
+typedef struct x509_lookup_method_st {
+ const char *name;
+ int (*new_item) (X509_LOOKUP *ctx);
+ void (*free) (X509_LOOKUP *ctx);
+ int (*init) (X509_LOOKUP *ctx);
+ int (*shutdown) (X509_LOOKUP *ctx);
+ int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+ char **ret);
+ int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+ int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
+ ASN1_INTEGER *serial, X509_OBJECT *ret);
+ int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
+ unsigned char *bytes, int len,
+ X509_OBJECT *ret);
+ int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
+ X509_OBJECT *ret);
+} X509_LOOKUP_METHOD;
+
+typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID;
+
+/*
+ * This structure hold all parameters associated with a verify operation by
+ * including an X509_VERIFY_PARAM structure in related structures the
+ * parameters used can be customized
+ */
+
+typedef struct X509_VERIFY_PARAM_st {
+ char *name;
+ time_t check_time; /* Time to use */
+ unsigned long inh_flags; /* Inheritance flags */
+ unsigned long flags; /* Various verify flags */
+ int purpose; /* purpose to check untrusted certificates */
+ int trust; /* trust setting to check */
+ int depth; /* Verify depth */
+ STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
+ X509_VERIFY_PARAM_ID *id; /* opaque ID data */
+} X509_VERIFY_PARAM;
+
+DECLARE_STACK_OF(X509_VERIFY_PARAM)
+
+/*
+ * This is used to hold everything. It is used for all certificate
+ * validation. Once we have a certificate chain, the 'verify' function is
+ * then called to actually check the cert chain.
+ */
+struct x509_store_st {
+ /* The following is a cache of trusted certs */
+ int cache; /* if true, stash any hits */
+ STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
+ /* These are external lookup methods */
+ STACK_OF(X509_LOOKUP) *get_cert_methods;
+ X509_VERIFY_PARAM *param;
+ /* Callbacks for various operations */
+ /* called to verify a certificate */
+ int (*verify) (X509_STORE_CTX *ctx);
+ /* error callback */
+ int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
+ /* get issuers cert from ctx */
+ int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+ /* check issued */
+ int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+ /* Check revocation status of chain */
+ int (*check_revocation) (X509_STORE_CTX *ctx);
+ /* retrieve CRL */
+ int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+ /* Check CRL validity */
+ int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
+ /* Check certificate against CRL */
+ int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
+ STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ int (*cleanup) (X509_STORE_CTX *ctx);
+ CRYPTO_EX_DATA ex_data;
+ int references;
+} /* X509_STORE */ ;
+
+int X509_STORE_set_depth(X509_STORE *store, int depth);
+
+# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
+# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
+
+/* This is the functions plus an instance of the local variables. */
+struct x509_lookup_st {
+ int init; /* have we been started */
+ int skip; /* don't use us. */
+ X509_LOOKUP_METHOD *method; /* the functions */
+ char *method_data; /* method data */
+ X509_STORE *store_ctx; /* who owns us */
+} /* X509_LOOKUP */ ;
+
+/*
+ * This is a used when verifying cert chains. Since the gathering of the
+ * cert chain can take some time (and have to be 'retried', this needs to be
+ * kept and passed around.
+ */
+struct x509_store_ctx_st { /* X509_STORE_CTX */
+ X509_STORE *ctx;
+ /* used when looking up certs */
+ int current_method;
+ /* The following are set by the caller */
+ /* The cert to check */
+ X509 *cert;
+ /* chain of X509s - untrusted - passed in */
+ STACK_OF(X509) *untrusted;
+ /* set of CRLs passed in */
+ STACK_OF(X509_CRL) *crls;
+ X509_VERIFY_PARAM *param;
+ /* Other info for use with get_issuer() */
+ void *other_ctx;
+ /* Callbacks for various operations */
+ /* called to verify a certificate */
+ int (*verify) (X509_STORE_CTX *ctx);
+ /* error callback */
+ int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
+ /* get issuers cert from ctx */
+ int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+ /* check issued */
+ int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+ /* Check revocation status of chain */
+ int (*check_revocation) (X509_STORE_CTX *ctx);
+ /* retrieve CRL */
+ int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+ /* Check CRL validity */
+ int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
+ /* Check certificate against CRL */
+ int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
+ int (*check_policy) (X509_STORE_CTX *ctx);
+ STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ int (*cleanup) (X509_STORE_CTX *ctx);
+ /* The following is built up */
+ /* if 0, rebuild chain */
+ int valid;
+ /* index of last untrusted cert */
+ int last_untrusted;
+ /* chain of X509s - built up and trusted */
+ STACK_OF(X509) *chain;
+ /* Valid policy tree */
+ X509_POLICY_TREE *tree;
+ /* Require explicit policy value */
+ int explicit_policy;
+ /* When something goes wrong, this is why */
+ int error_depth;
+ int error;
+ X509 *current_cert;
+ /* cert currently being tested as valid issuer */
+ X509 *current_issuer;
+ /* current CRL */
+ X509_CRL *current_crl;
+ /* score of current CRL */
+ int current_crl_score;
+ /* Reason mask */
+ unsigned int current_reasons;
+ /* For CRL path validation: parent context */
+ X509_STORE_CTX *parent;
+ CRYPTO_EX_DATA ex_data;
+} /* X509_STORE_CTX */ ;
+
+void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+
+# define X509_STORE_CTX_set_app_data(ctx,data) \
+ X509_STORE_CTX_set_ex_data(ctx,0,data)
+# define X509_STORE_CTX_get_app_data(ctx) \
+ X509_STORE_CTX_get_ex_data(ctx,0)
+
+# define X509_L_FILE_LOAD 1
+# define X509_L_ADD_DIR 2
+
+# define X509_LOOKUP_load_file(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
+
+# define X509_LOOKUP_add_dir(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
+
+# define X509_V_OK 0
+/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
+
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
+# define X509_V_ERR_UNABLE_TO_GET_CRL 3
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
+# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
+# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
+# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
+# define X509_V_ERR_CERT_NOT_YET_VALID 9
+# define X509_V_ERR_CERT_HAS_EXPIRED 10
+# define X509_V_ERR_CRL_NOT_YET_VALID 11
+# define X509_V_ERR_CRL_HAS_EXPIRED 12
+# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
+# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
+# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
+# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
+# define X509_V_ERR_OUT_OF_MEM 17
+# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
+# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
+# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
+# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
+# define X509_V_ERR_CERT_REVOKED 23
+# define X509_V_ERR_INVALID_CA 24
+# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
+# define X509_V_ERR_INVALID_PURPOSE 26
+# define X509_V_ERR_CERT_UNTRUSTED 27
+# define X509_V_ERR_CERT_REJECTED 28
+/* These are 'informational' when looking for issuer cert */
+# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
+# define X509_V_ERR_AKID_SKID_MISMATCH 30
+# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
+# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
+
+# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
+# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
+# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
+# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
+# define X509_V_ERR_INVALID_NON_CA 37
+# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
+# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
+# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
+
+# define X509_V_ERR_INVALID_EXTENSION 41
+# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
+# define X509_V_ERR_NO_EXPLICIT_POLICY 43
+# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
+# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
+
+# define X509_V_ERR_UNNESTED_RESOURCE 46
+
+# define X509_V_ERR_PERMITTED_VIOLATION 47
+# define X509_V_ERR_EXCLUDED_VIOLATION 48
+# define X509_V_ERR_SUBTREE_MINMAX 49
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
+# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
+# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
+/* Another issuer check debug option */
+# define X509_V_ERR_PATH_LOOP 55
+/* Suite B mode algorithm violation */
+# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
+# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
+# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
+# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
+# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
+# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
+/* Host, email and IP check errors */
+# define X509_V_ERR_HOSTNAME_MISMATCH 62
+# define X509_V_ERR_EMAIL_MISMATCH 63
+# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
+
+/* The application is not happy */
+# define X509_V_ERR_APPLICATION_VERIFICATION 50
+
+/* Certificate verify flags */
+
+/* Send issuer+subject checks to verify_cb */
+# define X509_V_FLAG_CB_ISSUER_CHECK 0x1
+/* Use check time instead of current time */
+# define X509_V_FLAG_USE_CHECK_TIME 0x2
+/* Lookup CRLs */
+# define X509_V_FLAG_CRL_CHECK 0x4
+/* Lookup CRLs for whole chain */
+# define X509_V_FLAG_CRL_CHECK_ALL 0x8
+/* Ignore unhandled critical extensions */
+# define X509_V_FLAG_IGNORE_CRITICAL 0x10
+/* Disable workarounds for broken certificates */
+# define X509_V_FLAG_X509_STRICT 0x20
+/* Enable proxy certificate validation */
+# define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
+/* Enable policy checking */
+# define X509_V_FLAG_POLICY_CHECK 0x80
+/* Policy variable require-explicit-policy */
+# define X509_V_FLAG_EXPLICIT_POLICY 0x100
+/* Policy variable inhibit-any-policy */
+# define X509_V_FLAG_INHIBIT_ANY 0x200
+/* Policy variable inhibit-policy-mapping */
+# define X509_V_FLAG_INHIBIT_MAP 0x400
+/* Notify callback that policy is OK */
+# define X509_V_FLAG_NOTIFY_POLICY 0x800
+/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
+# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
+/* Delta CRL support */
+# define X509_V_FLAG_USE_DELTAS 0x2000
+/* Check selfsigned CA signature */
+# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
+/* Use trusted store first */
+# define X509_V_FLAG_TRUSTED_FIRST 0x8000
+/* Suite B 128 bit only mode: not normally used */
+# define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
+/* Suite B 192 bit only mode */
+# define X509_V_FLAG_SUITEB_192_LOS 0x20000
+/* Suite B 128 bit mode allowing 192 bit algorithms */
+# define X509_V_FLAG_SUITEB_128_LOS 0x30000
+/* Allow partial chains if at least one certificate is in trusted store */
+# define X509_V_FLAG_PARTIAL_CHAIN 0x80000
+/*
+ * If the initial chain is not trusted, do not attempt to build an alternative
+ * chain. Alternate chain checking was introduced in 1.1.0. Setting this flag
+ * will force the behaviour to match that of previous versions.
+ */
+# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
+
+# define X509_VP_FLAG_DEFAULT 0x1
+# define X509_VP_FLAG_OVERWRITE 0x2
+# define X509_VP_FLAG_RESET_FLAGS 0x4
+# define X509_VP_FLAG_LOCKED 0x8
+# define X509_VP_FLAG_ONCE 0x10
+
+/* Internal use: mask of policy related options */
+# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
+ | X509_V_FLAG_EXPLICIT_POLICY \
+ | X509_V_FLAG_INHIBIT_ANY \
+ | X509_V_FLAG_INHIBIT_MAP)
+
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+ X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+ int type, X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+ X509_OBJECT *x);
+void X509_OBJECT_up_ref_count(X509_OBJECT *a);
+void X509_OBJECT_free_contents(X509_OBJECT *a);
+X509_STORE *X509_STORE_new(void);
+void X509_STORE_free(X509_STORE *v);
+
+STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *));
+
+void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+ STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
+ *ctx,
+ X509_NAME *nm));
+
+X509_STORE_CTX *X509_STORE_CTX_new(void);
+
+int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+
+void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ X509 *x509, STACK_OF(X509) *chain);
+void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+
+X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+
+int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
+ long argl, char **ret);
+
+# ifndef OPENSSL_NO_STDIO
+int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+# endif
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
+void X509_LOOKUP_free(X509_LOOKUP *ctx);
+int X509_LOOKUP_init(X509_LOOKUP *ctx);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ ASN1_INTEGER *serial, X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+ unsigned char *bytes, int len,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
+ X509_OBJECT *ret);
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
+
+# ifndef OPENSSL_NO_STDIO
+int X509_STORE_load_locations(X509_STORE *ctx,
+ const char *file, const char *dir);
+int X509_STORE_set_default_paths(X509_STORE *ctx);
+# endif
+
+int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
+void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
+void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
+void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
+int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
+int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
+ int purpose, int trust);
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
+ time_t t);
+void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *));
+
+X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+/* X509_VERIFY_PARAM functions */
+
+X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
+void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
+ const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
+ const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
+int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+ ASN1_OBJECT *policy);
+int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+ STACK_OF(ASN1_OBJECT) *policies);
+
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+ const char *name, size_t namelen);
+int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+ const char *name, size_t namelen);
+void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+ unsigned int flags);
+char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
+int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+ const char *email, size_t emaillen);
+int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+ const unsigned char *ip, size_t iplen);
+int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
+ const char *ipasc);
+
+int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
+
+int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_get_count(void);
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
+void X509_VERIFY_PARAM_table_cleanup(void);
+
+int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
+ STACK_OF(X509) *certs,
+ STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
+
+void X509_policy_tree_free(X509_POLICY_TREE *tree);
+
+int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
+X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
+ int i);
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
+ X509_POLICY_TREE
+ *tree);
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
+ X509_POLICY_TREE
+ *tree);
+
+int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
+
+X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
+ int i);
+
+const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
+
+STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
+ X509_POLICY_NODE
+ *node);
+const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
+ *node);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* x509v3.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_X509V3_H
+# define HEADER_X509V3_H
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+# include <openssl/conf.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_SYS_WIN32
+/* Under Win32 these are defined in wincrypt.h */
+# undef X509_NAME
+# undef X509_EXTENSIONS
+# endif
+
+/* Forward reference */
+struct v3_ext_method;
+struct v3_ext_ctx;
+
+/* Useful typedefs */
+
+typedef void *(*X509V3_EXT_NEW)(void);
+typedef void (*X509V3_EXT_FREE) (void *);
+typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
+typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
+typedef STACK_OF(CONF_VALUE) *
+ (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
+ STACK_OF(CONF_VALUE) *extlist);
+typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
+ struct v3_ext_ctx *ctx,
+ STACK_OF(CONF_VALUE) *values);
+typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
+ void *ext);
+typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
+ struct v3_ext_ctx *ctx, const char *str);
+typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
+ BIO *out, int indent);
+typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
+ struct v3_ext_ctx *ctx, const char *str);
+
+/* V3 extension structure */
+
+struct v3_ext_method {
+ int ext_nid;
+ int ext_flags;
+/* If this is set the following four fields are ignored */
+ ASN1_ITEM_EXP *it;
+/* Old style ASN1 calls */
+ X509V3_EXT_NEW ext_new;
+ X509V3_EXT_FREE ext_free;
+ X509V3_EXT_D2I d2i;
+ X509V3_EXT_I2D i2d;
+/* The following pair is used for string extensions */
+ X509V3_EXT_I2S i2s;
+ X509V3_EXT_S2I s2i;
+/* The following pair is used for multi-valued extensions */
+ X509V3_EXT_I2V i2v;
+ X509V3_EXT_V2I v2i;
+/* The following are used for raw extensions */
+ X509V3_EXT_I2R i2r;
+ X509V3_EXT_R2I r2i;
+ void *usr_data; /* Any extension specific data */
+};
+
+typedef struct X509V3_CONF_METHOD_st {
+ char *(*get_string) (void *db, char *section, char *value);
+ STACK_OF(CONF_VALUE) *(*get_section) (void *db, char *section);
+ void (*free_string) (void *db, char *string);
+ void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
+} X509V3_CONF_METHOD;
+
+/* Context specific info */
+struct v3_ext_ctx {
+# define CTX_TEST 0x1
+# define X509V3_CTX_REPLACE 0x2
+ int flags;
+ X509 *issuer_cert;
+ X509 *subject_cert;
+ X509_REQ *subject_req;
+ X509_CRL *crl;
+ X509V3_CONF_METHOD *db_meth;
+ void *db;
+/* Maybe more here */
+};
+
+typedef struct v3_ext_method X509V3_EXT_METHOD;
+
+DECLARE_STACK_OF(X509V3_EXT_METHOD)
+
+/* ext_flags values */
+# define X509V3_EXT_DYNAMIC 0x1
+# define X509V3_EXT_CTX_DEP 0x2
+# define X509V3_EXT_MULTILINE 0x4
+
+typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
+
+typedef struct BASIC_CONSTRAINTS_st {
+ int ca;
+ ASN1_INTEGER *pathlen;
+} BASIC_CONSTRAINTS;
+
+typedef struct PKEY_USAGE_PERIOD_st {
+ ASN1_GENERALIZEDTIME *notBefore;
+ ASN1_GENERALIZEDTIME *notAfter;
+} PKEY_USAGE_PERIOD;
+
+typedef struct otherName_st {
+ ASN1_OBJECT *type_id;
+ ASN1_TYPE *value;
+} OTHERNAME;
+
+typedef struct EDIPartyName_st {
+ ASN1_STRING *nameAssigner;
+ ASN1_STRING *partyName;
+} EDIPARTYNAME;
+
+typedef struct GENERAL_NAME_st {
+# define GEN_OTHERNAME 0
+# define GEN_EMAIL 1
+# define GEN_DNS 2
+# define GEN_X400 3
+# define GEN_DIRNAME 4
+# define GEN_EDIPARTY 5
+# define GEN_URI 6
+# define GEN_IPADD 7
+# define GEN_RID 8
+ int type;
+ union {
+ char *ptr;
+ OTHERNAME *otherName; /* otherName */
+ ASN1_IA5STRING *rfc822Name;
+ ASN1_IA5STRING *dNSName;
+ ASN1_TYPE *x400Address;
+ X509_NAME *directoryName;
+ EDIPARTYNAME *ediPartyName;
+ ASN1_IA5STRING *uniformResourceIdentifier;
+ ASN1_OCTET_STRING *iPAddress;
+ ASN1_OBJECT *registeredID;
+ /* Old names */
+ ASN1_OCTET_STRING *ip; /* iPAddress */
+ X509_NAME *dirn; /* dirn */
+ ASN1_IA5STRING *ia5; /* rfc822Name, dNSName,
+ * uniformResourceIdentifier */
+ ASN1_OBJECT *rid; /* registeredID */
+ ASN1_TYPE *other; /* x400Address */
+ } d;
+} GENERAL_NAME;
+
+typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+
+typedef struct ACCESS_DESCRIPTION_st {
+ ASN1_OBJECT *method;
+ GENERAL_NAME *location;
+} ACCESS_DESCRIPTION;
+
+typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
+typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+
+DECLARE_STACK_OF(GENERAL_NAME)
+
+DECLARE_STACK_OF(ACCESS_DESCRIPTION)
+
+typedef struct DIST_POINT_NAME_st {
+ int type;
+ union {
+ GENERAL_NAMES *fullname;
+ STACK_OF(X509_NAME_ENTRY) *relativename;
+ } name;
+/* If relativename then this contains the full distribution point name */
+ X509_NAME *dpname;
+} DIST_POINT_NAME;
+/* All existing reasons */
+# define CRLDP_ALL_REASONS 0x807f
+
+# define CRL_REASON_NONE -1
+# define CRL_REASON_UNSPECIFIED 0
+# define CRL_REASON_KEY_COMPROMISE 1
+# define CRL_REASON_CA_COMPROMISE 2
+# define CRL_REASON_AFFILIATION_CHANGED 3
+# define CRL_REASON_SUPERSEDED 4
+# define CRL_REASON_CESSATION_OF_OPERATION 5
+# define CRL_REASON_CERTIFICATE_HOLD 6
+# define CRL_REASON_REMOVE_FROM_CRL 8
+# define CRL_REASON_PRIVILEGE_WITHDRAWN 9
+# define CRL_REASON_AA_COMPROMISE 10
+
+struct DIST_POINT_st {
+ DIST_POINT_NAME *distpoint;
+ ASN1_BIT_STRING *reasons;
+ GENERAL_NAMES *CRLissuer;
+ int dp_reasons;
+};
+
+typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
+DECLARE_STACK_OF(DIST_POINT)
+
+struct AUTHORITY_KEYID_st {
+ ASN1_OCTET_STRING *keyid;
+ GENERAL_NAMES *issuer;
+ ASN1_INTEGER *serial;
+};
+
+/* Strong extranet structures */
+
+typedef struct SXNET_ID_st {
+ ASN1_INTEGER *zone;
+ ASN1_OCTET_STRING *user;
+} SXNETID;
+
+DECLARE_STACK_OF(SXNETID)
+
+typedef struct SXNET_st {
+ ASN1_INTEGER *version;
+ STACK_OF(SXNETID) *ids;
+} SXNET;
+
+typedef struct NOTICEREF_st {
+ ASN1_STRING *organization;
+ STACK_OF(ASN1_INTEGER) *noticenos;
+} NOTICEREF;
+
+typedef struct USERNOTICE_st {
+ NOTICEREF *noticeref;
+ ASN1_STRING *exptext;
+} USERNOTICE;
+
+typedef struct POLICYQUALINFO_st {
+ ASN1_OBJECT *pqualid;
+ union {
+ ASN1_IA5STRING *cpsuri;
+ USERNOTICE *usernotice;
+ ASN1_TYPE *other;
+ } d;
+} POLICYQUALINFO;
+
+DECLARE_STACK_OF(POLICYQUALINFO)
+
+typedef struct POLICYINFO_st {
+ ASN1_OBJECT *policyid;
+ STACK_OF(POLICYQUALINFO) *qualifiers;
+} POLICYINFO;
+
+typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+
+DECLARE_STACK_OF(POLICYINFO)
+
+typedef struct POLICY_MAPPING_st {
+ ASN1_OBJECT *issuerDomainPolicy;
+ ASN1_OBJECT *subjectDomainPolicy;
+} POLICY_MAPPING;
+
+DECLARE_STACK_OF(POLICY_MAPPING)
+
+typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+
+typedef struct GENERAL_SUBTREE_st {
+ GENERAL_NAME *base;
+ ASN1_INTEGER *minimum;
+ ASN1_INTEGER *maximum;
+} GENERAL_SUBTREE;
+
+DECLARE_STACK_OF(GENERAL_SUBTREE)
+
+struct NAME_CONSTRAINTS_st {
+ STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
+ STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
+};
+
+typedef struct POLICY_CONSTRAINTS_st {
+ ASN1_INTEGER *requireExplicitPolicy;
+ ASN1_INTEGER *inhibitPolicyMapping;
+} POLICY_CONSTRAINTS;
+
+/* Proxy certificate structures, see RFC 3820 */
+typedef struct PROXY_POLICY_st {
+ ASN1_OBJECT *policyLanguage;
+ ASN1_OCTET_STRING *policy;
+} PROXY_POLICY;
+
+typedef struct PROXY_CERT_INFO_EXTENSION_st {
+ ASN1_INTEGER *pcPathLengthConstraint;
+ PROXY_POLICY *proxyPolicy;
+} PROXY_CERT_INFO_EXTENSION;
+
+DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+struct ISSUING_DIST_POINT_st {
+ DIST_POINT_NAME *distpoint;
+ int onlyuser;
+ int onlyCA;
+ ASN1_BIT_STRING *onlysomereasons;
+ int indirectCRL;
+ int onlyattr;
+};
+
+/* Values in idp_flags field */
+/* IDP present */
+# define IDP_PRESENT 0x1
+/* IDP values inconsistent */
+# define IDP_INVALID 0x2
+/* onlyuser true */
+# define IDP_ONLYUSER 0x4
+/* onlyCA true */
+# define IDP_ONLYCA 0x8
+/* onlyattr true */
+# define IDP_ONLYATTR 0x10
+/* indirectCRL true */
+# define IDP_INDIRECT 0x20
+/* onlysomereasons present */
+# define IDP_REASONS 0x40
+
+# define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
+",name:", val->name, ",value:", val->value);
+
+# define X509V3_set_ctx_test(ctx) \
+ X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
+# define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
+
+# define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
+ 0,0,0,0, \
+ 0,0, \
+ (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
+ (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
+ NULL, NULL, \
+ table}
+
+# define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
+ 0,0,0,0, \
+ (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
+ (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
+ 0,0,0,0, \
+ NULL}
+
+# define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
+
+/* X509_PURPOSE stuff */
+
+# define EXFLAG_BCONS 0x1
+# define EXFLAG_KUSAGE 0x2
+# define EXFLAG_XKUSAGE 0x4
+# define EXFLAG_NSCERT 0x8
+
+# define EXFLAG_CA 0x10
+/* Really self issued not necessarily self signed */
+# define EXFLAG_SI 0x20
+# define EXFLAG_V1 0x40
+# define EXFLAG_INVALID 0x80
+# define EXFLAG_SET 0x100
+# define EXFLAG_CRITICAL 0x200
+# define EXFLAG_PROXY 0x400
+
+# define EXFLAG_INVALID_POLICY 0x800
+# define EXFLAG_FRESHEST 0x1000
+/* Self signed */
+# define EXFLAG_SS 0x2000
+
+# define KU_DIGITAL_SIGNATURE 0x0080
+# define KU_NON_REPUDIATION 0x0040
+# define KU_KEY_ENCIPHERMENT 0x0020
+# define KU_DATA_ENCIPHERMENT 0x0010
+# define KU_KEY_AGREEMENT 0x0008
+# define KU_KEY_CERT_SIGN 0x0004
+# define KU_CRL_SIGN 0x0002
+# define KU_ENCIPHER_ONLY 0x0001
+# define KU_DECIPHER_ONLY 0x8000
+
+# define NS_SSL_CLIENT 0x80
+# define NS_SSL_SERVER 0x40
+# define NS_SMIME 0x20
+# define NS_OBJSIGN 0x10
+# define NS_SSL_CA 0x04
+# define NS_SMIME_CA 0x02
+# define NS_OBJSIGN_CA 0x01
+# define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
+
+# define XKU_SSL_SERVER 0x1
+# define XKU_SSL_CLIENT 0x2
+# define XKU_SMIME 0x4
+# define XKU_CODE_SIGN 0x8
+# define XKU_SGC 0x10
+# define XKU_OCSP_SIGN 0x20
+# define XKU_TIMESTAMP 0x40
+# define XKU_DVCS 0x80
+# define XKU_ANYEKU 0x100
+
+# define X509_PURPOSE_DYNAMIC 0x1
+# define X509_PURPOSE_DYNAMIC_NAME 0x2
+
+typedef struct x509_purpose_st {
+ int purpose;
+ int trust; /* Default trust ID */
+ int flags;
+ int (*check_purpose) (const struct x509_purpose_st *, const X509 *, int);
+ char *name;
+ char *sname;
+ void *usr_data;
+} X509_PURPOSE;
+
+# define X509_PURPOSE_SSL_CLIENT 1
+# define X509_PURPOSE_SSL_SERVER 2
+# define X509_PURPOSE_NS_SSL_SERVER 3
+# define X509_PURPOSE_SMIME_SIGN 4
+# define X509_PURPOSE_SMIME_ENCRYPT 5
+# define X509_PURPOSE_CRL_SIGN 6
+# define X509_PURPOSE_ANY 7
+# define X509_PURPOSE_OCSP_HELPER 8
+# define X509_PURPOSE_TIMESTAMP_SIGN 9
+
+# define X509_PURPOSE_MIN 1
+# define X509_PURPOSE_MAX 9
+
+/* Flags for X509V3_EXT_print() */
+
+# define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
+/* Return error for unknown extensions */
+# define X509V3_EXT_DEFAULT 0
+/* Print error for unknown extensions */
+# define X509V3_EXT_ERROR_UNKNOWN (1L << 16)
+/* ASN1 parse unknown extensions */
+# define X509V3_EXT_PARSE_UNKNOWN (2L << 16)
+/* BIO_dump unknown extensions */
+# define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
+
+/* Flags for X509V3_add1_i2d */
+
+# define X509V3_ADD_OP_MASK 0xfL
+# define X509V3_ADD_DEFAULT 0L
+# define X509V3_ADD_APPEND 1L
+# define X509V3_ADD_REPLACE 2L
+# define X509V3_ADD_REPLACE_EXISTING 3L
+# define X509V3_ADD_KEEP_EXISTING 4L
+# define X509V3_ADD_DELETE 5L
+# define X509V3_ADD_SILENT 0x10
+
+DECLARE_STACK_OF(X509_PURPOSE)
+
+DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
+
+DECLARE_ASN1_FUNCTIONS(SXNET)
+DECLARE_ASN1_FUNCTIONS(SXNETID)
+
+int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
+int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
+ int userlen);
+int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user,
+ int userlen);
+
+ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
+ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
+ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
+
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+
+DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
+
+ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval);
+STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ ASN1_BIT_STRING *bits,
+ STACK_OF(CONF_VALUE) *extlist);
+char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
+ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, char *str);
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
+ GENERAL_NAME *gen,
+ STACK_OF(CONF_VALUE) *ret);
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+ GENERAL_NAMES *gen,
+ STACK_OF(CONF_VALUE) *extlist);
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+
+DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
+void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+ ASN1_OBJECT *oid, ASN1_TYPE *value);
+int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
+ ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
+
+char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+ ASN1_OCTET_STRING *ia5);
+ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, char *str);
+
+DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a);
+
+DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+
+DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
+
+DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
+DECLARE_ASN1_ITEM(POLICY_MAPPING)
+DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
+DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
+
+DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
+DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
+
+DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
+DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
+
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, int gen_type, char *value,
+ int is_nc);
+
+# ifdef HEADER_CONF_H
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf);
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf,
+ int is_nc);
+void X509V3_conf_free(CONF_VALUE *val);
+
+X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
+ char *value);
+X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
+ char *value);
+int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
+ STACK_OF(X509_EXTENSION) **sk);
+int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+ X509 *cert);
+int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+ X509_REQ *req);
+int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+ X509_CRL *crl);
+
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+ X509V3_CTX *ctx, int ext_nid,
+ char *value);
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *name, char *value);
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509 *cert);
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509_REQ *req);
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509_CRL *crl);
+
+int X509V3_add_value_bool_nf(char *name, int asn1_bool,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
+int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
+void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
+# endif
+
+char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
+STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, char *section);
+void X509V3_string_free(X509V3_CTX *ctx, char *str);
+void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
+void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
+ X509_REQ *req, X509_CRL *crl, int flags);
+
+int X509V3_add_value(const char *name, const char *value,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_uchar(const char *name, const unsigned char *value,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+ STACK_OF(CONF_VALUE) **extlist);
+char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
+ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
+char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
+char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
+ ASN1_ENUMERATED *aint);
+int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
+int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
+int X509V3_EXT_add_alias(int nid_to, int nid_from);
+void X509V3_EXT_cleanup(void);
+
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
+int X509V3_add_standard_extensions(void);
+STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
+void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+ int *idx);
+
+X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
+int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+ int crit, unsigned long flags);
+
+char *hex_to_string(const unsigned char *buffer, long len);
+unsigned char *string_to_hex(const char *str, long *len);
+int name_cmp(const char *name, const char *cmp);
+
+void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
+ int ml);
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
+ int indent);
+int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+
+int X509V3_extensions_print(BIO *out, char *title,
+ STACK_OF(X509_EXTENSION) *exts,
+ unsigned long flag, int indent);
+
+int X509_check_ca(X509 *x);
+int X509_check_purpose(X509 *x, int id, int ca);
+int X509_supported_extension(X509_EXTENSION *ex);
+int X509_PURPOSE_set(int *p, int purpose);
+int X509_check_issued(X509 *issuer, X509 *subject);
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
+int X509_PURPOSE_get_count(void);
+X509_PURPOSE *X509_PURPOSE_get0(int idx);
+int X509_PURPOSE_get_by_sname(char *sname);
+int X509_PURPOSE_get_by_id(int id);
+int X509_PURPOSE_add(int id, int trust, int flags,
+ int (*ck) (const X509_PURPOSE *, const X509 *, int),
+ char *name, char *sname, void *arg);
+char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
+char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
+int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
+void X509_PURPOSE_cleanup(void);
+int X509_PURPOSE_get_id(X509_PURPOSE *);
+
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
+/* Flags for X509_check_* functions */
+
+/*
+ * Always check subject name for host match even if subject alt names present
+ */
+# define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1
+/* Disable wildcard matching for dnsName fields and common name. */
+# define X509_CHECK_FLAG_NO_WILDCARDS 0x2
+/* Wildcards must not match a partial label. */
+# define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
+/* Allow (non-partial) wildcards to match multiple labels. */
+# define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
+/* Constraint verifier subdomain patterns to match a single labels. */
+# define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
+/*
+ * Match reference identifiers starting with "." to any sub-domain.
+ * This is a non-public flag, turned on implicitly when the subject
+ * reference identity is a DNS name.
+ */
+# define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
+
+int X509_check_host(X509 *x, const char *chk, size_t chklen,
+ unsigned int flags, char **peername);
+int X509_check_email(X509 *x, const char *chk, size_t chklen,
+ unsigned int flags);
+int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
+ unsigned int flags);
+int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
+
+ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
+ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
+int a2i_ipadd(unsigned char *ipout, const char *ipasc);
+int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
+ unsigned long chtype);
+
+void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
+DECLARE_STACK_OF(X509_POLICY_NODE)
+
+typedef struct ASRange_st {
+ ASN1_INTEGER *min, *max;
+} ASRange;
+
+# define ASIdOrRange_id 0
+# define ASIdOrRange_range 1
+
+typedef struct ASIdOrRange_st {
+ int type;
+ union {
+ ASN1_INTEGER *id;
+ ASRange *range;
+ } u;
+} ASIdOrRange;
+
+typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
+DECLARE_STACK_OF(ASIdOrRange)
+
+# define ASIdentifierChoice_inherit 0
+# define ASIdentifierChoice_asIdsOrRanges 1
+
+typedef struct ASIdentifierChoice_st {
+ int type;
+ union {
+ ASN1_NULL *inherit;
+ ASIdOrRanges *asIdsOrRanges;
+ } u;
+} ASIdentifierChoice;
+
+typedef struct ASIdentifiers_st {
+ ASIdentifierChoice *asnum, *rdi;
+} ASIdentifiers;
+
+DECLARE_ASN1_FUNCTIONS(ASRange)
+DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
+DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
+DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
+
+typedef struct IPAddressRange_st {
+ ASN1_BIT_STRING *min, *max;
+} IPAddressRange;
+
+# define IPAddressOrRange_addressPrefix 0
+# define IPAddressOrRange_addressRange 1
+
+typedef struct IPAddressOrRange_st {
+ int type;
+ union {
+ ASN1_BIT_STRING *addressPrefix;
+ IPAddressRange *addressRange;
+ } u;
+} IPAddressOrRange;
+
+typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
+DECLARE_STACK_OF(IPAddressOrRange)
+
+# define IPAddressChoice_inherit 0
+# define IPAddressChoice_addressesOrRanges 1
+
+typedef struct IPAddressChoice_st {
+ int type;
+ union {
+ ASN1_NULL *inherit;
+ IPAddressOrRanges *addressesOrRanges;
+ } u;
+} IPAddressChoice;
+
+typedef struct IPAddressFamily_st {
+ ASN1_OCTET_STRING *addressFamily;
+ IPAddressChoice *ipAddressChoice;
+} IPAddressFamily;
+
+typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
+DECLARE_STACK_OF(IPAddressFamily)
+
+DECLARE_ASN1_FUNCTIONS(IPAddressRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
+DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
+
+/*
+ * API tag for elements of the ASIdentifer SEQUENCE.
+ */
+# define V3_ASID_ASNUM 0
+# define V3_ASID_RDI 1
+
+/*
+ * AFI values, assigned by IANA. It'd be nice to make the AFI
+ * handling code totally generic, but there are too many little things
+ * that would need to be defined for other address families for it to
+ * be worth the trouble.
+ */
+# define IANA_AFI_IPV4 1
+# define IANA_AFI_IPV6 2
+
+/*
+ * Utilities to construct and extract values from RFC3779 extensions,
+ * since some of the encodings (particularly for IP address prefixes
+ * and ranges) are a bit tedious to work with directly.
+ */
+int v3_asid_add_inherit(ASIdentifiers *asid, int which);
+int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
+ ASN1_INTEGER *min, ASN1_INTEGER *max);
+int v3_addr_add_inherit(IPAddrBlocks *addr,
+ const unsigned afi, const unsigned *safi);
+int v3_addr_add_prefix(IPAddrBlocks *addr,
+ const unsigned afi, const unsigned *safi,
+ unsigned char *a, const int prefixlen);
+int v3_addr_add_range(IPAddrBlocks *addr,
+ const unsigned afi, const unsigned *safi,
+ unsigned char *min, unsigned char *max);
+unsigned v3_addr_get_afi(const IPAddressFamily *f);
+int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
+ unsigned char *min, unsigned char *max,
+ const int length);
+
+/*
+ * Canonical forms.
+ */
+int v3_asid_is_canonical(ASIdentifiers *asid);
+int v3_addr_is_canonical(IPAddrBlocks *addr);
+int v3_asid_canonize(ASIdentifiers *asid);
+int v3_addr_canonize(IPAddrBlocks *addr);
+
+/*
+ * Tests for inheritance and containment.
+ */
+int v3_asid_inherits(ASIdentifiers *asid);
+int v3_addr_inherits(IPAddrBlocks *addr);
+int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
+int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
+
+/*
+ * Check whether RFC 3779 extensions nest properly in chains.
+ */
+int v3_asid_validate_path(X509_STORE_CTX *);
+int v3_addr_validate_path(X509_STORE_CTX *);
+int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
+ ASIdentifiers *ext, int allow_inheritance);
+int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+ IPAddrBlocks *ext, int allow_inheritance);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_X509V3_strings(void);
+
+/* Error codes for the X509V3 functions. */
+
+/* Function codes. */
+# define X509V3_F_A2I_GENERAL_NAME 164
+# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161
+# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162
+# define X509V3_F_COPY_EMAIL 122
+# define X509V3_F_COPY_ISSUER 123
+# define X509V3_F_DO_DIRNAME 144
+# define X509V3_F_DO_EXT_CONF 124
+# define X509V3_F_DO_EXT_I2D 135
+# define X509V3_F_DO_EXT_NCONF 151
+# define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
+# define X509V3_F_GNAMES_FROM_SECTNAME 156
+# define X509V3_F_HEX_TO_STRING 111
+# define X509V3_F_I2S_ASN1_ENUMERATED 121
+# define X509V3_F_I2S_ASN1_IA5STRING 149
+# define X509V3_F_I2S_ASN1_INTEGER 120
+# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
+# define X509V3_F_NOTICE_SECTION 132
+# define X509V3_F_NREF_NOS 133
+# define X509V3_F_POLICY_SECTION 131
+# define X509V3_F_PROCESS_PCI_VALUE 150
+# define X509V3_F_R2I_CERTPOL 130
+# define X509V3_F_R2I_PCI 155
+# define X509V3_F_S2I_ASN1_IA5STRING 100
+# define X509V3_F_S2I_ASN1_INTEGER 108
+# define X509V3_F_S2I_ASN1_OCTET_STRING 112
+# define X509V3_F_S2I_ASN1_SKEY_ID 114
+# define X509V3_F_S2I_SKEY_ID 115
+# define X509V3_F_SET_DIST_POINT_NAME 158
+# define X509V3_F_STRING_TO_HEX 113
+# define X509V3_F_SXNET_ADD_ID_ASC 125
+# define X509V3_F_SXNET_ADD_ID_INTEGER 126
+# define X509V3_F_SXNET_ADD_ID_ULONG 127
+# define X509V3_F_SXNET_GET_ID_ASC 128
+# define X509V3_F_SXNET_GET_ID_ULONG 129
+# define X509V3_F_V2I_ASIDENTIFIERS 163
+# define X509V3_F_V2I_ASN1_BIT_STRING 101
+# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
+# define X509V3_F_V2I_AUTHORITY_KEYID 119
+# define X509V3_F_V2I_BASIC_CONSTRAINTS 102
+# define X509V3_F_V2I_CRLD 134
+# define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
+# define X509V3_F_V2I_GENERAL_NAMES 118
+# define X509V3_F_V2I_GENERAL_NAME_EX 117
+# define X509V3_F_V2I_IDP 157
+# define X509V3_F_V2I_IPADDRBLOCKS 159
+# define X509V3_F_V2I_ISSUER_ALT 153
+# define X509V3_F_V2I_NAME_CONSTRAINTS 147
+# define X509V3_F_V2I_POLICY_CONSTRAINTS 146
+# define X509V3_F_V2I_POLICY_MAPPINGS 145
+# define X509V3_F_V2I_SUBJECT_ALT 154
+# define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160
+# define X509V3_F_V3_GENERIC_EXTENSION 116
+# define X509V3_F_X509V3_ADD1_I2D 140
+# define X509V3_F_X509V3_ADD_VALUE 105
+# define X509V3_F_X509V3_EXT_ADD 104
+# define X509V3_F_X509V3_EXT_ADD_ALIAS 106
+# define X509V3_F_X509V3_EXT_CONF 107
+# define X509V3_F_X509V3_EXT_I2D 136
+# define X509V3_F_X509V3_EXT_NCONF 152
+# define X509V3_F_X509V3_GET_SECTION 142
+# define X509V3_F_X509V3_GET_STRING 143
+# define X509V3_F_X509V3_GET_VALUE_BOOL 110
+# define X509V3_F_X509V3_PARSE_LIST 109
+# define X509V3_F_X509_PURPOSE_ADD 137
+# define X509V3_F_X509_PURPOSE_SET 141
+
+/* Reason codes. */
+# define X509V3_R_BAD_IP_ADDRESS 118
+# define X509V3_R_BAD_OBJECT 119
+# define X509V3_R_BN_DEC2BN_ERROR 100
+# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
+# define X509V3_R_DIRNAME_ERROR 149
+# define X509V3_R_DISTPOINT_ALREADY_SET 160
+# define X509V3_R_DUPLICATE_ZONE_ID 133
+# define X509V3_R_ERROR_CONVERTING_ZONE 131
+# define X509V3_R_ERROR_CREATING_EXTENSION 144
+# define X509V3_R_ERROR_IN_EXTENSION 128
+# define X509V3_R_EXPECTED_A_SECTION_NAME 137
+# define X509V3_R_EXTENSION_EXISTS 145
+# define X509V3_R_EXTENSION_NAME_ERROR 115
+# define X509V3_R_EXTENSION_NOT_FOUND 102
+# define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103
+# define X509V3_R_EXTENSION_VALUE_ERROR 116
+# define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
+# define X509V3_R_ILLEGAL_HEX_DIGIT 113
+# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
+# define X509V3_R_INVALID_MULTIPLE_RDNS 161
+# define X509V3_R_INVALID_ASNUMBER 162
+# define X509V3_R_INVALID_ASRANGE 163
+# define X509V3_R_INVALID_BOOLEAN_STRING 104
+# define X509V3_R_INVALID_EXTENSION_STRING 105
+# define X509V3_R_INVALID_INHERITANCE 165
+# define X509V3_R_INVALID_IPADDRESS 166
+# define X509V3_R_INVALID_NAME 106
+# define X509V3_R_INVALID_NULL_ARGUMENT 107
+# define X509V3_R_INVALID_NULL_NAME 108
+# define X509V3_R_INVALID_NULL_VALUE 109
+# define X509V3_R_INVALID_NUMBER 140
+# define X509V3_R_INVALID_NUMBERS 141
+# define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
+# define X509V3_R_INVALID_OPTION 138
+# define X509V3_R_INVALID_POLICY_IDENTIFIER 134
+# define X509V3_R_INVALID_PROXY_POLICY_SETTING 153
+# define X509V3_R_INVALID_PURPOSE 146
+# define X509V3_R_INVALID_SAFI 164
+# define X509V3_R_INVALID_SECTION 135
+# define X509V3_R_INVALID_SYNTAX 143
+# define X509V3_R_ISSUER_DECODE_ERROR 126
+# define X509V3_R_MISSING_VALUE 124
+# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
+# define X509V3_R_NO_CONFIG_DATABASE 136
+# define X509V3_R_NO_ISSUER_CERTIFICATE 121
+# define X509V3_R_NO_ISSUER_DETAILS 127
+# define X509V3_R_NO_POLICY_IDENTIFIER 139
+# define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
+# define X509V3_R_NO_PUBLIC_KEY 114
+# define X509V3_R_NO_SUBJECT_DETAILS 125
+# define X509V3_R_ODD_NUMBER_OF_DIGITS 112
+# define X509V3_R_OPERATION_NOT_DEFINED 148
+# define X509V3_R_OTHERNAME_ERROR 147
+# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
+# define X509V3_R_POLICY_PATH_LENGTH 156
+# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
+# define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
+# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
+# define X509V3_R_SECTION_NOT_FOUND 150
+# define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
+# define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
+# define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
+# define X509V3_R_UNKNOWN_EXTENSION 129
+# define X509V3_R_UNKNOWN_EXTENSION_NAME 130
+# define X509V3_R_UNKNOWN_OPTION 120
+# define X509V3_R_UNSUPPORTED_OPTION 117
+# define X509V3_R_UNSUPPORTED_TYPE 167
+# define X509V3_R_USER_TOO_LONG 132
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+++ /dev/null
-/* ssl/dtls1.h */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DTLS1_H
-# define HEADER_DTLS1_H
-
-# include <openssl/buffer.h>
-# include <openssl/pqueue.h>
-# ifdef OPENSSL_SYS_VMS
-# include <resource.h>
-# include <sys/timeb.h>
-# endif
-# ifdef OPENSSL_SYS_WIN32
-/* Needed for struct timeval */
-# include <winsock.h>
-# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
-# include <sys/timeval.h>
-# else
-# if defined(OPENSSL_SYS_VXWORKS)
-# include <sys/times.h>
-# else
-# include <sys/time.h>
-# endif
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define DTLS1_VERSION 0xFEFF
-# define DTLS1_2_VERSION 0xFEFD
-# define DTLS_MAX_VERSION DTLS1_2_VERSION
-# define DTLS1_VERSION_MAJOR 0xFE
-
-# define DTLS1_BAD_VER 0x0100
-
-/* Special value for method supporting multiple versions */
-# define DTLS_ANY_VERSION 0x1FFFF
-
-/* lengths of messages */
-# define DTLS1_COOKIE_LENGTH 256
-
-# define DTLS1_RT_HEADER_LENGTH 13
-
-# define DTLS1_HM_HEADER_LENGTH 12
-
-# define DTLS1_HM_BAD_FRAGMENT -2
-# define DTLS1_HM_FRAGMENT_RETRY -3
-
-# define DTLS1_CCS_HEADER_LENGTH 1
-
-# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-# define DTLS1_AL_HEADER_LENGTH 7
-# else
-# define DTLS1_AL_HEADER_LENGTH 2
-# endif
-
-
-/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
-# define DTLS1_TMO_READ_COUNT 2
-# define DTLS1_TMO_WRITE_COUNT 2
-
-# define DTLS1_TMO_ALERT_COUNT 12
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* test/heartbeat_test.c */
-/*-
- * Unit test for TLS heartbeats.
- *
- * Acts as a regression test against the Heartbleed bug (CVE-2014-0160).
- *
- * Author: Mike Bland (mbland@acm.org, http://mike-bland.com/)
- * Date: 2014-04-12
- * License: Creative Commons Attribution 4.0 International (CC By 4.0)
- * http://creativecommons.org/licenses/by/4.0/deed.en_US
- *
- * OUTPUT
- * ------
- * The program returns zero on success. It will print a message with a count
- * of the number of failed tests and return nonzero if any tests fail.
- *
- * It will print the contents of the request and response buffers for each
- * failing test. In a "fixed" version, all the tests should pass and there
- * should be no output.
- *
- * In a "bleeding" version, you'll see:
- *
- * test_dtls1_heartbleed failed:
- * expected payload len: 0
- * received: 1024
- * sent 26 characters
- * "HEARTBLEED "
- * received 1024 characters
- * "HEARTBLEED \xde\xad\xbe\xef..."
- * ** test_dtls1_heartbleed failed **
- *
- * The contents of the returned buffer in the failing test will depend on the
- * contents of memory on your machine.
- *
- * MORE INFORMATION
- * ----------------
- * http://mike-bland.com/2014/04/12/heartbleed.html
- * http://mike-bland.com/tags/heartbleed.html
- */
-
-#define OPENSSL_UNIT_TEST
-
-#include "../ssl/ssl_locl.h"
-
-#include "testutil.h"
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST)
-
-/* As per https://tools.ietf.org/html/rfc6520#section-4 */
-# define MIN_PADDING_SIZE 16
-
-/* Maximum number of payload characters to print as test output */
-# define MAX_PRINTABLE_CHARACTERS 1024
-
-typedef struct heartbeat_test_fixture {
- SSL_CTX *ctx;
- SSL *s;
- const char *test_case_name;
- int (*process_heartbeat) (SSL *s, unsigned char *p, unsigned int length);
- unsigned char *payload;
- int sent_payload_len;
- int expected_return_value;
- int return_payload_offset;
- int expected_payload_len;
- const char *expected_return_payload;
-} HEARTBEAT_TEST_FIXTURE;
-
-static HEARTBEAT_TEST_FIXTURE set_up(const char *const test_case_name,
- const SSL_METHOD *meth)
-{
- HEARTBEAT_TEST_FIXTURE fixture;
- int setup_ok = 1;
- memset(&fixture, 0, sizeof(fixture));
- fixture.test_case_name = test_case_name;
-
- fixture.ctx = SSL_CTX_new(meth);
- if (!fixture.ctx) {
- fprintf(stderr, "Failed to allocate SSL_CTX for test: %s\n",
- test_case_name);
- setup_ok = 0;
- goto fail;
- }
-
- fixture.s = SSL_new(fixture.ctx);
- if (!fixture.s) {
- fprintf(stderr, "Failed to allocate SSL for test: %s\n",
- test_case_name);
- setup_ok = 0;
- goto fail;
- }
-
- if (!ssl_init_wbio_buffer(fixture.s, 1)) {
- fprintf(stderr, "Failed to set up wbio buffer for test: %s\n",
- test_case_name);
- setup_ok = 0;
- goto fail;
- }
-
- if (!ssl3_setup_buffers(fixture.s)) {
- fprintf(stderr, "Failed to setup buffers for test: %s\n",
- test_case_name);
- setup_ok = 0;
- goto fail;
- }
-
- /*
- * Clear the memory for the return buffer, since this isn't automatically
- * zeroed in opt mode and will cause spurious test failures that will
- * change with each execution.
- */
- memset(fixture.s->rlayer.wbuf.buf, 0, fixture.s->rlayer.wbuf.len);
-
- fail:
- if (!setup_ok) {
- ERR_print_errors_fp(stderr);
- exit(EXIT_FAILURE);
- }
- return fixture;
-}
-
-static HEARTBEAT_TEST_FIXTURE set_up_dtls(const char *const test_case_name)
-{
- HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
- DTLSv1_server_method());
- fixture.process_heartbeat = dtls1_process_heartbeat;
-
- /*
- * As per dtls1_get_record(), skipping the following from the beginning
- * of the returned heartbeat message: type-1 byte; version-2 bytes;
- * sequence number-8 bytes; length-2 bytes And then skipping the 1-byte
- * type encoded by process_heartbeat for a total of 14 bytes, at which
- * point we can grab the length and the payload we seek.
- */
- fixture.return_payload_offset = 14;
- return fixture;
-}
-
-/* Needed by ssl3_write_bytes() */
-static int dummy_handshake(SSL *s)
-{
- return 1;
-}
-
-static HEARTBEAT_TEST_FIXTURE set_up_tls(const char *const test_case_name)
-{
- HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
- TLSv1_server_method());
- fixture.process_heartbeat = tls1_process_heartbeat;
- fixture.s->handshake_func = dummy_handshake;
-
- /*
- * As per do_ssl3_write(), skipping the following from the beginning of
- * the returned heartbeat message: type-1 byte; version-2 bytes; length-2
- * bytes And then skipping the 1-byte type encoded by process_heartbeat
- * for a total of 6 bytes, at which point we can grab the length and the
- * payload we seek.
- */
- fixture.return_payload_offset = 6;
- return fixture;
-}
-
-static void tear_down(HEARTBEAT_TEST_FIXTURE fixture)
-{
- ERR_print_errors_fp(stderr);
- SSL_free(fixture.s);
- SSL_CTX_free(fixture.ctx);
-}
-
-static void print_payload(const char *const prefix,
- const unsigned char *payload, const int n)
-{
- const int end = n < MAX_PRINTABLE_CHARACTERS ? n
- : MAX_PRINTABLE_CHARACTERS;
- int i = 0;
-
- printf("%s %d character%s", prefix, n, n == 1 ? "" : "s");
- if (end != n)
- printf(" (first %d shown)", end);
- printf("\n \"");
-
- for (; i != end; ++i) {
- const unsigned char c = payload[i];
- if (isprint(c))
- fputc(c, stdout);
- else
- printf("\\x%02x", c);
- }
- printf("\"\n");
-}
-
-static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture)
-{
- int result = 0;
- SSL *s = fixture.s;
- unsigned char *payload = fixture.payload;
- unsigned char sent_buf[MAX_PRINTABLE_CHARACTERS + 1];
- int return_value;
- unsigned const char *p;
- int actual_payload_len;
-
- s->rlayer.rrec.data = payload;
- s->rlayer.rrec.length = strlen((const char *)payload);
- *payload++ = TLS1_HB_REQUEST;
- s2n(fixture.sent_payload_len, payload);
-
- /*
- * Make a local copy of the request, since it gets overwritten at some
- * point
- */
- memcpy((char *)sent_buf, (const char *)payload, sizeof(sent_buf));
-
- return_value = fixture.process_heartbeat(s, s->rlayer.rrec.data,
- s->rlayer.rrec.length);
-
- if (return_value != fixture.expected_return_value) {
- printf("%s failed: expected return value %d, received %d\n",
- fixture.test_case_name, fixture.expected_return_value,
- return_value);
- result = 1;
- }
-
- /*
- * If there is any byte alignment, it will be stored in wbuf.offset.
- */
- p = &(s->rlayer.
- wbuf.buf[fixture.return_payload_offset + s->rlayer.wbuf.offset]);
- actual_payload_len = 0;
- n2s(p, actual_payload_len);
-
- if (actual_payload_len != fixture.expected_payload_len) {
- printf("%s failed:\n expected payload len: %d\n received: %d\n",
- fixture.test_case_name, fixture.expected_payload_len,
- actual_payload_len);
- print_payload("sent", sent_buf, strlen((const char *)sent_buf));
- print_payload("received", p, actual_payload_len);
- result = 1;
- } else {
- char *actual_payload =
- BUF_strndup((const char *)p, actual_payload_len);
- if (strcmp(actual_payload, fixture.expected_return_payload) != 0) {
- printf
- ("%s failed:\n expected payload: \"%s\"\n received: \"%s\"\n",
- fixture.test_case_name, fixture.expected_return_payload,
- actual_payload);
- result = 1;
- }
- OPENSSL_free(actual_payload);
- }
-
- if (result != 0) {
- printf("** %s failed **\n--------\n", fixture.test_case_name);
- }
- return result;
-}
-
-static int honest_payload_size(unsigned char payload_buf[])
-{
- /* Omit three-byte pad at the beginning for type and payload length */
- return strlen((const char *)&payload_buf[3]) - MIN_PADDING_SIZE;
-}
-
-# define SETUP_HEARTBEAT_TEST_FIXTURE(type)\
- SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type)
-
-# define EXECUTE_HEARTBEAT_TEST()\
- EXECUTE_TEST(execute_heartbeat, tear_down)
-
-static int test_dtls1_not_bleeding()
-{
- SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
- /* Three-byte pad at the beginning for type and payload length */
- unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
- " Not bleeding, sixteen spaces of padding" " ";
- const int payload_buf_len = honest_payload_size(payload_buf);
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = payload_buf_len;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = payload_buf_len;
- fixture.expected_return_payload =
- "Not bleeding, sixteen spaces of padding";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_dtls1_not_bleeding_empty_payload()
-{
- int payload_buf_len;
-
- SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
- /*
- * Three-byte pad at the beginning for type and payload length, plus a
- * NUL at the end
- */
- unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS];
- memset(payload_buf, ' ', MIN_PADDING_SIZE + 3);
- payload_buf[MIN_PADDING_SIZE + 3] = '\0';
- payload_buf_len = honest_payload_size(payload_buf);
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = payload_buf_len;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = payload_buf_len;
- fixture.expected_return_payload = "";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_dtls1_heartbleed()
-{
- SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
- /* Three-byte pad at the beginning for type and payload length */
- unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS] =
- " HEARTBLEED ";
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = 0;
- fixture.expected_return_payload = "";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_dtls1_heartbleed_empty_payload()
-{
- SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
- /*
- * Excluding the NUL at the end, one byte short of type + payload length
- * + minimum padding
- */
- unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4];
- memset(payload_buf, ' ', MIN_PADDING_SIZE + 2);
- payload_buf[MIN_PADDING_SIZE + 2] = '\0';
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = 0;
- fixture.expected_return_payload = "";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_dtls1_heartbleed_excessive_plaintext_length()
-{
- SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
- /*
- * Excluding the NUL at the end, one byte in excess of maximum allowed
- * heartbeat message length
- */
- unsigned char payload_buf[SSL3_RT_MAX_PLAIN_LENGTH + 2];
- memset(payload_buf, ' ', sizeof(payload_buf));
- payload_buf[sizeof(payload_buf) - 1] = '\0';
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = honest_payload_size(payload_buf);
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = 0;
- fixture.expected_return_payload = "";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_tls1_not_bleeding()
-{
- SETUP_HEARTBEAT_TEST_FIXTURE(tls);
- /* Three-byte pad at the beginning for type and payload length */
- unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
- " Not bleeding, sixteen spaces of padding" " ";
- const int payload_buf_len = honest_payload_size(payload_buf);
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = payload_buf_len;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = payload_buf_len;
- fixture.expected_return_payload =
- "Not bleeding, sixteen spaces of padding";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_tls1_not_bleeding_empty_payload()
-{
- int payload_buf_len;
-
- SETUP_HEARTBEAT_TEST_FIXTURE(tls);
- /*
- * Three-byte pad at the beginning for type and payload length, plus a
- * NUL at the end
- */
- unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS];
- memset(payload_buf, ' ', MIN_PADDING_SIZE + 3);
- payload_buf[MIN_PADDING_SIZE + 3] = '\0';
- payload_buf_len = honest_payload_size(payload_buf);
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = payload_buf_len;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = payload_buf_len;
- fixture.expected_return_payload = "";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_tls1_heartbleed()
-{
- SETUP_HEARTBEAT_TEST_FIXTURE(tls);
- /* Three-byte pad at the beginning for type and payload length */
- unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
- " HEARTBLEED ";
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = 0;
- fixture.expected_return_payload = "";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-static int test_tls1_heartbleed_empty_payload()
-{
- SETUP_HEARTBEAT_TEST_FIXTURE(tls);
- /*
- * Excluding the NUL at the end, one byte short of type + payload length
- * + minimum padding
- */
- unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4];
- memset(payload_buf, ' ', MIN_PADDING_SIZE + 2);
- payload_buf[MIN_PADDING_SIZE + 2] = '\0';
-
- fixture.payload = &payload_buf[0];
- fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
- fixture.expected_return_value = 0;
- fixture.expected_payload_len = 0;
- fixture.expected_return_payload = "";
- EXECUTE_HEARTBEAT_TEST();
-}
-
-# undef EXECUTE_HEARTBEAT_TEST
-# undef SETUP_HEARTBEAT_TEST_FIXTURE
-
-int main(int argc, char *argv[])
-{
- int result = 0;
-
- SSL_library_init();
- SSL_load_error_strings();
-
- ADD_TEST(test_dtls1_not_bleeding);
- ADD_TEST(test_dtls1_not_bleeding_empty_payload);
- ADD_TEST(test_dtls1_heartbleed);
- ADD_TEST(test_dtls1_heartbleed_empty_payload);
- ADD_TEST(test_dtls1_heartbleed_excessive_plaintext_length);
- ADD_TEST(test_tls1_not_bleeding);
- ADD_TEST(test_tls1_not_bleeding_empty_payload);
- ADD_TEST(test_tls1_heartbleed);
- ADD_TEST(test_tls1_heartbleed_empty_payload);
-
- result = run_tests(argv[0]);
- ERR_print_errors_fp(stderr);
- return result;
-}
-
-#else /* OPENSSL_NO_HEARTBEATS */
-
-int main(int argc, char *argv[])
-{
- return EXIT_SUCCESS;
-}
-#endif /* OPENSSL_NO_HEARTBEATS */
+++ /dev/null
-/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
-/*
- * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
- * 2000. project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- ** 19990701 VRS Started.
- */
-
-#ifndef KSSL_H
-# define KSSL_H
-
-# include <openssl/opensslconf.h>
-
-# ifndef OPENSSL_NO_KRB5
-
-# include <stdio.h>
-# include <ctype.h>
-# include <krb5.h>
-# ifdef OPENSSL_SYS_WIN32
-/*
- * These can sometimes get redefined indirectly by krb5 header files after
- * they get undefed in ossl_typ.h
- */
-# undef X509_NAME
-# undef X509_EXTENSIONS
-# undef OCSP_REQUEST
-# undef OCSP_RESPONSE
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Depending on which KRB5 implementation used, some types from
- * the other may be missing. Resolve that here and now
- */
-# ifdef KRB5_HEIMDAL
-typedef unsigned char krb5_octet;
-# define FAR
-# else
-
-# ifndef FAR
-# define FAR
-# endif
-
-# endif
-
-/*-
- * Uncomment this to debug kssl problems or
- * to trace usage of the Kerberos session key
- *
- * #define KSSL_DEBUG
- */
-
-# ifndef KRB5SVC
-# define KRB5SVC "host"
-# endif
-
-# ifndef KRB5KEYTAB
-# define KRB5KEYTAB "/etc/krb5.keytab"
-# endif
-
-# ifndef KRB5SENDAUTH
-# define KRB5SENDAUTH 1
-# endif
-
-# ifndef KRB5CHECKAUTH
-# define KRB5CHECKAUTH 1
-# endif
-
-# ifndef KSSL_CLOCKSKEW
-# define KSSL_CLOCKSKEW 300;
-# endif
-
-# define KSSL_ERR_MAX 255
-typedef struct kssl_err_st {
- int reason;
- char text[KSSL_ERR_MAX + 1];
-} KSSL_ERR;
-
-/*- Context for passing
- * (1) Kerberos session key to SSL, and
- * (2) Config data between application and SSL lib
- */
-typedef struct kssl_ctx_st {
- /* used by: disposition: */
- char *service_name; /* C,S default ok (kssl) */
- char *service_host; /* C input, REQUIRED */
- char *client_princ; /* S output from krb5 ticket */
- char *keytab_file; /* S NULL (/etc/krb5.keytab) */
- char *cred_cache; /* C NULL (default) */
- krb5_enctype enctype;
- int length;
- krb5_octet FAR *key;
-} KSSL_CTX;
-
-# define KSSL_CLIENT 1
-# define KSSL_SERVER 2
-# define KSSL_SERVICE 3
-# define KSSL_KEYTAB 4
-
-# define KSSL_CTX_OK 0
-# define KSSL_CTX_ERR 1
-# define KSSL_NOMEM 2
-
-/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
-krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
-KSSL_CTX *kssl_ctx_new(void);
-KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
-void kssl_ctx_show(KSSL_CTX *kssl_ctx);
-krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
- krb5_data *realm, krb5_data *entity,
- int nentities);
-krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
- krb5_data *authenp, KSSL_ERR *kssl_err);
-krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
- krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
-krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
-void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
-krb5_error_code kssl_build_principal_2(krb5_context context,
- krb5_principal *princ, int rlen,
- const char *realm, int slen,
- const char *svc, int hlen,
- const char *host);
-krb5_error_code kssl_validate_times(krb5_timestamp atime,
- krb5_ticket_times *ttimes);
-krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
- krb5_timestamp *atimep,
- KSSL_ERR *kssl_err);
-unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
-
-void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
-KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
-char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
-
-#ifdef __cplusplus
-}
-#endif
-# endif /* OPENSSL_NO_KRB5 */
-#endif /* KSSL_H */
+++ /dev/null
-/* ssl/srtp.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/*
- * DTLS code by Eric Rescorla <ekr@rtfm.com>
- *
- * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
- */
-
-#ifndef HEADER_D1_SRTP_H
-# define HEADER_D1_SRTP_H
-
-# include <openssl/ssl.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define SRTP_AES128_CM_SHA1_80 0x0001
-# define SRTP_AES128_CM_SHA1_32 0x0002
-# define SRTP_AES128_F8_SHA1_80 0x0003
-# define SRTP_AES128_F8_SHA1_32 0x0004
-# define SRTP_NULL_SHA1_80 0x0005
-# define SRTP_NULL_SHA1_32 0x0006
-
-# ifndef OPENSSL_NO_SRTP
-
-__owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
-__owur int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
-
-__owur STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
-__owur SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
-
-# endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* ssl/ssl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_H
-# define HEADER_SSL_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-# endif
-# include <openssl/bio.h>
-# ifdef OPENSSL_USE_DEPRECATED
-# include <openssl/x509.h>
-# include <openssl/crypto.h>
-# include <openssl/lhash.h>
-# include <openssl/buffer.h>
-# endif
-# include <openssl/pem.h>
-# include <openssl/hmac.h>
-
-# include <openssl/kssl.h>
-# include <openssl/safestack.h>
-# include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* SSLeay version number for ASN.1 encoding of the session information */
-/*-
- * Version 0 - initial version
- * Version 1 - added the optional peer certificate
- */
-# define SSL_SESSION_ASN1_VERSION 0x0001
-
-/* text strings for the ciphers */
-
-/*
- * VRS Additional Kerberos5 entries
- */
-# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
-# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-# define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA
-# define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
-# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
-# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-# define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5
-# define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
-
-# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
-# define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA
-# define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA
-# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
-# define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5
-# define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5
-
-# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
-# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
-# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
-# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
-# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-# define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
-
-# define SSL_MAX_SSL_SESSION_ID_LENGTH 32
-# define SSL_MAX_SID_CTX_LENGTH 32
-
-# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
-# define SSL_MAX_KEY_ARG_LENGTH 8
-# define SSL_MAX_MASTER_KEY_LENGTH 48
-
-/* These are used to specify which ciphers to use and not to use */
-
-# define SSL_TXT_EXP40 "EXPORT40"
-# define SSL_TXT_EXP56 "EXPORT56"
-# define SSL_TXT_LOW "LOW"
-# define SSL_TXT_MEDIUM "MEDIUM"
-# define SSL_TXT_HIGH "HIGH"
-# define SSL_TXT_FIPS "FIPS"
-
-# define SSL_TXT_aNULL "aNULL"
-# define SSL_TXT_eNULL "eNULL"
-# define SSL_TXT_NULL "NULL"
-
-# define SSL_TXT_kRSA "kRSA"
-# define SSL_TXT_kDHr "kDHr"
-# define SSL_TXT_kDHd "kDHd"
-# define SSL_TXT_kDH "kDH"
-# define SSL_TXT_kEDH "kEDH"/* alias for kDHE */
-# define SSL_TXT_kDHE "kDHE"
-# define SSL_TXT_kKRB5 "kKRB5"
-# define SSL_TXT_kECDHr "kECDHr"
-# define SSL_TXT_kECDHe "kECDHe"
-# define SSL_TXT_kECDH "kECDH"
-# define SSL_TXT_kEECDH "kEECDH"/* alias for kECDHE */
-# define SSL_TXT_kECDHE "kECDHE"
-# define SSL_TXT_kPSK "kPSK"
-# define SSL_TXT_kGOST "kGOST"
-# define SSL_TXT_kSRP "kSRP"
-
-# define SSL_TXT_aRSA "aRSA"
-# define SSL_TXT_aDSS "aDSS"
-# define SSL_TXT_aDH "aDH"
-# define SSL_TXT_aECDH "aECDH"
-# define SSL_TXT_aKRB5 "aKRB5"
-# define SSL_TXT_aECDSA "aECDSA"
-# define SSL_TXT_aPSK "aPSK"
-# define SSL_TXT_aGOST94 "aGOST94"
-# define SSL_TXT_aGOST01 "aGOST01"
-# define SSL_TXT_aGOST "aGOST"
-# define SSL_TXT_aSRP "aSRP"
-
-# define SSL_TXT_DSS "DSS"
-# define SSL_TXT_DH "DH"
-# define SSL_TXT_DHE "DHE"/* same as "kDHE:-ADH" */
-# define SSL_TXT_EDH "EDH"/* alias for DHE */
-# define SSL_TXT_ADH "ADH"
-# define SSL_TXT_RSA "RSA"
-# define SSL_TXT_ECDH "ECDH"
-# define SSL_TXT_EECDH "EECDH"/* alias for ECDHE" */
-# define SSL_TXT_ECDHE "ECDHE"/* same as "kECDHE:-AECDH" */
-# define SSL_TXT_AECDH "AECDH"
-# define SSL_TXT_ECDSA "ECDSA"
-# define SSL_TXT_KRB5 "KRB5"
-# define SSL_TXT_PSK "PSK"
-# define SSL_TXT_SRP "SRP"
-
-# define SSL_TXT_DES "DES"
-# define SSL_TXT_3DES "3DES"
-# define SSL_TXT_RC4 "RC4"
-# define SSL_TXT_RC2 "RC2"
-# define SSL_TXT_IDEA "IDEA"
-# define SSL_TXT_SEED "SEED"
-# define SSL_TXT_AES128 "AES128"
-# define SSL_TXT_AES256 "AES256"
-# define SSL_TXT_AES "AES"
-# define SSL_TXT_AES_GCM "AESGCM"
-# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
-# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
-# define SSL_TXT_CAMELLIA "CAMELLIA"
-
-# define SSL_TXT_MD5 "MD5"
-# define SSL_TXT_SHA1 "SHA1"
-# define SSL_TXT_SHA "SHA"/* same as "SHA1" */
-# define SSL_TXT_GOST94 "GOST94"
-# define SSL_TXT_GOST89MAC "GOST89MAC"
-# define SSL_TXT_SHA256 "SHA256"
-# define SSL_TXT_SHA384 "SHA384"
-
-# define SSL_TXT_SSLV3 "SSLv3"
-# define SSL_TXT_TLSV1 "TLSv1"
-# define SSL_TXT_TLSV1_1 "TLSv1.1"
-# define SSL_TXT_TLSV1_2 "TLSv1.2"
-
-# define SSL_TXT_EXP "EXP"
-# define SSL_TXT_EXPORT "EXPORT"
-
-# define SSL_TXT_ALL "ALL"
-
-/*-
- * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
- * ciphers normally not being used.
- * Example: "RC4" will activate all ciphers using RC4 including ciphers
- * without authentication, which would normally disabled by DEFAULT (due
- * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
- * will make sure that it is also disabled in the specific selection.
- * COMPLEMENTOF* identifiers are portable between version, as adjustments
- * to the default cipher setup will also be included here.
- *
- * COMPLEMENTOFDEFAULT does not experience the same special treatment that
- * DEFAULT gets, as only selection is being done and no sorting as needed
- * for DEFAULT.
- */
-# define SSL_TXT_CMPALL "COMPLEMENTOFALL"
-# define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
-
-/*
- * The following cipher list is used by default. It also is substituted when
- * an application-defined cipher list string starts with 'DEFAULT'.
- */
-# define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL"
-/*
- * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
- * starts with a reasonable order, and all we have to do for DEFAULT is
- * throwing out anonymous and unencrypted ciphersuites! (The latter are not
- * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
- */
-
-/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
-# define SSL_SENT_SHUTDOWN 1
-# define SSL_RECEIVED_SHUTDOWN 2
-
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
-# define SSL_FILETYPE_PEM X509_FILETYPE_PEM
-
-/*
- * This is needed to stop compilers complaining about the 'struct ssl_st *'
- * function parameters used to prototype callbacks in SSL_CTX.
- */
-typedef struct ssl_st *ssl_crock_st;
-typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
-typedef struct ssl_method_st SSL_METHOD;
-typedef struct ssl_cipher_st SSL_CIPHER;
-typedef struct ssl_session_st SSL_SESSION;
-typedef struct tls_sigalgs_st TLS_SIGALGS;
-typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
-
-DECLARE_STACK_OF(SSL_CIPHER)
-
-/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
-typedef struct srtp_protection_profile_st {
- const char *name;
- unsigned long id;
-} SRTP_PROTECTION_PROFILE;
-
-DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
-
-typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
- const unsigned char *data,
- int len, void *arg);
-typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
- int *secret_len,
- STACK_OF(SSL_CIPHER) *peer_ciphers,
- SSL_CIPHER **cipher, void *arg);
-
-# ifndef OPENSSL_NO_TLSEXT
-
-/* Typedefs for handling custom extensions */
-
-typedef int (*custom_ext_add_cb) (SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *add_arg);
-
-typedef void (*custom_ext_free_cb) (SSL *s, unsigned int ext_type,
- const unsigned char *out, void *add_arg);
-
-typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *parse_arg);
-
-# endif
-
-/* Allow initial connection to servers that don't support RI */
-# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
-/* Removed from OpenSSL 0.9.8q and 1.0.0c */
-# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0L
-# define SSL_OP_TLSEXT_PADDING 0x00000010L
-# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
-# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L
-# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
-# define SSL_OP_TLS_D5_BUG 0x00000100L
-# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
-
-/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
-# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
-/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
-# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
-/* Related to removed SSLv2 */
-# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
-# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
-
-/*
- * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
- * OpenSSL 0.9.6d. Usually (depending on the application protocol) the
- * workaround is not needed. Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include it in
- * SSL_OP_ALL.
- */
-/* added in 0.9.6e */
-# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L
-
-/*
- * SSL_OP_ALL: various bug workarounds that should be rather harmless. This
- * used to be 0x000FFFFFL before 0.9.7.
- */
-# define SSL_OP_ALL 0x80000BFFL
-
-/* DTLS options */
-# define SSL_OP_NO_QUERY_MTU 0x00001000L
-/* Turn on Cookie Exchange (on relevant for servers) */
-# define SSL_OP_COOKIE_EXCHANGE 0x00002000L
-/* Don't use RFC4507 ticket extension */
-# define SSL_OP_NO_TICKET 0x00004000L
-/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
-# define SSL_OP_CISCO_ANYCONNECT 0x00008000L
-
-/* As server, disallow session resumption on renegotiation */
-# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
-/* Don't use compression even if supported */
-# define SSL_OP_NO_COMPRESSION 0x00020000L
-/* Permit unsafe legacy renegotiation */
-# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
-/* If set, always create a new key when using tmp_ecdh parameters */
-# define SSL_OP_SINGLE_ECDH_USE 0x00080000L
-/* If set, always create a new key when using tmp_dh parameters */
-# define SSL_OP_SINGLE_DH_USE 0x00100000L
-/* Does nothing: retained for compatibiity */
-# define SSL_OP_EPHEMERAL_RSA 0x0
-/*
- * Set on servers to choose the cipher according to the server's preferences
- */
-# define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
-/*
- * If set, a server will allow a client to issue a SSLv3.0 version number as
- * latest version supported in the premaster secret, even when TLSv1.0
- * (version 3.1) was announced in the client hello. Normally this is
- * forbidden to prevent version rollback attacks.
- */
-# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
-
-# define SSL_OP_NO_SSLv2 0x00000000L
-# define SSL_OP_NO_SSLv3 0x02000000L
-# define SSL_OP_NO_TLSv1 0x04000000L
-# define SSL_OP_NO_TLSv1_2 0x08000000L
-# define SSL_OP_NO_TLSv1_1 0x10000000L
-
-# define SSL_OP_NO_DTLSv1 0x04000000L
-# define SSL_OP_NO_DTLSv1_2 0x08000000L
-
-# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
- SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
-
-/*
- * These next two were never actually used for anything since SSLeay zap so
- * we have some more flags.
- */
-/*
- * The next flag deliberately changes the ciphertest, this is a check for the
- * PKCS#1 attack
- */
-# define SSL_OP_PKCS1_CHECK_1 0x0
-# define SSL_OP_PKCS1_CHECK_2 0x0
-
-/* Removed as of OpenSSL 1.1.0 */
-# define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
-/* Removed as of OpenSSL 1.1.0 */
-# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0L
-/*
- * Make server add server-hello extension from early version of cryptopro
- * draft, when GOST ciphersuite is negotiated. Required for interoperability
- * with CryptoPro CSP 3.x
- */
-# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
-
-/*
- * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
- * when just a single record has been written):
- */
-# define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
-/*
- * Make it possible to retry SSL_write() with changed buffer location (buffer
- * contents must stay the same!); this is not the default to avoid the
- * misconception that non-blocking SSL_write() behaves like non-blocking
- * write():
- */
-# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
-/*
- * Never bother the application with retries if the transport is blocking:
- */
-# define SSL_MODE_AUTO_RETRY 0x00000004L
-/* Don't attempt to automatically build certificate chain */
-# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
-/*
- * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
- * TLS only.) "Released" buffers are put onto a free-list in the context or
- * just freed (depending on the context's setting for freelist_max_len).
- */
-# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
-/*
- * Send the current time in the Random fields of the ClientHello and
- * ServerHello records for compatibility with hypothetical implementations
- * that require it.
- */
-# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
-# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
-/*
- * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
- * that reconnect with a downgraded protocol version; see
- * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
- * application attempts a normal handshake. Only use this in explicit
- * fallback retries, following the guidance in
- * draft-ietf-tls-downgrade-scsv-00.
- */
-# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
-
-/* Cert related flags */
-/*
- * Many implementations ignore some aspects of the TLS standards such as
- * enforcing certifcate chain algorithms. When this is set we enforce them.
- */
-# define SSL_CERT_FLAG_TLS_STRICT 0x00000001L
-
-/* Suite B modes, takes same values as certificate verify flags */
-# define SSL_CERT_FLAG_SUITEB_128_LOS_ONLY 0x10000
-/* Suite B 192 bit only mode */
-# define SSL_CERT_FLAG_SUITEB_192_LOS 0x20000
-/* Suite B 128 bit mode allowing 192 bit algorithms */
-# define SSL_CERT_FLAG_SUITEB_128_LOS 0x30000
-
-/* Perform all sorts of protocol violations for testing purposes */
-# define SSL_CERT_FLAG_BROKEN_PROTOCOL 0x10000000
-
-/* Flags for building certificate chains */
-/* Treat any existing certificates as untrusted CAs */
-# define SSL_BUILD_CHAIN_FLAG_UNTRUSTED 0x1
-/* Don't include root CA in chain */
-# define SSL_BUILD_CHAIN_FLAG_NO_ROOT 0x2
-/* Just check certificates already there */
-# define SSL_BUILD_CHAIN_FLAG_CHECK 0x4
-/* Ignore verification errors */
-# define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR 0x8
-/* Clear verification errors from queue */
-# define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR 0x10
-
-/* Flags returned by SSL_check_chain */
-/* Certificate can be used with this session */
-# define CERT_PKEY_VALID 0x1
-/* Certificate can also be used for signing */
-# define CERT_PKEY_SIGN 0x2
-/* EE certificate signing algorithm OK */
-# define CERT_PKEY_EE_SIGNATURE 0x10
-/* CA signature algorithms OK */
-# define CERT_PKEY_CA_SIGNATURE 0x20
-/* EE certificate parameters OK */
-# define CERT_PKEY_EE_PARAM 0x40
-/* CA certificate parameters OK */
-# define CERT_PKEY_CA_PARAM 0x80
-/* Signing explicitly allowed as opposed to SHA1 fallback */
-# define CERT_PKEY_EXPLICIT_SIGN 0x100
-/* Client CA issuer names match (always set for server cert) */
-# define CERT_PKEY_ISSUER_NAME 0x200
-/* Cert type matches client types (always set for server cert) */
-# define CERT_PKEY_CERT_TYPE 0x400
-/* Cert chain suitable to Suite B */
-# define CERT_PKEY_SUITEB 0x800
-
-# define SSL_CONF_FLAG_CMDLINE 0x1
-# define SSL_CONF_FLAG_FILE 0x2
-# define SSL_CONF_FLAG_CLIENT 0x4
-# define SSL_CONF_FLAG_SERVER 0x8
-# define SSL_CONF_FLAG_SHOW_ERRORS 0x10
-# define SSL_CONF_FLAG_CERTIFICATE 0x20
-# define SSL_CONF_FLAG_REQUIRE_PRIVATE 0x40
-/* Configuration value types */
-# define SSL_CONF_TYPE_UNKNOWN 0x0
-# define SSL_CONF_TYPE_STRING 0x1
-# define SSL_CONF_TYPE_FILE 0x2
-# define SSL_CONF_TYPE_DIR 0x3
-
-/*
- * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, they
- * cannot be used to clear bits.
- */
-
-# define SSL_CTX_set_options(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
-# define SSL_CTX_clear_options(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-# define SSL_CTX_get_options(ctx) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
-# define SSL_set_options(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
-# define SSL_clear_options(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-# define SSL_get_options(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
-
-# define SSL_CTX_set_mode(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
-# define SSL_CTX_clear_mode(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
-# define SSL_CTX_get_mode(ctx) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
-# define SSL_clear_mode(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
-# define SSL_set_mode(ssl,op) \
- SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
-# define SSL_get_mode(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
-# define SSL_set_mtu(ssl, mtu) \
- SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
-# define DTLS_set_link_mtu(ssl, mtu) \
- SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
-# define DTLS_get_link_min_mtu(ssl) \
- SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
-
-# define SSL_get_secure_renegotiation_support(ssl) \
- SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
-
-# ifndef OPENSSL_NO_HEARTBEATS
-# define SSL_heartbeat(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
-# endif
-
-# define SSL_CTX_set_cert_flags(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
-# define SSL_set_cert_flags(s,op) \
- SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
-# define SSL_CTX_clear_cert_flags(ctx,op) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
-# define SSL_clear_cert_flags(s,op) \
- SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
- void (*cb) (int write_p, int version,
- int content_type, const void *buf,
- size_t len, SSL *ssl, void *arg));
-void SSL_set_msg_callback(SSL *ssl,
- void (*cb) (int write_p, int version,
- int content_type, const void *buf,
- size_t len, SSL *ssl, void *arg));
-# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-
-# define SSL_get_extms_support(s) \
- SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL)
-
-# ifndef OPENSSL_NO_SRP
-
-/* see tls_srp.c */
-__owur int SSL_SRP_CTX_init(SSL *s);
-__owur int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
-int SSL_SRP_CTX_free(SSL *ctx);
-int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
-__owur int SSL_srp_server_param_with_username(SSL *s, int *ad);
-__owur int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
-__owur int SRP_Calc_A_param(SSL *s);
-__owur int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
-
-# endif
-
-# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
-# define SSL_MAX_CERT_LIST_DEFAULT 1024*30
- /* 30k max cert list :-) */
-# else
-# define SSL_MAX_CERT_LIST_DEFAULT 1024*100
- /* 100k max cert list :-) */
-# endif
-
-# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
-
-/*
- * This callback type is used inside SSL_CTX, SSL, and in the functions that
- * set them. It is used to override the generation of SSL/TLS session IDs in
- * a server. Return value should be zero on an error, non-zero to proceed.
- * Also, callbacks should themselves check if the id they generate is unique
- * otherwise the SSL handshake will fail with an error - callbacks can do
- * this using the 'ssl' value they're passed by;
- * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in
- * is set at the maximum size the session ID can be. In SSLv3/TLSv1 it is 32
- * bytes. The callback can alter this length to be less if desired. It is
- * also an error for the callback to set the size to zero.
- */
-typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
- unsigned int *id_len);
-
-typedef struct ssl_comp_st SSL_COMP;
-
-
-# define SSL_SESS_CACHE_OFF 0x0000
-# define SSL_SESS_CACHE_CLIENT 0x0001
-# define SSL_SESS_CACHE_SERVER 0x0002
-# define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
-# define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
-/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
-# define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
-# define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
-# define SSL_SESS_CACHE_NO_INTERNAL \
- (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
-
-LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
-# define SSL_CTX_sess_number(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
-# define SSL_CTX_sess_connect(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
-# define SSL_CTX_sess_connect_good(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
-# define SSL_CTX_sess_connect_renegotiate(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
-# define SSL_CTX_sess_accept(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
-# define SSL_CTX_sess_accept_renegotiate(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
-# define SSL_CTX_sess_accept_good(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
-# define SSL_CTX_sess_hits(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
-# define SSL_CTX_sess_cb_hits(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
-# define SSL_CTX_sess_misses(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
-# define SSL_CTX_sess_timeouts(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
-# define SSL_CTX_sess_cache_full(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
-
-void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
- int (*new_session_cb) (struct ssl_st *ssl,
- SSL_SESSION *sess));
-int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
- SSL_SESSION *sess);
-void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
- void (*remove_session_cb) (struct ssl_ctx_st
- *ctx,
- SSL_SESSION
- *sess));
-void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx,
- SSL_SESSION *sess);
-void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
- SSL_SESSION *(*get_session_cb) (struct ssl_st
- *ssl,
- unsigned char
- *data, int len,
- int *copy));
-SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
- unsigned char *Data,
- int len, int *copy);
-void SSL_CTX_set_info_callback(SSL_CTX *ctx,
- void (*cb) (const SSL *ssl, int type,
- int val));
-void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
- int val);
-void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
- int (*client_cert_cb) (SSL *ssl, X509 **x509,
- EVP_PKEY **pkey));
-int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
- EVP_PKEY **pkey);
-# ifndef OPENSSL_NO_ENGINE
-__owur int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
-# endif
-void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
- int (*app_gen_cookie_cb) (SSL *ssl,
- unsigned char
- *cookie,
- unsigned int
- *cookie_len));
-void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
- int (*app_verify_cookie_cb) (SSL *ssl,
- unsigned char
- *cookie,
- unsigned int
- cookie_len));
-# ifndef OPENSSL_NO_NEXTPROTONEG
-void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
- int (*cb) (SSL *ssl,
- const unsigned char
- **out,
- unsigned int *outlen,
- void *arg), void *arg);
-void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
- int (*cb) (SSL *ssl,
- unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg), void *arg);
-void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
- unsigned *len);
-# endif
-
-# ifndef OPENSSL_NO_TLSEXT
-__owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
- const unsigned char *in, unsigned int inlen,
- const unsigned char *client,
- unsigned int client_len);
-# endif
-
-# define OPENSSL_NPN_UNSUPPORTED 0
-# define OPENSSL_NPN_NEGOTIATED 1
-# define OPENSSL_NPN_NO_OVERLAP 2
-
-__owur int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
- unsigned protos_len);
-__owur int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
- unsigned protos_len);
-void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl,
- const unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg), void *arg);
-void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
- unsigned *len);
-
-# ifndef OPENSSL_NO_PSK
-/*
- * the maximum length of the buffer given to callbacks containing the
- * resulting identity/psk
- */
-# define PSK_MAX_IDENTITY_LEN 128
-# define PSK_MAX_PSK_LEN 256
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
- unsigned int (*psk_client_callback) (SSL
- *ssl,
- const
- char
- *hint,
- char
- *identity,
- unsigned
- int
- max_identity_len,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_set_psk_client_callback(SSL *ssl,
- unsigned int (*psk_client_callback) (SSL
- *ssl,
- const
- char
- *hint,
- char
- *identity,
- unsigned
- int
- max_identity_len,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
- unsigned int (*psk_server_callback) (SSL
- *ssl,
- const
- char
- *identity,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_set_psk_server_callback(SSL *ssl,
- unsigned int (*psk_server_callback) (SSL
- *ssl,
- const
- char
- *identity,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-__owur int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
-__owur int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
-const char *SSL_get_psk_identity_hint(const SSL *s);
-const char *SSL_get_psk_identity(const SSL *s);
-# endif
-
-# ifndef OPENSSL_NO_TLSEXT
-/* Register callbacks to handle custom TLS Extensions for client or server. */
-
-__owur int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
- custom_ext_add_cb add_cb,
- custom_ext_free_cb free_cb,
- void *add_arg,
- custom_ext_parse_cb parse_cb,
- void *parse_arg);
-
-__owur int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
- custom_ext_add_cb add_cb,
- custom_ext_free_cb free_cb,
- void *add_arg,
- custom_ext_parse_cb parse_cb,
- void *parse_arg);
-
-__owur int SSL_extension_supported(unsigned int ext_type);
-
-# endif
-
-# define SSL_NOTHING 1
-# define SSL_WRITING 2
-# define SSL_READING 3
-# define SSL_X509_LOOKUP 4
-
-/* These will only be used when doing non-blocking IO */
-# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
-# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
-# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
-# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
-
-# define SSL_MAC_FLAG_READ_MAC_STREAM 1
-# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
-
-#ifdef __cplusplus
-}
-#endif
-
-# include <openssl/ssl2.h>
-# include <openssl/ssl3.h>
-# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
-# include <openssl/dtls1.h> /* Datagram TLS */
-# include <openssl/ssl23.h>
-# include <openssl/srtp.h> /* Support for the use_srtp extension */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* compatibility */
-# define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
-# define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
-# define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
-# define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
-# define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
-# define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
-
-/*
- * The following are the possible values for ssl->state are are used to
- * indicate where we are up to in the SSL connection establishment. The
- * macros that follow are about the only things you should need to use and
- * even then, only when using non-blocking IO. It can also be useful to work
- * out where you were when the connection failed
- */
-
-# define SSL_ST_CONNECT 0x1000
-# define SSL_ST_ACCEPT 0x2000
-# define SSL_ST_MASK 0x0FFF
-# define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
-# define SSL_ST_BEFORE 0x4000
-# define SSL_ST_OK 0x03
-# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
-
-# define SSL_CB_LOOP 0x01
-# define SSL_CB_EXIT 0x02
-# define SSL_CB_READ 0x04
-# define SSL_CB_WRITE 0x08
-# define SSL_CB_ALERT 0x4000/* used in callback */
-# define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
-# define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
-# define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
-# define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
-# define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
-# define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
-# define SSL_CB_HANDSHAKE_START 0x10
-# define SSL_CB_HANDSHAKE_DONE 0x20
-
-/* Is the SSL_connection established? */
-# define SSL_get_state(a) SSL_state(a)
-# define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
-# define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
-# define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
-# define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
-# define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
-
-/*
- * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
- * should not need these
- */
-# define SSL_ST_READ_HEADER 0xF0
-# define SSL_ST_READ_BODY 0xF1
-# define SSL_ST_READ_DONE 0xF2
-
-/*-
- * Obtain latest Finished message
- * -- that we sent (SSL_get_finished)
- * -- that we expected from peer (SSL_get_peer_finished).
- * Returns length (0 == no Finished so far), copies up to 'count' bytes.
- */
-size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
-size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
-
-/*
- * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options are
- * 'ored' with SSL_VERIFY_PEER if they are desired
- */
-# define SSL_VERIFY_NONE 0x00
-# define SSL_VERIFY_PEER 0x01
-# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
-# define SSL_VERIFY_CLIENT_ONCE 0x04
-
-# define OpenSSL_add_ssl_algorithms() SSL_library_init()
-# define SSLeay_add_ssl_algorithms() SSL_library_init()
-
-/* More backward compatibility */
-# define SSL_get_cipher(s) \
- SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-# define SSL_get_cipher_bits(s,np) \
- SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
-# define SSL_get_cipher_version(s) \
- SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-# define SSL_get_cipher_name(s) \
- SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-# define SSL_get_time(a) SSL_SESSION_get_time(a)
-# define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
-# define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
-# define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
-
-# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
-# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
-
-DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
-# define SSL_AD_REASON_OFFSET 1000/* offset to get SSL_R_... value
- * from SSL_AD_... */
-/* These alert types are for SSLv3 and TLSv1 */
-# define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
-/* fatal */
-# define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE
-/* fatal */
-# define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC
-# define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
-# define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
-/* fatal */
-# define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE
-/* fatal */
-# define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE
-/* Not for TLS */
-# define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE
-# define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
-# define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
-# define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
-# define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
-# define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
-/* fatal */
-# define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER
-/* fatal */
-# define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA
-/* fatal */
-# define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED
-/* fatal */
-# define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR
-# define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
-/* fatal */
-# define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION
-/* fatal */
-# define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION
-/* fatal */
-# define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY
-/* fatal */
-# define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR
-# define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
-# define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
-# define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
-# define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
-# define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
-# define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
-# define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
-/* fatal */
-# define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
-/* fatal */
-# define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK
-# define SSL_ERROR_NONE 0
-# define SSL_ERROR_SSL 1
-# define SSL_ERROR_WANT_READ 2
-# define SSL_ERROR_WANT_WRITE 3
-# define SSL_ERROR_WANT_X509_LOOKUP 4
-# define SSL_ERROR_SYSCALL 5/* look at error stack/return
- * value/errno */
-# define SSL_ERROR_ZERO_RETURN 6
-# define SSL_ERROR_WANT_CONNECT 7
-# define SSL_ERROR_WANT_ACCEPT 8
-# define SSL_CTRL_NEED_TMP_RSA 1
-# define SSL_CTRL_SET_TMP_RSA 2
-# define SSL_CTRL_SET_TMP_DH 3
-# define SSL_CTRL_SET_TMP_ECDH 4
-# define SSL_CTRL_SET_TMP_RSA_CB 5
-# define SSL_CTRL_SET_TMP_DH_CB 6
-# define SSL_CTRL_SET_TMP_ECDH_CB 7
-# define SSL_CTRL_GET_SESSION_REUSED 8
-# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
-# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
-# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
-# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
-# define SSL_CTRL_GET_FLAGS 13
-# define SSL_CTRL_EXTRA_CHAIN_CERT 14
-# define SSL_CTRL_SET_MSG_CALLBACK 15
-# define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
-/* only applies to datagram connections */
-# define SSL_CTRL_SET_MTU 17
-/* Stats */
-# define SSL_CTRL_SESS_NUMBER 20
-# define SSL_CTRL_SESS_CONNECT 21
-# define SSL_CTRL_SESS_CONNECT_GOOD 22
-# define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
-# define SSL_CTRL_SESS_ACCEPT 24
-# define SSL_CTRL_SESS_ACCEPT_GOOD 25
-# define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
-# define SSL_CTRL_SESS_HIT 27
-# define SSL_CTRL_SESS_CB_HIT 28
-# define SSL_CTRL_SESS_MISSES 29
-# define SSL_CTRL_SESS_TIMEOUTS 30
-# define SSL_CTRL_SESS_CACHE_FULL 31
-# define SSL_CTRL_OPTIONS 32
-# define SSL_CTRL_MODE 33
-# define SSL_CTRL_GET_READ_AHEAD 40
-# define SSL_CTRL_SET_READ_AHEAD 41
-# define SSL_CTRL_SET_SESS_CACHE_SIZE 42
-# define SSL_CTRL_GET_SESS_CACHE_SIZE 43
-# define SSL_CTRL_SET_SESS_CACHE_MODE 44
-# define SSL_CTRL_GET_SESS_CACHE_MODE 45
-# define SSL_CTRL_GET_MAX_CERT_LIST 50
-# define SSL_CTRL_SET_MAX_CERT_LIST 51
-# define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
-/* see tls1.h for macros based on these */
-# ifndef OPENSSL_NO_TLSEXT
-# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
-# define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
-# define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
-# define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
-# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
-# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
-# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
-/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60 */
-/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61 */
-/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 */
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
-# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
-# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
-# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
-# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
-# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
-# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
-# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
-# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
-# define SSL_CTRL_SET_SRP_ARG 78
-# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
-# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
-# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
-# ifndef OPENSSL_NO_HEARTBEATS
-# define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
-# define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
-# define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
-# endif
-# endif /* OPENSSL_NO_TLSEXT */
-# define DTLS_CTRL_GET_TIMEOUT 73
-# define DTLS_CTRL_HANDLE_TIMEOUT 74
-# define DTLS_CTRL_LISTEN 75
-# define SSL_CTRL_GET_RI_SUPPORT 76
-# define SSL_CTRL_CLEAR_OPTIONS 77
-# define SSL_CTRL_CLEAR_MODE 78
-# define SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB 79
-# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
-# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
-# define SSL_CTRL_CHAIN 88
-# define SSL_CTRL_CHAIN_CERT 89
-# define SSL_CTRL_GET_CURVES 90
-# define SSL_CTRL_SET_CURVES 91
-# define SSL_CTRL_SET_CURVES_LIST 92
-# define SSL_CTRL_GET_SHARED_CURVE 93
-# define SSL_CTRL_SET_ECDH_AUTO 94
-# define SSL_CTRL_SET_SIGALGS 97
-# define SSL_CTRL_SET_SIGALGS_LIST 98
-# define SSL_CTRL_CERT_FLAGS 99
-# define SSL_CTRL_CLEAR_CERT_FLAGS 100
-# define SSL_CTRL_SET_CLIENT_SIGALGS 101
-# define SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102
-# define SSL_CTRL_GET_CLIENT_CERT_TYPES 103
-# define SSL_CTRL_SET_CLIENT_CERT_TYPES 104
-# define SSL_CTRL_BUILD_CERT_CHAIN 105
-# define SSL_CTRL_SET_VERIFY_CERT_STORE 106
-# define SSL_CTRL_SET_CHAIN_CERT_STORE 107
-# define SSL_CTRL_GET_PEER_SIGNATURE_NID 108
-# define SSL_CTRL_GET_SERVER_TMP_KEY 109
-# define SSL_CTRL_GET_RAW_CIPHERLIST 110
-# define SSL_CTRL_GET_EC_POINT_FORMATS 111
-# define SSL_CTRL_GET_CHAIN_CERTS 115
-# define SSL_CTRL_SELECT_CURRENT_CERT 116
-# define SSL_CTRL_SET_CURRENT_CERT 117
-# define SSL_CTRL_SET_DH_AUTO 118
-# define SSL_CTRL_CHECK_PROTO_VERSION 119
-# define DTLS_CTRL_SET_LINK_MTU 120
-# define DTLS_CTRL_GET_LINK_MIN_MTU 121
-# define SSL_CTRL_GET_EXTMS_SUPPORT 122
-# define SSL_CERT_SET_FIRST 1
-# define SSL_CERT_SET_NEXT 2
-# define SSL_CERT_SET_SERVER 3
-# define DTLSv1_get_timeout(ssl, arg) \
- SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
-# define DTLSv1_handle_timeout(ssl) \
- SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
-# define DTLSv1_listen(ssl, peer) \
- SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
-# define SSL_session_reused(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
-# define SSL_num_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
-# define SSL_clear_num_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
-# define SSL_total_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-# define SSL_CTX_need_tmp_RSA(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-# define SSL_CTX_set_tmp_rsa(ctx,rsa) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-# define SSL_CTX_set_tmp_dh(ctx,dh) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-# define SSL_CTX_set_dh_auto(ctx, onoff) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
-# define SSL_set_dh_auto(s, onoff) \
- SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
-# define SSL_need_tmp_RSA(ssl) \
- SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-# define SSL_set_tmp_rsa(ssl,rsa) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-# define SSL_set_tmp_dh(ssl,dh) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-# define SSL_set_tmp_ecdh(ssl,ecdh) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
-# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
-# define SSL_CTX_get_extra_chain_certs_only(ctx,px509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
-# define SSL_CTX_clear_extra_chain_certs(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
-# define SSL_CTX_set0_chain(ctx,sk) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
-# define SSL_CTX_set1_chain(ctx,sk) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
-# define SSL_CTX_add0_chain_cert(ctx,x509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
-# define SSL_CTX_add1_chain_cert(ctx,x509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
-# define SSL_CTX_get0_chain_certs(ctx,px509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
-# define SSL_CTX_clear_chain_certs(ctx) \
- SSL_CTX_set0_chain(ctx,NULL)
-# define SSL_CTX_build_cert_chain(ctx, flags) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
-# define SSL_CTX_select_current_cert(ctx,x509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
-# define SSL_CTX_set_current_cert(ctx, op) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
-# define SSL_CTX_set0_verify_cert_store(ctx,st) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
-# define SSL_CTX_set1_verify_cert_store(ctx,st) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
-# define SSL_CTX_set0_chain_cert_store(ctx,st) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
-# define SSL_CTX_set1_chain_cert_store(ctx,st) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
-# define SSL_set0_chain(ctx,sk) \
- SSL_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
-# define SSL_set1_chain(ctx,sk) \
- SSL_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
-# define SSL_add0_chain_cert(ctx,x509) \
- SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
-# define SSL_add1_chain_cert(ctx,x509) \
- SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
-# define SSL_get0_chain_certs(ctx,px509) \
- SSL_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
-# define SSL_clear_chain_certs(ctx) \
- SSL_set0_chain(ctx,NULL)
-# define SSL_build_cert_chain(s, flags) \
- SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
-# define SSL_select_current_cert(ctx,x509) \
- SSL_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
-# define SSL_set_current_cert(ctx,op) \
- SSL_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
-# define SSL_set0_verify_cert_store(s,st) \
- SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
-# define SSL_set1_verify_cert_store(s,st) \
- SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
-# define SSL_set0_chain_cert_store(s,st) \
- SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
-# define SSL_set1_chain_cert_store(s,st) \
- SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
-# define SSL_get1_curves(ctx, s) \
- SSL_ctrl(ctx,SSL_CTRL_GET_CURVES,0,(char *)s)
-# define SSL_CTX_set1_curves(ctx, clist, clistlen) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
-# define SSL_CTX_set1_curves_list(ctx, s) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
-# define SSL_set1_curves(ctx, clist, clistlen) \
- SSL_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
-# define SSL_set1_curves_list(ctx, s) \
- SSL_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
-# define SSL_get_shared_curve(s, n) \
- SSL_ctrl(s,SSL_CTRL_GET_SHARED_CURVE,n,NULL)
-# define SSL_CTX_set_ecdh_auto(ctx, onoff) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
-# define SSL_set_ecdh_auto(s, onoff) \
- SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
-# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
-# define SSL_CTX_set1_sigalgs_list(ctx, s) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
-# define SSL_set1_sigalgs(ctx, slist, slistlen) \
- SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist)
-# define SSL_set1_sigalgs_list(ctx, s) \
- SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
-# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)slist)
-# define SSL_CTX_set1_client_sigalgs_list(ctx, s) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
-# define SSL_set1_client_sigalgs(ctx, slist, slistlen) \
- SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,clistlen,(int *)slist)
-# define SSL_set1_client_sigalgs_list(ctx, s) \
- SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
-# define SSL_get0_certificate_types(s, clist) \
- SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)clist)
-# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
-# define SSL_set1_client_certificate_types(s, clist, clistlen) \
- SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
-# define SSL_get_peer_signature_nid(s, pn) \
- SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
-# define SSL_get_server_tmp_key(s, pk) \
- SSL_ctrl(s,SSL_CTRL_GET_SERVER_TMP_KEY,0,pk)
-# define SSL_get0_raw_cipherlist(s, plst) \
- SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
-# define SSL_get0_ec_point_formats(s, plst) \
- SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
-
-__owur BIO_METHOD *BIO_f_ssl(void);
-__owur BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
-__owur BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
-__owur BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
-__owur int BIO_ssl_copy_session_id(BIO *to, BIO *from);
-void BIO_ssl_shutdown(BIO *ssl_bio);
-
-__owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
-__owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
-void SSL_CTX_free(SSL_CTX *);
-__owur long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
-__owur long SSL_CTX_get_timeout(const SSL_CTX *ctx);
-__owur X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
-void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
-__owur int SSL_want(const SSL *s);
-__owur int SSL_clear(SSL *s);
-
-void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
-
-__owur const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
-__owur int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
-__owur char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
-__owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
-__owur unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
-
-__owur int SSL_get_fd(const SSL *s);
-__owur int SSL_get_rfd(const SSL *s);
-__owur int SSL_get_wfd(const SSL *s);
-__owur const char *SSL_get_cipher_list(const SSL *s, int n);
-__owur char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
-__owur int SSL_get_read_ahead(const SSL *s);
-__owur int SSL_pending(const SSL *s);
-# ifndef OPENSSL_NO_SOCK
-__owur int SSL_set_fd(SSL *s, int fd);
-__owur int SSL_set_rfd(SSL *s, int fd);
-__owur int SSL_set_wfd(SSL *s, int fd);
-# endif
-void SSL_set_rbio(SSL *s, BIO *rbio);
-void SSL_set_wbio(SSL *s, BIO *wbio);
-void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
-__owur BIO *SSL_get_rbio(const SSL *s);
-__owur BIO *SSL_get_wbio(const SSL *s);
-__owur int SSL_set_cipher_list(SSL *s, const char *str);
-void SSL_set_read_ahead(SSL *s, int yes);
-__owur int SSL_get_verify_mode(const SSL *s);
-__owur int SSL_get_verify_depth(const SSL *s);
-__owur int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *);
-void SSL_set_verify(SSL *s, int mode,
- int (*callback) (int ok, X509_STORE_CTX *ctx));
-void SSL_set_verify_depth(SSL *s, int depth);
-void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
-# ifndef OPENSSL_NO_RSA
-__owur int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-# endif
-__owur int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len);
-__owur int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
-__owur int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
- long len);
-__owur int SSL_use_certificate(SSL *ssl, X509 *x);
-__owur int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
-
-# ifndef OPENSSL_NO_TLSEXT
-/* Set serverinfo data for the current active cert. */
-__owur int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
- size_t serverinfo_length);
-# ifndef OPENSSL_NO_STDIO
-__owur int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
-# endif /* NO_STDIO */
-
-# endif
-
-# ifndef OPENSSL_NO_STDIO
-__owur int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-__owur int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
-__owur int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-__owur int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-__owur int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-__owur int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
-/* PEM type */
-__owur int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
-__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-__owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
- const char *file);
-# ifndef OPENSSL_SYS_VMS
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
- const char *dir);
-# endif
-
-# endif
-
-void SSL_load_error_strings(void);
-__owur const char *SSL_state_string(const SSL *s);
-__owur const char *SSL_rstate_string(const SSL *s);
-__owur const char *SSL_state_string_long(const SSL *s);
-__owur const char *SSL_rstate_string_long(const SSL *s);
-__owur long SSL_SESSION_get_time(const SSL_SESSION *s);
-__owur long SSL_SESSION_set_time(SSL_SESSION *s, long t);
-__owur long SSL_SESSION_get_timeout(const SSL_SESSION *s);
-__owur long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-__owur int SSL_SESSION_has_ticket(const SSL_SESSION *s);
-__owur unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
-void SSL_SESSION_get0_ticket(const SSL_SESSION *s, unsigned char **tick,
- size_t *len);
-__owur int SSL_copy_session_id(SSL *to, const SSL *from);
-__owur X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
-__owur int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-__owur SSL_SESSION *SSL_SESSION_new(void);
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
- unsigned int *len);
-__owur unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
-# ifndef OPENSSL_NO_STDIO
-int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
-# endif
-int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
-int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x);
-void SSL_SESSION_free(SSL_SESSION *ses);
-__owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
-__owur int SSL_set_session(SSL *to, SSL_SESSION *session);
-__owur int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
-__owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
-__owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
-__owur int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
- unsigned int id_len);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
- long length);
-
-# ifdef HEADER_X509_H
-__owur X509 *SSL_get_peer_certificate(const SSL *s);
-# endif
-
-__owur STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
-
-__owur int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
-__owur int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
-__owur int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int,
- X509_STORE_CTX *);
-void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
- int (*callback) (int, X509_STORE_CTX *));
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
- int (*cb) (X509_STORE_CTX *, void *),
- void *arg);
-void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
- void *arg);
-# ifndef OPENSSL_NO_RSA
-__owur int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
-# endif
-__owur int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
- long len);
-__owur int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
-__owur int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
- const unsigned char *d, long len);
-__owur int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
-__owur int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
- const unsigned char *d);
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
-
-__owur int SSL_CTX_check_private_key(const SSL_CTX *ctx);
-__owur int SSL_check_private_key(const SSL *ctx);
-
-__owur int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-SSL *SSL_new(SSL_CTX *ctx);
-__owur int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-__owur int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
-__owur int SSL_set_purpose(SSL *s, int purpose);
-__owur int SSL_CTX_set_trust(SSL_CTX *s, int trust);
-__owur int SSL_set_trust(SSL *s, int trust);
-
-__owur int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
-__owur int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
-
-__owur X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
-__owur X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
-
-# ifndef OPENSSL_NO_SRP
-int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
-int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
-int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
-int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
- char *(*cb) (SSL *, void *));
-int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
- int (*cb) (SSL *, void *));
-int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
- int (*cb) (SSL *, int *, void *));
-int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
-
-int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
- BIGNUM *sa, BIGNUM *v, char *info);
-int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
- const char *grp);
-
-__owur BIGNUM *SSL_get_srp_g(SSL *s);
-__owur BIGNUM *SSL_get_srp_N(SSL *s);
-
-__owur char *SSL_get_srp_username(SSL *s);
-__owur char *SSL_get_srp_userinfo(SSL *s);
-# endif
-
-void SSL_certs_clear(SSL *s);
-void SSL_free(SSL *ssl);
-__owur int SSL_accept(SSL *ssl);
-__owur int SSL_connect(SSL *ssl);
-__owur int SSL_read(SSL *ssl, void *buf, int num);
-__owur int SSL_peek(SSL *ssl, void *buf, int num);
-__owur int SSL_write(SSL *ssl, const void *buf, int num);
-long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
-long SSL_callback_ctrl(SSL *, int, void (*)(void));
-long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
-long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
-
-__owur int SSL_get_error(const SSL *s, int ret_code);
-__owur const char *SSL_get_version(const SSL *s);
-
-/* This sets the 'default' SSL version that SSL_new() will create */
-__owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
-
-# ifndef OPENSSL_NO_SSL3_METHOD
-__owur const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
-__owur const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
-__owur const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
-# endif
-
-__owur const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS
- * version */
-__owur const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available
- * SSL/TLS version */
-__owur const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available
- * SSL/TLS version */
-
-__owur const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
-__owur const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
-__owur const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
-
-__owur const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
-__owur const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
-__owur const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
-
-__owur const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
-__owur const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
-__owur const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
-
-__owur const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
-__owur const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
-__owur const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
-
-__owur const SSL_METHOD *DTLSv1_2_method(void); /* DTLSv1.2 */
-__owur const SSL_METHOD *DTLSv1_2_server_method(void); /* DTLSv1.2 */
-__owur const SSL_METHOD *DTLSv1_2_client_method(void); /* DTLSv1.2 */
-
-__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
-__owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
-__owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
-
-__owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
-__owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
-
-__owur int SSL_do_handshake(SSL *s);
-int SSL_renegotiate(SSL *s);
-__owur int SSL_renegotiate_abbreviated(SSL *s);
-__owur int SSL_renegotiate_pending(SSL *s);
-int SSL_shutdown(SSL *s);
-
-__owur const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx);
-__owur const SSL_METHOD *SSL_get_ssl_method(SSL *s);
-__owur int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
-__owur const char *SSL_alert_type_string_long(int value);
-__owur const char *SSL_alert_type_string(int value);
-__owur const char *SSL_alert_desc_string_long(int value);
-__owur const char *SSL_alert_desc_string(int value);
-
-void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
-__owur STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
-__owur STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
-__owur int SSL_add_client_CA(SSL *ssl, X509 *x);
-__owur int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
-
-void SSL_set_connect_state(SSL *s);
-void SSL_set_accept_state(SSL *s);
-
-__owur long SSL_get_default_timeout(const SSL *s);
-
-int SSL_library_init(void);
-
-__owur char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
-__owur STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
-
-__owur SSL *SSL_dup(SSL *ssl);
-
-__owur X509 *SSL_get_certificate(const SSL *ssl);
-/*
- * EVP_PKEY
- */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
-
-__owur X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
-__owur EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
-__owur int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
-void SSL_set_quiet_shutdown(SSL *ssl, int mode);
-__owur int SSL_get_quiet_shutdown(const SSL *ssl);
-void SSL_set_shutdown(SSL *ssl, int mode);
-__owur int SSL_get_shutdown(const SSL *ssl);
-__owur int SSL_version(const SSL *ssl);
-__owur int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
-__owur int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
- const char *CApath);
-# define SSL_get0_session SSL_get_session/* just peek at pointer */
-__owur SSL_SESSION *SSL_get_session(const SSL *ssl);
-__owur SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
-__owur SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
-SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
-void SSL_set_info_callback(SSL *ssl,
- void (*cb) (const SSL *ssl, int type, int val));
-void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
- int val);
-__owur int SSL_state(const SSL *ssl);
-void SSL_set_state(SSL *ssl, int state);
-
-void SSL_set_verify_result(SSL *ssl, long v);
-__owur long SSL_get_verify_result(const SSL *ssl);
-
-__owur int SSL_set_ex_data(SSL *ssl, int idx, void *data);
-void *SSL_get_ex_data(const SSL *ssl, int idx);
-__owur int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-__owur int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
-void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
-__owur int SSL_SESSION_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-__owur int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
-void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
-__owur int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-__owur int SSL_get_ex_data_X509_STORE_CTX_idx(void);
-
-# define SSL_CTX_sess_set_cache_size(ctx,t) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
-# define SSL_CTX_sess_get_cache_size(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
-# define SSL_CTX_set_session_cache_mode(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
-# define SSL_CTX_get_session_cache_mode(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
-
-# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
-# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
-# define SSL_CTX_get_read_ahead(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
-# define SSL_CTX_set_read_ahead(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
-# define SSL_CTX_get_max_cert_list(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-# define SSL_CTX_set_max_cert_list(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-# define SSL_get_max_cert_list(ssl) \
- SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-# define SSL_set_max_cert_list(ssl,m) \
- SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-
-# define SSL_CTX_set_max_send_fragment(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-# define SSL_set_max_send_fragment(ssl,m) \
- SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-
- /* NB: the keylength is only applicable when is_export is true */
-# ifndef OPENSSL_NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
- RSA *(*cb) (SSL *ssl, int is_export,
- int keylength));
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,
- RSA *(*cb) (SSL *ssl, int is_export,
- int keylength));
-# endif
-# ifndef OPENSSL_NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*dh) (SSL *ssl, int is_export,
- int keylength));
-void SSL_set_tmp_dh_callback(SSL *ssl,
- DH *(*dh) (SSL *ssl, int is_export,
- int keylength));
-# endif
-# ifndef OPENSSL_NO_EC
-void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
- EC_KEY *(*ecdh) (SSL *ssl, int is_export,
- int keylength));
-void SSL_set_tmp_ecdh_callback(SSL *ssl,
- EC_KEY *(*ecdh) (SSL *ssl, int is_export,
- int keylength));
-# endif
-
-# ifndef OPENSSL_NO_COMP
-__owur const COMP_METHOD *SSL_get_current_compression(SSL *s);
-__owur const COMP_METHOD *SSL_get_current_expansion(SSL *s);
-__owur const char *SSL_COMP_get_name(const COMP_METHOD *comp);
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
-__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
- *meths);
-void SSL_COMP_free_compression_methods(void);
-__owur int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
-# else
-__owur const void *SSL_get_current_compression(SSL *s);
-__owur const void *SSL_get_current_expansion(SSL *s);
-__owur const char *SSL_COMP_get_name(const void *comp);
-void *SSL_COMP_get_compression_methods(void);
-__owur int SSL_COMP_add_compression_method(int id, void *cm);
-# endif
-
-const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
-
-/* TLS extensions functions */
-__owur int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
-
-__owur int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
- void *arg);
-
-/* Pre-shared secret session resumption functions */
-__owur int SSL_set_session_secret_cb(SSL *s,
- tls_session_secret_cb_fn tls_session_secret_cb,
- void *arg);
-
-void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
- int (*cb) (SSL *ssl,
- int
- is_forward_secure));
-
-void SSL_set_not_resumable_session_callback(SSL *ssl,
- int (*cb) (SSL *ssl,
- int
- is_forward_secure));
-
-void SSL_set_debug(SSL *s, int debug);
-__owur int SSL_cache_hit(SSL *s);
-__owur int SSL_is_server(SSL *s);
-
-__owur __owur SSL_CONF_CTX *SSL_CONF_CTX_new(void);
-int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx);
-void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);
-unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
-__owur unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags);
-__owur int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre);
-
-void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);
-void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
-
-__owur int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
-__owur int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv);
-__owur int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);
-
-# ifndef OPENSSL_NO_SSL_TRACE
-void SSL_trace(int write_p, int version, int content_type,
- const void *buf, size_t len, SSL *ssl, void *arg);
-__owur const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c);
-# endif
-
-/* What the "other" parameter contains in security callback */
-/* Mask for type */
-# define SSL_SECOP_OTHER_TYPE 0xffff0000
-# define SSL_SECOP_OTHER_NONE 0
-# define SSL_SECOP_OTHER_CIPHER (1 << 16)
-# define SSL_SECOP_OTHER_CURVE (2 << 16)
-# define SSL_SECOP_OTHER_DH (3 << 16)
-# define SSL_SECOP_OTHER_PKEY (4 << 16)
-# define SSL_SECOP_OTHER_SIGALG (5 << 16)
-# define SSL_SECOP_OTHER_CERT (6 << 16)
-
-/* Indicated operation refers to peer key or certificate */
-# define SSL_SECOP_PEER 0x1000
-
-/* Values for "op" parameter in security callback */
-
-/* Called to filter ciphers */
-/* Ciphers client supports */
-# define SSL_SECOP_CIPHER_SUPPORTED (1 | SSL_SECOP_OTHER_CIPHER)
-/* Cipher shared by client/server */
-# define SSL_SECOP_CIPHER_SHARED (2 | SSL_SECOP_OTHER_CIPHER)
-/* Sanity check of cipher server selects */
-# define SSL_SECOP_CIPHER_CHECK (3 | SSL_SECOP_OTHER_CIPHER)
-/* Curves supported by client */
-# define SSL_SECOP_CURVE_SUPPORTED (4 | SSL_SECOP_OTHER_CURVE)
-/* Curves shared by client/server */
-# define SSL_SECOP_CURVE_SHARED (5 | SSL_SECOP_OTHER_CURVE)
-/* Sanity check of curve server selects */
-# define SSL_SECOP_CURVE_CHECK (6 | SSL_SECOP_OTHER_CURVE)
-/* Temporary DH key */
-# define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_DH)
-/* SSL/TLS version */
-# define SSL_SECOP_VERSION (9 | SSL_SECOP_OTHER_NONE)
-/* Session tickets */
-# define SSL_SECOP_TICKET (10 | SSL_SECOP_OTHER_NONE)
-/* Supported signature algorithms sent to peer */
-# define SSL_SECOP_SIGALG_SUPPORTED (11 | SSL_SECOP_OTHER_SIGALG)
-/* Shared signature algorithm */
-# define SSL_SECOP_SIGALG_SHARED (12 | SSL_SECOP_OTHER_SIGALG)
-/* Sanity check signature algorithm allowed */
-# define SSL_SECOP_SIGALG_CHECK (13 | SSL_SECOP_OTHER_SIGALG)
-/* Used to get mask of supported public key signature algorithms */
-# define SSL_SECOP_SIGALG_MASK (14 | SSL_SECOP_OTHER_SIGALG)
-/* Use to see if compression is allowed */
-# define SSL_SECOP_COMPRESSION (15 | SSL_SECOP_OTHER_NONE)
-/* EE key in certificate */
-# define SSL_SECOP_EE_KEY (16 | SSL_SECOP_OTHER_CERT)
-/* CA key in certificate */
-# define SSL_SECOP_CA_KEY (17 | SSL_SECOP_OTHER_CERT)
-/* CA digest algorithm in certificate */
-# define SSL_SECOP_CA_MD (18 | SSL_SECOP_OTHER_CERT)
-/* Peer EE key in certificate */
-# define SSL_SECOP_PEER_EE_KEY (SSL_SECOP_EE_KEY | SSL_SECOP_PEER)
-/* Peer CA key in certificate */
-# define SSL_SECOP_PEER_CA_KEY (SSL_SECOP_CA_KEY | SSL_SECOP_PEER)
-/* Peer CA digest algorithm in certificate */
-# define SSL_SECOP_PEER_CA_MD (SSL_SECOP_CA_MD | SSL_SECOP_PEER)
-
-void SSL_set_security_level(SSL *s, int level);
-__owur int SSL_get_security_level(const SSL *s);
-void SSL_set_security_callback(SSL *s,
- int (*cb) (SSL *s, SSL_CTX *ctx, int op,
- int bits, int nid, void *other,
- void *ex));
-int (*SSL_get_security_callback(const SSL *s)) (SSL *s, SSL_CTX *ctx, int op,
- int bits, int nid,
- void *other, void *ex);
-void SSL_set0_security_ex_data(SSL *s, void *ex);
-__owur void *SSL_get0_security_ex_data(const SSL *s);
-
-void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
-__owur int SSL_CTX_get_security_level(const SSL_CTX *ctx);
-void SSL_CTX_set_security_callback(SSL_CTX *ctx,
- int (*cb) (SSL *s, SSL_CTX *ctx, int op,
- int bits, int nid, void *other,
- void *ex));
-int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (SSL *s,
- SSL_CTX *ctx,
- int op, int bits,
- int nid,
- void *other,
- void *ex);
-void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
-__owur void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
-
-# ifndef OPENSSL_NO_UNIT_TEST
-__owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_SSL_strings(void);
-
-/* Error codes for the SSL functions. */
-
-/* Function codes. */
-# define SSL_F_CHECK_SUITEB_CIPHER_LIST 331
-# define SSL_F_D2I_SSL_SESSION 103
-# define SSL_F_DO_DTLS1_WRITE 245
-# define SSL_F_DO_SSL3_WRITE 104
-# define SSL_F_DTLS1_ACCEPT 246
-# define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
-# define SSL_F_DTLS1_BUFFER_RECORD 247
-# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 318
-# define SSL_F_DTLS1_CLIENT_HELLO 248
-# define SSL_F_DTLS1_CONNECT 249
-# define SSL_F_DTLS1_ENC 250
-# define SSL_F_DTLS1_GET_HELLO_VERIFY 251
-# define SSL_F_DTLS1_GET_MESSAGE 252
-# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
-# define SSL_F_DTLS1_GET_RECORD 254
-# define SSL_F_DTLS1_HANDLE_TIMEOUT 297
-# define SSL_F_DTLS1_HEARTBEAT 305
-# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
-# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
-# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
-# define SSL_F_DTLS1_PROCESS_RECORD 257
-# define SSL_F_DTLS1_READ_BYTES 258
-# define SSL_F_DTLS1_READ_FAILED 259
-# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260
-# define SSL_F_DTLS1_SEND_CHANGE_CIPHER_SPEC 342
-# define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261
-# define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262
-# define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263
-# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264
-# define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265
-# define SSL_F_DTLS1_SEND_SERVER_HELLO 266
-# define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267
-# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
-# define SSL_F_SSL23_ACCEPT 115
-# define SSL_F_SSL23_CLIENT_HELLO 116
-# define SSL_F_SSL23_CONNECT 117
-# define SSL_F_SSL23_GET_CLIENT_HELLO 118
-# define SSL_F_SSL23_GET_SERVER_HELLO 119
-# define SSL_F_SSL23_PEEK 237
-# define SSL_F_SSL23_READ 120
-# define SSL_F_SSL23_WRITE 121
-# define SSL_F_SSL3_ACCEPT 128
-# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
-# define SSL_F_SSL3_CALLBACK_CTRL 233
-# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
-# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
-# define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
-# define SSL_F_SSL3_CLIENT_HELLO 131
-# define SSL_F_SSL3_CONNECT 132
-# define SSL_F_SSL3_CTRL 213
-# define SSL_F_SSL3_CTX_CTRL 133
-# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
-# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
-# define SSL_F_SSL3_ENC 134
-# define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
-# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
-# define SSL_F_SSL3_GET_CERT_STATUS 289
-# define SSL_F_SSL3_GET_CERT_VERIFY 136
-# define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
-# define SSL_F_SSL3_GET_CLIENT_HELLO 138
-# define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
-# define SSL_F_SSL3_GET_FINISHED 140
-# define SSL_F_SSL3_GET_KEY_EXCHANGE 141
-# define SSL_F_SSL3_GET_MESSAGE 142
-# define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
-# define SSL_F_SSL3_GET_NEXT_PROTO 306
-# define SSL_F_SSL3_GET_RECORD 143
-# define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
-# define SSL_F_SSL3_GET_SERVER_DONE 145
-# define SSL_F_SSL3_GET_SERVER_HELLO 146
-# define SSL_F_SSL3_HANDSHAKE_MAC 285
-# define SSL_F_SSL3_NEW_SESSION_TICKET 287
-# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
-# define SSL_F_SSL3_PEEK 235
-# define SSL_F_SSL3_READ_BYTES 148
-# define SSL_F_SSL3_READ_N 149
-# define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
-# define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
-# define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
-# define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
-# define SSL_F_SSL3_SEND_FINISHED 343
-# define SSL_F_SSL3_SEND_HELLO_REQUEST 344
-# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
-# define SSL_F_SSL3_SEND_SERVER_DONE 345
-# define SSL_F_SSL3_SEND_SERVER_HELLO 242
-# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
-# define SSL_F_SSL3_SETUP_KEY_BLOCK 157
-# define SSL_F_SSL3_SETUP_READ_BUFFER 156
-# define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
-# define SSL_F_SSL3_WRITE_BYTES 158
-# define SSL_F_SSL3_WRITE_PENDING 159
-# define SSL_F_SSL_ADD_CERT_CHAIN 316
-# define SSL_F_SSL_ADD_CERT_TO_BUF 319
-# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
-# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
-# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
-# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
-# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
-# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
-# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
-# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
-# define SSL_F_SSL_BAD_METHOD 160
-# define SSL_F_SSL_BUILD_CERT_CHAIN 332
-# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
-# define SSL_F_SSL_CERT_ADD0_CHAIN_CERT 339
-# define SSL_F_SSL_CERT_DUP 221
-# define SSL_F_SSL_CERT_INST 222
-# define SSL_F_SSL_CERT_INSTANTIATE 214
-# define SSL_F_SSL_CERT_NEW 162
-# define SSL_F_SSL_CERT_SET0_CHAIN 340
-# define SSL_F_SSL_CHECK_PRIVATE_KEY 163
-# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
-# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
-# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
-# define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
-# define SSL_F_SSL_CLEAR 164
-# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
-# define SSL_F_SSL_CONF_CMD 334
-# define SSL_F_SSL_CREATE_CIPHER_LIST 166
-# define SSL_F_SSL_CTRL 232
-# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
-# define SSL_F_SSL_CTX_MAKE_PROFILES 309
-# define SSL_F_SSL_CTX_NEW 169
-# define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
-# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
-# define SSL_F_SSL_CTX_SET_PURPOSE 226
-# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
-# define SSL_F_SSL_CTX_SET_SSL_VERSION 170
-# define SSL_F_SSL_CTX_SET_TRUST 229
-# define SSL_F_SSL_CTX_USE_CERTIFICATE 171
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
-# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
-# define SSL_F_SSL_CTX_USE_SERVERINFO 336
-# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE 337
-# define SSL_F_SSL_DO_HANDSHAKE 180
-# define SSL_F_SSL_GET_NEW_SESSION 181
-# define SSL_F_SSL_GET_PREV_SESSION 217
-# define SSL_F_SSL_GET_SERVER_CERT_INDEX 322
-# define SSL_F_SSL_GET_SERVER_SEND_CERT 182
-# define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
-# define SSL_F_SSL_GET_SIGN_PKEY 183
-# define SSL_F_SSL_INIT_WBIO_BUFFER 184
-# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
-# define SSL_F_SSL_NEW 186
-# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
-# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
-# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
-# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
-# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
-# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
-# define SSL_F_SSL_PEEK 270
-# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
-# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
-# define SSL_F_SSL_READ 223
-# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320
-# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321
-# define SSL_F_SSL_SESSION_NEW 189
-# define SSL_F_SSL_SESSION_PRINT_FP 190
-# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
-# define SSL_F_SSL_SESS_CERT_NEW 225
-# define SSL_F_SSL_SET_CERT 191
-# define SSL_F_SSL_SET_CIPHER_LIST 271
-# define SSL_F_SSL_SET_FD 192
-# define SSL_F_SSL_SET_PKEY 193
-# define SSL_F_SSL_SET_PURPOSE 227
-# define SSL_F_SSL_SET_RFD 194
-# define SSL_F_SSL_SET_SESSION 195
-# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
-# define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
-# define SSL_F_SSL_SET_TRUST 228
-# define SSL_F_SSL_SET_WFD 196
-# define SSL_F_SSL_SHUTDOWN 224
-# define SSL_F_SSL_SRP_CTX_INIT 313
-# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
-# define SSL_F_SSL_UNDEFINED_FUNCTION 197
-# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
-# define SSL_F_SSL_USE_CERTIFICATE 198
-# define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
-# define SSL_F_SSL_USE_CERTIFICATE_FILE 200
-# define SSL_F_SSL_USE_PRIVATEKEY 201
-# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
-# define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
-# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
-# define SSL_F_SSL_USE_RSAPRIVATEKEY 204
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
-# define SSL_F_SSL_VERIFY_CERT_CHAIN 207
-# define SSL_F_SSL_WRITE 208
-# define SSL_F_TLS12_CHECK_PEER_SIGALG 333
-# define SSL_F_TLS1_CERT_VERIFY_MAC 286
-# define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
-# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
-# define SSL_F_TLS1_ENC 210
-# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
-# define SSL_F_TLS1_GET_CURVELIST 338
-# define SSL_F_TLS1_HEARTBEAT 315
-# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
-# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
-# define SSL_F_TLS1_PRF 284
-# define SSL_F_TLS1_PROCESS_HEARTBEAT 341
-# define SSL_F_TLS1_SETUP_KEY_BLOCK 211
-# define SSL_F_TLS1_SET_SERVER_SIGALGS 335
-
-/* Reason codes. */
-# define SSL_R_APP_DATA_IN_HANDSHAKE 100
-# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-# define SSL_R_BAD_ALERT_RECORD 101
-# define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
-# define SSL_R_BAD_DATA 390
-# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
-# define SSL_R_BAD_DECOMPRESSION 107
-# define SSL_R_BAD_DH_G_LENGTH 108
-# define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
-# define SSL_R_BAD_DH_P_LENGTH 110
-# define SSL_R_BAD_DIGEST_LENGTH 111
-# define SSL_R_BAD_DSA_SIGNATURE 112
-# define SSL_R_BAD_ECC_CERT 304
-# define SSL_R_BAD_ECDSA_SIGNATURE 305
-# define SSL_R_BAD_ECPOINT 306
-# define SSL_R_BAD_HANDSHAKE_LENGTH 332
-# define SSL_R_BAD_HELLO_REQUEST 105
-# define SSL_R_BAD_LENGTH 271
-# define SSL_R_BAD_MAC_LENGTH 333
-# define SSL_R_BAD_MESSAGE_TYPE 114
-# define SSL_R_BAD_PACKET_LENGTH 115
-# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
-# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
-# define SSL_R_BAD_RSA_DECRYPT 118
-# define SSL_R_BAD_RSA_ENCRYPT 119
-# define SSL_R_BAD_RSA_E_LENGTH 120
-# define SSL_R_BAD_RSA_MODULUS_LENGTH 121
-# define SSL_R_BAD_RSA_SIGNATURE 122
-# define SSL_R_BAD_SIGNATURE 123
-# define SSL_R_BAD_SRP_A_LENGTH 347
-# define SSL_R_BAD_SRP_B_LENGTH 348
-# define SSL_R_BAD_SRP_G_LENGTH 349
-# define SSL_R_BAD_SRP_N_LENGTH 350
-# define SSL_R_BAD_SRP_PARAMETERS 371
-# define SSL_R_BAD_SRP_S_LENGTH 351
-# define SSL_R_BAD_SRTP_MKI_VALUE 352
-# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
-# define SSL_R_BAD_SSL_FILETYPE 124
-# define SSL_R_BAD_VALUE 384
-# define SSL_R_BAD_WRITE_RETRY 127
-# define SSL_R_BIO_NOT_SET 128
-# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
-# define SSL_R_BN_LIB 130
-# define SSL_R_CA_DN_LENGTH_MISMATCH 131
-# define SSL_R_CA_DN_TOO_LONG 132
-# define SSL_R_CA_KEY_TOO_SMALL 397
-# define SSL_R_CA_MD_TOO_WEAK 398
-# define SSL_R_CCS_RECEIVED_EARLY 133
-# define SSL_R_CERTIFICATE_VERIFY_FAILED 134
-# define SSL_R_CERT_CB_ERROR 377
-# define SSL_R_CERT_LENGTH_MISMATCH 135
-# define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
-# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
-# define SSL_R_CLIENTHELLO_TLSEXT 226
-# define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
-# define SSL_R_COMPRESSION_DISABLED 343
-# define SSL_R_COMPRESSION_FAILURE 141
-# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
-# define SSL_R_COMPRESSION_LIBRARY_ERROR 142
-# define SSL_R_CONNECTION_TYPE_NOT_SET 144
-# define SSL_R_COOKIE_MISMATCH 308
-# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
-# define SSL_R_DATA_LENGTH_TOO_LONG 146
-# define SSL_R_DECRYPTION_FAILED 147
-# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
-# define SSL_R_DH_KEY_TOO_SMALL 394
-# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
-# define SSL_R_DIGEST_CHECK_FAILED 149
-# define SSL_R_DTLS_MESSAGE_TOO_BIG 334
-# define SSL_R_DUPLICATE_COMPRESSION_ID 309
-# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
-# define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
-# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
-# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
-# define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE 374
-# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
-# define SSL_R_EE_KEY_TOO_SMALL 399
-# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
-# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
-# define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
-# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
-# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
-# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
-# define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
-# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
-# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
-# define SSL_R_HTTPS_PROXY_REQUEST 155
-# define SSL_R_HTTP_REQUEST 156
-# define SSL_R_ILLEGAL_SUITEB_DIGEST 380
-# define SSL_R_INAPPROPRIATE_FALLBACK 373
-# define SSL_R_INCONSISTENT_COMPRESSION 340
-# define SSL_R_INVALID_COMMAND 280
-# define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
-# define SSL_R_INVALID_NULL_CMD_NAME 385
-# define SSL_R_INVALID_PURPOSE 278
-# define SSL_R_INVALID_SERVERINFO_DATA 388
-# define SSL_R_INVALID_SRP_USERNAME 357
-# define SSL_R_INVALID_STATUS_RESPONSE 328
-# define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
-# define SSL_R_INVALID_TRUST 279
-# define SSL_R_KRB5 285
-# define SSL_R_KRB5_C_CC_PRINC 286
-# define SSL_R_KRB5_C_GET_CRED 287
-# define SSL_R_KRB5_C_INIT 288
-# define SSL_R_KRB5_C_MK_REQ 289
-# define SSL_R_KRB5_S_BAD_TICKET 290
-# define SSL_R_KRB5_S_INIT 291
-# define SSL_R_KRB5_S_RD_REQ 292
-# define SSL_R_KRB5_S_TKT_EXPIRED 293
-# define SSL_R_KRB5_S_TKT_NYV 294
-# define SSL_R_KRB5_S_TKT_SKEW 295
-# define SSL_R_LENGTH_MISMATCH 159
-# define SSL_R_LENGTH_TOO_SHORT 160
-# define SSL_R_LIBRARY_BUG 274
-# define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
-# define SSL_R_MISSING_DH_DSA_CERT 162
-# define SSL_R_MISSING_DH_KEY 163
-# define SSL_R_MISSING_DH_RSA_CERT 164
-# define SSL_R_MISSING_DSA_SIGNING_CERT 165
-# define SSL_R_MISSING_ECDH_CERT 382
-# define SSL_R_MISSING_ECDSA_SIGNING_CERT 381
-# define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
-# define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
-# define SSL_R_MISSING_RSA_CERTIFICATE 168
-# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
-# define SSL_R_MISSING_RSA_SIGNING_CERT 170
-# define SSL_R_MISSING_SRP_PARAM 358
-# define SSL_R_MISSING_TMP_DH_KEY 171
-# define SSL_R_MISSING_TMP_ECDH_KEY 311
-# define SSL_R_MISSING_TMP_RSA_KEY 172
-# define SSL_R_MISSING_TMP_RSA_PKEY 173
-# define SSL_R_MISSING_VERIFY_MESSAGE 174
-# define SSL_R_MULTIPLE_SGC_RESTARTS 346
-# define SSL_R_NO_CERTIFICATES_RETURNED 176
-# define SSL_R_NO_CERTIFICATE_ASSIGNED 177
-# define SSL_R_NO_CERTIFICATE_RETURNED 178
-# define SSL_R_NO_CERTIFICATE_SET 179
-# define SSL_R_NO_CIPHERS_AVAILABLE 181
-# define SSL_R_NO_CIPHERS_PASSED 182
-# define SSL_R_NO_CIPHERS_SPECIFIED 183
-# define SSL_R_NO_CIPHER_MATCH 185
-# define SSL_R_NO_CLIENT_CERT_METHOD 331
-# define SSL_R_NO_CLIENT_CERT_RECEIVED 186
-# define SSL_R_NO_COMPRESSION_SPECIFIED 187
-# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
-# define SSL_R_NO_METHOD_SPECIFIED 188
-# define SSL_R_NO_PEM_EXTENSIONS 389
-# define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
-# define SSL_R_NO_PROTOCOLS_AVAILABLE 191
-# define SSL_R_NO_RENEGOTIATION 339
-# define SSL_R_NO_REQUIRED_DIGEST 324
-# define SSL_R_NO_SHARED_CIPHER 193
-# define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS 376
-# define SSL_R_NO_SRTP_PROFILES 359
-# define SSL_R_NO_VERIFY_CALLBACK 194
-# define SSL_R_NULL_SSL_CTX 195
-# define SSL_R_NULL_SSL_METHOD_PASSED 196
-# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
-# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
-# define SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE 387
-# define SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE 379
-# define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
-# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
-# define SSL_R_PACKET_LENGTH_TOO_LONG 198
-# define SSL_R_PARSE_TLSEXT 227
-# define SSL_R_PATH_TOO_LONG 270
-# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
-# define SSL_R_PEM_NAME_BAD_PREFIX 391
-# define SSL_R_PEM_NAME_TOO_SHORT 392
-# define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
-# define SSL_R_PROTOCOL_IS_SHUTDOWN 207
-# define SSL_R_PSK_IDENTITY_NOT_FOUND 223
-# define SSL_R_PSK_NO_CLIENT_CB 224
-# define SSL_R_PSK_NO_SERVER_CB 225
-# define SSL_R_READ_BIO_NOT_SET 211
-# define SSL_R_READ_TIMEOUT_EXPIRED 312
-# define SSL_R_RECORD_LENGTH_MISMATCH 213
-# define SSL_R_RECORD_TOO_LARGE 214
-# define SSL_R_RECORD_TOO_SMALL 298
-# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
-# define SSL_R_RENEGOTIATION_ENCODING_ERR 336
-# define SSL_R_RENEGOTIATION_MISMATCH 337
-# define SSL_R_REQUIRED_CIPHER_MISSING 215
-# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
-# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
-# define SSL_R_SERVERHELLO_TLSEXT 275
-# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
-# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
-# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
-# define SSL_R_SRP_A_CALC 361
-# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
-# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
-# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
-# define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
-# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
-# define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
-# define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
-# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
-# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
-# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
-# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
-# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
-# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
-# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
-# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
-# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
-# define SSL_R_SSL_HANDSHAKE_FAILURE 229
-# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
-# define SSL_R_SSL_NEGATIVE_LENGTH 372
-# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
-# define SSL_R_SSL_SESSION_ID_CONFLICT 302
-# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
-# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
-# define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
-# define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
-# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
-# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
-# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
-# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
-# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
-# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
-# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
-# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
-# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
-# define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
-# define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
-# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
-# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
-# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
-# define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
-# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
-# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
-# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
-# define SSL_R_TLS_HEARTBEAT_PENDING 366
-# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
-# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
-# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
-# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
-# define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
-# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
-# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
-# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
-# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
-# define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
-# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
-# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
-# define SSL_R_UNEXPECTED_MESSAGE 244
-# define SSL_R_UNEXPECTED_RECORD 245
-# define SSL_R_UNINITIALIZED 276
-# define SSL_R_UNKNOWN_ALERT_TYPE 246
-# define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
-# define SSL_R_UNKNOWN_CIPHER_RETURNED 248
-# define SSL_R_UNKNOWN_CIPHER_TYPE 249
-# define SSL_R_UNKNOWN_CMD_NAME 386
-# define SSL_R_UNKNOWN_DIGEST 368
-# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
-# define SSL_R_UNKNOWN_PKEY_TYPE 251
-# define SSL_R_UNKNOWN_PROTOCOL 252
-# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
-# define SSL_R_UNKNOWN_SSL_VERSION 254
-# define SSL_R_UNKNOWN_STATE 255
-# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
-# define SSL_R_UNSUPPORTED_CIPHER 256
-# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
-# define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
-# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
-# define SSL_R_UNSUPPORTED_PROTOCOL 258
-# define SSL_R_UNSUPPORTED_SSL_VERSION 259
-# define SSL_R_UNSUPPORTED_STATUS_TYPE 329
-# define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
-# define SSL_R_VERSION_TOO_LOW 396
-# define SSL_R_WRONG_CERTIFICATE_TYPE 383
-# define SSL_R_WRONG_CIPHER_RETURNED 261
-# define SSL_R_WRONG_CURVE 378
-# define SSL_R_WRONG_MESSAGE_TYPE 262
-# define SSL_R_WRONG_SIGNATURE_LENGTH 264
-# define SSL_R_WRONG_SIGNATURE_SIZE 265
-# define SSL_R_WRONG_SIGNATURE_TYPE 370
-# define SSL_R_WRONG_SSL_VERSION 266
-# define SSL_R_WRONG_VERSION_NUMBER 267
-# define SSL_R_X509_LIB 268
-# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* ssl/ssl2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL2_H
-# define HEADER_SSL2_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define SSL2_VERSION 0x0002
-
-# define SSL2_MT_CLIENT_HELLO 1
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* ssl/ssl23.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL23_H
-# define HEADER_SSL23_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * client
- */
-/* write to server */
-# define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
-# define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
-/* read from server */
-# define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
-# define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
-
-/* server */
-/* read from client */
-# define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
-# define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* ssl/ssl3.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_SSL3_H
-# define HEADER_SSL3_H
-
-# ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-# endif
-# include <openssl/buffer.h>
-# include <openssl/evp.h>
-# include <openssl/ssl.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Signalling cipher suite value from RFC 5746
- * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
- */
-# define SSL3_CK_SCSV 0x030000FF
-
-/*
- * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
- * (TLS_FALLBACK_SCSV)
- */
-# define SSL3_CK_FALLBACK_SCSV 0x03005600
-
-# define SSL3_CK_RSA_NULL_MD5 0x03000001
-# define SSL3_CK_RSA_NULL_SHA 0x03000002
-# define SSL3_CK_RSA_RC4_40_MD5 0x03000003
-# define SSL3_CK_RSA_RC4_128_MD5 0x03000004
-# define SSL3_CK_RSA_RC4_128_SHA 0x03000005
-# define SSL3_CK_RSA_RC2_40_MD5 0x03000006
-# define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
-# define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
-# define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
-# define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
-
-# define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
-# define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
-# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
-# define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
-# define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
-# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
-
-# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA 0x03000011
-# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA SSL3_CK_DHE_DSS_DES_40_CBC_SHA
-# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA 0x03000012
-# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA SSL3_CK_DHE_DSS_DES_64_CBC_SHA
-# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA 0x03000013
-# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA SSL3_CK_DHE_DSS_DES_192_CBC3_SHA
-# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA 0x03000014
-# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA SSL3_CK_DHE_RSA_DES_40_CBC_SHA
-# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA 0x03000015
-# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA SSL3_CK_DHE_RSA_DES_64_CBC_SHA
-# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA 0x03000016
-# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA SSL3_CK_DHE_RSA_DES_192_CBC3_SHA
-
-# define SSL3_CK_ADH_RC4_40_MD5 0x03000017
-# define SSL3_CK_ADH_RC4_128_MD5 0x03000018
-# define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
-# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
-# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
-
-/*
- * VRS Additional Kerberos5 entries
- */
-# define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
-# define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
-# define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
-# define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
-# define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
-# define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
-# define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
-# define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
-
-# define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
-# define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
-# define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
-# define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
-# define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
-# define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
-
-# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
-# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
-# define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
-# define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
-# define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
-# define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
-# define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
-# define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
-# define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
-# define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
-
-# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
-# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
-
-# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA "EXP-DHE-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA "DHE-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA "DHE-DSS-DES-CBC3-SHA"
-# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA "EXP-DHE-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA "DHE-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA "DHE-RSA-DES-CBC3-SHA"
-
-/*
- * This next block of six "EDH" labels is for backward compatibility with
- * older versions of OpenSSL. New code should use the six "DHE" labels above
- * instead:
- */
-# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
-# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
-
-# define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
-# define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
-# define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
-# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
-# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
-
-# define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
-# define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
-# define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
-# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
-# define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
-# define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
-# define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
-# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
-
-# define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
-# define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
-# define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
-# define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
-# define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
-# define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
-
-# define SSL3_SSL_SESSION_ID_LENGTH 32
-# define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
-
-# define SSL3_MASTER_SECRET_SIZE 48
-# define SSL3_RANDOM_SIZE 32
-# define SSL3_SESSION_ID_SIZE 32
-# define SSL3_RT_HEADER_LENGTH 5
-
-# define SSL3_HM_HEADER_LENGTH 4
-
-# ifndef SSL3_ALIGN_PAYLOAD
- /*
- * Some will argue that this increases memory footprint, but it's not
- * actually true. Point is that malloc has to return at least 64-bit aligned
- * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
- * Suggested pre-gaping simply moves these wasted bytes from the end of
- * allocated region to its front, but makes data payload aligned, which
- * improves performance:-)
- */
-# define SSL3_ALIGN_PAYLOAD 8
-# else
-# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
-# error "insane SSL3_ALIGN_PAYLOAD"
-# undef SSL3_ALIGN_PAYLOAD
-# endif
-# endif
-
-/*
- * This is the maximum MAC (digest) size used by the SSL library. Currently
- * maximum of 20 is used by SHA1, but we reserve for future extension for
- * 512-bit hashes.
- */
-
-# define SSL3_RT_MAX_MD_SIZE 64
-
-/*
- * Maximum block size used in all ciphersuites. Currently 16 for AES.
- */
-
-# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
-
-# define SSL3_RT_MAX_EXTRA (16384)
-
-/* Maximum plaintext length: defined by SSL/TLS standards */
-# define SSL3_RT_MAX_PLAIN_LENGTH 16384
-/* Maximum compression overhead: defined by SSL/TLS standards */
-# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
-
-/*
- * The standards give a maximum encryption overhead of 1024 bytes. In
- * practice the value is lower than this. The overhead is the maximum number
- * of padding bytes (256) plus the mac size.
- */
-# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
-
-/*
- * OpenSSL currently only uses a padding length of at most one block so the
- * send overhead is smaller.
- */
-
-# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
- (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
-
-/* If compression isn't used don't include the compression overhead */
-
-# ifdef OPENSSL_NO_COMP
-# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
-# else
-# define SSL3_RT_MAX_COMPRESSED_LENGTH \
- (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
-# endif
-# define SSL3_RT_MAX_ENCRYPTED_LENGTH \
- (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
-# define SSL3_RT_MAX_PACKET_SIZE \
- (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-
-# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
-# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
-
-# define SSL3_VERSION 0x0300
-# define SSL3_VERSION_MAJOR 0x03
-# define SSL3_VERSION_MINOR 0x00
-
-# define SSL3_RT_CHANGE_CIPHER_SPEC 20
-# define SSL3_RT_ALERT 21
-# define SSL3_RT_HANDSHAKE 22
-# define SSL3_RT_APPLICATION_DATA 23
-# define TLS1_RT_HEARTBEAT 24
-
-/* Pseudo content types to indicate additional parameters */
-# define TLS1_RT_CRYPTO 0x1000
-# define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
-# define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
-# define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
-# define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
-
-# define TLS1_RT_CRYPTO_READ 0x0000
-# define TLS1_RT_CRYPTO_WRITE 0x0100
-# define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
-# define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
-# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
-# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
-
-/* Pseudo content type for SSL/TLS header info */
-# define SSL3_RT_HEADER 0x100
-
-# define SSL3_AL_WARNING 1
-# define SSL3_AL_FATAL 2
-
-# define SSL3_AD_CLOSE_NOTIFY 0
-# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */
-# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */
-# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */
-# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */
-# define SSL3_AD_NO_CERTIFICATE 41
-# define SSL3_AD_BAD_CERTIFICATE 42
-# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
-# define SSL3_AD_CERTIFICATE_REVOKED 44
-# define SSL3_AD_CERTIFICATE_EXPIRED 45
-# define SSL3_AD_CERTIFICATE_UNKNOWN 46
-# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */
-
-# define TLS1_HB_REQUEST 1
-# define TLS1_HB_RESPONSE 2
-
-
-# define SSL3_CT_RSA_SIGN 1
-# define SSL3_CT_DSS_SIGN 2
-# define SSL3_CT_RSA_FIXED_DH 3
-# define SSL3_CT_DSS_FIXED_DH 4
-# define SSL3_CT_RSA_EPHEMERAL_DH 5
-# define SSL3_CT_DSS_EPHEMERAL_DH 6
-# define SSL3_CT_FORTEZZA_DMS 20
-/*
- * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
- * contain all of the cert types defined either for SSLv3 and TLSv1.
- */
-# define SSL3_CT_NUMBER 9
-
-# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
-# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
-# define SSL3_FLAGS_POP_BUFFER 0x0004
-# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
-# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
-# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
-/*
- * Set when the handshake is ready to process peer's ChangeCipherSpec message.
- * Cleared after the message has been processed.
- */
-# define SSL3_FLAGS_CCS_OK 0x0080
-
-/* Set if we encrypt then mac instead of usual mac then encrypt */
-# define TLS1_FLAGS_ENCRYPT_THEN_MAC 0x0100
-
-
-/* SSLv3 */
-/*
- * client
- */
-/* extra state */
-# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
-# ifndef OPENSSL_NO_SCTP
-# define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
-# define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
-# endif
-/* write to server */
-# define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
-/* read from server */
-# define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
-# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
-# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
-# define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
-# define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
-/* write to server */
-# define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
-# define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
-# define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
-# ifndef OPENSSL_NO_NEXTPROTONEG
-# define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
-# define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
-# endif
-# define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
-# define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
-/* read from server */
-# define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
-# define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT)
-
-/* server */
-/* extra state */
-# define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
-# ifndef OPENSSL_NO_SCTP
-# define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
-# define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
-# endif
-/* read from client */
-/* Do not change the number values, they do matter */
-# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CLNT_HELLO_D (0x115|SSL_ST_ACCEPT)
-/* write to client */
-# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
-# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
-/* read from client */
-# define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
-# ifndef OPENSSL_NO_NEXTPROTONEG
-# define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
-# endif
-# define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
-/* write to client */
-# define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT)
-
-# define SSL3_MT_HELLO_REQUEST 0
-# define SSL3_MT_CLIENT_HELLO 1
-# define SSL3_MT_SERVER_HELLO 2
-# define SSL3_MT_NEWSESSION_TICKET 4
-# define SSL3_MT_CERTIFICATE 11
-# define SSL3_MT_SERVER_KEY_EXCHANGE 12
-# define SSL3_MT_CERTIFICATE_REQUEST 13
-# define SSL3_MT_SERVER_DONE 14
-# define SSL3_MT_CERTIFICATE_VERIFY 15
-# define SSL3_MT_CLIENT_KEY_EXCHANGE 16
-# define SSL3_MT_FINISHED 20
-# define SSL3_MT_CERTIFICATE_STATUS 22
-# ifndef OPENSSL_NO_NEXTPROTONEG
-# define SSL3_MT_NEXT_PROTO 67
-# endif
-# define DTLS1_MT_HELLO_VERIFY_REQUEST 3
-
-# define SSL3_MT_CCS 1
-
-/* These are used when changing over to a new cipher */
-# define SSL3_CC_READ 0x01
-# define SSL3_CC_WRITE 0x02
-# define SSL3_CC_CLIENT 0x10
-# define SSL3_CC_SERVER 0x20
-# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
-# define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
-# define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
-# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
-
-#ifdef __cplusplus
-}
-#endif
-#endif
+++ /dev/null
-/* ssl/ssltest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-/* Or gethostname won't be declared properly on Linux and GNU platforms. */
-#define _BSD_SOURCE 1
-
-#include <assert.h>
-#include <errno.h>
-#include <limits.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-
-#define USE_SOCKETS
-#include "e_os.h"
-
-#ifdef OPENSSL_SYS_VMS
-/*
- * Or isascii won't be declared properly on VMS (at least with DECompHP C).
- */
-# define _XOPEN_SOURCE 500
-#endif
-
-#include <ctype.h>
-
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/ssl.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_SRP
-# include <openssl/srp.h>
-#endif
-#include <openssl/bn.h>
-
-#include "../ssl/ssl_locl.h"
-
-/*
- * Or gethostname won't be declared properly
- * on Compaq platforms (at least with DEC C).
- * Do not try to put it earlier, or IPv6 includes
- * get screwed...
- */
-#define _XOPEN_SOURCE_EXTENDED 1
-
-#ifdef OPENSSL_SYS_WINDOWS
-# include <winsock.h>
-#else
-# include OPENSSL_UNISTD
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
-# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
-#elif defined(OPENSSL_SYS_WINCE)
-# define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
-# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
-#elif defined(OPENSSL_SYS_NETWARE)
-# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
-# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
-#else
-# define TEST_SERVER_CERT "../apps/server.pem"
-# define TEST_CLIENT_CERT "../apps/client.pem"
-#endif
-
-/*
- * There is really no standard for this, so let's assign some tentative
- * numbers. In any case, these numbers are only for this test
- */
-#define COMP_RLE 255
-#define COMP_ZLIB 1
-
-static int verify_callback(int ok, X509_STORE_CTX *ctx);
-#ifndef OPENSSL_NO_RSA
-static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
-static void free_tmp_rsa(void);
-#endif
-static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
-#define APP_CALLBACK_STRING "Test Callback Argument"
-struct app_verify_arg {
- char *string;
- int app_verify;
- int allow_proxy_certs;
- char *proxy_auth;
- char *proxy_cond;
-};
-
-#ifndef OPENSSL_NO_DH
-static DH *get_dh512(void);
-static DH *get_dh1024(void);
-static DH *get_dh1024dsa(void);
-#endif
-
-static char *psk_key = NULL; /* by default PSK is not used */
-#ifndef OPENSSL_NO_PSK
-static unsigned int psk_client_callback(SSL *ssl, const char *hint,
- char *identity,
- unsigned int max_identity_len,
- unsigned char *psk,
- unsigned int max_psk_len);
-static unsigned int psk_server_callback(SSL *ssl, const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len);
-#endif
-
-#ifndef OPENSSL_NO_SRP
-/* SRP client */
-/* This is a context that we pass to all callbacks */
-typedef struct srp_client_arg_st {
- char *srppassin;
- char *srplogin;
-} SRP_CLIENT_ARG;
-
-# define PWD_STRLEN 1024
-
-static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
-{
- SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
- return BUF_strdup((char *)srp_client_arg->srppassin);
-}
-
-/* SRP server */
-/* This is a context that we pass to SRP server callbacks */
-typedef struct srp_server_arg_st {
- char *expected_user;
- char *pass;
-} SRP_SERVER_ARG;
-
-static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
-{
- SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
-
- if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
- fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
- return SSL3_AL_FATAL;
- }
- if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
- *ad = SSL_AD_INTERNAL_ERROR;
- return SSL3_AL_FATAL;
- }
- return SSL_ERROR_NONE;
-}
-#endif
-
-static BIO *bio_err = NULL;
-static BIO *bio_stdout = NULL;
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
-/* Note that this code assumes that this is only a one element list: */
-static const char NEXT_PROTO_STRING[] = "\x09testproto";
-int npn_client = 0;
-int npn_server = 0;
-int npn_server_reject = 0;
-
-static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
- const unsigned char *in, unsigned int inlen,
- void *arg)
-{
- /*
- * This callback only returns the protocol string, rather than a length
- * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
- * and remove the first byte to chop off the length prefix.
- */
- *out = (unsigned char *)NEXT_PROTO_STRING + 1;
- *outlen = sizeof(NEXT_PROTO_STRING) - 2;
- return SSL_TLSEXT_ERR_OK;
-}
-
-static int cb_server_npn(SSL *s, const unsigned char **data,
- unsigned int *len, void *arg)
-{
- *data = (const unsigned char *)NEXT_PROTO_STRING;
- *len = sizeof(NEXT_PROTO_STRING) - 1;
- return SSL_TLSEXT_ERR_OK;
-}
-
-static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
- unsigned int *len, void *arg)
-{
- return SSL_TLSEXT_ERR_NOACK;
-}
-
-static int verify_npn(SSL *client, SSL *server)
-{
- const unsigned char *client_s;
- unsigned client_len;
- const unsigned char *server_s;
- unsigned server_len;
-
- SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
- SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
-
- if (client_len) {
- BIO_printf(bio_stdout, "Client NPN: ");
- BIO_write(bio_stdout, client_s, client_len);
- BIO_printf(bio_stdout, "\n");
- }
-
- if (server_len) {
- BIO_printf(bio_stdout, "Server NPN: ");
- BIO_write(bio_stdout, server_s, server_len);
- BIO_printf(bio_stdout, "\n");
- }
-
- /*
- * If an NPN string was returned, it must be the protocol that we
- * expected to negotiate.
- */
- if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
- memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
- return -1;
- if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
- memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
- return -1;
-
- if (!npn_client && client_len)
- return -1;
- if (!npn_server && server_len)
- return -1;
- if (npn_server_reject && server_len)
- return -1;
- if (npn_client && npn_server && (!client_len || !server_len))
- return -1;
-
- return 0;
-}
-#endif
-
-static const char *alpn_client;
-static const char *alpn_server;
-static const char *alpn_expected;
-static unsigned char *alpn_selected;
-
-/*-
- * next_protos_parse parses a comma separated list of strings into a string
- * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
- * outlen: (output) set to the length of the resulting buffer on success.
- * err: (maybe NULL) on failure, an error message line is written to this BIO.
- * in: a NUL terminated string like "abc,def,ghi"
- *
- * returns: a malloced buffer or NULL on failure.
- */
-static unsigned char *next_protos_parse(unsigned short *outlen,
- const char *in)
-{
- size_t len;
- unsigned char *out;
- size_t i, start = 0;
-
- len = strlen(in);
- if (len >= 65535)
- return NULL;
-
- out = OPENSSL_malloc(strlen(in) + 1);
- if (!out)
- return NULL;
-
- for (i = 0; i <= len; ++i) {
- if (i == len || in[i] == ',') {
- if (i - start > 255) {
- OPENSSL_free(out);
- return NULL;
- }
- out[start] = i - start;
- start = i + 1;
- } else
- out[i + 1] = in[i];
- }
-
- *outlen = len + 1;
- return out;
-}
-
-static int cb_server_alpn(SSL *s, const unsigned char **out,
- unsigned char *outlen, const unsigned char *in,
- unsigned int inlen, void *arg)
-{
- unsigned char *protos;
- unsigned short protos_len;
-
- protos = next_protos_parse(&protos_len, alpn_server);
- if (protos == NULL) {
- fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
- alpn_server);
- abort();
- }
-
- if (SSL_select_next_proto
- ((unsigned char **)out, outlen, protos, protos_len, in,
- inlen) != OPENSSL_NPN_NEGOTIATED) {
- OPENSSL_free(protos);
- return SSL_TLSEXT_ERR_NOACK;
- }
-
- /*
- * Make a copy of the selected protocol which will be freed in
- * verify_alpn.
- */
- alpn_selected = OPENSSL_malloc(*outlen);
- memcpy(alpn_selected, *out, *outlen);
- *out = alpn_selected;
-
- OPENSSL_free(protos);
- return SSL_TLSEXT_ERR_OK;
-}
-
-static int verify_alpn(SSL *client, SSL *server)
-{
- const unsigned char *client_proto, *server_proto;
- unsigned int client_proto_len = 0, server_proto_len = 0;
- SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
- SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
-
- if (alpn_selected != NULL) {
- OPENSSL_free(alpn_selected);
- alpn_selected = NULL;
- }
-
- if (client_proto_len != server_proto_len ||
- memcmp(client_proto, server_proto, client_proto_len) != 0) {
- BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
- goto err;
- }
-
- if (client_proto_len > 0 && alpn_expected == NULL) {
- BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
- goto err;
- }
-
- if (alpn_expected != NULL &&
- (client_proto_len != strlen(alpn_expected) ||
- memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
- BIO_printf(bio_stdout,
- "ALPN selected protocols not equal to expected protocol: %s\n",
- alpn_expected);
- goto err;
- }
-
- return 0;
-
- err:
- BIO_printf(bio_stdout, "ALPN results: client: '");
- BIO_write(bio_stdout, client_proto, client_proto_len);
- BIO_printf(bio_stdout, "', server: '");
- BIO_write(bio_stdout, server_proto, server_proto_len);
- BIO_printf(bio_stdout, "'\n");
- BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
- alpn_client, alpn_server);
- return -1;
-}
-
-#define SCT_EXT_TYPE 18
-
-/*
- * WARNING : below extension types are *NOT* IETF assigned, and could
- * conflict if these types are reassigned and handled specially by OpenSSL
- * in the future
- */
-#define TACK_EXT_TYPE 62208
-#define CUSTOM_EXT_TYPE_0 1000
-#define CUSTOM_EXT_TYPE_1 1001
-#define CUSTOM_EXT_TYPE_2 1002
-#define CUSTOM_EXT_TYPE_3 1003
-
-const char custom_ext_cli_string[] = "abc";
-const char custom_ext_srv_string[] = "defg";
-
-/* These set from cmdline */
-char *serverinfo_file = NULL;
-int serverinfo_sct = 0;
-int serverinfo_tack = 0;
-
-/* These set based on extension callbacks */
-int serverinfo_sct_seen = 0;
-int serverinfo_tack_seen = 0;
-int serverinfo_other_seen = 0;
-
-/* This set from cmdline */
-int custom_ext = 0;
-
-/* This set based on extension callbacks */
-int custom_ext_error = 0;
-
-static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in, size_t inlen,
- int *al, void *arg)
-{
- if (ext_type == SCT_EXT_TYPE)
- serverinfo_sct_seen++;
- else if (ext_type == TACK_EXT_TYPE)
- serverinfo_tack_seen++;
- else
- serverinfo_other_seen++;
- return 1;
-}
-
-static int verify_serverinfo()
-{
- if (serverinfo_sct != serverinfo_sct_seen)
- return -1;
- if (serverinfo_tack != serverinfo_tack_seen)
- return -1;
- if (serverinfo_other_seen)
- return -1;
- return 0;
-}
-
-/*-
- * Four test cases for custom extensions:
- * 0 - no ClientHello extension or ServerHello response
- * 1 - ClientHello with "abc", no response
- * 2 - ClientHello with "abc", empty response
- * 3 - ClientHello with "abc", "defg" response
- */
-
-static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_0)
- custom_ext_error = 1;
- return 0; /* Don't send an extension */
-}
-
-static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- return 1;
-}
-
-static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_1)
- custom_ext_error = 1;
- *out = (const unsigned char *)custom_ext_cli_string;
- *outlen = strlen(custom_ext_cli_string);
- return 1; /* Send "abc" */
-}
-
-static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- return 1;
-}
-
-static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_2)
- custom_ext_error = 1;
- *out = (const unsigned char *)custom_ext_cli_string;
- *outlen = strlen(custom_ext_cli_string);
- return 1; /* Send "abc" */
-}
-
-static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_2)
- custom_ext_error = 1;
- if (inlen != 0)
- custom_ext_error = 1; /* Should be empty response */
- return 1;
-}
-
-static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_3)
- custom_ext_error = 1;
- *out = (const unsigned char *)custom_ext_cli_string;
- *outlen = strlen(custom_ext_cli_string);
- return 1; /* Send "abc" */
-}
-
-static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_3)
- custom_ext_error = 1;
- if (inlen != strlen(custom_ext_srv_string))
- custom_ext_error = 1;
- if (memcmp(custom_ext_srv_string, in, inlen) != 0)
- custom_ext_error = 1; /* Check for "defg" */
- return 1;
-}
-
-/*
- * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
- * for this extension
- */
-static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- custom_ext_error = 1;
- return 1;
-}
-
-/* 'add' callbacks are only called if the 'parse' callback is called */
-static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- /* Error: should not have been called */
- custom_ext_error = 1;
- return 0; /* Don't send an extension */
-}
-
-static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_1)
- custom_ext_error = 1;
- /* Check for "abc" */
- if (inlen != strlen(custom_ext_cli_string))
- custom_ext_error = 1;
- if (memcmp(in, custom_ext_cli_string, inlen) != 0)
- custom_ext_error = 1;
- return 1;
-}
-
-static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- return 0; /* Don't send an extension */
-}
-
-static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_2)
- custom_ext_error = 1;
- /* Check for "abc" */
- if (inlen != strlen(custom_ext_cli_string))
- custom_ext_error = 1;
- if (memcmp(in, custom_ext_cli_string, inlen) != 0)
- custom_ext_error = 1;
- return 1;
-}
-
-static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- *out = NULL;
- *outlen = 0;
- return 1; /* Send empty extension */
-}
-
-static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
- const unsigned char *in,
- size_t inlen, int *al, void *arg)
-{
- if (ext_type != CUSTOM_EXT_TYPE_3)
- custom_ext_error = 1;
- /* Check for "abc" */
- if (inlen != strlen(custom_ext_cli_string))
- custom_ext_error = 1;
- if (memcmp(in, custom_ext_cli_string, inlen) != 0)
- custom_ext_error = 1;
- return 1;
-}
-
-static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
- const unsigned char **out,
- size_t *outlen, int *al, void *arg)
-{
- *out = (const unsigned char *)custom_ext_srv_string;
- *outlen = strlen(custom_ext_srv_string);
- return 1; /* Send "defg" */
-}
-
-static char *cipher = NULL;
-static int verbose = 0;
-static int debug = 0;
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
- clock_t *c_time);
-int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
-static int do_test_cipherlist(void);
-
-static void sv_usage(void)
-{
- fprintf(stderr, "usage: ssltest [args ...]\n");
- fprintf(stderr, "\n");
-#ifdef OPENSSL_FIPS
- fprintf(stderr, "-F - run test in FIPS mode\n");
-#endif
- fprintf(stderr, " -server_auth - check server certificate\n");
- fprintf(stderr, " -client_auth - do client authentication\n");
- fprintf(stderr, " -proxy - allow proxy certificates\n");
- fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
- fprintf(stderr,
- " -proxy_cond <val> - expression to test proxy policy rights\n");
- fprintf(stderr, " -v - more output\n");
- fprintf(stderr, " -d - debug output\n");
- fprintf(stderr, " -reuse - use session-id reuse\n");
- fprintf(stderr, " -num <val> - number of connections to perform\n");
- fprintf(stderr,
- " -bytes <val> - number of bytes to swap between client/server\n");
-#ifndef OPENSSL_NO_DH
- fprintf(stderr,
- " -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
- fprintf(stderr,
- " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
- fprintf(stderr, " -no_dhe - disable DHE\n");
-#endif
-#ifndef OPENSSL_NO_EC
- fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
-#endif
-#ifndef OPENSSL_NO_PSK
- fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
-#endif
-#ifndef OPENSSL_NO_SRP
- fprintf(stderr, " -srpuser user - SRP username to use\n");
- fprintf(stderr, " -srppass arg - password for 'user'\n");
-#endif
-#ifndef OPENSSL_NO_SSL3_METHOD
- fprintf(stderr, " -ssl3 - use SSLv3\n");
-#endif
- fprintf(stderr, " -tls1 - use TLSv1\n");
-#ifndef OPENSSL_NO_DTLS
- fprintf(stderr, " -dtls1 - use DTLSv1\n");
- fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
-#endif
- fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
- fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
- fprintf(stderr, " -cert arg - Server certificate file\n");
- fprintf(stderr,
- " -key arg - Server key file (default: same as -cert)\n");
- fprintf(stderr, " -c_cert arg - Client certificate file\n");
- fprintf(stderr,
- " -c_key arg - Client key file (default: same as -c_cert)\n");
- fprintf(stderr, " -cipher arg - The cipher list\n");
- fprintf(stderr, " -bio_pair - Use BIO pairs\n");
- fprintf(stderr, " -f - Test even cases that can't work\n");
- fprintf(stderr,
- " -time - measure processor time used by client and server\n");
- fprintf(stderr, " -zlib - use zlib compression\n");
- fprintf(stderr, " -rle - use rle compression\n");
-#ifndef OPENSSL_NO_EC
- fprintf(stderr,
- " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
- " Use \"openssl ecparam -list_curves\" for all names\n"
- " (default is sect163r2).\n");
-#endif
- fprintf(stderr,
- " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
- " When this option is requested, the cipherlist\n"
- " tests are run instead of handshake tests.\n");
-#ifndef OPENSSL_NO_NEXTPROTONEG
- fprintf(stderr, " -npn_client - have client side offer NPN\n");
- fprintf(stderr, " -npn_server - have server side offer NPN\n");
- fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
-#endif
- fprintf(stderr, " -serverinfo_file file - have server use this file\n");
- fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
- fprintf(stderr,
- " -serverinfo_tack - have client offer and expect TACK\n");
- fprintf(stderr,
- " -custom_ext - try various custom extension callbacks\n");
- fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
- fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
- fprintf(stderr,
- " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
-}
-
-static void print_key_details(BIO *out, EVP_PKEY *key)
-{
- int keyid = EVP_PKEY_id(key);
-#ifndef OPENSSL_NO_EC
- if (keyid == EVP_PKEY_EC) {
- EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
- int nid;
- const char *cname;
- nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
- EC_KEY_free(ec);
- cname = EC_curve_nid2nist(nid);
- if (!cname)
- cname = OBJ_nid2sn(nid);
- BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
- } else
-#endif
- {
- const char *algname;
- switch (keyid) {
- case EVP_PKEY_RSA:
- algname = "RSA";
- break;
- case EVP_PKEY_DSA:
- algname = "DSA";
- break;
- case EVP_PKEY_DH:
- algname = "DH";
- break;
- default:
- algname = OBJ_nid2sn(keyid);
- break;
- }
- BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
- }
-}
-
-static void print_details(SSL *c_ssl, const char *prefix)
-{
- const SSL_CIPHER *ciph;
- int mdnid;
- X509 *cert;
- EVP_PKEY *pkey;
-
- ciph = SSL_get_current_cipher(c_ssl);
- BIO_printf(bio_stdout, "%s%s, cipher %s %s",
- prefix,
- SSL_get_version(c_ssl),
- SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
- cert = SSL_get_peer_certificate(c_ssl);
- if (cert != NULL) {
- pkey = X509_get_pubkey(cert);
- if (pkey != NULL) {
- BIO_puts(bio_stdout, ", ");
- print_key_details(bio_stdout, pkey);
- EVP_PKEY_free(pkey);
- }
- X509_free(cert);
- }
- if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
- BIO_puts(bio_stdout, ", temp key: ");
- print_key_details(bio_stdout, pkey);
- EVP_PKEY_free(pkey);
- }
- if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
- BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
- BIO_printf(bio_stdout, "\n");
-}
-
-static void lock_dbg_cb(int mode, int type, const char *file, int line)
-{
- static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
- const char *errstr = NULL;
- int rw;
-
- rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
- if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
- errstr = "invalid mode";
- goto err;
- }
-
- if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
- errstr = "type out of bounds";
- goto err;
- }
-
- if (mode & CRYPTO_LOCK) {
- if (modes[type]) {
- errstr = "already locked";
- /*
- * must not happen in a single-threaded program (would deadlock)
- */
- goto err;
- }
-
- modes[type] = rw;
- } else if (mode & CRYPTO_UNLOCK) {
- if (!modes[type]) {
- errstr = "not locked";
- goto err;
- }
-
- if (modes[type] != rw) {
- errstr = (rw == CRYPTO_READ) ?
- "CRYPTO_r_unlock on write lock" :
- "CRYPTO_w_unlock on read lock";
- }
-
- modes[type] = 0;
- } else {
- errstr = "invalid mode";
- goto err;
- }
-
- err:
- if (errstr) {
- /* we cannot use bio_err here */
- fprintf(stderr,
- "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
- errstr, mode, type, file, line);
- }
-}
-
-int main(int argc, char *argv[])
-{
- char *CApath = NULL, *CAfile = NULL;
- int badop = 0;
- int bio_pair = 0;
- int force = 0;
- int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl3 = 0, ret = 1;
- int client_auth = 0;
- int server_auth = 0, i;
- struct app_verify_arg app_verify_arg =
- { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
- char *server_cert = TEST_SERVER_CERT;
- char *server_key = NULL;
- char *client_cert = TEST_CLIENT_CERT;
- char *client_key = NULL;
-#ifndef OPENSSL_NO_EC
- char *named_curve = NULL;
-#endif
- SSL_CTX *s_ctx = NULL;
- SSL_CTX *c_ctx = NULL;
- const SSL_METHOD *meth = NULL;
- SSL *c_ssl, *s_ssl;
- int number = 1, reuse = 0;
- long bytes = 256L;
-#ifndef OPENSSL_NO_DH
- DH *dh;
- int dhe1024 = 0, dhe1024dsa = 0;
-#endif
-#ifndef OPENSSL_NO_EC
- EC_KEY *ecdh = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
- /* client */
- SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
- /* server */
- SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
-#endif
- int no_dhe = 0;
- int no_ecdhe = 0;
- int no_psk = 0;
- int print_time = 0;
- clock_t s_time = 0, c_time = 0;
-#ifndef OPENSSL_NO_COMP
- int comp = 0;
- COMP_METHOD *cm = NULL;
- STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
-#endif
- int test_cipherlist = 0;
-#ifdef OPENSSL_FIPS
- int fips_mode = 0;
-#endif
- int no_protocol = 0;
-
- SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
- STACK_OF(OPENSSL_STRING) *conf_args = NULL;
- const char *arg = NULL, *argn = NULL;
-
- verbose = 0;
- debug = 0;
- cipher = 0;
-
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-
- CRYPTO_set_locking_callback(lock_dbg_cb);
-
- /* enable memory leak checking unless explicitly disabled */
- if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
- && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- } else {
- /* OPENSSL_DEBUG_MEMORY=off */
- CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
- }
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- RAND_seed(rnd_seed, sizeof rnd_seed);
-
- bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-
- s_cctx = SSL_CONF_CTX_new();
- c_cctx = SSL_CONF_CTX_new();
-
- if (!s_cctx || !c_cctx) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- SSL_CONF_CTX_set_flags(s_cctx,
- SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER);
- if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- SSL_CONF_CTX_set_flags(c_cctx,
- SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT);
- if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- argc--;
- argv++;
-
- while (argc >= 1) {
- if (!strcmp(*argv, "-F")) {
-#ifdef OPENSSL_FIPS
- fips_mode = 1;
-#else
- fprintf(stderr,
- "not compiled with FIPS support, so exiting without running.\n");
- EXIT(0);
-#endif
- } else if (strcmp(*argv, "-server_auth") == 0)
- server_auth = 1;
- else if (strcmp(*argv, "-client_auth") == 0)
- client_auth = 1;
- else if (strcmp(*argv, "-proxy_auth") == 0) {
- if (--argc < 1)
- goto bad;
- app_verify_arg.proxy_auth = *(++argv);
- } else if (strcmp(*argv, "-proxy_cond") == 0) {
- if (--argc < 1)
- goto bad;
- app_verify_arg.proxy_cond = *(++argv);
- } else if (strcmp(*argv, "-v") == 0)
- verbose = 1;
- else if (strcmp(*argv, "-d") == 0)
- debug = 1;
- else if (strcmp(*argv, "-reuse") == 0)
- reuse = 1;
- else if (strcmp(*argv, "-dhe1024") == 0) {
-#ifndef OPENSSL_NO_DH
- dhe1024 = 1;
-#else
- fprintf(stderr,
- "ignoring -dhe1024, since I'm compiled without DH\n");
-#endif
- } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
-#ifndef OPENSSL_NO_DH
- dhe1024dsa = 1;
-#else
- fprintf(stderr,
- "ignoring -dhe1024, since I'm compiled without DH\n");
-#endif
- } else if (strcmp(*argv, "-no_dhe") == 0)
- no_dhe = 1;
- else if (strcmp(*argv, "-no_ecdhe") == 0)
- no_ecdhe = 1;
- else if (strcmp(*argv, "-psk") == 0) {
- if (--argc < 1)
- goto bad;
- psk_key = *(++argv);
-#ifndef OPENSSL_NO_PSK
- if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
- BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
- goto bad;
- }
-#else
- no_psk = 1;
-#endif
- }
-#ifndef OPENSSL_NO_SRP
- else if (strcmp(*argv, "-srpuser") == 0) {
- if (--argc < 1)
- goto bad;
- srp_server_arg.expected_user = srp_client_arg.srplogin =
- *(++argv);
- tls1 = 1;
- } else if (strcmp(*argv, "-srppass") == 0) {
- if (--argc < 1)
- goto bad;
- srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
- tls1 = 1;
- }
-#endif
- else if (strcmp(*argv, "-tls1") == 0) {
- tls1 = 1;
- } else if (strcmp(*argv, "-ssl3") == 0) {
-#ifdef OPENSSL_NO_SSL3_METHOD
- no_protocol = 1;
-#endif
- ssl3 = 1;
- } else if (strcmp(*argv, "-dtls1") == 0) {
-#ifdef OPENSSL_NO_DTLS
- no_protocol = 1;
-#endif
- dtls1 = 1;
- } else if (strcmp(*argv, "-dtls12") == 0) {
-#ifdef OPENSSL_NO_DTLS
- no_protocol = 1;
-#endif
- dtls12 = 1;
- } else if (strncmp(*argv, "-num", 4) == 0) {
- if (--argc < 1)
- goto bad;
- number = atoi(*(++argv));
- if (number == 0)
- number = 1;
- } else if (strcmp(*argv, "-bytes") == 0) {
- if (--argc < 1)
- goto bad;
- bytes = atol(*(++argv));
- if (bytes == 0L)
- bytes = 1L;
- i = strlen(argv[0]);
- if (argv[0][i - 1] == 'k')
- bytes *= 1024L;
- if (argv[0][i - 1] == 'm')
- bytes *= 1024L * 1024L;
- } else if (strcmp(*argv, "-cert") == 0) {
- if (--argc < 1)
- goto bad;
- server_cert = *(++argv);
- } else if (strcmp(*argv, "-s_cert") == 0) {
- if (--argc < 1)
- goto bad;
- server_cert = *(++argv);
- } else if (strcmp(*argv, "-key") == 0) {
- if (--argc < 1)
- goto bad;
- server_key = *(++argv);
- } else if (strcmp(*argv, "-s_key") == 0) {
- if (--argc < 1)
- goto bad;
- server_key = *(++argv);
- } else if (strcmp(*argv, "-c_cert") == 0) {
- if (--argc < 1)
- goto bad;
- client_cert = *(++argv);
- } else if (strcmp(*argv, "-c_key") == 0) {
- if (--argc < 1)
- goto bad;
- client_key = *(++argv);
- } else if (strcmp(*argv, "-cipher") == 0) {
- if (--argc < 1)
- goto bad;
- cipher = *(++argv);
- } else if (strcmp(*argv, "-CApath") == 0) {
- if (--argc < 1)
- goto bad;
- CApath = *(++argv);
- } else if (strcmp(*argv, "-CAfile") == 0) {
- if (--argc < 1)
- goto bad;
- CAfile = *(++argv);
- } else if (strcmp(*argv, "-bio_pair") == 0) {
- bio_pair = 1;
- } else if (strcmp(*argv, "-f") == 0) {
- force = 1;
- } else if (strcmp(*argv, "-time") == 0) {
- print_time = 1;
- }
-#ifndef OPENSSL_NO_COMP
- else if (strcmp(*argv, "-zlib") == 0) {
- comp = COMP_ZLIB;
- } else if (strcmp(*argv, "-rle") == 0) {
- comp = COMP_RLE;
- }
-#endif
- else if (strcmp(*argv, "-named_curve") == 0) {
- if (--argc < 1)
- goto bad;
-#ifndef OPENSSL_NO_EC
- named_curve = *(++argv);
-#else
- fprintf(stderr,
- "ignoring -named_curve, since I'm compiled without ECDH\n");
- ++argv;
-#endif
- } else if (strcmp(*argv, "-app_verify") == 0) {
- app_verify_arg.app_verify = 1;
- } else if (strcmp(*argv, "-proxy") == 0) {
- app_verify_arg.allow_proxy_certs = 1;
- } else if (strcmp(*argv, "-test_cipherlist") == 0) {
- test_cipherlist = 1;
- }
-#ifndef OPENSSL_NO_NEXTPROTONEG
- else if (strcmp(*argv, "-npn_client") == 0) {
- npn_client = 1;
- } else if (strcmp(*argv, "-npn_server") == 0) {
- npn_server = 1;
- } else if (strcmp(*argv, "-npn_server_reject") == 0) {
- npn_server_reject = 1;
- }
-#endif
- else if (strcmp(*argv, "-serverinfo_sct") == 0) {
- serverinfo_sct = 1;
- } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
- serverinfo_tack = 1;
- } else if (strcmp(*argv, "-serverinfo_file") == 0) {
- if (--argc < 1)
- goto bad;
- serverinfo_file = *(++argv);
- } else if (strcmp(*argv, "-custom_ext") == 0) {
- custom_ext = 1;
- } else if (strcmp(*argv, "-alpn_client") == 0) {
- if (--argc < 1)
- goto bad;
- alpn_client = *(++argv);
- } else if (strcmp(*argv, "-alpn_server") == 0) {
- if (--argc < 1)
- goto bad;
- alpn_server = *(++argv);
- } else if (strcmp(*argv, "-alpn_expected") == 0) {
- if (--argc < 1)
- goto bad;
- alpn_expected = *(++argv);
- } else {
- int rv;
- arg = argv[0];
- argn = argv[1];
- /* Try to process command using SSL_CONF */
- rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
- /* If not processed try server */
- if (rv == 0)
- rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
- /* Recognised: store it for later use */
- if (rv > 0) {
- if (rv == 1)
- argn = NULL;
- if (!conf_args) {
- conf_args = sk_OPENSSL_STRING_new_null();
- if (!conf_args)
- goto end;
- }
- if (!sk_OPENSSL_STRING_push(conf_args, arg))
- goto end;
- if (!sk_OPENSSL_STRING_push(conf_args, argn))
- goto end;
- continue;
- }
- if (rv == -3)
- BIO_printf(bio_err, "Missing argument for %s\n", arg);
- else if (rv < 0)
- BIO_printf(bio_err, "Error with command %s\n", arg);
- else if (rv == 0)
- BIO_printf(bio_err, "unknown option %s\n", arg);
- badop = 1;
- break;
- }
- argc--;
- argv++;
- }
- if (badop) {
- bad:
- sv_usage();
- goto end;
- }
-
- /*
- * test_cipherlist prevails over protocol switch: we test the cipherlist
- * for all enabled protocols.
- */
- if (test_cipherlist == 1) {
- /*
- * ensure that the cipher list are correctly sorted and exit
- */
- fprintf(stdout, "Testing cipherlist order only. Ignoring all "
- "other options.\n");
- if (do_test_cipherlist() == 0)
- EXIT(1);
- ret = 0;
- goto end;
- }
-
- if (ssl3 + tls1 + dtls1 + dtls12 > 1) {
- fprintf(stderr, "At most one of -ssl3, -tls1, -dtls1 or -dtls12 should "
- "be requested.\n");
- EXIT(1);
- }
-
- /*
- * Testing was requested for a compiled-out protocol (e.g. SSLv3).
- * Ideally, we would error out, but the generic test wrapper can't know
- * when to expect failure. So we do nothing and return success.
- */
- if (no_protocol) {
- fprintf(stderr, "Testing was requested for a disabled protocol. "
- "Skipping tests.\n");
- ret = 0;
- goto end;
- }
-
- if (!ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
- fprintf(stderr, "This case cannot work. Use -f to perform "
- "the test anyway (and\n-d to see what happens), "
- "or add one of -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
- "to avoid protocol mismatch.\n");
- EXIT(1);
- }
-#ifdef OPENSSL_FIPS
- if (fips_mode) {
- if (!FIPS_mode_set(1)) {
- ERR_load_crypto_strings();
- ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
- EXIT(1);
- } else
- fprintf(stderr, "*** IN FIPS MODE ***\n");
- }
-#endif
-
- if (print_time) {
- if (!bio_pair) {
- fprintf(stderr, "Using BIO pair (-bio_pair)\n");
- bio_pair = 1;
- }
- if (number < 50 && !force)
- fprintf(stderr,
- "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
- }
-
-/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
-
- SSL_library_init();
- SSL_load_error_strings();
-
-#ifndef OPENSSL_NO_COMP
- if (comp == COMP_ZLIB)
- cm = COMP_zlib();
- if (comp == COMP_RLE)
- cm = COMP_rle();
- if (cm != NULL) {
- if (cm->type != NID_undef) {
- if (SSL_COMP_add_compression_method(comp, cm) != 0) {
- fprintf(stderr, "Failed to add compression method\n");
- ERR_print_errors_fp(stderr);
- }
- } else {
- fprintf(stderr,
- "Warning: %s compression not supported\n",
- (comp == COMP_RLE ? "rle" :
- (comp == COMP_ZLIB ? "zlib" : "unknown")));
- ERR_print_errors_fp(stderr);
- }
- }
- ssl_comp_methods = SSL_COMP_get_compression_methods();
- fprintf(stderr, "Available compression methods:\n");
- {
- int j, n = sk_SSL_COMP_num(ssl_comp_methods);
- if (n == 0)
- fprintf(stderr, " NONE\n");
- else
- for (j = 0; j < n; j++) {
- SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
- fprintf(stderr, " %d: %s\n", c->id, c->name);
- }
- }
-#endif
-
- /*
- * At this point, ssl3/tls1 is only set if the protocol is available.
- * (Otherwise we exit early.) However the compiler doesn't know this, so
- * we ifdef.
- */
-#ifndef OPENSSL_NO_SSL3
- if (ssl3)
- meth = SSLv3_method();
- else
-#endif
-#ifndef OPENSSL_NO_DTLS
- if (dtls1)
- meth = DTLSv1_method();
- else if (dtls12)
- meth = DTLSv1_2_method();
- else
-#endif
- if (tls1)
- meth = TLSv1_method();
- else
- meth = SSLv23_method();
-
- c_ctx = SSL_CTX_new(meth);
- s_ctx = SSL_CTX_new(meth);
- if ((c_ctx == NULL) || (s_ctx == NULL)) {
- ERR_print_errors(bio_err);
- goto end;
- }
- /*
- * Since we will use low security ciphersuites and keys for testing set
- * security level to zero.
- */
- SSL_CTX_set_security_level(c_ctx, 0);
- SSL_CTX_set_security_level(s_ctx, 0);
-
- if (cipher != NULL) {
- if(!SSL_CTX_set_cipher_list(c_ctx, cipher)
- || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- /* Process SSL_CONF arguments */
- SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
- SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
-
- for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
- int rv;
- arg = sk_OPENSSL_STRING_value(conf_args, i);
- argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
- rv = SSL_CONF_cmd(c_cctx, arg, argn);
- /* If not recognised use server context */
- if (rv == -2)
- rv = SSL_CONF_cmd(s_cctx, arg, argn);
- if (rv <= 0) {
- BIO_printf(bio_err, "Error processing %s %s\n",
- arg, argn ? argn : "");
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
- BIO_puts(bio_err, "Error finishing context\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-#ifndef OPENSSL_NO_DH
- if (!no_dhe) {
- if (dhe1024dsa) {
- /*
- * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
- */
- SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
- dh = get_dh1024dsa();
- } else if (dhe1024)
- dh = get_dh1024();
- else
- dh = get_dh512();
- SSL_CTX_set_tmp_dh(s_ctx, dh);
- DH_free(dh);
- }
-#else
- (void)no_dhe;
-#endif
-
-#ifndef OPENSSL_NO_EC
- if (!no_ecdhe) {
- int nid;
-
- if (named_curve != NULL) {
- nid = OBJ_sn2nid(named_curve);
- if (nid == 0) {
- BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
- goto end;
- }
- } else
-# ifdef OPENSSL_NO_EC2M
- nid = NID_X9_62_prime256v1;
-# else
- nid = NID_sect163r2;
-# endif
-
- ecdh = EC_KEY_new_by_curve_name(nid);
- if (ecdh == NULL) {
- BIO_printf(bio_err, "unable to create curve\n");
- goto end;
- }
-
- SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
- SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
- EC_KEY_free(ecdh);
- }
-#else
- (void)no_ecdhe;
-#endif
-
-#ifndef OPENSSL_NO_RSA
- SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
-#endif
-
- if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
- ERR_print_errors(bio_err);
- } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
- (server_key ? server_key :
- server_cert),
- SSL_FILETYPE_PEM)) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if (client_auth) {
- if(!SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM)
- || !SSL_CTX_use_PrivateKey_file(c_ctx,
- (client_key ? client_key : client_cert),
- SSL_FILETYPE_PEM)) {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
- (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(c_ctx))) {
- /* fprintf(stderr,"SSL_load_verify_locations\n"); */
- ERR_print_errors(bio_err);
- /* goto end; */
- }
-
- if (client_auth) {
- BIO_printf(bio_err, "client authentication\n");
- SSL_CTX_set_verify(s_ctx,
- SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
- verify_callback);
- SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
- &app_verify_arg);
- }
- if (server_auth) {
- BIO_printf(bio_err, "server authentication\n");
- SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
- SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
- &app_verify_arg);
- }
-
- {
- int session_id_context = 0;
- if(!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
- sizeof session_id_context)) {
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- /* Use PSK only if PSK key is given */
- if (psk_key != NULL) {
- /*
- * no_psk is used to avoid putting psk command to openssl tool
- */
- if (no_psk) {
- /*
- * if PSK is not compiled in and psk key is given, do nothing and
- * exit successfully
- */
- ret = 0;
- goto end;
- }
-#ifndef OPENSSL_NO_PSK
- SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
- SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
- if (debug)
- BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
- if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
- BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
- ERR_print_errors(bio_err);
- goto end;
- }
-#endif
- }
-#ifndef OPENSSL_NO_SRP
- if (srp_client_arg.srplogin) {
- if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
- BIO_printf(bio_err, "Unable to set SRP username\n");
- goto end;
- }
- SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
- SSL_CTX_set_srp_client_pwd_callback(c_ctx,
- ssl_give_srp_client_pwd_cb);
- /*
- * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
- */
- }
-
- if (srp_server_arg.expected_user != NULL) {
- SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
- SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
- SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
- }
-#endif
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
- if (npn_client) {
- SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
- }
- if (npn_server) {
- if (npn_server_reject) {
- BIO_printf(bio_err,
- "Can't have both -npn_server and -npn_server_reject\n");
- goto end;
- }
- SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
- }
- if (npn_server_reject) {
- SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
- NULL);
- }
-#endif
-
- if (serverinfo_sct) {
- if(!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
- NULL, NULL, NULL,
- serverinfo_cli_parse_cb, NULL)) {
- BIO_printf(bio_err, "Error adding SCT extension\n");
- goto end;
- }
- }
- if (serverinfo_tack) {
- if(!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
- NULL, NULL, NULL,
- serverinfo_cli_parse_cb, NULL)) {
- BIO_printf(bio_err, "Error adding TACK extension\n");
- goto end;
- }
- }
- if (serverinfo_file)
- if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
- BIO_printf(bio_err, "missing serverinfo file\n");
- goto end;
- }
-
- if (custom_ext) {
- if(!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
- custom_ext_0_cli_add_cb,
- NULL, NULL,
- custom_ext_0_cli_parse_cb, NULL)
- || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
- custom_ext_1_cli_add_cb,
- NULL, NULL,
- custom_ext_1_cli_parse_cb, NULL)
- || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
- custom_ext_2_cli_add_cb,
- NULL, NULL,
- custom_ext_2_cli_parse_cb, NULL)
- || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
- custom_ext_3_cli_add_cb,
- NULL, NULL,
- custom_ext_3_cli_parse_cb, NULL)
- || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
- custom_ext_0_srv_add_cb,
- NULL, NULL,
- custom_ext_0_srv_parse_cb, NULL)
- || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
- custom_ext_1_srv_add_cb,
- NULL, NULL,
- custom_ext_1_srv_parse_cb, NULL)
- || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
- custom_ext_2_srv_add_cb,
- NULL, NULL,
- custom_ext_2_srv_parse_cb, NULL)
- || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
- custom_ext_3_srv_add_cb,
- NULL, NULL,
- custom_ext_3_srv_parse_cb, NULL)) {
- BIO_printf(bio_err, "Error setting custom extensions\n");
- goto end;
- }
- }
-
- if (alpn_server)
- SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
-
- if (alpn_client) {
- unsigned short alpn_len;
- unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
-
- if (alpn == NULL) {
- BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
- goto end;
- }
- /* Returns 0 on success!! */
- if(SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
- BIO_printf(bio_err, "Error setting ALPN\n");
- OPENSSL_free(alpn);
- goto end;
- }
- OPENSSL_free(alpn);
- }
-
- c_ssl = SSL_new(c_ctx);
- s_ssl = SSL_new(s_ctx);
-
-#ifndef OPENSSL_NO_KRB5
- if (c_ssl && c_ssl->kssl_ctx) {
- char localhost[MAXHOSTNAMELEN + 2];
-
- if (gethostname(localhost, sizeof localhost - 1) == 0) {
- localhost[sizeof localhost - 1] = '\0';
- if (strlen(localhost) == sizeof localhost - 1) {
- BIO_printf(bio_err, "localhost name too long\n");
- goto end;
- }
- kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
- }
- }
-#endif /* OPENSSL_NO_KRB5 */
-
- for (i = 0; i < number; i++) {
- if (!reuse) {
- if(!SSL_set_session(c_ssl, NULL)) {
- BIO_printf(bio_err, "Failed to set session\n");
- goto end;
- }
- }
- if (bio_pair)
- ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
- else
- ret = doit(s_ssl, c_ssl, bytes);
- if (ret) break;
- }
-
- if (!verbose) {
- print_details(c_ssl, "");
- }
- if ((i > 1) || (bytes > 1L))
- BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", i,
- bytes);
- if (print_time) {
-#ifdef CLOCKS_PER_SEC
- /*
- * "To determine the time in seconds, the value returned by the clock
- * function should be divided by the value of the macro
- * CLOCKS_PER_SEC." -- ISO/IEC 9899
- */
- BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
- "Approximate total client time: %6.2f s\n",
- (double)s_time / CLOCKS_PER_SEC,
- (double)c_time / CLOCKS_PER_SEC);
-#else
- BIO_printf(bio_stdout,
- "Approximate total server time: %6.2f units\n"
- "Approximate total client time: %6.2f units\n",
- (double)s_time, (double)c_time);
-#endif
- }
-
- SSL_free(s_ssl);
- SSL_free(c_ssl);
-
- end:
- if (s_ctx != NULL)
- SSL_CTX_free(s_ctx);
- if (c_ctx != NULL)
- SSL_CTX_free(c_ctx);
-
- if (s_cctx)
- SSL_CONF_CTX_free(s_cctx);
- if (c_cctx)
- SSL_CONF_CTX_free(c_cctx);
- sk_OPENSSL_STRING_free(conf_args);
-
- BIO_free(bio_stdout);
-
-#ifndef OPENSSL_NO_RSA
- free_tmp_rsa();
-#endif
-#ifndef OPENSSL_NO_ENGINE
- ENGINE_cleanup();
-#endif
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
- ERR_remove_thread_state(NULL);
- EVP_cleanup();
- CRYPTO_mem_leaks(bio_err);
- BIO_free(bio_err);
- EXIT(ret);
-}
-
-int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
- clock_t *s_time, clock_t *c_time)
-{
- long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
- BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
- BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
- int ret = 1;
-
- size_t bufsiz = 256; /* small buffer for testing */
-
- if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
- goto err;
- if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
- goto err;
-
- s_ssl_bio = BIO_new(BIO_f_ssl());
- if (!s_ssl_bio)
- goto err;
-
- c_ssl_bio = BIO_new(BIO_f_ssl());
- if (!c_ssl_bio)
- goto err;
-
- SSL_set_connect_state(c_ssl);
- SSL_set_bio(c_ssl, client, client);
- (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
-
- SSL_set_accept_state(s_ssl);
- SSL_set_bio(s_ssl, server, server);
- (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
-
- do {
- /*-
- * c_ssl_bio: SSL filter BIO
- *
- * client: pseudo-I/O for SSL library
- *
- * client_io: client's SSL communication; usually to be
- * relayed over some I/O facility, but in this
- * test program, we're the server, too:
- *
- * server_io: server's SSL communication
- *
- * server: pseudo-I/O for SSL library
- *
- * s_ssl_bio: SSL filter BIO
- *
- * The client and the server each employ a "BIO pair":
- * client + client_io, server + server_io.
- * BIO pairs are symmetric. A BIO pair behaves similar
- * to a non-blocking socketpair (but both endpoints must
- * be handled by the same thread).
- * [Here we could connect client and server to the ends
- * of a single BIO pair, but then this code would be less
- * suitable as an example for BIO pairs in general.]
- *
- * Useful functions for querying the state of BIO pair endpoints:
- *
- * BIO_ctrl_pending(bio) number of bytes we can read now
- * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
- * other side's read attempt
- * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
- *
- * ..._read_request is never more than ..._write_guarantee;
- * it depends on the application which one you should use.
- */
-
- /*
- * We have non-blocking behaviour throughout this test program, but
- * can be sure that there is *some* progress in each iteration; so we
- * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
- * we just try everything in each iteration
- */
-
- {
- /* CLIENT */
-
- char cbuf[1024 * 8];
- int i, r;
- clock_t c_clock = clock();
-
- memset(cbuf, 0, sizeof(cbuf));
-
- if (debug)
- if (SSL_in_init(c_ssl))
- printf("client waiting in SSL_connect - %s\n",
- SSL_state_string_long(c_ssl));
-
- if (cw_num > 0) {
- /* Write to server. */
-
- if (cw_num > (long)sizeof cbuf)
- i = sizeof cbuf;
- else
- i = (int)cw_num;
- r = BIO_write(c_ssl_bio, cbuf, i);
- if (r < 0) {
- if (!BIO_should_retry(c_ssl_bio)) {
- fprintf(stderr, "ERROR in CLIENT\n");
- goto err;
- }
- /*
- * BIO_should_retry(...) can just be ignored here. The
- * library expects us to call BIO_write with the same
- * arguments again, and that's what we will do in the
- * next iteration.
- */
- } else if (r == 0) {
- fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
- goto err;
- } else {
- if (debug)
- printf("client wrote %d\n", r);
- cw_num -= r;
- }
- }
-
- if (cr_num > 0) {
- /* Read from server. */
-
- r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
- if (r < 0) {
- if (!BIO_should_retry(c_ssl_bio)) {
- fprintf(stderr, "ERROR in CLIENT\n");
- goto err;
- }
- /*
- * Again, "BIO_should_retry" can be ignored.
- */
- } else if (r == 0) {
- fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
- goto err;
- } else {
- if (debug)
- printf("client read %d\n", r);
- cr_num -= r;
- }
- }
-
- /*
- * c_time and s_time increments will typically be very small
- * (depending on machine speed and clock tick intervals), but
- * sampling over a large number of connections should result in
- * fairly accurate figures. We cannot guarantee a lot, however
- * -- if each connection lasts for exactly one clock tick, it
- * will be counted only for the client or only for the server or
- * even not at all.
- */
- *c_time += (clock() - c_clock);
- }
-
- {
- /* SERVER */
-
- char sbuf[1024 * 8];
- int i, r;
- clock_t s_clock = clock();
-
- memset(sbuf, 0, sizeof(sbuf));
-
- if (debug)
- if (SSL_in_init(s_ssl))
- printf("server waiting in SSL_accept - %s\n",
- SSL_state_string_long(s_ssl));
-
- if (sw_num > 0) {
- /* Write to client. */
-
- if (sw_num > (long)sizeof sbuf)
- i = sizeof sbuf;
- else
- i = (int)sw_num;
- r = BIO_write(s_ssl_bio, sbuf, i);
- if (r < 0) {
- if (!BIO_should_retry(s_ssl_bio)) {
- fprintf(stderr, "ERROR in SERVER\n");
- goto err;
- }
- /* Ignore "BIO_should_retry". */
- } else if (r == 0) {
- fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
- goto err;
- } else {
- if (debug)
- printf("server wrote %d\n", r);
- sw_num -= r;
- }
- }
-
- if (sr_num > 0) {
- /* Read from client. */
-
- r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
- if (r < 0) {
- if (!BIO_should_retry(s_ssl_bio)) {
- fprintf(stderr, "ERROR in SERVER\n");
- goto err;
- }
- /* blah, blah */
- } else if (r == 0) {
- fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
- goto err;
- } else {
- if (debug)
- printf("server read %d\n", r);
- sr_num -= r;
- }
- }
-
- *s_time += (clock() - s_clock);
- }
-
- {
- /* "I/O" BETWEEN CLIENT AND SERVER. */
-
- size_t r1, r2;
- BIO *io1 = server_io, *io2 = client_io;
- /*
- * we use the non-copying interface for io1 and the standard
- * BIO_write/BIO_read interface for io2
- */
-
- static int prev_progress = 1;
- int progress = 0;
-
- /* io1 to io2 */
- do {
- size_t num;
- int r;
-
- r1 = BIO_ctrl_pending(io1);
- r2 = BIO_ctrl_get_write_guarantee(io2);
-
- num = r1;
- if (r2 < num)
- num = r2;
- if (num) {
- char *dataptr;
-
- if (INT_MAX < num) /* yeah, right */
- num = INT_MAX;
-
- r = BIO_nread(io1, &dataptr, (int)num);
- assert(r > 0);
- assert(r <= (int)num);
- /*
- * possibly r < num (non-contiguous data)
- */
- num = r;
- r = BIO_write(io2, dataptr, (int)num);
- if (r != (int)num) { /* can't happen */
- fprintf(stderr, "ERROR: BIO_write could not write "
- "BIO_ctrl_get_write_guarantee() bytes");
- goto err;
- }
- progress = 1;
-
- if (debug)
- printf((io1 == client_io) ?
- "C->S relaying: %d bytes\n" :
- "S->C relaying: %d bytes\n", (int)num);
- }
- }
- while (r1 && r2);
-
- /* io2 to io1 */
- {
- size_t num;
- int r;
-
- r1 = BIO_ctrl_pending(io2);
- r2 = BIO_ctrl_get_read_request(io1);
- /*
- * here we could use ..._get_write_guarantee instead of
- * ..._get_read_request, but by using the latter we test
- * restartability of the SSL implementation more thoroughly
- */
- num = r1;
- if (r2 < num)
- num = r2;
- if (num) {
- char *dataptr;
-
- if (INT_MAX < num)
- num = INT_MAX;
-
- if (num > 1)
- --num; /* test restartability even more thoroughly */
-
- r = BIO_nwrite0(io1, &dataptr);
- assert(r > 0);
- if (r < (int)num)
- num = r;
- r = BIO_read(io2, dataptr, (int)num);
- if (r != (int)num) { /* can't happen */
- fprintf(stderr, "ERROR: BIO_read could not read "
- "BIO_ctrl_pending() bytes");
- goto err;
- }
- progress = 1;
- r = BIO_nwrite(io1, &dataptr, (int)num);
- if (r != (int)num) { /* can't happen */
- fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
- "BIO_nwrite0() bytes");
- goto err;
- }
-
- if (debug)
- printf((io2 == client_io) ?
- "C->S relaying: %d bytes\n" :
- "S->C relaying: %d bytes\n", (int)num);
- }
- } /* no loop, BIO_ctrl_get_read_request now
- * returns 0 anyway */
-
- if (!progress && !prev_progress)
- if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
- fprintf(stderr, "ERROR: got stuck\n");
- fprintf(stderr, " ERROR.\n");
- goto err;
- }
- prev_progress = progress;
- }
- }
- while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
-
- if (verbose)
- print_details(c_ssl, "DONE via BIO pair: ");
-#ifndef OPENSSL_NO_NEXTPROTONEG
- if (verify_npn(c_ssl, s_ssl) < 0) {
- ret = 1;
- goto end;
- }
-#endif
- if (verify_serverinfo() < 0) {
- fprintf(stderr, "Server info verify error\n");
- ret = 1;
- goto err;
- }
- if (verify_alpn(c_ssl, s_ssl) < 0) {
- ret = 1;
- goto err;
- }
-
- if (custom_ext_error) {
- fprintf(stderr, "Custom extension error\n");
- ret = 1;
- goto err;
- }
-
- end:
- ret = 0;
-
- err:
- ERR_print_errors(bio_err);
-
- BIO_free(server);
- BIO_free(server_io);
- BIO_free(client);
- BIO_free(client_io);
- BIO_free(s_ssl_bio);
- BIO_free(c_ssl_bio);
-
- return ret;
-}
-
-#define W_READ 1
-#define W_WRITE 2
-#define C_DONE 1
-#define S_DONE 2
-
-int doit(SSL *s_ssl, SSL *c_ssl, long count)
-{
- char *cbuf = NULL, *sbuf = NULL;
- long bufsiz;
- long cw_num = count, cr_num = count;
- long sw_num = count, sr_num = count;
- int ret = 1;
- BIO *c_to_s = NULL;
- BIO *s_to_c = NULL;
- BIO *c_bio = NULL;
- BIO *s_bio = NULL;
- int c_r, c_w, s_r, s_w;
- int i, j;
- int done = 0;
- int c_write, s_write;
- int do_server = 0, do_client = 0;
- int max_frag = 5 * 1024;
-
- bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
-
- if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
- goto err;
- if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
- goto err;
-
- memset(cbuf, 0, bufsiz);
- memset(sbuf, 0, bufsiz);
-
- c_to_s = BIO_new(BIO_s_mem());
- s_to_c = BIO_new(BIO_s_mem());
- if ((s_to_c == NULL) || (c_to_s == NULL)) {
- ERR_print_errors(bio_err);
- goto err;
- }
-
- c_bio = BIO_new(BIO_f_ssl());
- s_bio = BIO_new(BIO_f_ssl());
- if ((c_bio == NULL) || (s_bio == NULL)) {
- ERR_print_errors(bio_err);
- goto err;
- }
-
- SSL_set_connect_state(c_ssl);
- SSL_set_bio(c_ssl, s_to_c, c_to_s);
- SSL_set_max_send_fragment(c_ssl, max_frag);
- BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
-
- SSL_set_accept_state(s_ssl);
- SSL_set_bio(s_ssl, c_to_s, s_to_c);
- SSL_set_max_send_fragment(s_ssl, max_frag);
- BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
-
- c_r = 0;
- s_r = 1;
- c_w = 1;
- s_w = 0;
- c_write = 1, s_write = 0;
-
- /* We can always do writes */
- for (;;) {
- do_server = 0;
- do_client = 0;
-
- i = (int)BIO_pending(s_bio);
- if ((i && s_r) || s_w)
- do_server = 1;
-
- i = (int)BIO_pending(c_bio);
- if ((i && c_r) || c_w)
- do_client = 1;
-
- if (do_server && debug) {
- if (SSL_in_init(s_ssl))
- printf("server waiting in SSL_accept - %s\n",
- SSL_state_string_long(s_ssl));
-/*-
- else if (s_write)
- printf("server:SSL_write()\n");
- else
- printf("server:SSL_read()\n"); */
- }
-
- if (do_client && debug) {
- if (SSL_in_init(c_ssl))
- printf("client waiting in SSL_connect - %s\n",
- SSL_state_string_long(c_ssl));
-/*-
- else if (c_write)
- printf("client:SSL_write()\n");
- else
- printf("client:SSL_read()\n"); */
- }
-
- if (!do_client && !do_server) {
- fprintf(stdout, "ERROR IN STARTUP\n");
- ERR_print_errors(bio_err);
- goto err;
- }
- if (do_client && !(done & C_DONE)) {
- if (c_write) {
- j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
- i = BIO_write(c_bio, cbuf, j);
- if (i < 0) {
- c_r = 0;
- c_w = 0;
- if (BIO_should_retry(c_bio)) {
- if (BIO_should_read(c_bio))
- c_r = 1;
- if (BIO_should_write(c_bio))
- c_w = 1;
- } else {
- fprintf(stderr, "ERROR in CLIENT\n");
- ERR_print_errors(bio_err);
- goto err;
- }
- } else if (i == 0) {
- fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
- goto err;
- } else {
- if (debug)
- printf("client wrote %d\n", i);
- /* ok */
- s_r = 1;
- c_write = 0;
- cw_num -= i;
- if (max_frag > 1029)
- SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
- }
- } else {
- i = BIO_read(c_bio, cbuf, bufsiz);
- if (i < 0) {
- c_r = 0;
- c_w = 0;
- if (BIO_should_retry(c_bio)) {
- if (BIO_should_read(c_bio))
- c_r = 1;
- if (BIO_should_write(c_bio))
- c_w = 1;
- } else {
- fprintf(stderr, "ERROR in CLIENT\n");
- ERR_print_errors(bio_err);
- goto err;
- }
- } else if (i == 0) {
- fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
- goto err;
- } else {
- if (debug)
- printf("client read %d\n", i);
- cr_num -= i;
- if (sw_num > 0) {
- s_write = 1;
- s_w = 1;
- }
- if (cr_num <= 0) {
- s_write = 1;
- s_w = 1;
- done = S_DONE | C_DONE;
- }
- }
- }
- }
-
- if (do_server && !(done & S_DONE)) {
- if (!s_write) {
- i = BIO_read(s_bio, sbuf, bufsiz);
- if (i < 0) {
- s_r = 0;
- s_w = 0;
- if (BIO_should_retry(s_bio)) {
- if (BIO_should_read(s_bio))
- s_r = 1;
- if (BIO_should_write(s_bio))
- s_w = 1;
- } else {
- fprintf(stderr, "ERROR in SERVER\n");
- ERR_print_errors(bio_err);
- goto err;
- }
- } else if (i == 0) {
- ERR_print_errors(bio_err);
- fprintf(stderr,
- "SSL SERVER STARTUP FAILED in SSL_read\n");
- goto err;
- } else {
- if (debug)
- printf("server read %d\n", i);
- sr_num -= i;
- if (cw_num > 0) {
- c_write = 1;
- c_w = 1;
- }
- if (sr_num <= 0) {
- s_write = 1;
- s_w = 1;
- c_write = 0;
- }
- }
- } else {
- j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
- i = BIO_write(s_bio, sbuf, j);
- if (i < 0) {
- s_r = 0;
- s_w = 0;
- if (BIO_should_retry(s_bio)) {
- if (BIO_should_read(s_bio))
- s_r = 1;
- if (BIO_should_write(s_bio))
- s_w = 1;
- } else {
- fprintf(stderr, "ERROR in SERVER\n");
- ERR_print_errors(bio_err);
- goto err;
- }
- } else if (i == 0) {
- ERR_print_errors(bio_err);
- fprintf(stderr,
- "SSL SERVER STARTUP FAILED in SSL_write\n");
- goto err;
- } else {
- if (debug)
- printf("server wrote %d\n", i);
- sw_num -= i;
- s_write = 0;
- c_r = 1;
- if (sw_num <= 0)
- done |= S_DONE;
- if (max_frag > 1029)
- SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
- }
- }
- }
-
- if ((done & S_DONE) && (done & C_DONE))
- break;
- }
-
- if (verbose)
- print_details(c_ssl, "DONE: ");
-#ifndef OPENSSL_NO_NEXTPROTONEG
- if (verify_npn(c_ssl, s_ssl) < 0) {
- ret = 1;
- goto err;
- }
-#endif
- if (verify_serverinfo() < 0) {
- fprintf(stderr, "Server info verify error\n");
- ret = 1;
- goto err;
- }
- if (custom_ext_error) {
- fprintf(stderr, "Custom extension error\n");
- ret = 1;
- goto err;
- }
- ret = 0;
- err:
- /*
- * We have to set the BIO's to NULL otherwise they will be
- * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
- * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
- * c_ssl are sharing the same BIO structure and SSL_set_bio() and
- * SSL_free() automatically BIO_free non NULL entries. You should not
- * normally do this or be required to do this
- */
- if (s_ssl != NULL) {
- s_ssl->rbio = NULL;
- s_ssl->wbio = NULL;
- }
- if (c_ssl != NULL) {
- c_ssl->rbio = NULL;
- c_ssl->wbio = NULL;
- }
-
- BIO_free(c_to_s);
- BIO_free(s_to_c);
- BIO_free_all(c_bio);
- BIO_free_all(s_bio);
-
- if (cbuf)
- OPENSSL_free(cbuf);
- if (sbuf)
- OPENSSL_free(sbuf);
-
- return (ret);
-}
-
-static int get_proxy_auth_ex_data_idx(void)
-{
- static volatile int idx = -1;
- if (idx < 0) {
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- if (idx < 0) {
- idx = X509_STORE_CTX_get_ex_new_index(0,
- "SSLtest for verify callback",
- NULL, NULL, NULL);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- }
- return idx;
-}
-
-static int verify_callback(int ok, X509_STORE_CTX *ctx)
-{
- char *s, buf[256];
-
- s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
- sizeof buf);
- if (s != NULL) {
- if (ok)
- fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
- else {
- fprintf(stderr, "depth=%d error=%d %s\n",
- ctx->error_depth, ctx->error, buf);
- }
- }
-
- if (ok == 0) {
- fprintf(stderr, "Error string: %s\n",
- X509_verify_cert_error_string(ctx->error));
- switch (ctx->error) {
- case X509_V_ERR_CERT_NOT_YET_VALID:
- case X509_V_ERR_CERT_HAS_EXPIRED:
- case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
- fprintf(stderr, " ... ignored.\n");
- ok = 1;
- }
- }
-
- if (ok == 1) {
- X509 *xs = ctx->current_cert;
- if (xs->ex_flags & EXFLAG_PROXY) {
- unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
- get_proxy_auth_ex_data_idx
- ());
-
- if (letters) {
- int found_any = 0;
- int i;
- PROXY_CERT_INFO_EXTENSION *pci =
- X509_get_ext_d2i(xs, NID_proxyCertInfo,
- NULL, NULL);
-
- switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
- case NID_Independent:
- /*
- * Completely meaningless in this program, as there's no
- * way to grant explicit rights to a specific PrC.
- * Basically, using id-ppl-Independent is the perfect way
- * to grant no rights at all.
- */
- fprintf(stderr, " Independent proxy certificate");
- for (i = 0; i < 26; i++)
- letters[i] = 0;
- break;
- case NID_id_ppl_inheritAll:
- /*
- * This is basically a NOP, we simply let the current
- * rights stand as they are.
- */
- fprintf(stderr, " Proxy certificate inherits all");
- break;
- default:
- s = (char *)
- pci->proxyPolicy->policy->data;
- i = pci->proxyPolicy->policy->length;
-
- /*
- * The algorithm works as follows: it is assumed that
- * previous iterations or the initial granted rights has
- * already set some elements of `letters'. What we need
- * to do is to clear those that weren't granted by the
- * current PrC as well. The easiest way to do this is to
- * add 1 to all the elements whose letters are given with
- * the current policy. That way, all elements that are
- * set by the current policy and were already set by
- * earlier policies and through the original grant of
- * rights will get the value 2 or higher. The last thing
- * to do is to sweep through `letters' and keep the
- * elements having the value 2 as set, and clear all the
- * others.
- */
-
- fprintf(stderr, " Certificate proxy rights = %*.*s", i,
- i, s);
- while (i-- > 0) {
- int c = *s++;
- if (isascii(c) && isalpha(c)) {
- if (islower(c))
- c = toupper(c);
- letters[c - 'A']++;
- }
- }
- for (i = 0; i < 26; i++)
- if (letters[i] < 2)
- letters[i] = 0;
- else
- letters[i] = 1;
- }
-
- found_any = 0;
- fprintf(stderr, ", resulting proxy rights = ");
- for (i = 0; i < 26; i++)
- if (letters[i]) {
- fprintf(stderr, "%c", i + 'A');
- found_any = 1;
- }
- if (!found_any)
- fprintf(stderr, "none");
- fprintf(stderr, "\n");
-
- PROXY_CERT_INFO_EXTENSION_free(pci);
- }
- }
- }
-
- return (ok);
-}
-
-static void process_proxy_debug(int indent, const char *format, ...)
-{
- /* That's 80 > */
- static const char indentation[] =
- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
- char my_format[256];
- va_list args;
-
- BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
- indent, indent, indentation, format);
-
- va_start(args, format);
- vfprintf(stderr, my_format, args);
- va_end(args);
-}
-
-/*-
- * Priority levels:
- * 0 [!]var, ()
- * 1 & ^
- * 2 |
- */
-static int process_proxy_cond_adders(unsigned int letters[26],
- const char *cond, const char **cond_end,
- int *pos, int indent);
-static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
- const char **cond_end, int *pos, int indent)
-{
- int c;
- int ok = 1;
- int negate = 0;
-
- while (isspace((int)*cond)) {
- cond++;
- (*pos)++;
- }
- c = *cond;
-
- if (debug)
- process_proxy_debug(indent,
- "Start process_proxy_cond_val at position %d: %s\n",
- *pos, cond);
-
- while (c == '!') {
- negate = !negate;
- cond++;
- (*pos)++;
- while (isspace((int)*cond)) {
- cond++;
- (*pos)++;
- }
- c = *cond;
- }
-
- if (c == '(') {
- cond++;
- (*pos)++;
- ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
- indent + 1);
- cond = *cond_end;
- if (ok < 0)
- goto end;
- while (isspace((int)*cond)) {
- cond++;
- (*pos)++;
- }
- c = *cond;
- if (c != ')') {
- fprintf(stderr,
- "Weird condition character in position %d: "
- "%c\n", *pos, c);
- ok = -1;
- goto end;
- }
- cond++;
- (*pos)++;
- } else if (isascii(c) && isalpha(c)) {
- if (islower(c))
- c = toupper(c);
- ok = letters[c - 'A'];
- cond++;
- (*pos)++;
- } else {
- fprintf(stderr,
- "Weird condition character in position %d: " "%c\n", *pos, c);
- ok = -1;
- goto end;
- }
- end:
- *cond_end = cond;
- if (ok >= 0 && negate)
- ok = !ok;
-
- if (debug)
- process_proxy_debug(indent,
- "End process_proxy_cond_val at position %d: %s, returning %d\n",
- *pos, cond, ok);
-
- return ok;
-}
-
-static int process_proxy_cond_multipliers(unsigned int letters[26],
- const char *cond,
- const char **cond_end, int *pos,
- int indent)
-{
- int ok;
- char c;
-
- if (debug)
- process_proxy_debug(indent,
- "Start process_proxy_cond_multipliers at position %d: %s\n",
- *pos, cond);
-
- ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
- cond = *cond_end;
- if (ok < 0)
- goto end;
-
- while (ok >= 0) {
- while (isspace((int)*cond)) {
- cond++;
- (*pos)++;
- }
- c = *cond;
-
- switch (c) {
- case '&':
- case '^':
- {
- int save_ok = ok;
-
- cond++;
- (*pos)++;
- ok = process_proxy_cond_val(letters,
- cond, cond_end, pos, indent + 1);
- cond = *cond_end;
- if (ok < 0)
- break;
-
- switch (c) {
- case '&':
- ok &= save_ok;
- break;
- case '^':
- ok ^= save_ok;
- break;
- default:
- fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
- " STOPPING\n");
- EXIT(1);
- }
- }
- break;
- default:
- goto end;
- }
- }
- end:
- if (debug)
- process_proxy_debug(indent,
- "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
- *pos, cond, ok);
-
- *cond_end = cond;
- return ok;
-}
-
-static int process_proxy_cond_adders(unsigned int letters[26],
- const char *cond, const char **cond_end,
- int *pos, int indent)
-{
- int ok;
- char c;
-
- if (debug)
- process_proxy_debug(indent,
- "Start process_proxy_cond_adders at position %d: %s\n",
- *pos, cond);
-
- ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
- indent + 1);
- cond = *cond_end;
- if (ok < 0)
- goto end;
-
- while (ok >= 0) {
- while (isspace((int)*cond)) {
- cond++;
- (*pos)++;
- }
- c = *cond;
-
- switch (c) {
- case '|':
- {
- int save_ok = ok;
-
- cond++;
- (*pos)++;
- ok = process_proxy_cond_multipliers(letters,
- cond, cond_end, pos,
- indent + 1);
- cond = *cond_end;
- if (ok < 0)
- break;
-
- switch (c) {
- case '|':
- ok |= save_ok;
- break;
- default:
- fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
- " STOPPING\n");
- EXIT(1);
- }
- }
- break;
- default:
- goto end;
- }
- }
- end:
- if (debug)
- process_proxy_debug(indent,
- "End process_proxy_cond_adders at position %d: %s, returning %d\n",
- *pos, cond, ok);
-
- *cond_end = cond;
- return ok;
-}
-
-static int process_proxy_cond(unsigned int letters[26],
- const char *cond, const char **cond_end)
-{
- int pos = 1;
- return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
-}
-
-static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
-{
- int ok = 1;
- struct app_verify_arg *cb_arg = arg;
- unsigned int letters[26]; /* only used with proxy_auth */
-
- if (cb_arg->app_verify) {
- char *s = NULL, buf[256];
-
- fprintf(stderr, "In app_verify_callback, allowing cert. ");
- fprintf(stderr, "Arg is: %s\n", cb_arg->string);
- fprintf(stderr,
- "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
- (void *)ctx, (void *)ctx->cert);
- if (ctx->cert)
- s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
- if (s != NULL) {
- fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
- }
- return (1);
- }
- if (cb_arg->proxy_auth) {
- int found_any = 0, i;
- char *sp;
-
- for (i = 0; i < 26; i++)
- letters[i] = 0;
- for (sp = cb_arg->proxy_auth; *sp; sp++) {
- int c = *sp;
- if (isascii(c) && isalpha(c)) {
- if (islower(c))
- c = toupper(c);
- letters[c - 'A'] = 1;
- }
- }
-
- fprintf(stderr, " Initial proxy rights = ");
- for (i = 0; i < 26; i++)
- if (letters[i]) {
- fprintf(stderr, "%c", i + 'A');
- found_any = 1;
- }
- if (!found_any)
- fprintf(stderr, "none");
- fprintf(stderr, "\n");
-
- X509_STORE_CTX_set_ex_data(ctx,
- get_proxy_auth_ex_data_idx(), letters);
- }
- if (cb_arg->allow_proxy_certs) {
- X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
- }
- ok = X509_verify_cert(ctx);
-
- if (cb_arg->proxy_auth) {
- if (ok > 0) {
- const char *cond_end = NULL;
-
- ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
-
- if (ok < 0)
- EXIT(3);
- if (*cond_end) {
- fprintf(stderr,
- "Stopped processing condition before it's end.\n");
- ok = 0;
- }
- if (!ok)
- fprintf(stderr,
- "Proxy rights check with condition '%s' proved invalid\n",
- cb_arg->proxy_cond);
- else
- fprintf(stderr,
- "Proxy rights check with condition '%s' proved valid\n",
- cb_arg->proxy_cond);
- }
- }
- return (ok);
-}
-
-#ifndef OPENSSL_NO_RSA
-static RSA *rsa_tmp = NULL;
-
-static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
-{
- BIGNUM *bn = NULL;
- if (rsa_tmp == NULL) {
- bn = BN_new();
- rsa_tmp = RSA_new();
- if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
- BIO_printf(bio_err, "Memory error...");
- goto end;
- }
- BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
- (void)BIO_flush(bio_err);
- if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
- BIO_printf(bio_err, "Error generating key.");
- RSA_free(rsa_tmp);
- rsa_tmp = NULL;
- }
- end:
- BIO_printf(bio_err, "\n");
- (void)BIO_flush(bio_err);
- }
- if (bn)
- BN_free(bn);
- return (rsa_tmp);
-}
-
-static void free_tmp_rsa(void)
-{
- RSA_free(rsa_tmp);
- rsa_tmp = NULL;
-}
-#endif
-
-#ifndef OPENSSL_NO_DH
-/*-
- * These DH parameters have been generated as follows:
- * $ openssl dhparam -C -noout 512
- * $ openssl dhparam -C -noout 1024
- * $ openssl dhparam -C -noout -dsaparam 1024
- * (The third function has been renamed to avoid name conflicts.)
- */
-static DH *get_dh512()
-{
- static unsigned char dh512_p[] = {
- 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
- 0xC6,
- 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
- 0xB0,
- 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
- 0x5F,
- 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
- 0xB8,
- 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
- 0x33,
- 0x02, 0xC5, 0xAE, 0x23,
- };
- static unsigned char dh512_g[] = {
- 0x02,
- };
- DH *dh;
-
- if ((dh = DH_new()) == NULL)
- return (NULL);
- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL)) {
- DH_free(dh);
- return (NULL);
- }
- return (dh);
-}
-
-static DH *get_dh1024()
-{
- static unsigned char dh1024_p[] = {
- 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
- 0x3A,
- 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
- 0xA2,
- 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
- 0xB0,
- 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
- 0xC2,
- 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
- 0x8C,
- 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
- 0xB8,
- 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
- 0x52,
- 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
- 0xC1,
- 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
- 0xB1,
- 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
- 0xAB,
- 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
- };
- static unsigned char dh1024_g[] = {
- 0x02,
- };
- DH *dh;
-
- if ((dh = DH_new()) == NULL)
- return (NULL);
- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL)) {
- DH_free(dh);
- return (NULL);
- }
- return (dh);
-}
-
-static DH *get_dh1024dsa()
-{
- static unsigned char dh1024_p[] = {
- 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
- 0x00,
- 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
- 0x19,
- 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
- 0xD2,
- 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
- 0x55,
- 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
- 0xFC,
- 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
- 0x97,
- 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
- 0x8D,
- 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
- 0xBB,
- 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
- 0xF6,
- 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
- 0x9E,
- 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
- };
- static unsigned char dh1024_g[] = {
- 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
- 0x05,
- 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
- 0xF3,
- 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
- 0xE9,
- 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
- 0x3C,
- 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
- 0x65,
- 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
- 0x60,
- 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
- 0xF6,
- 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
- 0xA7,
- 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
- 0xA1,
- 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
- 0x60,
- 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
- };
- DH *dh;
-
- if ((dh = DH_new()) == NULL)
- return (NULL);
- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL)) {
- DH_free(dh);
- return (NULL);
- }
- dh->length = 160;
- return (dh);
-}
-#endif
-
-#ifndef OPENSSL_NO_PSK
-/* convert the PSK key (psk_key) in ascii to binary (psk) */
-static int psk_key2bn(const char *pskkey, unsigned char *psk,
- unsigned int max_psk_len)
-{
- int ret;
- BIGNUM *bn = NULL;
-
- ret = BN_hex2bn(&bn, pskkey);
- if (!ret) {
- BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
- pskkey);
- if (bn)
- BN_free(bn);
- return 0;
- }
- if (BN_num_bytes(bn) > (int)max_psk_len) {
- BIO_printf(bio_err,
- "psk buffer of callback is too small (%d) for key (%d)\n",
- max_psk_len, BN_num_bytes(bn));
- BN_free(bn);
- return 0;
- }
- ret = BN_bn2bin(bn, psk);
- BN_free(bn);
- return ret;
-}
-
-static unsigned int psk_client_callback(SSL *ssl, const char *hint,
- char *identity,
- unsigned int max_identity_len,
- unsigned char *psk,
- unsigned int max_psk_len)
-{
- int ret;
- unsigned int psk_len = 0;
-
- ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
- if (ret < 0)
- goto out_err;
- if (debug)
- fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
- ret);
- ret = psk_key2bn(psk_key, psk, max_psk_len);
- if (ret < 0)
- goto out_err;
- psk_len = ret;
- out_err:
- return psk_len;
-}
-
-static unsigned int psk_server_callback(SSL *ssl, const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len)
-{
- unsigned int psk_len = 0;
-
- if (strcmp(identity, "Client_identity") != 0) {
- BIO_printf(bio_err, "server: PSK error: client identity not found\n");
- return 0;
- }
- psk_len = psk_key2bn(psk_key, psk, max_psk_len);
- return psk_len;
-}
-#endif
-
-static int do_test_cipherlist(void)
-{
- int i = 0;
- const SSL_METHOD *meth;
- const SSL_CIPHER *ci, *tci = NULL;
-
-#ifndef OPENSSL_NO_SSL3
- fprintf(stderr, "testing SSLv3 cipher list order: ");
- meth = SSLv3_method();
- tci = NULL;
- while ((ci = meth->get_cipher(i++)) != NULL) {
- if (tci != NULL)
- if (ci->id >= tci->id) {
- fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
- return 0;
- }
- tci = ci;
- }
- fprintf(stderr, "ok\n");
-#endif
- fprintf(stderr, "testing TLSv1 cipher list order: ");
- meth = TLSv1_method();
- tci = NULL;
- while ((ci = meth->get_cipher(i++)) != NULL) {
- if (tci != NULL)
- if (ci->id >= tci->id) {
- fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
- return 0;
- }
- tci = ci;
- }
- fprintf(stderr, "ok\n");
-
- return 1;
-}
+++ /dev/null
-/* ssl/tls1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_TLS1_H
-# define HEADER_TLS1_H
-
-# include <openssl/buffer.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Default security level if not overriden at config time */
-# ifndef OPENSSL_TLS_SECURITY_LEVEL
-# define OPENSSL_TLS_SECURITY_LEVEL 1
-# endif
-
-# define TLS1_VERSION 0x0301
-# define TLS1_1_VERSION 0x0302
-# define TLS1_2_VERSION 0x0303
-# define TLS_MAX_VERSION TLS1_2_VERSION
-
-# define TLS1_VERSION_MAJOR 0x03
-# define TLS1_VERSION_MINOR 0x01
-
-# define TLS1_1_VERSION_MAJOR 0x03
-# define TLS1_1_VERSION_MINOR 0x02
-
-# define TLS1_2_VERSION_MAJOR 0x03
-# define TLS1_2_VERSION_MINOR 0x03
-
-# define TLS1_get_version(s) \
- ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
-
-# define TLS1_get_client_version(s) \
- ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
-
-# define TLS1_AD_DECRYPTION_FAILED 21
-# define TLS1_AD_RECORD_OVERFLOW 22
-# define TLS1_AD_UNKNOWN_CA 48/* fatal */
-# define TLS1_AD_ACCESS_DENIED 49/* fatal */
-# define TLS1_AD_DECODE_ERROR 50/* fatal */
-# define TLS1_AD_DECRYPT_ERROR 51
-# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */
-# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
-# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
-# define TLS1_AD_INTERNAL_ERROR 80/* fatal */
-# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
-# define TLS1_AD_USER_CANCELLED 90
-# define TLS1_AD_NO_RENEGOTIATION 100
-/* codes 110-114 are from RFC3546 */
-# define TLS1_AD_UNSUPPORTED_EXTENSION 110
-# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
-# define TLS1_AD_UNRECOGNIZED_NAME 112
-# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
-# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
-# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
-
-/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
-# define TLSEXT_TYPE_server_name 0
-# define TLSEXT_TYPE_max_fragment_length 1
-# define TLSEXT_TYPE_client_certificate_url 2
-# define TLSEXT_TYPE_trusted_ca_keys 3
-# define TLSEXT_TYPE_truncated_hmac 4
-# define TLSEXT_TYPE_status_request 5
-/* ExtensionType values from RFC4681 */
-# define TLSEXT_TYPE_user_mapping 6
-/* ExtensionType values from RFC5878 */
-# define TLSEXT_TYPE_client_authz 7
-# define TLSEXT_TYPE_server_authz 8
-/* ExtensionType values from RFC6091 */
-# define TLSEXT_TYPE_cert_type 9
-
-/* ExtensionType values from RFC4492 */
-# define TLSEXT_TYPE_elliptic_curves 10
-# define TLSEXT_TYPE_ec_point_formats 11
-
-/* ExtensionType value from RFC5054 */
-# define TLSEXT_TYPE_srp 12
-
-/* ExtensionType values from RFC5246 */
-# define TLSEXT_TYPE_signature_algorithms 13
-
-/* ExtensionType value from RFC5764 */
-# define TLSEXT_TYPE_use_srtp 14
-
-/* ExtensionType value from RFC5620 */
-# define TLSEXT_TYPE_heartbeat 15
-
-/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */
-# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
-
-/*
- * ExtensionType value for TLS padding extension.
- * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
- * http://tools.ietf.org/html/draft-agl-tls-padding-03
- */
-# define TLSEXT_TYPE_padding 21
-/*
- * Extension type for Encrypt-then-MAC
- * http://www.ietf.org/id/draft-ietf-tls-encrypt-then-mac-02.txt
- */
-# define TLSEXT_TYPE_encrypt_then_mac 22
-/*
- * Extended master secret extension.
- * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
- * https://tools.ietf.org/id/draft-ietf-tls-session-hash-03.txt
- */
-# define TLSEXT_TYPE_extended_master_secret 23
-
-/* ExtensionType value from RFC4507 */
-# define TLSEXT_TYPE_session_ticket 35
-
-/* Temporary extension type */
-# define TLSEXT_TYPE_renegotiate 0xff01
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/* This is not an IANA defined extension number */
-# define TLSEXT_TYPE_next_proto_neg 13172
-# endif
-
-/* NameType value from RFC 3546 */
-# define TLSEXT_NAMETYPE_host_name 0
-/* status request value from RFC 3546 */
-# define TLSEXT_STATUSTYPE_ocsp 1
-
-/* ECPointFormat values from draft-ietf-tls-ecc-12 */
-# define TLSEXT_ECPOINTFORMAT_first 0
-# define TLSEXT_ECPOINTFORMAT_uncompressed 0
-# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
-# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
-# define TLSEXT_ECPOINTFORMAT_last 2
-
-/* Signature and hash algorithms from RFC 5246 */
-
-# define TLSEXT_signature_anonymous 0
-# define TLSEXT_signature_rsa 1
-# define TLSEXT_signature_dsa 2
-# define TLSEXT_signature_ecdsa 3
-
-/* Total number of different signature algorithms */
-# define TLSEXT_signature_num 4
-
-# define TLSEXT_hash_none 0
-# define TLSEXT_hash_md5 1
-# define TLSEXT_hash_sha1 2
-# define TLSEXT_hash_sha224 3
-# define TLSEXT_hash_sha256 4
-# define TLSEXT_hash_sha384 5
-# define TLSEXT_hash_sha512 6
-
-/* Total number of different digest algorithms */
-
-# define TLSEXT_hash_num 7
-
-/* Flag set for unrecognised algorithms */
-# define TLSEXT_nid_unknown 0x1000000
-
-/* ECC curves */
-
-# define TLSEXT_curve_P_256 23
-# define TLSEXT_curve_P_384 24
-
-# ifndef OPENSSL_NO_TLSEXT
-
-# define TLSEXT_MAXLEN_host_name 255
-
-__owur const char *SSL_get_servername(const SSL *s, const int type);
-__owur int SSL_get_servername_type(const SSL *s);
-/*
- * SSL_export_keying_material exports a value derived from the master secret,
- * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
- * optional context. (Since a zero length context is allowed, the |use_context|
- * flag controls whether a context is included.) It returns 1 on success and
- * zero otherwise.
- */
-__owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
- const char *label, size_t llen,
- const unsigned char *p, size_t plen,
- int use_context);
-
-int SSL_get_sigalgs(SSL *s, int idx,
- int *psign, int *phash, int *psignandhash,
- unsigned char *rsig, unsigned char *rhash);
-
-int SSL_get_shared_sigalgs(SSL *s, int idx,
- int *psign, int *phash, int *psignandhash,
- unsigned char *rsig, unsigned char *rhash);
-
-__owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
-
-# define SSL_set_tlsext_host_name(s,name) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
-
-# define SSL_set_tlsext_debug_callback(ssl, cb) \
-SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
-
-# define SSL_set_tlsext_debug_arg(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
-
-# define SSL_set_tlsext_status_type(ssl, type) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
-
-# define SSL_get_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-
-# define SSL_set_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-
-# define SSL_get_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-
-# define SSL_set_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-
-# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
-
-# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
-
-# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
-
-# define SSL_TLSEXT_ERR_OK 0
-# define SSL_TLSEXT_ERR_ALERT_WARNING 1
-# define SSL_TLSEXT_ERR_ALERT_FATAL 2
-# define SSL_TLSEXT_ERR_NOACK 3
-
-# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
-
-# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
-# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
- SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
-
-# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
-
-# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
-SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
-
-# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
-
-# ifndef OPENSSL_NO_HEARTBEATS
-# define SSL_TLSEXT_HB_ENABLED 0x01
-# define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
-# define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
-
-# define SSL_get_tlsext_heartbeat_pending(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
-# define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
- SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
-# endif
-# endif
-
-/* PSK ciphersuites from 4279 */
-# define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
-# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
-# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
-# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
-
-/* AES ciphersuites from RFC3268 */
-
-# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
-# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
-# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
-# define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
-
-# define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
-# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
-# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
-# define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
-
-/* TLS v1.2 ciphersuites */
-# define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
-# define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
-# define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
-# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
-
-/* Camellia ciphersuites from RFC4132 */
-# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
-# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
-# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
-# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
-
-/* TLS v1.2 ciphersuites */
-# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
-# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
-# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
-# define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
-# define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
-
-/* Camellia ciphersuites from RFC4132 */
-# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
-# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
-# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
-# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
-
-/* SEED ciphersuites from RFC4162 */
-# define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
-# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
-# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
-# define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
-# define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
-# define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
-
-/* TLS v1.2 GCM ciphersuites from RFC5288 */
-# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
-# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
-# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
-# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
-# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
-# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
-# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
-# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
-# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
-# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
-# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
-# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
-
-/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
-# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
-# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
-# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
-# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
-
-# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
-# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
-# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
-# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
-
-/*
- * ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
- * draft 13
- */
-# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
-# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
-# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
-
-# define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
-# define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
-# define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
-
-# define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
-# define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
-# define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
-# define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
-# define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
-
-# define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
-# define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
-# define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
-# define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
-# define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
-
-# define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
-# define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
-# define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
-# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
-# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
-
-/* SRP ciphersuites from RFC 5054 */
-# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
-# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
-# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
-# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
-# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
-# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
-# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
-# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
-# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
-
-/* ECDH HMAC based ciphersuites from RFC5289 */
-
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
-# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
-# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
-# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
-# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
-
-/* ECDH GCM based ciphersuites from RFC5289 */
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
-# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
-# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
-# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
-# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
-
-/* Camellia-CBC ciphersuites from RFC6367 */
-# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
-# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
-# define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C074
-# define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C075
-# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C076
-# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C077
-# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
-# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
-
-/*
- * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
- * ciphers names with "EDH" instead of "DHE". Going forward, we should be
- * using DHE everywhere, though we may indefinitely maintain aliases for
- * users or configurations that used "EDH"
- */
-# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
-# define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
-# define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
-# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
-# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
-# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
-
-/* AES ciphersuites from RFC3268 */
-# define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
-# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
-# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
-# define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
-
-# define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
-# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
-# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
-# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
-
-/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
-# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
-
-# define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
-
-# define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
-
-# define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
-
-# define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
-
-/* PSK ciphersuites from RFC 4279 */
-# define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
-# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
-# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
-
-/* SRP ciphersuite from RFC 5054 */
-# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
-
-/* Camellia ciphersuites from RFC4132 */
-# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
-# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
-# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
-# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
-
-# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
-# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
-# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
-# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
-
-/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
-# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
-# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
-
-# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
-# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
-
-/* SEED ciphersuites from RFC4162 */
-# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
-# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
-# define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
-# define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
-
-/* TLS v1.2 ciphersuites */
-# define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
-# define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
-# define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
-# define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
-# define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
-
-/* TLS v1.2 GCM ciphersuites from RFC5288 */
-# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
-# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
-# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
-# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
-# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
-# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
-# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
-# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
-
-/* ECDH HMAC based ciphersuites from RFC5289 */
-
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
-
-/* ECDH GCM based ciphersuites from RFC5289 */
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
-
-/* Camellia-CBC ciphersuites from RFC6367 */
-# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"
-# define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-ECDSA-CAMELLIA128-SHA256"
-# define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-ECDSA-CAMELLIA256-SHA384"
-# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-RSA-CAMELLIA128-SHA256"
-# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-RSA-CAMELLIA256-SHA384"
-# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
-# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
-
-# define TLS_CT_RSA_SIGN 1
-# define TLS_CT_DSS_SIGN 2
-# define TLS_CT_RSA_FIXED_DH 3
-# define TLS_CT_DSS_FIXED_DH 4
-# define TLS_CT_ECDSA_SIGN 64
-# define TLS_CT_RSA_FIXED_ECDH 65
-# define TLS_CT_ECDSA_FIXED_ECDH 66
-# define TLS_CT_GOST94_SIGN 21
-# define TLS_CT_GOST01_SIGN 22
-/*
- * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
- * comment there)
- */
-# define TLS_CT_NUMBER 9
-
-# define TLS1_FINISH_MAC_LENGTH 12
-
-# define TLS_MD_MAX_CONST_SIZE 22
-# define TLS_MD_CLIENT_FINISH_CONST "client finished"
-# define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
-# define TLS_MD_SERVER_FINISH_CONST "server finished"
-# define TLS_MD_SERVER_FINISH_CONST_SIZE 15
-# define TLS_MD_KEY_EXPANSION_CONST "key expansion"
-# define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
-# define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
-# define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
-# define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
-# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
-# define TLS_MD_IV_BLOCK_CONST "IV block"
-# define TLS_MD_IV_BLOCK_CONST_SIZE 8
-# define TLS_MD_MASTER_SECRET_CONST "master secret"
-# define TLS_MD_MASTER_SECRET_CONST_SIZE 13
-# define TLS_MD_EXTENDED_MASTER_SECRET_CONST "extended master secret"
-# define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE 22
-
-# ifdef CHARSET_EBCDIC
-# undef TLS_MD_CLIENT_FINISH_CONST
-/*
- * client finished
- */
-# define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
-
-# undef TLS_MD_SERVER_FINISH_CONST
-/*
- * server finished
- */
-# define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
-
-# undef TLS_MD_SERVER_WRITE_KEY_CONST
-/*
- * server write key
- */
-# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
-
-# undef TLS_MD_KEY_EXPANSION_CONST
-/*
- * key expansion
- */
-# define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
-
-# undef TLS_MD_CLIENT_WRITE_KEY_CONST
-/*
- * client write key
- */
-# define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
-
-# undef TLS_MD_SERVER_WRITE_KEY_CONST
-/*
- * server write key
- */
-# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
-
-# undef TLS_MD_IV_BLOCK_CONST
-/*
- * IV block
- */
-# define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
-
-# undef TLS_MD_MASTER_SECRET_CONST
-/*
- * master secret
- */
-# define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
-# undef TLS_MD_EXTENDED_MASTER_SECRET_CONST
-/*
- * extended master secret
- */
-# define TLS_MD_EXTENDED_MASTER_SECRET_CONST "\x65\x78\x74\x65\x63\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
-# endif
-
-/* TLS Session Ticket extension struct */
-struct tls_session_ticket_ext_st {
- unsigned short length;
- void *data;
-};
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- /dev/null
+/* crypto/bf/bftest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_BF is defined */
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_BF
+int main(int argc, char *argv[])
+{
+ printf("No BF support\n");
+ return (0);
+}
+#else
+# include <openssl/blowfish.h>
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+static char *bf_key[2] = {
+ "abcdefghijklmnopqrstuvwxyz",
+ "Who is John Galt?"
+};
+
+/* big endian */
+static BF_LONG bf_plain[2][2] = {
+ {0x424c4f57L, 0x46495348L},
+ {0xfedcba98L, 0x76543210L}
+};
+
+static BF_LONG bf_cipher[2][2] = {
+ {0x324ed0feL, 0xf413a203L},
+ {0xcc91732bL, 0x8022f684L}
+};
+
+/************/
+
+/* Lets use the DES test vectors :-) */
+# define NUM_TESTS 34
+static unsigned char ecb_data[NUM_TESTS][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
+ {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
+ {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
+ {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
+ {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
+ {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
+ {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
+ {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
+ {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
+ {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
+ {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
+ {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
+ {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
+ {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
+ {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
+ {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
+ {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
+ {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
+ {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
+ {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+ {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
+ {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}
+};
+
+static unsigned char plain_data[NUM_TESTS][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
+ {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
+ {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
+ {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
+ {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
+ {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
+ {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
+ {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
+ {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
+ {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
+ {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
+ {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
+ {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
+ {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
+ {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
+ {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
+ {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
+ {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
+ {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
+};
+
+static unsigned char cipher_data[NUM_TESTS][8] = {
+ {0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
+ {0x51, 0x86, 0x6F, 0xD5, 0xB8, 0x5E, 0xCB, 0x8A},
+ {0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2},
+ {0x24, 0x66, 0xDD, 0x87, 0x8B, 0x96, 0x3C, 0x9D},
+ {0x61, 0xF9, 0xC3, 0x80, 0x22, 0x81, 0xB0, 0x96},
+ {0x7D, 0x0C, 0xC6, 0x30, 0xAF, 0xDA, 0x1E, 0xC7},
+ {0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
+ {0x0A, 0xCE, 0xAB, 0x0F, 0xC6, 0xA0, 0xA2, 0x8D},
+ {0x59, 0xC6, 0x82, 0x45, 0xEB, 0x05, 0x28, 0x2B},
+ {0xB1, 0xB8, 0xCC, 0x0B, 0x25, 0x0F, 0x09, 0xA0},
+ {0x17, 0x30, 0xE5, 0x77, 0x8B, 0xEA, 0x1D, 0xA4},
+ {0xA2, 0x5E, 0x78, 0x56, 0xCF, 0x26, 0x51, 0xEB},
+ {0x35, 0x38, 0x82, 0xB1, 0x09, 0xCE, 0x8F, 0x1A},
+ {0x48, 0xF4, 0xD0, 0x88, 0x4C, 0x37, 0x99, 0x18},
+ {0x43, 0x21, 0x93, 0xB7, 0x89, 0x51, 0xFC, 0x98},
+ {0x13, 0xF0, 0x41, 0x54, 0xD6, 0x9D, 0x1A, 0xE5},
+ {0x2E, 0xED, 0xDA, 0x93, 0xFF, 0xD3, 0x9C, 0x79},
+ {0xD8, 0x87, 0xE0, 0x39, 0x3C, 0x2D, 0xA6, 0xE3},
+ {0x5F, 0x99, 0xD0, 0x4F, 0x5B, 0x16, 0x39, 0x69},
+ {0x4A, 0x05, 0x7A, 0x3B, 0x24, 0xD3, 0x97, 0x7B},
+ {0x45, 0x20, 0x31, 0xC1, 0xE4, 0xFA, 0xDA, 0x8E},
+ {0x75, 0x55, 0xAE, 0x39, 0xF5, 0x9B, 0x87, 0xBD},
+ {0x53, 0xC5, 0x5F, 0x9C, 0xB4, 0x9F, 0xC0, 0x19},
+ {0x7A, 0x8E, 0x7B, 0xFA, 0x93, 0x7E, 0x89, 0xA3},
+ {0xCF, 0x9C, 0x5D, 0x7A, 0x49, 0x86, 0xAD, 0xB5},
+ {0xD1, 0xAB, 0xB2, 0x90, 0x65, 0x8B, 0xC7, 0x78},
+ {0x55, 0xCB, 0x37, 0x74, 0xD1, 0x3E, 0xF2, 0x01},
+ {0xFA, 0x34, 0xEC, 0x48, 0x47, 0xB2, 0x68, 0xB2},
+ {0xA7, 0x90, 0x79, 0x51, 0x08, 0xEA, 0x3C, 0xAE},
+ {0xC3, 0x9E, 0x07, 0x2D, 0x9F, 0xAC, 0x63, 0x1D},
+ {0x01, 0x49, 0x33, 0xE0, 0xCD, 0xAF, 0xF6, 0xE4},
+ {0xF2, 0x1E, 0x9A, 0x77, 0xB7, 0x1C, 0x49, 0xBC},
+ {0x24, 0x59, 0x46, 0x88, 0x57, 0x54, 0x36, 0x9A},
+ {0x6B, 0x5C, 0x5A, 0x9C, 0x5D, 0x9E, 0x0A, 0x5A},
+};
+
+static unsigned char cbc_key[16] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+ 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87
+};
+static unsigned char cbc_iv[8] =
+ { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
+static char cbc_data[40] = "7654321 Now is the time for ";
+static unsigned char cbc_ok[32] = {
+ 0x6B, 0x77, 0xB4, 0xD6, 0x30, 0x06, 0xDE, 0xE6,
+ 0x05, 0xB1, 0x56, 0xE2, 0x74, 0x03, 0x97, 0x93,
+ 0x58, 0xDE, 0xB9, 0xE7, 0x15, 0x46, 0x16, 0xD9,
+ 0x59, 0xF1, 0x65, 0x2B, 0xD5, 0xFF, 0x92, 0xCC
+};
+
+static unsigned char cfb64_ok[] = {
+ 0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
+ 0xF2, 0x6E, 0xCF, 0x6D, 0x2E, 0xB9, 0xE7, 0x6E,
+ 0x3D, 0xA3, 0xDE, 0x04, 0xD1, 0x51, 0x72, 0x00,
+ 0x51, 0x9D, 0x57, 0xA6, 0xC3
+};
+
+static unsigned char ofb64_ok[] = {
+ 0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
+ 0x62, 0xB3, 0x43, 0xCC, 0x5B, 0x65, 0x58, 0x73,
+ 0x10, 0xDD, 0x90, 0x8D, 0x0C, 0x24, 0x1B, 0x22,
+ 0x63, 0xC2, 0xCF, 0x80, 0xDA
+};
+
+# define KEY_TEST_NUM 25
+static unsigned char key_test[KEY_TEST_NUM] = {
+ 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87,
+ 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f,
+ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88
+};
+
+static unsigned char key_data[8] =
+ { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 };
+
+static unsigned char key_out[KEY_TEST_NUM][8] = {
+ {0xF9, 0xAD, 0x59, 0x7C, 0x49, 0xDB, 0x00, 0x5E},
+ {0xE9, 0x1D, 0x21, 0xC1, 0xD9, 0x61, 0xA6, 0xD6},
+ {0xE9, 0xC2, 0xB7, 0x0A, 0x1B, 0xC6, 0x5C, 0xF3},
+ {0xBE, 0x1E, 0x63, 0x94, 0x08, 0x64, 0x0F, 0x05},
+ {0xB3, 0x9E, 0x44, 0x48, 0x1B, 0xDB, 0x1E, 0x6E},
+ {0x94, 0x57, 0xAA, 0x83, 0xB1, 0x92, 0x8C, 0x0D},
+ {0x8B, 0xB7, 0x70, 0x32, 0xF9, 0x60, 0x62, 0x9D},
+ {0xE8, 0x7A, 0x24, 0x4E, 0x2C, 0xC8, 0x5E, 0x82},
+ {0x15, 0x75, 0x0E, 0x7A, 0x4F, 0x4E, 0xC5, 0x77},
+ {0x12, 0x2B, 0xA7, 0x0B, 0x3A, 0xB6, 0x4A, 0xE0},
+ {0x3A, 0x83, 0x3C, 0x9A, 0xFF, 0xC5, 0x37, 0xF6},
+ {0x94, 0x09, 0xDA, 0x87, 0xA9, 0x0F, 0x6B, 0xF2},
+ {0x88, 0x4F, 0x80, 0x62, 0x50, 0x60, 0xB8, 0xB4},
+ {0x1F, 0x85, 0x03, 0x1C, 0x19, 0xE1, 0x19, 0x68},
+ {0x79, 0xD9, 0x37, 0x3A, 0x71, 0x4C, 0xA3, 0x4F},
+ {0x93, 0x14, 0x28, 0x87, 0xEE, 0x3B, 0xE1, 0x5C},
+ {0x03, 0x42, 0x9E, 0x83, 0x8C, 0xE2, 0xD1, 0x4B},
+ {0xA4, 0x29, 0x9E, 0x27, 0x46, 0x9F, 0xF6, 0x7B},
+ {0xAF, 0xD5, 0xAE, 0xD1, 0xC1, 0xBC, 0x96, 0xA8},
+ {0x10, 0x85, 0x1C, 0x0E, 0x38, 0x58, 0xDA, 0x9F},
+ {0xE6, 0xF5, 0x1E, 0xD7, 0x9B, 0x9D, 0xB2, 0x1F},
+ {0x64, 0xA6, 0xE1, 0x4A, 0xFD, 0x36, 0xB4, 0x6F},
+ {0x80, 0xC7, 0xD7, 0xD4, 0x5A, 0x54, 0x79, 0xAD},
+ {0x05, 0x04, 0x4B, 0x62, 0xFA, 0x52, 0xD0, 0x80},
+};
+
+static int test(void);
+static int print_test_data(void);
+int main(int argc, char *argv[])
+{
+ int ret;
+
+ if (argc > 1)
+ ret = print_test_data();
+ else
+ ret = test();
+
+# ifdef OPENSSL_SYS_NETWARE
+ if (ret)
+ printf("ERROR: %d\n", ret);
+# endif
+ EXIT(ret);
+}
+
+static int print_test_data(void)
+{
+ unsigned int i, j;
+
+ printf("ecb test data\n");
+ printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
+ for (i = 0; i < NUM_TESTS; i++) {
+ for (j = 0; j < 8; j++)
+ printf("%02X", ecb_data[i][j]);
+ printf("\t");
+ for (j = 0; j < 8; j++)
+ printf("%02X", plain_data[i][j]);
+ printf("\t");
+ for (j = 0; j < 8; j++)
+ printf("%02X", cipher_data[i][j]);
+ printf("\n");
+ }
+
+ printf("set_key test data\n");
+ printf("data[8]= ");
+ for (j = 0; j < 8; j++)
+ printf("%02X", key_data[j]);
+ printf("\n");
+ for (i = 0; i < KEY_TEST_NUM - 1; i++) {
+ printf("c=");
+ for (j = 0; j < 8; j++)
+ printf("%02X", key_out[i][j]);
+ printf(" k[%2u]=", i + 1);
+ for (j = 0; j < i + 1; j++)
+ printf("%02X", key_test[j]);
+ printf("\n");
+ }
+
+ printf("\nchaining mode test data\n");
+ printf("key[16] = ");
+ for (j = 0; j < 16; j++)
+ printf("%02X", cbc_key[j]);
+ printf("\niv[8] = ");
+ for (j = 0; j < 8; j++)
+ printf("%02X", cbc_iv[j]);
+ printf("\ndata[%d] = '%s'", (int)strlen(cbc_data) + 1, cbc_data);
+ printf("\ndata[%d] = ", (int)strlen(cbc_data) + 1);
+ for (j = 0; j < strlen(cbc_data) + 1; j++)
+ printf("%02X", cbc_data[j]);
+ printf("\n");
+ printf("cbc cipher text\n");
+ printf("cipher[%d]= ", 32);
+ for (j = 0; j < 32; j++)
+ printf("%02X", cbc_ok[j]);
+ printf("\n");
+
+ printf("cfb64 cipher text\n");
+ printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
+ for (j = 0; j < strlen(cbc_data) + 1; j++)
+ printf("%02X", cfb64_ok[j]);
+ printf("\n");
+
+ printf("ofb64 cipher text\n");
+ printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
+ for (j = 0; j < strlen(cbc_data) + 1; j++)
+ printf("%02X", ofb64_ok[j]);
+ printf("\n");
+ return (0);
+}
+
+static int test(void)
+{
+ unsigned char cbc_in[40], cbc_out[40], iv[8];
+ int i, n, err = 0;
+ BF_KEY key;
+ BF_LONG data[2];
+ unsigned char out[8];
+ BF_LONG len;
+
+# ifdef CHARSET_EBCDIC
+ ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
+# endif
+
+ printf("testing blowfish in raw ecb mode\n");
+ for (n = 0; n < 2; n++) {
+# ifdef CHARSET_EBCDIC
+ ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
+# endif
+ BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]);
+
+ data[0] = bf_plain[n][0];
+ data[1] = bf_plain[n][1];
+ BF_encrypt(data, &key);
+ if (memcmp(&(bf_cipher[n][0]), &(data[0]), 8) != 0) {
+ printf("BF_encrypt error encrypting\n");
+ printf("got :");
+ for (i = 0; i < 2; i++)
+ printf("%08lX ", (unsigned long)data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 2; i++)
+ printf("%08lX ", (unsigned long)bf_cipher[n][i]);
+ err = 1;
+ printf("\n");
+ }
+
+ BF_decrypt(&(data[0]), &key);
+ if (memcmp(&(bf_plain[n][0]), &(data[0]), 8) != 0) {
+ printf("BF_encrypt error decrypting\n");
+ printf("got :");
+ for (i = 0; i < 2; i++)
+ printf("%08lX ", (unsigned long)data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 2; i++)
+ printf("%08lX ", (unsigned long)bf_plain[n][i]);
+ printf("\n");
+ err = 1;
+ }
+ }
+
+ printf("testing blowfish in ecb mode\n");
+
+ for (n = 0; n < NUM_TESTS; n++) {
+ BF_set_key(&key, 8, ecb_data[n]);
+
+ BF_ecb_encrypt(&(plain_data[n][0]), out, &key, BF_ENCRYPT);
+ if (memcmp(&(cipher_data[n][0]), out, 8) != 0) {
+ printf("BF_ecb_encrypt blowfish error encrypting\n");
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", cipher_data[n][i]);
+ err = 1;
+ printf("\n");
+ }
+
+ BF_ecb_encrypt(out, out, &key, BF_DECRYPT);
+ if (memcmp(&(plain_data[n][0]), out, 8) != 0) {
+ printf("BF_ecb_encrypt error decrypting\n");
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", plain_data[n][i]);
+ printf("\n");
+ err = 1;
+ }
+ }
+
+ printf("testing blowfish set_key\n");
+ for (n = 1; n < KEY_TEST_NUM; n++) {
+ BF_set_key(&key, n, key_test);
+ BF_ecb_encrypt(key_data, out, &key, BF_ENCRYPT);
+ /* mips-sgi-irix6.5-gcc vv -mabi=64 bug workaround */
+ if (memcmp(out, &(key_out[i = n - 1][0]), 8) != 0) {
+ printf("blowfish setkey error\n");
+ err = 1;
+ }
+ }
+
+ printf("testing blowfish in cbc mode\n");
+ len = strlen(cbc_data) + 1;
+
+ BF_set_key(&key, 16, cbc_key);
+ memset(cbc_in, 0, sizeof cbc_in);
+ memset(cbc_out, 0, sizeof cbc_out);
+ memcpy(iv, cbc_iv, sizeof iv);
+ BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len,
+ &key, iv, BF_ENCRYPT);
+ if (memcmp(cbc_out, cbc_ok, 32) != 0) {
+ err = 1;
+ printf("BF_cbc_encrypt encrypt error\n");
+ for (i = 0; i < 32; i++)
+ printf("0x%02X,", cbc_out[i]);
+ }
+ memcpy(iv, cbc_iv, 8);
+ BF_cbc_encrypt(cbc_out, cbc_in, len, &key, iv, BF_DECRYPT);
+ if (memcmp(cbc_in, cbc_data, strlen(cbc_data) + 1) != 0) {
+ printf("BF_cbc_encrypt decrypt error\n");
+ err = 1;
+ }
+
+ printf("testing blowfish in cfb64 mode\n");
+
+ BF_set_key(&key, 16, cbc_key);
+ memset(cbc_in, 0, 40);
+ memset(cbc_out, 0, 40);
+ memcpy(iv, cbc_iv, 8);
+ n = 0;
+ BF_cfb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13,
+ &key, iv, &n, BF_ENCRYPT);
+ BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
+ len - 13, &key, iv, &n, BF_ENCRYPT);
+ if (memcmp(cbc_out, cfb64_ok, (int)len) != 0) {
+ err = 1;
+ printf("BF_cfb64_encrypt encrypt error\n");
+ for (i = 0; i < (int)len; i++)
+ printf("0x%02X,", cbc_out[i]);
+ }
+ n = 0;
+ memcpy(iv, cbc_iv, 8);
+ BF_cfb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n, BF_DECRYPT);
+ BF_cfb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17,
+ &key, iv, &n, BF_DECRYPT);
+ if (memcmp(cbc_in, cbc_data, (int)len) != 0) {
+ printf("BF_cfb64_encrypt decrypt error\n");
+ err = 1;
+ }
+
+ printf("testing blowfish in ofb64\n");
+
+ BF_set_key(&key, 16, cbc_key);
+ memset(cbc_in, 0, 40);
+ memset(cbc_out, 0, 40);
+ memcpy(iv, cbc_iv, 8);
+ n = 0;
+ BF_ofb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13, &key, iv,
+ &n);
+ BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
+ len - 13, &key, iv, &n);
+ if (memcmp(cbc_out, ofb64_ok, (int)len) != 0) {
+ err = 1;
+ printf("BF_ofb64_encrypt encrypt error\n");
+ for (i = 0; i < (int)len; i++)
+ printf("0x%02X,", cbc_out[i]);
+ }
+ n = 0;
+ memcpy(iv, cbc_iv, 8);
+ BF_ofb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n);
+ BF_ofb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n);
+ if (memcmp(cbc_in, cbc_data, (int)len) != 0) {
+ printf("BF_ofb64_encrypt decrypt error\n");
+ err = 1;
+ }
+
+ return (err);
+}
+#endif
--- /dev/null
+/* crypto/bn/bntest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the Eric Young open source
+ * license provided above.
+ *
+ * The binary polynomial arithmetic software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+
+#include "../crypto/bn/bn_lcl.h"
+
+const int num0 = 100; /* number of tests */
+const int num1 = 50; /* additional tests for some functions */
+const int num2 = 5; /* number of tests for slow functions */
+
+int test_add(BIO *bp);
+int test_sub(BIO *bp);
+int test_lshift1(BIO *bp);
+int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_);
+int test_rshift1(BIO *bp);
+int test_rshift(BIO *bp, BN_CTX *ctx);
+int test_div(BIO *bp, BN_CTX *ctx);
+int test_div_word(BIO *bp);
+int test_div_recp(BIO *bp, BN_CTX *ctx);
+int test_mul(BIO *bp);
+int test_sqr(BIO *bp, BN_CTX *ctx);
+int test_mont(BIO *bp, BN_CTX *ctx);
+int test_mod(BIO *bp, BN_CTX *ctx);
+int test_mod_mul(BIO *bp, BN_CTX *ctx);
+int test_mod_exp(BIO *bp, BN_CTX *ctx);
+int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx);
+int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx);
+int test_exp(BIO *bp, BN_CTX *ctx);
+int test_gf2m_add(BIO *bp);
+int test_gf2m_mod(BIO *bp);
+int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx);
+int test_kron(BIO *bp, BN_CTX *ctx);
+int test_sqrt(BIO *bp, BN_CTX *ctx);
+int test_small_prime(BIO *bp, BN_CTX *ctx);
+int test_probable_prime_coprime(BIO *bp, BN_CTX *ctx);
+int rand_neg(void);
+static int results = 0;
+
+static unsigned char lst[] =
+ "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
+ "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+static void message(BIO *out, char *m)
+{
+ fprintf(stderr, "test %s\n", m);
+ BIO_puts(out, "print \"test ");
+ BIO_puts(out, m);
+ BIO_puts(out, "\\n\"\n");
+}
+
+int main(int argc, char *argv[])
+{
+ BN_CTX *ctx;
+ BIO *out;
+ char *outfile = NULL;
+
+ results = 0;
+
+ RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+
+ argc--;
+ argv++;
+ while (argc >= 1) {
+ if (strcmp(*argv, "-results") == 0)
+ results = 1;
+ else if (strcmp(*argv, "-out") == 0) {
+ if (--argc < 1)
+ break;
+ outfile = *(++argv);
+ }
+ argc--;
+ argv++;
+ }
+
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ EXIT(1);
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+ EXIT(1);
+ if (outfile == NULL) {
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+ } else {
+ if (!BIO_write_filename(out, outfile)) {
+ perror(outfile);
+ EXIT(1);
+ }
+ }
+
+ if (!results)
+ BIO_puts(out, "obase=16\nibase=16\n");
+
+ message(out, "BN_add");
+ if (!test_add(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_sub");
+ if (!test_sub(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_lshift1");
+ if (!test_lshift1(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_lshift (fixed)");
+ if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL)))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_lshift");
+ if (!test_lshift(out, ctx, NULL))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_rshift1");
+ if (!test_rshift1(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_rshift");
+ if (!test_rshift(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_sqr");
+ if (!test_sqr(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_mul");
+ if (!test_mul(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_div");
+ if (!test_div(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_div_word");
+ if (!test_div_word(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_div_recp");
+ if (!test_div_recp(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_mod");
+ if (!test_mod(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_mod_mul");
+ if (!test_mod_mul(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_mont");
+ if (!test_mont(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_mod_exp");
+ if (!test_mod_exp(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_mod_exp_mont_consttime");
+ if (!test_mod_exp_mont_consttime(out, ctx))
+ goto err;
+ if (!test_mod_exp_mont5(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_exp");
+ if (!test_exp(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_kronecker");
+ if (!test_kron(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_mod_sqrt");
+ if (!test_sqrt(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "Small prime generation");
+ if (!test_small_prime(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+#ifdef OPENSSL_SYS_WIN32
+ message(out, "Probable prime generation with coprimes disabled");
+#else
+ message(out, "Probable prime generation with coprimes");
+ if (!test_probable_prime_coprime(out, ctx))
+ goto err;
+#endif
+ (void)BIO_flush(out);
+
+#ifndef OPENSSL_NO_EC2M
+ message(out, "BN_GF2m_add");
+ if (!test_gf2m_add(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod");
+ if (!test_gf2m_mod(out))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod_mul");
+ if (!test_gf2m_mod_mul(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod_sqr");
+ if (!test_gf2m_mod_sqr(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod_inv");
+ if (!test_gf2m_mod_inv(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod_div");
+ if (!test_gf2m_mod_div(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod_exp");
+ if (!test_gf2m_mod_exp(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod_sqrt");
+ if (!test_gf2m_mod_sqrt(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+
+ message(out, "BN_GF2m_mod_solve_quad");
+ if (!test_gf2m_mod_solve_quad(out, ctx))
+ goto err;
+ (void)BIO_flush(out);
+#endif
+ BN_CTX_free(ctx);
+ BIO_free(out);
+
+ EXIT(0);
+ err:
+ BIO_puts(out, "1\n"); /* make sure the Perl script fed by bc
+ * notices the failure, see test_bn in
+ * test/Makefile.ssl */
+ (void)BIO_flush(out);
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ EXIT(1);
+}
+
+int test_add(BIO *bp)
+{
+ BIGNUM *a, *b, *c;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+
+ BN_bntest_rand(a, 512, 0, 0);
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(b, 450 + i, 0, 0);
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ BN_add(c, a, b);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " + ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ a->neg = !a->neg;
+ b->neg = !b->neg;
+ BN_add(c, c, b);
+ BN_add(c, c, a);
+ if (!BN_is_zero(c)) {
+ fprintf(stderr, "Add test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return (1);
+}
+
+int test_sub(BIO *bp)
+{
+ BIGNUM *a, *b, *c;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+
+ for (i = 0; i < num0 + num1; i++) {
+ if (i < num1) {
+ BN_bntest_rand(a, 512, 0, 0);
+ BN_copy(b, a);
+ if (BN_set_bit(a, i) == 0)
+ return (0);
+ BN_add_word(b, i);
+ } else {
+ BN_bntest_rand(b, 400 + i - num1, 0, 0);
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ }
+ BN_sub(c, a, b);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " - ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_add(c, c, b);
+ BN_sub(c, c, a);
+ if (!BN_is_zero(c)) {
+ fprintf(stderr, "Subtract test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return (1);
+}
+
+int test_div(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ for (i = 0; i < num0 + num1; i++) {
+ if (i < num1) {
+ BN_bntest_rand(a, 400, 0, 0);
+ BN_copy(b, a);
+ BN_lshift(a, a, i);
+ BN_add_word(a, i);
+ } else
+ BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0);
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ BN_div(d, c, a, b, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " / ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, d);
+ BIO_puts(bp, "\n");
+
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " % ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_mul(e, d, b, ctx);
+ BN_add(d, e, c);
+ BN_sub(d, d, a);
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "Division test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
+static void print_word(BIO *bp, BN_ULONG w)
+{
+#ifdef SIXTY_FOUR_BIT
+ if (sizeof(w) > sizeof(unsigned long)) {
+ unsigned long h = (unsigned long)(w >> 32), l = (unsigned long)(w);
+
+ if (h)
+ BIO_printf(bp, "%lX%08lX", h, l);
+ else
+ BIO_printf(bp, "%lX", l);
+ return;
+ }
+#endif
+ BIO_printf(bp, BN_HEX_FMT1, w);
+}
+
+int test_div_word(BIO *bp)
+{
+ BIGNUM *a, *b;
+ BN_ULONG r, s;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+
+ for (i = 0; i < num0; i++) {
+ do {
+ BN_bntest_rand(a, 512, -1, 0);
+ BN_bntest_rand(b, BN_BITS2, -1, 0);
+ s = b->d[0];
+ } while (!s);
+
+ BN_copy(b, a);
+ r = BN_div_word(b, s);
+
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " / ");
+ print_word(bp, s);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, b);
+ BIO_puts(bp, "\n");
+
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " % ");
+ print_word(bp, s);
+ BIO_puts(bp, " - ");
+ }
+ print_word(bp, r);
+ BIO_puts(bp, "\n");
+ }
+ BN_mul_word(b, s);
+ BN_add_word(b, r);
+ BN_sub(b, a, b);
+ if (!BN_is_zero(b)) {
+ fprintf(stderr, "Division (word) test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ return (1);
+}
+
+int test_div_recp(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ BN_RECP_CTX *recp;
+ int i;
+
+ recp = BN_RECP_CTX_new();
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ for (i = 0; i < num0 + num1; i++) {
+ if (i < num1) {
+ BN_bntest_rand(a, 400, 0, 0);
+ BN_copy(b, a);
+ BN_lshift(a, a, i);
+ BN_add_word(a, i);
+ } else
+ BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0);
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ BN_RECP_CTX_set(recp, b, ctx);
+ BN_div_recp(d, c, a, recp, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " / ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, d);
+ BIO_puts(bp, "\n");
+
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " % ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_mul(e, d, b, ctx);
+ BN_add(d, e, c);
+ BN_sub(d, d, a);
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "Reciprocal division test failed!\n");
+ fprintf(stderr, "a=");
+ BN_print_fp(stderr, a);
+ fprintf(stderr, "\nb=");
+ BN_print_fp(stderr, b);
+ fprintf(stderr, "\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ BN_RECP_CTX_free(recp);
+ return (1);
+}
+
+int test_mul(BIO *bp)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ int i;
+ BN_CTX *ctx;
+
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ EXIT(1);
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ for (i = 0; i < num0 + num1; i++) {
+ if (i <= num1) {
+ BN_bntest_rand(a, 100, 0, 0);
+ BN_bntest_rand(b, 100, 0, 0);
+ } else
+ BN_bntest_rand(b, i - num1, 0, 0);
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ BN_mul(c, a, b, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_div(d, e, c, a, ctx);
+ BN_sub(d, d, b);
+ if (!BN_is_zero(d) || !BN_is_zero(e)) {
+ fprintf(stderr, "Multiplication test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ BN_CTX_free(ctx);
+ return (1);
+}
+
+int test_sqr(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *c, *d, *e;
+ int i, ret = 0;
+
+ a = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+ if (a == NULL || c == NULL || d == NULL || e == NULL) {
+ goto err;
+ }
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 40 + i * 10, 0, 0);
+ a->neg = rand_neg();
+ BN_sqr(c, a, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * ");
+ BN_print(bp, a);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_div(d, e, c, a, ctx);
+ BN_sub(d, d, a);
+ if (!BN_is_zero(d) || !BN_is_zero(e)) {
+ fprintf(stderr, "Square test failed!\n");
+ goto err;
+ }
+ }
+
+ /* Regression test for a BN_sqr overflow bug. */
+ BN_hex2bn(&a,
+ "80000000000000008000000000000001"
+ "FFFFFFFFFFFFFFFE0000000000000000");
+ BN_sqr(c, a, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * ");
+ BN_print(bp, a);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_mul(d, a, a, ctx);
+ if (BN_cmp(c, d)) {
+ fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
+ "different results!\n");
+ goto err;
+ }
+
+ /* Regression test for a BN_sqr overflow bug. */
+ BN_hex2bn(&a,
+ "80000000000000000000000080000001"
+ "FFFFFFFE000000000000000000000000");
+ BN_sqr(c, a, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * ");
+ BN_print(bp, a);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_mul(d, a, a, ctx);
+ if (BN_cmp(c, d)) {
+ fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
+ "different results!\n");
+ goto err;
+ }
+ ret = 1;
+ err:
+ if (a != NULL)
+ BN_free(a);
+ if (c != NULL)
+ BN_free(c);
+ if (d != NULL)
+ BN_free(d);
+ if (e != NULL)
+ BN_free(e);
+ return ret;
+}
+
+int test_mont(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *A, *B;
+ BIGNUM *n;
+ int i;
+ BN_MONT_CTX *mont;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ A = BN_new();
+ B = BN_new();
+ n = BN_new();
+
+ mont = BN_MONT_CTX_new();
+ if (mont == NULL)
+ return 0;
+
+ BN_bntest_rand(a, 100, 0, 0);
+ BN_bntest_rand(b, 100, 0, 0);
+ for (i = 0; i < num2; i++) {
+ int bits = (200 * (i + 1)) / num2;
+
+ if (bits == 0)
+ continue;
+ BN_bntest_rand(n, bits, 0, 1);
+ BN_MONT_CTX_set(mont, n, ctx);
+
+ BN_nnmod(a, a, n, ctx);
+ BN_nnmod(b, b, n, ctx);
+
+ BN_to_montgomery(A, a, mont, ctx);
+ BN_to_montgomery(B, b, mont, ctx);
+
+ BN_mod_mul_montgomery(c, A, B, mont, ctx);
+ BN_from_montgomery(A, c, mont, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * ");
+ BN_print(bp, b);
+ BIO_puts(bp, " % ");
+ BN_print(bp, &mont->N);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, A);
+ BIO_puts(bp, "\n");
+ }
+ BN_mod_mul(d, a, b, n, ctx);
+ BN_sub(d, d, A);
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "Montgomery multiplication test failed!\n");
+ return 0;
+ }
+ }
+ BN_MONT_CTX_free(mont);
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(A);
+ BN_free(B);
+ BN_free(n);
+ return (1);
+}
+
+int test_mod(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ BN_bntest_rand(a, 1024, 0, 0);
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(b, 450 + i * 10, 0, 0);
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ BN_mod(c, a, b, ctx);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " % ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, c);
+ BIO_puts(bp, "\n");
+ }
+ BN_div(d, e, a, b, ctx);
+ BN_sub(e, e, c);
+ if (!BN_is_zero(e)) {
+ fprintf(stderr, "Modulo test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
+int test_mod_mul(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ int i, j;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ for (j = 0; j < 3; j++) {
+ BN_bntest_rand(c, 1024, 0, 0);
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 475 + i * 10, 0, 0);
+ BN_bntest_rand(b, 425 + i * 11, 0, 0);
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ if (!BN_mod_mul(e, a, b, c, ctx)) {
+ unsigned long l;
+
+ while ((l = ERR_get_error()))
+ fprintf(stderr, "ERROR:%s\n", ERR_error_string(l, NULL));
+ EXIT(1);
+ }
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * ");
+ BN_print(bp, b);
+ BIO_puts(bp, " % ");
+ BN_print(bp, c);
+ if ((a->neg ^ b->neg) && !BN_is_zero(e)) {
+ /*
+ * If (a*b) % c is negative, c must be added in order
+ * to obtain the normalized remainder (new with
+ * OpenSSL 0.9.7, previous versions of BN_mod_mul
+ * could generate negative results)
+ */
+ BIO_puts(bp, " + ");
+ BN_print(bp, c);
+ }
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, e);
+ BIO_puts(bp, "\n");
+ }
+ BN_mul(d, a, b, ctx);
+ BN_sub(d, d, e);
+ BN_div(a, b, d, c, ctx);
+ if (!BN_is_zero(b)) {
+ fprintf(stderr, "Modulo multiply test failed!\n");
+ ERR_print_errors_fp(stderr);
+ return 0;
+ }
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
+int test_mod_exp(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
+ for (i = 0; i < num2; i++) {
+ BN_bntest_rand(a, 20 + i * 5, 0, 0);
+ BN_bntest_rand(b, 2 + i, 0, 0);
+
+ if (!BN_mod_exp(d, a, b, c, ctx))
+ return (0);
+
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " ^ ");
+ BN_print(bp, b);
+ BIO_puts(bp, " % ");
+ BN_print(bp, c);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, d);
+ BIO_puts(bp, "\n");
+ }
+ BN_exp(e, a, b, ctx);
+ BN_sub(e, e, d);
+ BN_div(a, b, e, c, ctx);
+ if (!BN_is_zero(b)) {
+ fprintf(stderr, "Modulo exponentiation test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
+int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
+ for (i = 0; i < num2; i++) {
+ BN_bntest_rand(a, 20 + i * 5, 0, 0);
+ BN_bntest_rand(b, 2 + i, 0, 0);
+
+ if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL))
+ return (00);
+
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " ^ ");
+ BN_print(bp, b);
+ BIO_puts(bp, " % ");
+ BN_print(bp, c);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, d);
+ BIO_puts(bp, "\n");
+ }
+ BN_exp(e, a, b, ctx);
+ BN_sub(e, e, d);
+ BN_div(a, b, e, c, ctx);
+ if (!BN_is_zero(b)) {
+ fprintf(stderr, "Modulo exponentiation test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
+/*
+ * Test constant-time modular exponentiation with 1024-bit inputs, which on
+ * x86_64 cause a different code branch to be taken.
+ */
+int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *p, *m, *d, *e;
+
+ BN_MONT_CTX *mont;
+
+ a = BN_new();
+ p = BN_new();
+ m = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ mont = BN_MONT_CTX_new();
+
+ BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */
+ /* Zero exponent */
+ BN_bntest_rand(a, 1024, 0, 0);
+ BN_zero(p);
+ if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+ return 0;
+ if (!BN_is_one(d)) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ /* Zero input */
+ BN_bntest_rand(p, 1024, 0, 0);
+ BN_zero(a);
+ if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+ return 0;
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ /*
+ * Craft an input whose Montgomery representation is 1, i.e., shorter
+ * than the modulus m, in order to test the const time precomputation
+ * scattering/gathering.
+ */
+ BN_one(a);
+ BN_MONT_CTX_set(mont, m, ctx);
+ if (!BN_from_montgomery(e, a, mont, ctx))
+ return 0;
+ if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
+ return 0;
+ if (!BN_mod_exp_simple(a, e, p, m, ctx))
+ return 0;
+ if (BN_cmp(a, d) != 0) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ /* Finally, some regular test vectors. */
+ BN_bntest_rand(e, 1024, 0, 0);
+ if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
+ return 0;
+ if (!BN_mod_exp_simple(a, e, p, m, ctx))
+ return 0;
+ if (BN_cmp(a, d) != 0) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ BN_free(a);
+ BN_free(p);
+ BN_free(m);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
+int test_exp(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *d, *e, *one;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ d = BN_new();
+ e = BN_new();
+ one = BN_new();
+ BN_one(one);
+
+ for (i = 0; i < num2; i++) {
+ BN_bntest_rand(a, 20 + i * 5, 0, 0);
+ BN_bntest_rand(b, 2 + i, 0, 0);
+
+ if (BN_exp(d, a, b, ctx) <= 0)
+ return (0);
+
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " ^ ");
+ BN_print(bp, b);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, d);
+ BIO_puts(bp, "\n");
+ }
+ BN_one(e);
+ for (; !BN_is_zero(b); BN_sub(b, b, one))
+ BN_mul(e, e, a, ctx);
+ BN_sub(e, e, d);
+ if (!BN_is_zero(e)) {
+ fprintf(stderr, "Exponentiation test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(d);
+ BN_free(e);
+ BN_free(one);
+ return (1);
+}
+
+#ifndef OPENSSL_NO_EC2M
+int test_gf2m_add(BIO *bp)
+{
+ BIGNUM *a, *b, *c;
+ int i, ret = 0;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+
+ for (i = 0; i < num0; i++) {
+ BN_rand(a, 512, 0, 0);
+ BN_copy(b, BN_value_one());
+ a->neg = rand_neg();
+ b->neg = rand_neg();
+ BN_GF2m_add(c, a, b);
+ /* Test that two added values have the correct parity. */
+ if ((BN_is_odd(a) && BN_is_odd(c))
+ || (!BN_is_odd(a) && !BN_is_odd(c))) {
+ fprintf(stderr, "GF(2^m) addition test (a) failed!\n");
+ goto err;
+ }
+ BN_GF2m_add(c, c, c);
+ /* Test that c + c = 0. */
+ if (!BN_is_zero(c)) {
+ fprintf(stderr, "GF(2^m) addition test (b) failed!\n");
+ goto err;
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return ret;
+}
+
+int test_gf2m_mod(BIO *bp)
+{
+ BIGNUM *a, *b[2], *c, *d, *e;
+ int i, j, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 1024, 0, 0);
+ for (j = 0; j < 2; j++) {
+ BN_GF2m_mod(c, a, b[j]);
+ BN_GF2m_add(d, a, c);
+ BN_GF2m_mod(e, d, b[j]);
+ /* Test that a + (a mod p) mod p == 0. */
+ if (!BN_is_zero(e)) {
+ fprintf(stderr, "GF(2^m) modulo test failed!\n");
+ goto err;
+ }
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return ret;
+}
+
+int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h;
+ int i, j, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+ f = BN_new();
+ g = BN_new();
+ h = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 1024, 0, 0);
+ BN_bntest_rand(c, 1024, 0, 0);
+ BN_bntest_rand(d, 1024, 0, 0);
+ for (j = 0; j < 2; j++) {
+ BN_GF2m_mod_mul(e, a, c, b[j], ctx);
+ BN_GF2m_add(f, a, d);
+ BN_GF2m_mod_mul(g, f, c, b[j], ctx);
+ BN_GF2m_mod_mul(h, d, c, b[j], ctx);
+ BN_GF2m_add(f, e, g);
+ BN_GF2m_add(f, f, h);
+ /* Test that (a+d)*c = a*c + d*c. */
+ if (!BN_is_zero(f)) {
+ fprintf(stderr,
+ "GF(2^m) modular multiplication test failed!\n");
+ goto err;
+ }
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ BN_free(f);
+ BN_free(g);
+ BN_free(h);
+ return ret;
+}
+
+int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b[2], *c, *d;
+ int i, j, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 1024, 0, 0);
+ for (j = 0; j < 2; j++) {
+ BN_GF2m_mod_sqr(c, a, b[j], ctx);
+ BN_copy(d, a);
+ BN_GF2m_mod_mul(d, a, d, b[j], ctx);
+ BN_GF2m_add(d, c, d);
+ /* Test that a*a = a^2. */
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "GF(2^m) modular squaring test failed!\n");
+ goto err;
+ }
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ return ret;
+}
+
+int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b[2], *c, *d;
+ int i, j, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 512, 0, 0);
+ for (j = 0; j < 2; j++) {
+ BN_GF2m_mod_inv(c, a, b[j], ctx);
+ BN_GF2m_mod_mul(d, a, c, b[j], ctx);
+ /* Test that ((1/a)*a) = 1. */
+ if (!BN_is_one(d)) {
+ fprintf(stderr, "GF(2^m) modular inversion test failed!\n");
+ goto err;
+ }
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ return ret;
+}
+
+int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b[2], *c, *d, *e, *f;
+ int i, j, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+ f = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 512, 0, 0);
+ BN_bntest_rand(c, 512, 0, 0);
+ for (j = 0; j < 2; j++) {
+ BN_GF2m_mod_div(d, a, c, b[j], ctx);
+ BN_GF2m_mod_mul(e, d, c, b[j], ctx);
+ BN_GF2m_mod_div(f, a, e, b[j], ctx);
+ /* Test that ((a/c)*c)/a = 1. */
+ if (!BN_is_one(f)) {
+ fprintf(stderr, "GF(2^m) modular division test failed!\n");
+ goto err;
+ }
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ BN_free(f);
+ return ret;
+}
+
+int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b[2], *c, *d, *e, *f;
+ int i, j, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+ f = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 512, 0, 0);
+ BN_bntest_rand(c, 512, 0, 0);
+ BN_bntest_rand(d, 512, 0, 0);
+ for (j = 0; j < 2; j++) {
+ BN_GF2m_mod_exp(e, a, c, b[j], ctx);
+ BN_GF2m_mod_exp(f, a, d, b[j], ctx);
+ BN_GF2m_mod_mul(e, e, f, b[j], ctx);
+ BN_add(f, c, d);
+ BN_GF2m_mod_exp(f, a, f, b[j], ctx);
+ BN_GF2m_add(f, e, f);
+ /* Test that a^(c+d)=a^c*a^d. */
+ if (!BN_is_zero(f)) {
+ fprintf(stderr,
+ "GF(2^m) modular exponentiation test failed!\n");
+ goto err;
+ }
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ BN_free(f);
+ return ret;
+}
+
+int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b[2], *c, *d, *e, *f;
+ int i, j, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+ f = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 512, 0, 0);
+ for (j = 0; j < 2; j++) {
+ BN_GF2m_mod(c, a, b[j]);
+ BN_GF2m_mod_sqrt(d, a, b[j], ctx);
+ BN_GF2m_mod_sqr(e, d, b[j], ctx);
+ BN_GF2m_add(f, c, e);
+ /* Test that d^2 = a, where d = sqrt(a). */
+ if (!BN_is_zero(f)) {
+ fprintf(stderr, "GF(2^m) modular square root test failed!\n");
+ goto err;
+ }
+ }
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ BN_free(f);
+ return ret;
+}
+
+int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b[2], *c, *d, *e;
+ int i, j, s = 0, t, ret = 0;
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
+
+ a = BN_new();
+ b[0] = BN_new();
+ b[1] = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ BN_GF2m_arr2poly(p0, b[0]);
+ BN_GF2m_arr2poly(p1, b[1]);
+
+ for (i = 0; i < num0; i++) {
+ BN_bntest_rand(a, 512, 0, 0);
+ for (j = 0; j < 2; j++) {
+ t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
+ if (t) {
+ s++;
+ BN_GF2m_mod_sqr(d, c, b[j], ctx);
+ BN_GF2m_add(d, c, d);
+ BN_GF2m_mod(e, a, b[j]);
+ BN_GF2m_add(e, e, d);
+ /*
+ * Test that solution of quadratic c satisfies c^2 + c = a.
+ */
+ if (!BN_is_zero(e)) {
+ fprintf(stderr,
+ "GF(2^m) modular solve quadratic test failed!\n");
+ goto err;
+ }
+
+ }
+ }
+ }
+ if (s == 0) {
+ fprintf(stderr,
+ "All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n",
+ num0);
+ fprintf(stderr,
+ "this is very unlikely and probably indicates an error.\n");
+ goto err;
+ }
+ ret = 1;
+ err:
+ BN_free(a);
+ BN_free(b[0]);
+ BN_free(b[1]);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return ret;
+}
+#endif
+static int genprime_cb(int p, int n, BN_GENCB *arg)
+{
+ char c = '*';
+
+ if (p == 0)
+ c = '.';
+ if (p == 1)
+ c = '+';
+ if (p == 2)
+ c = '*';
+ if (p == 3)
+ c = '\n';
+ putc(c, stderr);
+ fflush(stderr);
+ return 1;
+}
+
+int test_kron(BIO *bp, BN_CTX *ctx)
+{
+ BN_GENCB cb;
+ BIGNUM *a, *b, *r, *t;
+ int i;
+ int legendre, kronecker;
+ int ret = 0;
+
+ a = BN_new();
+ b = BN_new();
+ r = BN_new();
+ t = BN_new();
+ if (a == NULL || b == NULL || r == NULL || t == NULL)
+ goto err;
+
+ BN_GENCB_set(&cb, genprime_cb, NULL);
+
+ /*
+ * We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). In
+ * this case we know that if b is prime, then BN_kronecker(a, b, ctx) is
+ * congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol). So we
+ * generate a random prime b and compare these values for a number of
+ * random a's. (That is, we run the Solovay-Strassen primality test to
+ * confirm that b is prime, except that we don't want to test whether b
+ * is prime but whether BN_kronecker works.)
+ */
+
+ if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb))
+ goto err;
+ b->neg = rand_neg();
+ putc('\n', stderr);
+
+ for (i = 0; i < num0; i++) {
+ if (!BN_bntest_rand(a, 512, 0, 0))
+ goto err;
+ a->neg = rand_neg();
+
+ /* t := (|b|-1)/2 (note that b is odd) */
+ if (!BN_copy(t, b))
+ goto err;
+ t->neg = 0;
+ if (!BN_sub_word(t, 1))
+ goto err;
+ if (!BN_rshift1(t, t))
+ goto err;
+ /* r := a^t mod b */
+ b->neg = 0;
+
+ if (!BN_mod_exp_recp(r, a, t, b, ctx))
+ goto err;
+ b->neg = 1;
+
+ if (BN_is_word(r, 1))
+ legendre = 1;
+ else if (BN_is_zero(r))
+ legendre = 0;
+ else {
+ if (!BN_add_word(r, 1))
+ goto err;
+ if (0 != BN_ucmp(r, b)) {
+ fprintf(stderr, "Legendre symbol computation failed\n");
+ goto err;
+ }
+ legendre = -1;
+ }
+
+ kronecker = BN_kronecker(a, b, ctx);
+ if (kronecker < -1)
+ goto err;
+ /* we actually need BN_kronecker(a, |b|) */
+ if (a->neg && b->neg)
+ kronecker = -kronecker;
+
+ if (legendre != kronecker) {
+ fprintf(stderr, "legendre != kronecker; a = ");
+ BN_print_fp(stderr, a);
+ fprintf(stderr, ", b = ");
+ BN_print_fp(stderr, b);
+ fprintf(stderr, "\n");
+ goto err;
+ }
+
+ putc('.', stderr);
+ fflush(stderr);
+ }
+
+ putc('\n', stderr);
+ fflush(stderr);
+ ret = 1;
+ err:
+ if (a != NULL)
+ BN_free(a);
+ if (b != NULL)
+ BN_free(b);
+ if (r != NULL)
+ BN_free(r);
+ if (t != NULL)
+ BN_free(t);
+ return ret;
+}
+
+int test_sqrt(BIO *bp, BN_CTX *ctx)
+{
+ BN_GENCB cb;
+ BIGNUM *a, *p, *r;
+ int i, j;
+ int ret = 0;
+
+ a = BN_new();
+ p = BN_new();
+ r = BN_new();
+ if (a == NULL || p == NULL || r == NULL)
+ goto err;
+
+ BN_GENCB_set(&cb, genprime_cb, NULL);
+
+ for (i = 0; i < 16; i++) {
+ if (i < 8) {
+ unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 };
+
+ if (!BN_set_word(p, primes[i]))
+ goto err;
+ } else {
+ if (!BN_set_word(a, 32))
+ goto err;
+ if (!BN_set_word(r, 2 * i + 1))
+ goto err;
+
+ if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb))
+ goto err;
+ putc('\n', stderr);
+ }
+ p->neg = rand_neg();
+
+ for (j = 0; j < num2; j++) {
+ /*
+ * construct 'a' such that it is a square modulo p, but in
+ * general not a proper square and not reduced modulo p
+ */
+ if (!BN_bntest_rand(r, 256, 0, 3))
+ goto err;
+ if (!BN_nnmod(r, r, p, ctx))
+ goto err;
+ if (!BN_mod_sqr(r, r, p, ctx))
+ goto err;
+ if (!BN_bntest_rand(a, 256, 0, 3))
+ goto err;
+ if (!BN_nnmod(a, a, p, ctx))
+ goto err;
+ if (!BN_mod_sqr(a, a, p, ctx))
+ goto err;
+ if (!BN_mul(a, a, r, ctx))
+ goto err;
+ if (rand_neg())
+ if (!BN_sub(a, a, p))
+ goto err;
+
+ if (!BN_mod_sqrt(r, a, p, ctx))
+ goto err;
+ if (!BN_mod_sqr(r, r, p, ctx))
+ goto err;
+
+ if (!BN_nnmod(a, a, p, ctx))
+ goto err;
+
+ if (BN_cmp(a, r) != 0) {
+ fprintf(stderr, "BN_mod_sqrt failed: a = ");
+ BN_print_fp(stderr, a);
+ fprintf(stderr, ", r = ");
+ BN_print_fp(stderr, r);
+ fprintf(stderr, ", p = ");
+ BN_print_fp(stderr, p);
+ fprintf(stderr, "\n");
+ goto err;
+ }
+
+ putc('.', stderr);
+ fflush(stderr);
+ }
+
+ putc('\n', stderr);
+ fflush(stderr);
+ }
+ ret = 1;
+ err:
+ if (a != NULL)
+ BN_free(a);
+ if (p != NULL)
+ BN_free(p);
+ if (r != NULL)
+ BN_free(r);
+ return ret;
+}
+
+int test_small_prime(BIO *bp, BN_CTX *ctx)
+{
+ static const int bits = 10;
+ int ret = 0;
+ BIGNUM *r;
+
+ r = BN_new();
+ if (!BN_generate_prime_ex(r, bits, 0, NULL, NULL, NULL))
+ goto err;
+ if (BN_num_bits(r) != bits) {
+ BIO_printf(bp, "Expected %d bit prime, got %d bit number\n", bits,
+ BN_num_bits(r));
+ goto err;
+ }
+
+ ret = 1;
+
+ err:
+ BN_clear_free(r);
+ return ret;
+}
+
+#ifndef OPENSSL_SYS_WIN32
+int test_probable_prime_coprime(BIO *bp, BN_CTX *ctx)
+{
+ int i, j, ret = 0;
+ BIGNUM *r;
+ BN_ULONG primes[5] = { 2, 3, 5, 7, 11 };
+
+ r = BN_new();
+
+ for (i = 0; i < 1000; i++) {
+ if (!bn_probable_prime_dh_coprime(r, 1024, ctx))
+ goto err;
+
+ for (j = 0; j < 5; j++) {
+ if (BN_mod_word(r, primes[j]) == 0) {
+ BIO_printf(bp, "Number generated is not coprime to %ld:\n",
+ primes[j]);
+ BN_print_fp(stdout, r);
+ BIO_printf(bp, "\n");
+ goto err;
+ }
+ }
+ }
+
+ ret = 1;
+
+ err:
+ BN_clear_free(r);
+ return ret;
+}
+#endif
+int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_)
+{
+ BIGNUM *a, *b, *c, *d;
+ int i;
+
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ BN_one(c);
+
+ if (a_)
+ a = a_;
+ else {
+ a = BN_new();
+ BN_bntest_rand(a, 200, 0, 0);
+ a->neg = rand_neg();
+ }
+ for (i = 0; i < num0; i++) {
+ BN_lshift(b, a, i + 1);
+ BN_add(c, c, c);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * ");
+ BN_print(bp, c);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, b);
+ BIO_puts(bp, "\n");
+ }
+ BN_mul(d, a, c, ctx);
+ BN_sub(d, d, b);
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "Left shift test failed!\n");
+ fprintf(stderr, "a=");
+ BN_print_fp(stderr, a);
+ fprintf(stderr, "\nb=");
+ BN_print_fp(stderr, b);
+ fprintf(stderr, "\nc=");
+ BN_print_fp(stderr, c);
+ fprintf(stderr, "\nd=");
+ BN_print_fp(stderr, d);
+ fprintf(stderr, "\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ return (1);
+}
+
+int test_lshift1(BIO *bp)
+{
+ BIGNUM *a, *b, *c;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+
+ BN_bntest_rand(a, 200, 0, 0);
+ a->neg = rand_neg();
+ for (i = 0; i < num0; i++) {
+ BN_lshift1(b, a);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " * 2");
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, b);
+ BIO_puts(bp, "\n");
+ }
+ BN_add(c, a, a);
+ BN_sub(a, b, c);
+ if (!BN_is_zero(a)) {
+ fprintf(stderr, "Left shift one test failed!\n");
+ return 0;
+ }
+
+ BN_copy(a, b);
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return (1);
+}
+
+int test_rshift(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *b, *c, *d, *e;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+ BN_one(c);
+
+ BN_bntest_rand(a, 200, 0, 0);
+ a->neg = rand_neg();
+ for (i = 0; i < num0; i++) {
+ BN_rshift(b, a, i + 1);
+ BN_add(c, c, c);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " / ");
+ BN_print(bp, c);
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, b);
+ BIO_puts(bp, "\n");
+ }
+ BN_div(d, e, a, c, ctx);
+ BN_sub(d, d, b);
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "Right shift test failed!\n");
+ return 0;
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
+int test_rshift1(BIO *bp)
+{
+ BIGNUM *a, *b, *c;
+ int i;
+
+ a = BN_new();
+ b = BN_new();
+ c = BN_new();
+
+ BN_bntest_rand(a, 200, 0, 0);
+ a->neg = rand_neg();
+ for (i = 0; i < num0; i++) {
+ BN_rshift1(b, a);
+ if (bp != NULL) {
+ if (!results) {
+ BN_print(bp, a);
+ BIO_puts(bp, " / 2");
+ BIO_puts(bp, " - ");
+ }
+ BN_print(bp, b);
+ BIO_puts(bp, "\n");
+ }
+ BN_sub(c, a, b);
+ BN_sub(c, c, b);
+ if (!BN_is_zero(c) && !BN_abs_is_word(c, 1)) {
+ fprintf(stderr, "Right shift one test failed!\n");
+ return 0;
+ }
+ BN_copy(a, b);
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return (1);
+}
+
+int rand_neg(void)
+{
+ static unsigned int neg = 0;
+ static int sign[8] = { 0, 0, 0, 1, 1, 0, 1, 1 };
+
+ return (sign[(neg++) % 8]);
+}
--- /dev/null
+/* crypto/cast/casttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_CAST is defined */
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_CAST
+int main(int argc, char *argv[])
+{
+ printf("No CAST support\n");
+ return (0);
+}
+#else
+# include <openssl/cast.h>
+
+# define FULL_TEST
+
+static unsigned char k[16] = {
+ 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
+ 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
+};
+
+static unsigned char in[8] =
+ { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF };
+
+static int k_len[3] = { 16, 10, 5 };
+
+static unsigned char c[3][8] = {
+ {0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2},
+ {0xEB, 0x6A, 0x71, 0x1A, 0x2C, 0x02, 0x27, 0x1B},
+ {0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E},
+};
+
+static unsigned char out[80];
+
+static unsigned char in_a[16] = {
+ 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
+ 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
+};
+
+static unsigned char in_b[16] = {
+ 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
+ 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
+};
+
+static unsigned char c_a[16] = {
+ 0xEE, 0xA9, 0xD0, 0xA2, 0x49, 0xFD, 0x3B, 0xA6,
+ 0xB3, 0x43, 0x6F, 0xB8, 0x9D, 0x6D, 0xCA, 0x92
+};
+
+static unsigned char c_b[16] = {
+ 0xB2, 0xC9, 0x5E, 0xB0, 0x0C, 0x31, 0xAD, 0x71,
+ 0x80, 0xAC, 0x05, 0xB8, 0xE8, 0x3D, 0x69, 0x6E
+};
+
+int main(int argc, char *argv[])
+{
+# ifdef FULL_TEST
+ long l;
+ CAST_KEY key_b;
+# endif
+ int i, z, err = 0;
+ CAST_KEY key;
+
+ for (z = 0; z < 3; z++) {
+ CAST_set_key(&key, k_len[z], k);
+
+ CAST_ecb_encrypt(in, out, &key, CAST_ENCRYPT);
+ if (memcmp(out, &(c[z][0]), 8) != 0) {
+ printf("ecb cast error encrypting for keysize %d\n",
+ k_len[z] * 8);
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", c[z][i]);
+ err = 20;
+ printf("\n");
+ }
+
+ CAST_ecb_encrypt(out, out, &key, CAST_DECRYPT);
+ if (memcmp(out, in, 8) != 0) {
+ printf("ecb cast error decrypting for keysize %d\n",
+ k_len[z] * 8);
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", in[i]);
+ printf("\n");
+ err = 3;
+ }
+ }
+ if (err == 0)
+ printf("ecb cast5 ok\n");
+
+# ifdef FULL_TEST
+ {
+ unsigned char out_a[16], out_b[16];
+ static char *hex = "0123456789ABCDEF";
+
+ printf("This test will take some time....");
+ fflush(stdout);
+ memcpy(out_a, in_a, sizeof(in_a));
+ memcpy(out_b, in_b, sizeof(in_b));
+ i = 1;
+
+ for (l = 0; l < 1000000L; l++) {
+ CAST_set_key(&key_b, 16, out_b);
+ CAST_ecb_encrypt(&(out_a[0]), &(out_a[0]), &key_b, CAST_ENCRYPT);
+ CAST_ecb_encrypt(&(out_a[8]), &(out_a[8]), &key_b, CAST_ENCRYPT);
+ CAST_set_key(&key, 16, out_a);
+ CAST_ecb_encrypt(&(out_b[0]), &(out_b[0]), &key, CAST_ENCRYPT);
+ CAST_ecb_encrypt(&(out_b[8]), &(out_b[8]), &key, CAST_ENCRYPT);
+ if ((l & 0xffff) == 0xffff) {
+ printf("%c", hex[i & 0x0f]);
+ fflush(stdout);
+ i++;
+ }
+ }
+
+ if ((memcmp(out_a, c_a, sizeof(c_a)) != 0) ||
+ (memcmp(out_b, c_b, sizeof(c_b)) != 0)) {
+ printf("\n");
+ printf("Error\n");
+
+ printf("A out =");
+ for (i = 0; i < 16; i++)
+ printf("%02X ", out_a[i]);
+ printf("\nactual=");
+ for (i = 0; i < 16; i++)
+ printf("%02X ", c_a[i]);
+ printf("\n");
+
+ printf("B out =");
+ for (i = 0; i < 16; i++)
+ printf("%02X ", out_b[i]);
+ printf("\nactual=");
+ for (i = 0; i < 16; i++)
+ printf("%02X ", c_b[i]);
+ printf("\n");
+ } else
+ printf(" ok\n");
+ }
+# endif
+
+ EXIT(err);
+}
+#endif
--- /dev/null
+/* crypto/constant_time_test.c */
+/*-
+ * Utilities for constant-time cryptography.
+ *
+ * Author: Emilia Kasper (emilia@openssl.org)
+ * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+ * (Google).
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "../crypto/constant_time_locl.h"
+
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+static const unsigned int CONSTTIME_TRUE = (unsigned)(~0);
+static const unsigned int CONSTTIME_FALSE = 0;
+static const unsigned char CONSTTIME_TRUE_8 = 0xff;
+static const unsigned char CONSTTIME_FALSE_8 = 0;
+
+static int test_binary_op(unsigned int (*op) (unsigned int a, unsigned int b),
+ const char *op_name, unsigned int a, unsigned int b,
+ int is_true)
+{
+ unsigned c = op(a, b);
+ if (is_true && c != CONSTTIME_TRUE) {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
+ "(TRUE), got %du\n", op_name, a, b, CONSTTIME_TRUE, c);
+ return 1;
+ } else if (!is_true && c != CONSTTIME_FALSE) {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
+ "(FALSE), got %du\n", op_name, a, b, CONSTTIME_FALSE, c);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_binary_op_8(unsigned
+ char (*op) (unsigned int a, unsigned int b),
+ const char *op_name, unsigned int a,
+ unsigned int b, int is_true)
+{
+ unsigned char c = op(a, b);
+ if (is_true && c != CONSTTIME_TRUE_8) {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
+ "(TRUE), got %u\n", op_name, a, b, CONSTTIME_TRUE_8, c);
+ return 1;
+ } else if (!is_true && c != CONSTTIME_FALSE_8) {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
+ "(FALSE), got %u\n", op_name, a, b, CONSTTIME_FALSE_8, c);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_is_zero(unsigned int a)
+{
+ unsigned int c = constant_time_is_zero(a);
+ if (a == 0 && c != CONSTTIME_TRUE) {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %du (TRUE), got %du\n", a, CONSTTIME_TRUE, c);
+ return 1;
+ } else if (a != 0 && c != CONSTTIME_FALSE) {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %du (FALSE), got %du\n", a, CONSTTIME_FALSE, c);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_is_zero_8(unsigned int a)
+{
+ unsigned char c = constant_time_is_zero_8(a);
+ if (a == 0 && c != CONSTTIME_TRUE_8) {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %u (TRUE), got %u\n", a, CONSTTIME_TRUE_8, c);
+ return 1;
+ } else if (a != 0 && c != CONSTTIME_FALSE) {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %u (FALSE), got %u\n", a, CONSTTIME_FALSE_8, c);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_select(unsigned int a, unsigned int b)
+{
+ unsigned int selected = constant_time_select(CONSTTIME_TRUE, a, b);
+ if (selected != a) {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
+ "%du): expected %du(first value), got %du\n",
+ CONSTTIME_TRUE, a, b, a, selected);
+ return 1;
+ }
+ selected = constant_time_select(CONSTTIME_FALSE, a, b);
+ if (selected != b) {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
+ "%du): expected %du(second value), got %du\n",
+ CONSTTIME_FALSE, a, b, b, selected);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_select_8(unsigned char a, unsigned char b)
+{
+ unsigned char selected = constant_time_select_8(CONSTTIME_TRUE_8, a, b);
+ if (selected != a) {
+ fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
+ "%u): expected %u(first value), got %u\n",
+ CONSTTIME_TRUE, a, b, a, selected);
+ return 1;
+ }
+ selected = constant_time_select_8(CONSTTIME_FALSE_8, a, b);
+ if (selected != b) {
+ fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
+ "%u): expected %u(second value), got %u\n",
+ CONSTTIME_FALSE, a, b, b, selected);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_select_int(int a, int b)
+{
+ int selected = constant_time_select_int(CONSTTIME_TRUE, a, b);
+ if (selected != a) {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
+ "%d): expected %d(first value), got %d\n",
+ CONSTTIME_TRUE, a, b, a, selected);
+ return 1;
+ }
+ selected = constant_time_select_int(CONSTTIME_FALSE, a, b);
+ if (selected != b) {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
+ "%d): expected %d(second value), got %d\n",
+ CONSTTIME_FALSE, a, b, b, selected);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_eq_int(int a, int b)
+{
+ unsigned int equal = constant_time_eq_int(a, b);
+ if (a == b && equal != CONSTTIME_TRUE) {
+ fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
+ "expected %du(TRUE), got %du\n", a, b, CONSTTIME_TRUE, equal);
+ return 1;
+ } else if (a != b && equal != CONSTTIME_FALSE) {
+ fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
+ "expected %du(FALSE), got %du\n",
+ a, b, CONSTTIME_FALSE, equal);
+ return 1;
+ }
+ return 0;
+}
+
+static int test_eq_int_8(int a, int b)
+{
+ unsigned char equal = constant_time_eq_int_8(a, b);
+ if (a == b && equal != CONSTTIME_TRUE_8) {
+ fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
+ "expected %u(TRUE), got %u\n", a, b, CONSTTIME_TRUE_8, equal);
+ return 1;
+ } else if (a != b && equal != CONSTTIME_FALSE_8) {
+ fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
+ "expected %u(FALSE), got %u\n",
+ a, b, CONSTTIME_FALSE_8, equal);
+ return 1;
+ }
+ return 0;
+}
+
+static unsigned int test_values[] =
+ { 0, 1, 1024, 12345, 32000, UINT_MAX / 2 - 1,
+ UINT_MAX / 2, UINT_MAX / 2 + 1, UINT_MAX - 1,
+ UINT_MAX
+};
+
+static unsigned char test_values_8[] =
+ { 0, 1, 2, 20, 32, 127, 128, 129, 255 };
+
+static int signed_test_values[] = { 0, 1, -1, 1024, -1024, 12345, -12345,
+ 32000, -32000, INT_MAX, INT_MIN, INT_MAX - 1,
+ INT_MIN + 1
+};
+
+int main(int argc, char *argv[])
+{
+ unsigned int a, b, i, j;
+ int c, d;
+ unsigned char e, f;
+ int num_failed = 0, num_all = 0;
+ fprintf(stdout, "Testing constant time operations...\n");
+
+ for (i = 0; i < sizeof(test_values) / sizeof(int); ++i) {
+ a = test_values[i];
+ num_failed += test_is_zero(a);
+ num_failed += test_is_zero_8(a);
+ num_all += 2;
+ for (j = 0; j < sizeof(test_values) / sizeof(int); ++j) {
+ b = test_values[j];
+ num_failed += test_binary_op(&constant_time_lt,
+ "constant_time_lt", a, b, a < b);
+ num_failed += test_binary_op_8(&constant_time_lt_8,
+ "constant_time_lt_8", a, b, a < b);
+ num_failed += test_binary_op(&constant_time_lt,
+ "constant_time_lt_8", b, a, b < a);
+ num_failed += test_binary_op_8(&constant_time_lt_8,
+ "constant_time_lt_8", b, a, b < a);
+ num_failed += test_binary_op(&constant_time_ge,
+ "constant_time_ge", a, b, a >= b);
+ num_failed += test_binary_op_8(&constant_time_ge_8,
+ "constant_time_ge_8", a, b,
+ a >= b);
+ num_failed +=
+ test_binary_op(&constant_time_ge, "constant_time_ge", b, a,
+ b >= a);
+ num_failed +=
+ test_binary_op_8(&constant_time_ge_8, "constant_time_ge_8", b,
+ a, b >= a);
+ num_failed +=
+ test_binary_op(&constant_time_eq, "constant_time_eq", a, b,
+ a == b);
+ num_failed +=
+ test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", a,
+ b, a == b);
+ num_failed +=
+ test_binary_op(&constant_time_eq, "constant_time_eq", b, a,
+ b == a);
+ num_failed +=
+ test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", b,
+ a, b == a);
+ num_failed += test_select(a, b);
+ num_all += 13;
+ }
+ }
+
+ for (i = 0; i < sizeof(signed_test_values) / sizeof(int); ++i) {
+ c = signed_test_values[i];
+ for (j = 0; j < sizeof(signed_test_values) / sizeof(int); ++j) {
+ d = signed_test_values[j];
+ num_failed += test_select_int(c, d);
+ num_failed += test_eq_int(c, d);
+ num_failed += test_eq_int_8(c, d);
+ num_all += 3;
+ }
+ }
+
+ for (i = 0; i < sizeof(test_values_8); ++i) {
+ e = test_values_8[i];
+ for (j = 0; j < sizeof(test_values_8); ++j) {
+ f = test_values_8[j];
+ num_failed += test_select_8(e, f);
+ num_all += 1;
+ }
+ }
+
+ if (!num_failed) {
+ fprintf(stdout, "ok (ran %d tests)\n", num_all);
+ return EXIT_SUCCESS;
+ } else {
+ fprintf(stdout, "%d of %d tests failed!\n", num_failed, num_all);
+ return EXIT_FAILURE;
+ }
+}
--- /dev/null
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/e_os2.h>
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINDOWS)
+# ifndef OPENSSL_SYS_MSDOS
+# define OPENSSL_SYS_MSDOS
+# endif
+#endif
+
+#ifndef OPENSSL_SYS_MSDOS
+# if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC)
+# include OPENSSL_UNISTD
+# endif
+#else
+# include <io.h>
+#endif
+#include <string.h>
+
+#ifdef OPENSSL_NO_DES
+int main(int argc, char *argv[])
+{
+ printf("No DES support\n");
+ return (0);
+}
+#else
+# include <openssl/des.h>
+
+# define crypt(c,s) (DES_crypt((c),(s)))
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+# define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
+ {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
+ {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
+ {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
+ {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
+ {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
+ {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
+ {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
+ {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
+ {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
+ {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
+ {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
+ {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
+ {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
+ {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
+ {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
+ {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
+ {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
+ {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
+ {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+ {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
+ {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}
+};
+
+static unsigned char plain_data[NUM_TESTS][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
+ {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
+ {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
+ {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
+ {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
+ {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
+ {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
+ {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
+ {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
+ {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
+ {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
+ {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
+ {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
+ {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
+ {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
+ {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
+ {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
+ {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
+ {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
+};
+
+static unsigned char cipher_data[NUM_TESTS][8] = {
+ {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7},
+ {0x73, 0x59, 0xB2, 0x16, 0x3E, 0x4E, 0xDC, 0x58},
+ {0x95, 0x8E, 0x6E, 0x62, 0x7A, 0x05, 0x55, 0x7B},
+ {0xF4, 0x03, 0x79, 0xAB, 0x9E, 0x0E, 0xC5, 0x33},
+ {0x17, 0x66, 0x8D, 0xFC, 0x72, 0x92, 0x53, 0x2D},
+ {0x8A, 0x5A, 0xE1, 0xF8, 0x1A, 0xB8, 0xF2, 0xDD},
+ {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7},
+ {0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4},
+ {0x69, 0x0F, 0x5B, 0x0D, 0x9A, 0x26, 0x93, 0x9B},
+ {0x7A, 0x38, 0x9D, 0x10, 0x35, 0x4B, 0xD2, 0x71},
+ {0x86, 0x8E, 0xBB, 0x51, 0xCA, 0xB4, 0x59, 0x9A},
+ {0x71, 0x78, 0x87, 0x6E, 0x01, 0xF1, 0x9B, 0x2A},
+ {0xAF, 0x37, 0xFB, 0x42, 0x1F, 0x8C, 0x40, 0x95},
+ {0x86, 0xA5, 0x60, 0xF1, 0x0E, 0xC6, 0xD8, 0x5B},
+ {0x0C, 0xD3, 0xDA, 0x02, 0x00, 0x21, 0xDC, 0x09},
+ {0xEA, 0x67, 0x6B, 0x2C, 0xB7, 0xDB, 0x2B, 0x7A},
+ {0xDF, 0xD6, 0x4A, 0x81, 0x5C, 0xAF, 0x1A, 0x0F},
+ {0x5C, 0x51, 0x3C, 0x9C, 0x48, 0x86, 0xC0, 0x88},
+ {0x0A, 0x2A, 0xEE, 0xAE, 0x3F, 0xF4, 0xAB, 0x77},
+ {0xEF, 0x1B, 0xF0, 0x3E, 0x5D, 0xFA, 0x57, 0x5A},
+ {0x88, 0xBF, 0x0D, 0xB6, 0xD7, 0x0D, 0xEE, 0x56},
+ {0xA1, 0xF9, 0x91, 0x55, 0x41, 0x02, 0x0B, 0x56},
+ {0x6F, 0xBF, 0x1C, 0xAF, 0xCF, 0xFD, 0x05, 0x56},
+ {0x2F, 0x22, 0xE4, 0x9B, 0xAB, 0x7C, 0xA1, 0xAC},
+ {0x5A, 0x6B, 0x61, 0x2C, 0xC2, 0x6C, 0xCE, 0x4A},
+ {0x5F, 0x4C, 0x03, 0x8E, 0xD1, 0x2B, 0x2E, 0x41},
+ {0x63, 0xFA, 0xC0, 0xD0, 0x34, 0xD9, 0xF7, 0x93},
+ {0x61, 0x7B, 0x3A, 0x0C, 0xE8, 0xF0, 0x71, 0x00},
+ {0xDB, 0x95, 0x86, 0x05, 0xF8, 0xC8, 0xC6, 0x06},
+ {0xED, 0xBF, 0xD1, 0xC6, 0x6C, 0x29, 0xCC, 0xC7},
+ {0x35, 0x55, 0x50, 0xB2, 0x15, 0x0E, 0x24, 0x51},
+ {0xCA, 0xAA, 0xAF, 0x4D, 0xEA, 0xF1, 0xDB, 0xAE},
+ {0xD5, 0xD4, 0x4F, 0xF7, 0x20, 0x68, 0x3D, 0x0D},
+ {0x2A, 0x2B, 0xB0, 0x08, 0xDF, 0x97, 0xC2, 0xF2}
+};
+
+static unsigned char cipher_ecb2[NUM_TESTS - 1][8] = {
+ {0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E},
+ {0x19, 0x9E, 0x9D, 0x6D, 0xF3, 0x9A, 0xA8, 0x16},
+ {0x2A, 0x4B, 0x4D, 0x24, 0x52, 0x43, 0x84, 0x27},
+ {0x35, 0x84, 0x3C, 0x01, 0x9D, 0x18, 0xC5, 0xB6},
+ {0x4A, 0x5B, 0x2F, 0x42, 0xAA, 0x77, 0x19, 0x25},
+ {0xA0, 0x6B, 0xA9, 0xB8, 0xCA, 0x5B, 0x17, 0x8A},
+ {0xAB, 0x9D, 0xB7, 0xFB, 0xED, 0x95, 0xF2, 0x74},
+ {0x3D, 0x25, 0x6C, 0x23, 0xA7, 0x25, 0x2F, 0xD6},
+ {0xB7, 0x6F, 0xAB, 0x4F, 0xBD, 0xBD, 0xB7, 0x67},
+ {0x8F, 0x68, 0x27, 0xD6, 0x9C, 0xF4, 0x1A, 0x10},
+ {0x82, 0x57, 0xA1, 0xD6, 0x50, 0x5E, 0x81, 0x85},
+ {0xA2, 0x0F, 0x0A, 0xCD, 0x80, 0x89, 0x7D, 0xFA},
+ {0xCD, 0x2A, 0x53, 0x3A, 0xDB, 0x0D, 0x7E, 0xF3},
+ {0xD2, 0xC2, 0xBE, 0x27, 0xE8, 0x1B, 0x68, 0xE3},
+ {0xE9, 0x24, 0xCF, 0x4F, 0x89, 0x3C, 0x5B, 0x0A},
+ {0xA7, 0x18, 0xC3, 0x9F, 0xFA, 0x9F, 0xD7, 0x69},
+ {0x77, 0x2C, 0x79, 0xB1, 0xD2, 0x31, 0x7E, 0xB1},
+ {0x49, 0xAB, 0x92, 0x7F, 0xD0, 0x22, 0x00, 0xB7},
+ {0xCE, 0x1C, 0x6C, 0x7D, 0x85, 0xE3, 0x4A, 0x6F},
+ {0xBE, 0x91, 0xD6, 0xE1, 0x27, 0xB2, 0xE9, 0x87},
+ {0x70, 0x28, 0xAE, 0x8F, 0xD1, 0xF5, 0x74, 0x1A},
+ {0xAA, 0x37, 0x80, 0xBB, 0xF3, 0x22, 0x1D, 0xDE},
+ {0xA6, 0xC4, 0xD2, 0x5E, 0x28, 0x93, 0xAC, 0xB3},
+ {0x22, 0x07, 0x81, 0x5A, 0xE4, 0xB7, 0x1A, 0xAD},
+ {0xDC, 0xCE, 0x05, 0xE7, 0x07, 0xBD, 0xF5, 0x84},
+ {0x26, 0x1D, 0x39, 0x2C, 0xB3, 0xBA, 0xA5, 0x85},
+ {0xB4, 0xF7, 0x0F, 0x72, 0xFB, 0x04, 0xF0, 0xDC},
+ {0x95, 0xBA, 0xA9, 0x4E, 0x87, 0x36, 0xF2, 0x89},
+ {0xD4, 0x07, 0x3A, 0xF1, 0x5A, 0x17, 0x82, 0x0E},
+ {0xEF, 0x6F, 0xAF, 0xA7, 0x66, 0x1A, 0x7E, 0x89},
+ {0xC1, 0x97, 0xF5, 0x58, 0x74, 0x8A, 0x20, 0xE7},
+ {0x43, 0x34, 0xCF, 0xDA, 0x22, 0xC4, 0x86, 0xC8},
+ {0x08, 0xD7, 0xB4, 0xFB, 0x62, 0x9D, 0x08, 0x85}
+};
+
+static unsigned char cbc_key[8] =
+ { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+static unsigned char cbc2_key[8] =
+ { 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86 };
+static unsigned char cbc3_key[8] =
+ { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
+static unsigned char cbc_iv[8] =
+ { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
+/*
+ * Changed the following text constant to binary so it will work on ebcdic
+ * machines :-)
+ */
+/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
+static unsigned char cbc_data[40] = {
+ 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20,
+ 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
+ 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20,
+ 0x66, 0x6F, 0x72, 0x20, 0x00, 0x31, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+static unsigned char cbc_ok[32] = {
+ 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4,
+ 0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb,
+ 0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68,
+ 0x1d, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4
+};
+
+# ifdef SCREW_THE_PARITY
+# error "SCREW_THE_PARITY is not ment to be defined."
+# error "Original vectors are preserved for reference only."
+static unsigned char cbc2_key[8] =
+ { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 };
+static unsigned char xcbc_ok[32] = {
+ 0x86, 0x74, 0x81, 0x0D, 0x61, 0xA4, 0xA5, 0x48,
+ 0xB9, 0x93, 0x03, 0xE1, 0xB8, 0xBB, 0xBD, 0xBD,
+ 0x64, 0x30, 0x0B, 0xB9, 0x06, 0x65, 0x81, 0x76,
+ 0x04, 0x1D, 0x77, 0x62, 0x17, 0xCA, 0x2B, 0xD2,
+};
+# else
+static unsigned char xcbc_ok[32] = {
+ 0x84, 0x6B, 0x29, 0x14, 0x85, 0x1E, 0x9A, 0x29,
+ 0x54, 0x73, 0x2F, 0x8A, 0xA0, 0xA6, 0x11, 0xC1,
+ 0x15, 0xCD, 0xC2, 0xD7, 0x95, 0x1B, 0x10, 0x53,
+ 0xA6, 0x3C, 0x5E, 0x03, 0xB2, 0x1A, 0xA3, 0xC4,
+};
+# endif
+
+static unsigned char cbc3_ok[32] = {
+ 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0,
+ 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC,
+ 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4,
+ 0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75
+};
+
+static unsigned char pcbc_ok[32] = {
+ 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4,
+ 0x6d, 0xec, 0xb4, 0x70, 0xa0, 0xe5, 0x6b, 0x15,
+ 0xae, 0xa6, 0xbf, 0x61, 0xed, 0x7d, 0x9c, 0x9f,
+ 0xf7, 0x17, 0x46, 0x3b, 0x8a, 0xb3, 0xcc, 0x88
+};
+
+static unsigned char cfb_key[8] =
+ { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+static unsigned char cfb_iv[8] =
+ { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef };
+static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
+static unsigned char plain[24] = {
+ 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
+ 0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
+ 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
+ 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
+};
+
+static unsigned char cfb_cipher8[24] = {
+ 0xf3, 0x1f, 0xda, 0x07, 0x01, 0x14, 0x62, 0xee, 0x18, 0x7f, 0x43, 0xd8,
+ 0x0a, 0x7c, 0xd9, 0xb5, 0xb0, 0xd2, 0x90, 0xda, 0x6e, 0x5b, 0x9a, 0x87
+};
+
+static unsigned char cfb_cipher16[24] = {
+ 0xF3, 0x09, 0x87, 0x87, 0x7F, 0x57, 0xF7, 0x3C, 0x36, 0xB6, 0xDB, 0x70,
+ 0xD8, 0xD5, 0x34, 0x19, 0xD3, 0x86, 0xB2, 0x23, 0xB7, 0xB2, 0xAD, 0x1B
+};
+
+static unsigned char cfb_cipher32[24] = {
+ 0xF3, 0x09, 0x62, 0x49, 0xA4, 0xDF, 0xA4, 0x9F, 0x33, 0xDC, 0x7B, 0xAD,
+ 0x4C, 0xC8, 0x9F, 0x64, 0xE4, 0x53, 0xE5, 0xEC, 0x67, 0x20, 0xDA, 0xB6
+};
+
+static unsigned char cfb_cipher48[24] = {
+ 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x30, 0xB5, 0x15, 0xEC, 0xBB, 0x85,
+ 0x97, 0x5A, 0x13, 0x8C, 0x68, 0x60, 0xE2, 0x38, 0x34, 0x3C, 0xDC, 0x1F
+};
+
+static unsigned char cfb_cipher64[24] = {
+ 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x6E, 0x51, 0xA6, 0x9E, 0x83, 0x9B,
+ 0x1A, 0x92, 0xF7, 0x84, 0x03, 0x46, 0x71, 0x33, 0x89, 0x8E, 0xA6, 0x22
+};
+
+static unsigned char ofb_key[8] =
+ { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+static unsigned char ofb_iv[8] =
+ { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef };
+static unsigned char ofb_buf1[24], ofb_buf2[24], ofb_tmp[8];
+static unsigned char ofb_cipher[24] = {
+ 0xf3, 0x09, 0x62, 0x49, 0xc7, 0xf4, 0x6e, 0x51,
+ 0x35, 0xf2, 0x4a, 0x24, 0x2e, 0xeb, 0x3d, 0x3f,
+ 0x3d, 0x6d, 0x5b, 0xe3, 0x25, 0x5a, 0xf8, 0xc3
+};
+static DES_LONG cbc_cksum_ret = 0xF7FE62B4L;
+static unsigned char cbc_cksum_data[8] =
+ { 0x1D, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 };
+
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+int main(int argc, char *argv[])
+{
+ int j, err = 0;
+ unsigned int i;
+ DES_cblock in, out, outin, iv3;
+ DES_key_schedule ks, ks2, ks3;
+ unsigned char cbc_in[40];
+ unsigned char cbc_out[40];
+ DES_LONG cs;
+ unsigned char cret[8];
+ DES_LONG lqret[4];
+ int num;
+ char *str;
+
+ printf("Doing ecb\n");
+ for (i = 0; i < NUM_TESTS; i++) {
+ DES_set_key_unchecked(&key_data[i], &ks);
+ memcpy(in, plain_data[i], 8);
+ memset(out, 0, 8);
+ memset(outin, 0, 8);
+ DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT);
+ DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT);
+
+ if (memcmp(out, cipher_data[i], 8) != 0) {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]),
+ pt(out));
+ err = 1;
+ }
+ if (memcmp(in, outin, 8) != 0) {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
+ err = 1;
+ }
+ }
+
+# ifndef LIBDES_LIT
+ printf("Doing ede ecb\n");
+ for (i = 0; i < (NUM_TESTS - 2); i++) {
+ DES_set_key_unchecked(&key_data[i], &ks);
+ DES_set_key_unchecked(&key_data[i + 1], &ks2);
+ DES_set_key_unchecked(&key_data[i + 2], &ks3);
+ memcpy(in, plain_data[i], 8);
+ memset(out, 0, 8);
+ memset(outin, 0, 8);
+ DES_ecb3_encrypt(&in,&out,&ks,&ks2,&ks,DES_ENCRYPT);
+ DES_ecb3_encrypt(&out,&outin,&ks,&ks2,&ks,DES_DECRYPT);
+
+ if (memcmp(out, cipher_ecb2[i], 8) != 0) {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]),
+ pt(out));
+ err = 1;
+ }
+ if (memcmp(in, outin, 8) != 0) {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
+ err = 1;
+ }
+ }
+# endif
+
+ printf("Doing cbc\n");
+ if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+ printf("Key error %d\n", j);
+ err = 1;
+ }
+ memset(cbc_out, 0, 40);
+ memset(cbc_in, 0, 40);
+ memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+ DES_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
+ &iv3, DES_ENCRYPT);
+ if (memcmp(cbc_out, cbc_ok, 32) != 0) {
+ printf("cbc_encrypt encrypt error\n");
+ err = 1;
+ }
+
+ memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+ DES_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
+ &iv3, DES_DECRYPT);
+ if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) {
+ printf("cbc_encrypt decrypt error\n");
+ err = 1;
+ }
+# ifndef LIBDES_LIT
+ printf("Doing desx cbc\n");
+ if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+ printf("Key error %d\n", j);
+ err = 1;
+ }
+ memset(cbc_out, 0, 40);
+ memset(cbc_in, 0, 40);
+ memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+ DES_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
+ &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT);
+ if (memcmp(cbc_out, xcbc_ok, 32) != 0) {
+ printf("des_xcbc_encrypt encrypt error\n");
+ err = 1;
+ }
+ memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+ DES_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
+ &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT);
+ if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
+ printf("des_xcbc_encrypt decrypt error\n");
+ err = 1;
+ }
+# endif
+
+ printf("Doing ede cbc\n");
+ if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+ printf("Key error %d\n", j);
+ err = 1;
+ }
+ if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) {
+ printf("Key error %d\n", j);
+ err = 1;
+ }
+ if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) {
+ printf("Key error %d\n", j);
+ err = 1;
+ }
+ memset(cbc_out, 0, 40);
+ memset(cbc_in, 0, 40);
+ i = strlen((char *)cbc_data) + 1;
+ /* i=((i+7)/8)*8; */
+ memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+
+ DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3,
+ DES_ENCRYPT);
+ DES_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, &ks, &ks2,
+ &ks3, &iv3, DES_ENCRYPT);
+ if (memcmp
+ (cbc_out, cbc3_ok,
+ (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) {
+ unsigned int n;
+
+ printf("des_ede3_cbc_encrypt encrypt error\n");
+ for (n = 0; n < i; ++n)
+ printf(" %02x", cbc_out[n]);
+ printf("\n");
+ for (n = 0; n < i; ++n)
+ printf(" %02x", cbc3_ok[n]);
+ printf("\n");
+ err = 1;
+ }
+
+ memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+ DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, DES_DECRYPT);
+ if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
+ unsigned int n;
+
+ printf("DES_ede3_cbc_encrypt decrypt error\n");
+ for (n = 0; n < i; ++n)
+ printf(" %02x", cbc_data[n]);
+ printf("\n");
+ for (n = 0; n < i; ++n)
+ printf(" %02x", cbc_in[n]);
+ printf("\n");
+ err = 1;
+ }
+# ifndef LIBDES_LIT
+ printf("Doing pcbc\n");
+ if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+ printf("Key error %d\n", j);
+ err = 1;
+ }
+ memset(cbc_out, 0, 40);
+ memset(cbc_in, 0, 40);
+ DES_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
+ &cbc_iv, DES_ENCRYPT);
+ if (memcmp(cbc_out, pcbc_ok, 32) != 0) {
+ printf("pcbc_encrypt encrypt error\n");
+ err = 1;
+ }
+ DES_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
+ &cbc_iv, DES_DECRYPT);
+ if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
+ printf("pcbc_encrypt decrypt error\n");
+ err = 1;
+ }
+
+ printf("Doing ");
+ printf("cfb8 ");
+ err += cfb_test(8, cfb_cipher8);
+ printf("cfb16 ");
+ err += cfb_test(16, cfb_cipher16);
+ printf("cfb32 ");
+ err += cfb_test(32, cfb_cipher32);
+ printf("cfb48 ");
+ err += cfb_test(48, cfb_cipher48);
+ printf("cfb64 ");
+ err += cfb_test(64, cfb_cipher64);
+
+ printf("cfb64() ");
+ err += cfb64_test(cfb_cipher64);
+
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ for (i = 0; i < sizeof(plain); i++)
+ DES_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]),
+ 8, 1, &ks, &cfb_tmp, DES_ENCRYPT);
+ if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) {
+ printf("cfb_encrypt small encrypt error\n");
+ err = 1;
+ }
+
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ for (i = 0; i < sizeof(plain); i++)
+ DES_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]),
+ 8, 1, &ks, &cfb_tmp, DES_DECRYPT);
+ if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+ printf("cfb_encrypt small decrypt error\n");
+ err = 1;
+ }
+
+ printf("ede_cfb64() ");
+ err += ede_cfb64_test(cfb_cipher64);
+
+ printf("done\n");
+
+ printf("Doing ofb\n");
+ DES_set_key_checked(&ofb_key, &ks);
+ memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+ DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp);
+ if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
+ printf("ofb_encrypt encrypt error\n");
+ printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2],
+ ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5],
+ ofb_buf1[8 + 6], ofb_buf1[8 + 7]);
+ printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0],
+ ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3],
+ ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6],
+ ofb_cipher[8 + 7]);
+ err = 1;
+ }
+ memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+ DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks,
+ &ofb_tmp);
+ if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
+ printf("ofb_encrypt decrypt error\n");
+ printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2],
+ ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5],
+ ofb_buf2[8 + 6], ofb_buf2[8 + 7]);
+ printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0],
+ plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4],
+ plain[8 + 5], plain[8 + 6], plain[8 + 7]);
+ err = 1;
+ }
+
+ printf("Doing ofb64\n");
+ DES_set_key_checked(&ofb_key, &ks);
+ memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+ memset(ofb_buf1, 0, sizeof(ofb_buf1));
+ memset(ofb_buf2, 0, sizeof(ofb_buf1));
+ num = 0;
+ for (i = 0; i < sizeof(plain); i++) {
+ DES_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ofb_tmp, &num);
+ }
+ if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
+ printf("ofb64_encrypt encrypt error\n");
+ err = 1;
+ }
+ memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+ num = 0;
+ DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp,
+ &num);
+ if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
+ printf("ofb64_encrypt decrypt error\n");
+ err = 1;
+ }
+
+ printf("Doing ede_ofb64\n");
+ DES_set_key_checked(&ofb_key, &ks);
+ memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+ memset(ofb_buf1, 0, sizeof(ofb_buf1));
+ memset(ofb_buf2, 0, sizeof(ofb_buf1));
+ num = 0;
+ for (i = 0; i < sizeof(plain); i++) {
+ DES_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ks,
+ &ks, &ofb_tmp, &num);
+ }
+ if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
+ printf("ede_ofb64_encrypt encrypt error\n");
+ err = 1;
+ }
+ memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+ num = 0;
+ DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks,
+ &ofb_tmp, &num);
+ if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
+ printf("ede_ofb64_encrypt decrypt error\n");
+ err = 1;
+ }
+
+ printf("Doing cbc_cksum\n");
+ DES_set_key_checked(&cbc_key, &ks);
+ cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks,
+ &cbc_iv);
+ if (cs != cbc_cksum_ret) {
+ printf("bad return value (%08lX), should be %08lX\n",
+ (unsigned long)cs, (unsigned long)cbc_cksum_ret);
+ err = 1;
+ }
+ if (memcmp(cret, cbc_cksum_data, 8) != 0) {
+ printf("bad cbc_cksum block returned\n");
+ err = 1;
+ }
+
+ printf("Doing quad_cksum\n");
+ cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret,
+ (long)strlen((char *)cbc_data), 2,
+ (DES_cblock *)cbc_iv);
+ if (cs != 0x70d7a63aL) {
+ printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+ (unsigned long)cs);
+ err = 1;
+ }
+ if (lqret[0] != 0x327eba8dL) {
+ printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+ (unsigned long)lqret[0], 0x327eba8dUL);
+ err = 1;
+ }
+ if (lqret[1] != 0x201a49ccL) {
+ printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+ (unsigned long)lqret[1], 0x201a49ccUL);
+ err = 1;
+ }
+ if (lqret[2] != 0x70d7a63aL) {
+ printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+ (unsigned long)lqret[2], 0x70d7a63aUL);
+ err = 1;
+ }
+ if (lqret[3] != 0x501c2c26L) {
+ printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+ (unsigned long)lqret[3], 0x501c2c26UL);
+ err = 1;
+ }
+# endif
+
+ printf("input word alignment test");
+ for (i = 0; i < 4; i++) {
+ printf(" %d", i);
+ DES_ncbc_encrypt(&(cbc_out[i]), cbc_in,
+ strlen((char *)cbc_data) + 1, &ks,
+ &cbc_iv, DES_ENCRYPT);
+ }
+ printf("\noutput word alignment test");
+ for (i = 0; i < 4; i++) {
+ printf(" %d", i);
+ DES_ncbc_encrypt(cbc_out, &(cbc_in[i]),
+ strlen((char *)cbc_data) + 1, &ks,
+ &cbc_iv, DES_ENCRYPT);
+ }
+ printf("\n");
+ printf("fast crypt test ");
+ str = crypt("testing", "ef");
+ if (strcmp("efGnQx2725bI2", str) != 0) {
+ printf("fast crypt error, %s should be efGnQx2725bI2\n", str);
+ err = 1;
+ }
+ str = crypt("bca76;23", "yA");
+ if (strcmp("yA1Rp/1hZXIJk", str) != 0) {
+ printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str);
+ err = 1;
+ }
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ printf("\n");
+ return (err);
+}
+
+static char *pt(unsigned char *p)
+{
+ static char bufs[10][20];
+ static int bnum = 0;
+ char *ret;
+ int i;
+ static char *f = "0123456789ABCDEF";
+
+ ret = &(bufs[bnum++][0]);
+ bnum %= 10;
+ for (i = 0; i < 8; i++) {
+ ret[i * 2] = f[(p[i] >> 4) & 0xf];
+ ret[i * 2 + 1] = f[p[i] & 0xf];
+ }
+ ret[16] = '\0';
+ return (ret);
+}
+
+# ifndef LIBDES_LIT
+
+static int cfb_test(int bits, unsigned char *cfb_cipher)
+{
+ DES_key_schedule ks;
+ int i, err = 0;
+
+ DES_set_key_checked(&cfb_key, &ks);
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ DES_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), &ks, &cfb_tmp,
+ DES_ENCRYPT);
+ if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
+ err = 1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i = 0; i < 24; i += 8)
+ printf("%s\n", pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ DES_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), &ks, &cfb_tmp,
+ DES_DECRYPT);
+ if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+ err = 1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i = 0; i < 24; i += 8)
+ printf("%s\n", pt(&(cfb_buf1[i])));
+ }
+ return (err);
+}
+
+static int cfb64_test(unsigned char *cfb_cipher)
+{
+ DES_key_schedule ks;
+ int err = 0, i, n;
+
+ DES_set_key_checked(&cfb_key, &ks);
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ n = 0;
+ DES_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &cfb_tmp, &n, DES_ENCRYPT);
+ DES_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]), sizeof(plain) - 12, &ks,
+ &cfb_tmp, &n, DES_ENCRYPT);
+ if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
+ err = 1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i = 0; i < 24; i += 8)
+ printf("%s\n", pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ n = 0;
+ DES_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, &ks, &cfb_tmp, &n, DES_DECRYPT);
+ DES_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
+ sizeof(plain) - 17, &ks, &cfb_tmp, &n, DES_DECRYPT);
+ if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+ err = 1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i = 0; i < 24; i += 8)
+ printf("%s\n", pt(&(cfb_buf2[i])));
+ }
+ return (err);
+}
+
+static int ede_cfb64_test(unsigned char *cfb_cipher)
+{
+ DES_key_schedule ks;
+ int err = 0, i, n;
+
+ DES_set_key_checked(&cfb_key, &ks);
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ n = 0;
+ DES_ede3_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &ks, &ks, &cfb_tmp, &n,
+ DES_ENCRYPT);
+ DES_ede3_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
+ sizeof(plain) - 12, &ks, &ks, &ks,
+ &cfb_tmp, &n, DES_ENCRYPT);
+ if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
+ err = 1;
+ printf("ede_cfb_encrypt encrypt error\n");
+ for (i = 0; i < 24; i += 8)
+ printf("%s\n", pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+ n = 0;
+ DES_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &ks, &ks, &ks,
+ &cfb_tmp, &n, DES_DECRYPT);
+ DES_ede3_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
+ sizeof(plain) - 17, &ks, &ks, &ks,
+ &cfb_tmp, &n, DES_DECRYPT);
+ if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+ err = 1;
+ printf("ede_cfb_encrypt decrypt error\n");
+ for (i = 0; i < 24; i += 8)
+ printf("%s\n", pt(&(cfb_buf2[i])));
+ }
+ return (err);
+}
+
+# endif
+#endif
--- /dev/null
+/* crypto/dh/dhtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#ifdef OPENSSL_NO_DH
+int main(int argc, char *argv[])
+{
+ printf("No DH support\n");
+ return (0);
+}
+#else
+# include <openssl/dh.h>
+
+static int cb(int p, int n, BN_GENCB *arg);
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+static int run_rfc5114_tests(void);
+
+int main(int argc, char *argv[])
+{
+ BN_GENCB *_cb;
+ DH *a = NULL;
+ DH *b = NULL;
+ char buf[12];
+ unsigned char *abuf = NULL, *bbuf = NULL;
+ int i, alen, blen, aout, bout, ret = 1;
+ BIO *out;
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+# ifdef OPENSSL_SYS_WIN32
+ CRYPTO_malloc_init();
+# endif
+
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+ EXIT(1);
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+ _cb = BN_GENCB_new();
+ if (!_cb)
+ goto err;
+ BN_GENCB_set(_cb, &cb, out);
+ if (((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,
+ DH_GENERATOR_5,
+ _cb))
+ goto err;
+
+ if (!DH_check(a, &i))
+ goto err;
+ if (i & DH_CHECK_P_NOT_PRIME)
+ BIO_puts(out, "p value is not prime\n");
+ if (i & DH_CHECK_P_NOT_SAFE_PRIME)
+ BIO_puts(out, "p value is not a safe prime\n");
+ if (i & DH_UNABLE_TO_CHECK_GENERATOR)
+ BIO_puts(out, "unable to check the generator value\n");
+ if (i & DH_NOT_SUITABLE_GENERATOR)
+ BIO_puts(out, "the g value is not a generator\n");
+
+ BIO_puts(out, "\np =");
+ BN_print(out, a->p);
+ BIO_puts(out, "\ng =");
+ BN_print(out, a->g);
+ BIO_puts(out, "\n");
+
+ b = DH_new();
+ if (b == NULL)
+ goto err;
+
+ b->p = BN_dup(a->p);
+ b->g = BN_dup(a->g);
+ if ((b->p == NULL) || (b->g == NULL))
+ goto err;
+
+ /* Set a to run with normal modexp and b to use constant time */
+ a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
+ b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
+
+ if (!DH_generate_key(a))
+ goto err;
+ BIO_puts(out, "pri 1=");
+ BN_print(out, a->priv_key);
+ BIO_puts(out, "\npub 1=");
+ BN_print(out, a->pub_key);
+ BIO_puts(out, "\n");
+
+ if (!DH_generate_key(b))
+ goto err;
+ BIO_puts(out, "pri 2=");
+ BN_print(out, b->priv_key);
+ BIO_puts(out, "\npub 2=");
+ BN_print(out, b->pub_key);
+ BIO_puts(out, "\n");
+
+ alen = DH_size(a);
+ abuf = (unsigned char *)OPENSSL_malloc(alen);
+ aout = DH_compute_key(abuf, b->pub_key, a);
+
+ BIO_puts(out, "key1 =");
+ for (i = 0; i < aout; i++) {
+ sprintf(buf, "%02X", abuf[i]);
+ BIO_puts(out, buf);
+ }
+ BIO_puts(out, "\n");
+
+ blen = DH_size(b);
+ bbuf = (unsigned char *)OPENSSL_malloc(blen);
+ bout = DH_compute_key(bbuf, a->pub_key, b);
+
+ BIO_puts(out, "key2 =");
+ for (i = 0; i < bout; i++) {
+ sprintf(buf, "%02X", bbuf[i]);
+ BIO_puts(out, buf);
+ }
+ BIO_puts(out, "\n");
+ if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
+ fprintf(stderr, "Error in DH routines\n");
+ ret = 1;
+ } else
+ ret = 0;
+ if (!run_rfc5114_tests())
+ ret = 1;
+ err:
+ ERR_print_errors_fp(stderr);
+
+ if (abuf != NULL)
+ OPENSSL_free(abuf);
+ if (bbuf != NULL)
+ OPENSSL_free(bbuf);
+ DH_free(b);
+ DH_free(a);
+ if (_cb)
+ BN_GENCB_free(_cb);
+ BIO_free(out);
+# ifdef OPENSSL_SYS_NETWARE
+ if (ret)
+ printf("ERROR: %d\n", ret);
+# endif
+ EXIT(ret);
+}
+
+static int cb(int p, int n, BN_GENCB *arg)
+{
+ char c = '*';
+
+ if (p == 0)
+ c = '.';
+ if (p == 1)
+ c = '+';
+ if (p == 2)
+ c = '*';
+ if (p == 3)
+ c = '\n';
+ BIO_write(BN_GENCB_get_arg(arg), &c, 1);
+ (void)BIO_flush(BN_GENCB_get_arg(arg));
+ return 1;
+}
+
+/* Test data from RFC 5114 */
+
+static const unsigned char dhtest_1024_160_xA[] = {
+ 0xB9, 0xA3, 0xB3, 0xAE, 0x8F, 0xEF, 0xC1, 0xA2, 0x93, 0x04, 0x96, 0x50,
+ 0x70, 0x86, 0xF8, 0x45, 0x5D, 0x48, 0x94, 0x3E
+};
+
+static const unsigned char dhtest_1024_160_yA[] = {
+ 0x2A, 0x85, 0x3B, 0x3D, 0x92, 0x19, 0x75, 0x01, 0xB9, 0x01, 0x5B, 0x2D,
+ 0xEB, 0x3E, 0xD8, 0x4F, 0x5E, 0x02, 0x1D, 0xCC, 0x3E, 0x52, 0xF1, 0x09,
+ 0xD3, 0x27, 0x3D, 0x2B, 0x75, 0x21, 0x28, 0x1C, 0xBA, 0xBE, 0x0E, 0x76,
+ 0xFF, 0x57, 0x27, 0xFA, 0x8A, 0xCC, 0xE2, 0x69, 0x56, 0xBA, 0x9A, 0x1F,
+ 0xCA, 0x26, 0xF2, 0x02, 0x28, 0xD8, 0x69, 0x3F, 0xEB, 0x10, 0x84, 0x1D,
+ 0x84, 0xA7, 0x36, 0x00, 0x54, 0xEC, 0xE5, 0xA7, 0xF5, 0xB7, 0xA6, 0x1A,
+ 0xD3, 0xDF, 0xB3, 0xC6, 0x0D, 0x2E, 0x43, 0x10, 0x6D, 0x87, 0x27, 0xDA,
+ 0x37, 0xDF, 0x9C, 0xCE, 0x95, 0xB4, 0x78, 0x75, 0x5D, 0x06, 0xBC, 0xEA,
+ 0x8F, 0x9D, 0x45, 0x96, 0x5F, 0x75, 0xA5, 0xF3, 0xD1, 0xDF, 0x37, 0x01,
+ 0x16, 0x5F, 0xC9, 0xE5, 0x0C, 0x42, 0x79, 0xCE, 0xB0, 0x7F, 0x98, 0x95,
+ 0x40, 0xAE, 0x96, 0xD5, 0xD8, 0x8E, 0xD7, 0x76
+};
+
+static const unsigned char dhtest_1024_160_xB[] = {
+ 0x93, 0x92, 0xC9, 0xF9, 0xEB, 0x6A, 0x7A, 0x6A, 0x90, 0x22, 0xF7, 0xD8,
+ 0x3E, 0x72, 0x23, 0xC6, 0x83, 0x5B, 0xBD, 0xDA
+};
+
+static const unsigned char dhtest_1024_160_yB[] = {
+ 0x71, 0x7A, 0x6C, 0xB0, 0x53, 0x37, 0x1F, 0xF4, 0xA3, 0xB9, 0x32, 0x94,
+ 0x1C, 0x1E, 0x56, 0x63, 0xF8, 0x61, 0xA1, 0xD6, 0xAD, 0x34, 0xAE, 0x66,
+ 0x57, 0x6D, 0xFB, 0x98, 0xF6, 0xC6, 0xCB, 0xF9, 0xDD, 0xD5, 0xA5, 0x6C,
+ 0x78, 0x33, 0xF6, 0xBC, 0xFD, 0xFF, 0x09, 0x55, 0x82, 0xAD, 0x86, 0x8E,
+ 0x44, 0x0E, 0x8D, 0x09, 0xFD, 0x76, 0x9E, 0x3C, 0xEC, 0xCD, 0xC3, 0xD3,
+ 0xB1, 0xE4, 0xCF, 0xA0, 0x57, 0x77, 0x6C, 0xAA, 0xF9, 0x73, 0x9B, 0x6A,
+ 0x9F, 0xEE, 0x8E, 0x74, 0x11, 0xF8, 0xD6, 0xDA, 0xC0, 0x9D, 0x6A, 0x4E,
+ 0xDB, 0x46, 0xCC, 0x2B, 0x5D, 0x52, 0x03, 0x09, 0x0E, 0xAE, 0x61, 0x26,
+ 0x31, 0x1E, 0x53, 0xFD, 0x2C, 0x14, 0xB5, 0x74, 0xE6, 0xA3, 0x10, 0x9A,
+ 0x3D, 0xA1, 0xBE, 0x41, 0xBD, 0xCE, 0xAA, 0x18, 0x6F, 0x5C, 0xE0, 0x67,
+ 0x16, 0xA2, 0xB6, 0xA0, 0x7B, 0x3C, 0x33, 0xFE
+};
+
+static const unsigned char dhtest_1024_160_Z[] = {
+ 0x5C, 0x80, 0x4F, 0x45, 0x4D, 0x30, 0xD9, 0xC4, 0xDF, 0x85, 0x27, 0x1F,
+ 0x93, 0x52, 0x8C, 0x91, 0xDF, 0x6B, 0x48, 0xAB, 0x5F, 0x80, 0xB3, 0xB5,
+ 0x9C, 0xAA, 0xC1, 0xB2, 0x8F, 0x8A, 0xCB, 0xA9, 0xCD, 0x3E, 0x39, 0xF3,
+ 0xCB, 0x61, 0x45, 0x25, 0xD9, 0x52, 0x1D, 0x2E, 0x64, 0x4C, 0x53, 0xB8,
+ 0x07, 0xB8, 0x10, 0xF3, 0x40, 0x06, 0x2F, 0x25, 0x7D, 0x7D, 0x6F, 0xBF,
+ 0xE8, 0xD5, 0xE8, 0xF0, 0x72, 0xE9, 0xB6, 0xE9, 0xAF, 0xDA, 0x94, 0x13,
+ 0xEA, 0xFB, 0x2E, 0x8B, 0x06, 0x99, 0xB1, 0xFB, 0x5A, 0x0C, 0xAC, 0xED,
+ 0xDE, 0xAE, 0xAD, 0x7E, 0x9C, 0xFB, 0xB3, 0x6A, 0xE2, 0xB4, 0x20, 0x83,
+ 0x5B, 0xD8, 0x3A, 0x19, 0xFB, 0x0B, 0x5E, 0x96, 0xBF, 0x8F, 0xA4, 0xD0,
+ 0x9E, 0x34, 0x55, 0x25, 0x16, 0x7E, 0xCD, 0x91, 0x55, 0x41, 0x6F, 0x46,
+ 0xF4, 0x08, 0xED, 0x31, 0xB6, 0x3C, 0x6E, 0x6D
+};
+
+static const unsigned char dhtest_2048_224_xA[] = {
+ 0x22, 0xE6, 0x26, 0x01, 0xDB, 0xFF, 0xD0, 0x67, 0x08, 0xA6, 0x80, 0xF7,
+ 0x47, 0xF3, 0x61, 0xF7, 0x6D, 0x8F, 0x4F, 0x72, 0x1A, 0x05, 0x48, 0xE4,
+ 0x83, 0x29, 0x4B, 0x0C
+};
+
+static const unsigned char dhtest_2048_224_yA[] = {
+ 0x1B, 0x3A, 0x63, 0x45, 0x1B, 0xD8, 0x86, 0xE6, 0x99, 0xE6, 0x7B, 0x49,
+ 0x4E, 0x28, 0x8B, 0xD7, 0xF8, 0xE0, 0xD3, 0x70, 0xBA, 0xDD, 0xA7, 0xA0,
+ 0xEF, 0xD2, 0xFD, 0xE7, 0xD8, 0xF6, 0x61, 0x45, 0xCC, 0x9F, 0x28, 0x04,
+ 0x19, 0x97, 0x5E, 0xB8, 0x08, 0x87, 0x7C, 0x8A, 0x4C, 0x0C, 0x8E, 0x0B,
+ 0xD4, 0x8D, 0x4A, 0x54, 0x01, 0xEB, 0x1E, 0x87, 0x76, 0xBF, 0xEE, 0xE1,
+ 0x34, 0xC0, 0x38, 0x31, 0xAC, 0x27, 0x3C, 0xD9, 0xD6, 0x35, 0xAB, 0x0C,
+ 0xE0, 0x06, 0xA4, 0x2A, 0x88, 0x7E, 0x3F, 0x52, 0xFB, 0x87, 0x66, 0xB6,
+ 0x50, 0xF3, 0x80, 0x78, 0xBC, 0x8E, 0xE8, 0x58, 0x0C, 0xEF, 0xE2, 0x43,
+ 0x96, 0x8C, 0xFC, 0x4F, 0x8D, 0xC3, 0xDB, 0x08, 0x45, 0x54, 0x17, 0x1D,
+ 0x41, 0xBF, 0x2E, 0x86, 0x1B, 0x7B, 0xB4, 0xD6, 0x9D, 0xD0, 0xE0, 0x1E,
+ 0xA3, 0x87, 0xCB, 0xAA, 0x5C, 0xA6, 0x72, 0xAF, 0xCB, 0xE8, 0xBD, 0xB9,
+ 0xD6, 0x2D, 0x4C, 0xE1, 0x5F, 0x17, 0xDD, 0x36, 0xF9, 0x1E, 0xD1, 0xEE,
+ 0xDD, 0x65, 0xCA, 0x4A, 0x06, 0x45, 0x5C, 0xB9, 0x4C, 0xD4, 0x0A, 0x52,
+ 0xEC, 0x36, 0x0E, 0x84, 0xB3, 0xC9, 0x26, 0xE2, 0x2C, 0x43, 0x80, 0xA3,
+ 0xBF, 0x30, 0x9D, 0x56, 0x84, 0x97, 0x68, 0xB7, 0xF5, 0x2C, 0xFD, 0xF6,
+ 0x55, 0xFD, 0x05, 0x3A, 0x7E, 0xF7, 0x06, 0x97, 0x9E, 0x7E, 0x58, 0x06,
+ 0xB1, 0x7D, 0xFA, 0xE5, 0x3A, 0xD2, 0xA5, 0xBC, 0x56, 0x8E, 0xBB, 0x52,
+ 0x9A, 0x7A, 0x61, 0xD6, 0x8D, 0x25, 0x6F, 0x8F, 0xC9, 0x7C, 0x07, 0x4A,
+ 0x86, 0x1D, 0x82, 0x7E, 0x2E, 0xBC, 0x8C, 0x61, 0x34, 0x55, 0x31, 0x15,
+ 0xB7, 0x0E, 0x71, 0x03, 0x92, 0x0A, 0xA1, 0x6D, 0x85, 0xE5, 0x2B, 0xCB,
+ 0xAB, 0x8D, 0x78, 0x6A, 0x68, 0x17, 0x8F, 0xA8, 0xFF, 0x7C, 0x2F, 0x5C,
+ 0x71, 0x64, 0x8D, 0x6F
+};
+
+static const unsigned char dhtest_2048_224_xB[] = {
+ 0x4F, 0xF3, 0xBC, 0x96, 0xC7, 0xFC, 0x6A, 0x6D, 0x71, 0xD3, 0xB3, 0x63,
+ 0x80, 0x0A, 0x7C, 0xDF, 0xEF, 0x6F, 0xC4, 0x1B, 0x44, 0x17, 0xEA, 0x15,
+ 0x35, 0x3B, 0x75, 0x90
+};
+
+static const unsigned char dhtest_2048_224_yB[] = {
+ 0x4D, 0xCE, 0xE9, 0x92, 0xA9, 0x76, 0x2A, 0x13, 0xF2, 0xF8, 0x38, 0x44,
+ 0xAD, 0x3D, 0x77, 0xEE, 0x0E, 0x31, 0xC9, 0x71, 0x8B, 0x3D, 0xB6, 0xC2,
+ 0x03, 0x5D, 0x39, 0x61, 0x18, 0x2C, 0x3E, 0x0B, 0xA2, 0x47, 0xEC, 0x41,
+ 0x82, 0xD7, 0x60, 0xCD, 0x48, 0xD9, 0x95, 0x99, 0x97, 0x06, 0x22, 0xA1,
+ 0x88, 0x1B, 0xBA, 0x2D, 0xC8, 0x22, 0x93, 0x9C, 0x78, 0xC3, 0x91, 0x2C,
+ 0x66, 0x61, 0xFA, 0x54, 0x38, 0xB2, 0x07, 0x66, 0x22, 0x2B, 0x75, 0xE2,
+ 0x4C, 0x2E, 0x3A, 0xD0, 0xC7, 0x28, 0x72, 0x36, 0x12, 0x95, 0x25, 0xEE,
+ 0x15, 0xB5, 0xDD, 0x79, 0x98, 0xAA, 0x04, 0xC4, 0xA9, 0x69, 0x6C, 0xAC,
+ 0xD7, 0x17, 0x20, 0x83, 0xA9, 0x7A, 0x81, 0x66, 0x4E, 0xAD, 0x2C, 0x47,
+ 0x9E, 0x44, 0x4E, 0x4C, 0x06, 0x54, 0xCC, 0x19, 0xE2, 0x8D, 0x77, 0x03,
+ 0xCE, 0xE8, 0xDA, 0xCD, 0x61, 0x26, 0xF5, 0xD6, 0x65, 0xEC, 0x52, 0xC6,
+ 0x72, 0x55, 0xDB, 0x92, 0x01, 0x4B, 0x03, 0x7E, 0xB6, 0x21, 0xA2, 0xAC,
+ 0x8E, 0x36, 0x5D, 0xE0, 0x71, 0xFF, 0xC1, 0x40, 0x0A, 0xCF, 0x07, 0x7A,
+ 0x12, 0x91, 0x3D, 0xD8, 0xDE, 0x89, 0x47, 0x34, 0x37, 0xAB, 0x7B, 0xA3,
+ 0x46, 0x74, 0x3C, 0x1B, 0x21, 0x5D, 0xD9, 0xC1, 0x21, 0x64, 0xA7, 0xE4,
+ 0x05, 0x31, 0x18, 0xD1, 0x99, 0xBE, 0xC8, 0xEF, 0x6F, 0xC5, 0x61, 0x17,
+ 0x0C, 0x84, 0xC8, 0x7D, 0x10, 0xEE, 0x9A, 0x67, 0x4A, 0x1F, 0xA8, 0xFF,
+ 0xE1, 0x3B, 0xDF, 0xBA, 0x1D, 0x44, 0xDE, 0x48, 0x94, 0x6D, 0x68, 0xDC,
+ 0x0C, 0xDD, 0x77, 0x76, 0x35, 0xA7, 0xAB, 0x5B, 0xFB, 0x1E, 0x4B, 0xB7,
+ 0xB8, 0x56, 0xF9, 0x68, 0x27, 0x73, 0x4C, 0x18, 0x41, 0x38, 0xE9, 0x15,
+ 0xD9, 0xC3, 0x00, 0x2E, 0xBC, 0xE5, 0x31, 0x20, 0x54, 0x6A, 0x7E, 0x20,
+ 0x02, 0x14, 0x2B, 0x6C
+};
+
+static const unsigned char dhtest_2048_224_Z[] = {
+ 0x34, 0xD9, 0xBD, 0xDC, 0x1B, 0x42, 0x17, 0x6C, 0x31, 0x3F, 0xEA, 0x03,
+ 0x4C, 0x21, 0x03, 0x4D, 0x07, 0x4A, 0x63, 0x13, 0xBB, 0x4E, 0xCD, 0xB3,
+ 0x70, 0x3F, 0xFF, 0x42, 0x45, 0x67, 0xA4, 0x6B, 0xDF, 0x75, 0x53, 0x0E,
+ 0xDE, 0x0A, 0x9D, 0xA5, 0x22, 0x9D, 0xE7, 0xD7, 0x67, 0x32, 0x28, 0x6C,
+ 0xBC, 0x0F, 0x91, 0xDA, 0x4C, 0x3C, 0x85, 0x2F, 0xC0, 0x99, 0xC6, 0x79,
+ 0x53, 0x1D, 0x94, 0xC7, 0x8A, 0xB0, 0x3D, 0x9D, 0xEC, 0xB0, 0xA4, 0xE4,
+ 0xCA, 0x8B, 0x2B, 0xB4, 0x59, 0x1C, 0x40, 0x21, 0xCF, 0x8C, 0xE3, 0xA2,
+ 0x0A, 0x54, 0x1D, 0x33, 0x99, 0x40, 0x17, 0xD0, 0x20, 0x0A, 0xE2, 0xC9,
+ 0x51, 0x6E, 0x2F, 0xF5, 0x14, 0x57, 0x79, 0x26, 0x9E, 0x86, 0x2B, 0x0F,
+ 0xB4, 0x74, 0xA2, 0xD5, 0x6D, 0xC3, 0x1E, 0xD5, 0x69, 0xA7, 0x70, 0x0B,
+ 0x4C, 0x4A, 0xB1, 0x6B, 0x22, 0xA4, 0x55, 0x13, 0x53, 0x1E, 0xF5, 0x23,
+ 0xD7, 0x12, 0x12, 0x07, 0x7B, 0x5A, 0x16, 0x9B, 0xDE, 0xFF, 0xAD, 0x7A,
+ 0xD9, 0x60, 0x82, 0x84, 0xC7, 0x79, 0x5B, 0x6D, 0x5A, 0x51, 0x83, 0xB8,
+ 0x70, 0x66, 0xDE, 0x17, 0xD8, 0xD6, 0x71, 0xC9, 0xEB, 0xD8, 0xEC, 0x89,
+ 0x54, 0x4D, 0x45, 0xEC, 0x06, 0x15, 0x93, 0xD4, 0x42, 0xC6, 0x2A, 0xB9,
+ 0xCE, 0x3B, 0x1C, 0xB9, 0x94, 0x3A, 0x1D, 0x23, 0xA5, 0xEA, 0x3B, 0xCF,
+ 0x21, 0xA0, 0x14, 0x71, 0xE6, 0x7E, 0x00, 0x3E, 0x7F, 0x8A, 0x69, 0xC7,
+ 0x28, 0xBE, 0x49, 0x0B, 0x2F, 0xC8, 0x8C, 0xFE, 0xB9, 0x2D, 0xB6, 0xA2,
+ 0x15, 0xE5, 0xD0, 0x3C, 0x17, 0xC4, 0x64, 0xC9, 0xAC, 0x1A, 0x46, 0xE2,
+ 0x03, 0xE1, 0x3F, 0x95, 0x29, 0x95, 0xFB, 0x03, 0xC6, 0x9D, 0x3C, 0xC4,
+ 0x7F, 0xCB, 0x51, 0x0B, 0x69, 0x98, 0xFF, 0xD3, 0xAA, 0x6D, 0xE7, 0x3C,
+ 0xF9, 0xF6, 0x38, 0x69
+};
+
+static const unsigned char dhtest_2048_256_xA[] = {
+ 0x08, 0x81, 0x38, 0x2C, 0xDB, 0x87, 0x66, 0x0C, 0x6D, 0xC1, 0x3E, 0x61,
+ 0x49, 0x38, 0xD5, 0xB9, 0xC8, 0xB2, 0xF2, 0x48, 0x58, 0x1C, 0xC5, 0xE3,
+ 0x1B, 0x35, 0x45, 0x43, 0x97, 0xFC, 0xE5, 0x0E
+};
+
+static const unsigned char dhtest_2048_256_yA[] = {
+ 0x2E, 0x93, 0x80, 0xC8, 0x32, 0x3A, 0xF9, 0x75, 0x45, 0xBC, 0x49, 0x41,
+ 0xDE, 0xB0, 0xEC, 0x37, 0x42, 0xC6, 0x2F, 0xE0, 0xEC, 0xE8, 0x24, 0xA6,
+ 0xAB, 0xDB, 0xE6, 0x6C, 0x59, 0xBE, 0xE0, 0x24, 0x29, 0x11, 0xBF, 0xB9,
+ 0x67, 0x23, 0x5C, 0xEB, 0xA3, 0x5A, 0xE1, 0x3E, 0x4E, 0xC7, 0x52, 0xBE,
+ 0x63, 0x0B, 0x92, 0xDC, 0x4B, 0xDE, 0x28, 0x47, 0xA9, 0xC6, 0x2C, 0xB8,
+ 0x15, 0x27, 0x45, 0x42, 0x1F, 0xB7, 0xEB, 0x60, 0xA6, 0x3C, 0x0F, 0xE9,
+ 0x15, 0x9F, 0xCC, 0xE7, 0x26, 0xCE, 0x7C, 0xD8, 0x52, 0x3D, 0x74, 0x50,
+ 0x66, 0x7E, 0xF8, 0x40, 0xE4, 0x91, 0x91, 0x21, 0xEB, 0x5F, 0x01, 0xC8,
+ 0xC9, 0xB0, 0xD3, 0xD6, 0x48, 0xA9, 0x3B, 0xFB, 0x75, 0x68, 0x9E, 0x82,
+ 0x44, 0xAC, 0x13, 0x4A, 0xF5, 0x44, 0x71, 0x1C, 0xE7, 0x9A, 0x02, 0xDC,
+ 0xC3, 0x42, 0x26, 0x68, 0x47, 0x80, 0xDD, 0xDC, 0xB4, 0x98, 0x59, 0x41,
+ 0x06, 0xC3, 0x7F, 0x5B, 0xC7, 0x98, 0x56, 0x48, 0x7A, 0xF5, 0xAB, 0x02,
+ 0x2A, 0x2E, 0x5E, 0x42, 0xF0, 0x98, 0x97, 0xC1, 0xA8, 0x5A, 0x11, 0xEA,
+ 0x02, 0x12, 0xAF, 0x04, 0xD9, 0xB4, 0xCE, 0xBC, 0x93, 0x7C, 0x3C, 0x1A,
+ 0x3E, 0x15, 0xA8, 0xA0, 0x34, 0x2E, 0x33, 0x76, 0x15, 0xC8, 0x4E, 0x7F,
+ 0xE3, 0xB8, 0xB9, 0xB8, 0x7F, 0xB1, 0xE7, 0x3A, 0x15, 0xAF, 0x12, 0xA3,
+ 0x0D, 0x74, 0x6E, 0x06, 0xDF, 0xC3, 0x4F, 0x29, 0x0D, 0x79, 0x7C, 0xE5,
+ 0x1A, 0xA1, 0x3A, 0xA7, 0x85, 0xBF, 0x66, 0x58, 0xAF, 0xF5, 0xE4, 0xB0,
+ 0x93, 0x00, 0x3C, 0xBE, 0xAF, 0x66, 0x5B, 0x3C, 0x2E, 0x11, 0x3A, 0x3A,
+ 0x4E, 0x90, 0x52, 0x69, 0x34, 0x1D, 0xC0, 0x71, 0x14, 0x26, 0x68, 0x5F,
+ 0x4E, 0xF3, 0x7E, 0x86, 0x8A, 0x81, 0x26, 0xFF, 0x3F, 0x22, 0x79, 0xB5,
+ 0x7C, 0xA6, 0x7E, 0x29
+};
+
+static const unsigned char dhtest_2048_256_xB[] = {
+ 0x7D, 0x62, 0xA7, 0xE3, 0xEF, 0x36, 0xDE, 0x61, 0x7B, 0x13, 0xD1, 0xAF,
+ 0xB8, 0x2C, 0x78, 0x0D, 0x83, 0xA2, 0x3B, 0xD4, 0xEE, 0x67, 0x05, 0x64,
+ 0x51, 0x21, 0xF3, 0x71, 0xF5, 0x46, 0xA5, 0x3D
+};
+
+static const unsigned char dhtest_2048_256_yB[] = {
+ 0x57, 0x5F, 0x03, 0x51, 0xBD, 0x2B, 0x1B, 0x81, 0x74, 0x48, 0xBD, 0xF8,
+ 0x7A, 0x6C, 0x36, 0x2C, 0x1E, 0x28, 0x9D, 0x39, 0x03, 0xA3, 0x0B, 0x98,
+ 0x32, 0xC5, 0x74, 0x1F, 0xA2, 0x50, 0x36, 0x3E, 0x7A, 0xCB, 0xC7, 0xF7,
+ 0x7F, 0x3D, 0xAC, 0xBC, 0x1F, 0x13, 0x1A, 0xDD, 0x8E, 0x03, 0x36, 0x7E,
+ 0xFF, 0x8F, 0xBB, 0xB3, 0xE1, 0xC5, 0x78, 0x44, 0x24, 0x80, 0x9B, 0x25,
+ 0xAF, 0xE4, 0xD2, 0x26, 0x2A, 0x1A, 0x6F, 0xD2, 0xFA, 0xB6, 0x41, 0x05,
+ 0xCA, 0x30, 0xA6, 0x74, 0xE0, 0x7F, 0x78, 0x09, 0x85, 0x20, 0x88, 0x63,
+ 0x2F, 0xC0, 0x49, 0x23, 0x37, 0x91, 0xAD, 0x4E, 0xDD, 0x08, 0x3A, 0x97,
+ 0x8B, 0x88, 0x3E, 0xE6, 0x18, 0xBC, 0x5E, 0x0D, 0xD0, 0x47, 0x41, 0x5F,
+ 0x2D, 0x95, 0xE6, 0x83, 0xCF, 0x14, 0x82, 0x6B, 0x5F, 0xBE, 0x10, 0xD3,
+ 0xCE, 0x41, 0xC6, 0xC1, 0x20, 0xC7, 0x8A, 0xB2, 0x00, 0x08, 0xC6, 0x98,
+ 0xBF, 0x7F, 0x0B, 0xCA, 0xB9, 0xD7, 0xF4, 0x07, 0xBE, 0xD0, 0xF4, 0x3A,
+ 0xFB, 0x29, 0x70, 0xF5, 0x7F, 0x8D, 0x12, 0x04, 0x39, 0x63, 0xE6, 0x6D,
+ 0xDD, 0x32, 0x0D, 0x59, 0x9A, 0xD9, 0x93, 0x6C, 0x8F, 0x44, 0x13, 0x7C,
+ 0x08, 0xB1, 0x80, 0xEC, 0x5E, 0x98, 0x5C, 0xEB, 0xE1, 0x86, 0xF3, 0xD5,
+ 0x49, 0x67, 0x7E, 0x80, 0x60, 0x73, 0x31, 0xEE, 0x17, 0xAF, 0x33, 0x80,
+ 0xA7, 0x25, 0xB0, 0x78, 0x23, 0x17, 0xD7, 0xDD, 0x43, 0xF5, 0x9D, 0x7A,
+ 0xF9, 0x56, 0x8A, 0x9B, 0xB6, 0x3A, 0x84, 0xD3, 0x65, 0xF9, 0x22, 0x44,
+ 0xED, 0x12, 0x09, 0x88, 0x21, 0x93, 0x02, 0xF4, 0x29, 0x24, 0xC7, 0xCA,
+ 0x90, 0xB8, 0x9D, 0x24, 0xF7, 0x1B, 0x0A, 0xB6, 0x97, 0x82, 0x3D, 0x7D,
+ 0xEB, 0x1A, 0xFF, 0x5B, 0x0E, 0x8E, 0x4A, 0x45, 0xD4, 0x9F, 0x7F, 0x53,
+ 0x75, 0x7E, 0x19, 0x13
+};
+
+static const unsigned char dhtest_2048_256_Z[] = {
+ 0x86, 0xC7, 0x0B, 0xF8, 0xD0, 0xBB, 0x81, 0xBB, 0x01, 0x07, 0x8A, 0x17,
+ 0x21, 0x9C, 0xB7, 0xD2, 0x72, 0x03, 0xDB, 0x2A, 0x19, 0xC8, 0x77, 0xF1,
+ 0xD1, 0xF1, 0x9F, 0xD7, 0xD7, 0x7E, 0xF2, 0x25, 0x46, 0xA6, 0x8F, 0x00,
+ 0x5A, 0xD5, 0x2D, 0xC8, 0x45, 0x53, 0xB7, 0x8F, 0xC6, 0x03, 0x30, 0xBE,
+ 0x51, 0xEA, 0x7C, 0x06, 0x72, 0xCA, 0xC1, 0x51, 0x5E, 0x4B, 0x35, 0xC0,
+ 0x47, 0xB9, 0xA5, 0x51, 0xB8, 0x8F, 0x39, 0xDC, 0x26, 0xDA, 0x14, 0xA0,
+ 0x9E, 0xF7, 0x47, 0x74, 0xD4, 0x7C, 0x76, 0x2D, 0xD1, 0x77, 0xF9, 0xED,
+ 0x5B, 0xC2, 0xF1, 0x1E, 0x52, 0xC8, 0x79, 0xBD, 0x95, 0x09, 0x85, 0x04,
+ 0xCD, 0x9E, 0xEC, 0xD8, 0xA8, 0xF9, 0xB3, 0xEF, 0xBD, 0x1F, 0x00, 0x8A,
+ 0xC5, 0x85, 0x30, 0x97, 0xD9, 0xD1, 0x83, 0x7F, 0x2B, 0x18, 0xF7, 0x7C,
+ 0xD7, 0xBE, 0x01, 0xAF, 0x80, 0xA7, 0xC7, 0xB5, 0xEA, 0x3C, 0xA5, 0x4C,
+ 0xC0, 0x2D, 0x0C, 0x11, 0x6F, 0xEE, 0x3F, 0x95, 0xBB, 0x87, 0x39, 0x93,
+ 0x85, 0x87, 0x5D, 0x7E, 0x86, 0x74, 0x7E, 0x67, 0x6E, 0x72, 0x89, 0x38,
+ 0xAC, 0xBF, 0xF7, 0x09, 0x8E, 0x05, 0xBE, 0x4D, 0xCF, 0xB2, 0x40, 0x52,
+ 0xB8, 0x3A, 0xEF, 0xFB, 0x14, 0x78, 0x3F, 0x02, 0x9A, 0xDB, 0xDE, 0x7F,
+ 0x53, 0xFA, 0xE9, 0x20, 0x84, 0x22, 0x40, 0x90, 0xE0, 0x07, 0xCE, 0xE9,
+ 0x4D, 0x4B, 0xF2, 0xBA, 0xCE, 0x9F, 0xFD, 0x4B, 0x57, 0xD2, 0xAF, 0x7C,
+ 0x72, 0x4D, 0x0C, 0xAA, 0x19, 0xBF, 0x05, 0x01, 0xF6, 0xF1, 0x7B, 0x4A,
+ 0xA1, 0x0F, 0x42, 0x5E, 0x3E, 0xA7, 0x60, 0x80, 0xB4, 0xB9, 0xD6, 0xB3,
+ 0xCE, 0xFE, 0xA1, 0x15, 0xB2, 0xCE, 0xB8, 0x78, 0x9B, 0xB8, 0xA3, 0xB0,
+ 0xEA, 0x87, 0xFE, 0xBE, 0x63, 0xB6, 0xC8, 0xF8, 0x46, 0xEC, 0x6D, 0xB0,
+ 0xC2, 0x6C, 0x5D, 0x7C
+};
+
+typedef struct {
+ DH *(*get_param) (void);
+ const unsigned char *xA;
+ size_t xA_len;
+ const unsigned char *yA;
+ size_t yA_len;
+ const unsigned char *xB;
+ size_t xB_len;
+ const unsigned char *yB;
+ size_t yB_len;
+ const unsigned char *Z;
+ size_t Z_len;
+} rfc5114_td;
+
+# define make_rfc5114_td(pre) { \
+ DH_get_##pre, \
+ dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \
+ dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \
+ dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \
+ dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \
+ dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \
+ }
+
+static const rfc5114_td rfctd[] = {
+ make_rfc5114_td(1024_160),
+ make_rfc5114_td(2048_224),
+ make_rfc5114_td(2048_256)
+};
+
+static int run_rfc5114_tests(void)
+{
+ int i;
+ for (i = 0; i < (int)(sizeof(rfctd) / sizeof(rfc5114_td)); i++) {
+ DH *dhA, *dhB;
+ unsigned char *Z1 = NULL, *Z2 = NULL;
+ const rfc5114_td *td = rfctd + i;
+ /* Set up DH structures setting key components */
+ dhA = td->get_param();
+ dhB = td->get_param();
+ if (!dhA || !dhB)
+ goto bad_err;
+
+ dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
+ dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
+
+ dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
+ dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
+
+ if (!dhA->priv_key || !dhA->pub_key
+ || !dhB->priv_key || !dhB->pub_key)
+ goto bad_err;
+
+ if ((td->Z_len != (size_t)DH_size(dhA))
+ || (td->Z_len != (size_t)DH_size(dhB)))
+ goto err;
+
+ Z1 = OPENSSL_malloc(DH_size(dhA));
+ Z2 = OPENSSL_malloc(DH_size(dhB));
+ /*
+ * Work out shared secrets using both sides and compare with expected
+ * values.
+ */
+ if (!DH_compute_key(Z1, dhB->pub_key, dhA))
+ goto bad_err;
+ if (!DH_compute_key(Z2, dhA->pub_key, dhB))
+ goto bad_err;
+
+ if (memcmp(Z1, td->Z, td->Z_len))
+ goto err;
+ if (memcmp(Z2, td->Z, td->Z_len))
+ goto err;
+
+ printf("RFC5114 parameter test %d OK\n", i + 1);
+
+ DH_free(dhA);
+ DH_free(dhB);
+ OPENSSL_free(Z1);
+ OPENSSL_free(Z2);
+
+ }
+ return 1;
+ bad_err:
+ fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1);
+ ERR_print_errors_fp(stderr);
+ return 0;
+ err:
+ fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
+ return 0;
+}
+
+#endif
--- /dev/null
+/* crypto/dsa/dsatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "../e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/rand.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+
+#ifdef OPENSSL_NO_DSA
+int main(int argc, char *argv[])
+{
+ printf("No DSA support\n");
+ return (0);
+}
+#else
+# include <openssl/dsa.h>
+
+static int dsa_cb(int p, int n, BN_GENCB *arg);
+
+/*
+ * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS
+ * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1
+ */
+static unsigned char seed[20] = {
+ 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40,
+ 0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3,
+};
+
+static unsigned char out_p[] = {
+ 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa,
+ 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb,
+ 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7,
+ 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5,
+ 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf,
+ 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac,
+ 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2,
+ 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91,
+};
+
+static unsigned char out_q[] = {
+ 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee,
+ 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e,
+ 0xda, 0xce, 0x91, 0x5f,
+};
+
+static unsigned char out_g[] = {
+ 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13,
+ 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00,
+ 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb,
+ 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e,
+ 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf,
+ 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c,
+ 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c,
+ 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02,
+};
+
+static const unsigned char str1[] = "12345678901234567890";
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+static BIO *bio_err = NULL;
+
+int main(int argc, char **argv)
+{
+ BN_GENCB *cb;
+ DSA *dsa = NULL;
+ int counter, ret = 0, i, j;
+ unsigned char buf[256];
+ unsigned long h;
+ unsigned char sig[256];
+ unsigned int siglen;
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+
+ BIO_printf(bio_err, "test generation of DSA parameters\n");
+
+ cb = BN_GENCB_new();
+ if (!cb)
+ goto end;
+
+ BN_GENCB_set(cb, dsa_cb, bio_err);
+ if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
+ seed, 20,
+ &counter,
+ &h, cb))
+ goto end;
+
+ BIO_printf(bio_err, "seed\n");
+ for (i = 0; i < 20; i += 4) {
+ BIO_printf(bio_err, "%02X%02X%02X%02X ",
+ seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
+ }
+ BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
+
+ DSA_print(bio_err, dsa, 0);
+ if (counter != 105) {
+ BIO_printf(bio_err, "counter should be 105\n");
+ goto end;
+ }
+ if (h != 2) {
+ BIO_printf(bio_err, "h should be 2\n");
+ goto end;
+ }
+
+ i = BN_bn2bin(dsa->q, buf);
+ j = sizeof(out_q);
+ if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
+ BIO_printf(bio_err, "q value is wrong\n");
+ goto end;
+ }
+
+ i = BN_bn2bin(dsa->p, buf);
+ j = sizeof(out_p);
+ if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
+ BIO_printf(bio_err, "p value is wrong\n");
+ goto end;
+ }
+
+ i = BN_bn2bin(dsa->g, buf);
+ j = sizeof(out_g);
+ if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
+ BIO_printf(bio_err, "g value is wrong\n");
+ goto end;
+ }
+
+ dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
+ DSA_generate_key(dsa);
+ DSA_sign(0, str1, 20, sig, &siglen, dsa);
+ if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
+ ret = 1;
+
+ dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
+ DSA_generate_key(dsa);
+ DSA_sign(0, str1, 20, sig, &siglen, dsa);
+ if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
+ ret = 1;
+
+ end:
+ if (!ret)
+ ERR_print_errors(bio_err);
+ DSA_free(dsa);
+ if (cb != NULL)
+ BN_GENCB_free(cb);
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks(bio_err);
+ BIO_free(bio_err);
+ bio_err = NULL;
+# ifdef OPENSSL_SYS_NETWARE
+ if (!ret)
+ printf("ERROR\n");
+# endif
+ EXIT(!ret);
+}
+
+static int dsa_cb(int p, int n, BN_GENCB *arg)
+{
+ char c = '*';
+ static int ok = 0, num = 0;
+
+ if (p == 0) {
+ c = '.';
+ num++;
+ };
+ if (p == 1)
+ c = '+';
+ if (p == 2) {
+ c = '*';
+ ok++;
+ }
+ if (p == 3)
+ c = '\n';
+ BIO_write(BN_GENCB_get_arg(arg), &c, 1);
+ (void)BIO_flush(BN_GENCB_get_arg(arg));
+
+ if (!ok && (p == 0) && (num > 1)) {
+ BIO_printf((BIO *)arg, "error in dsatest\n");
+ return 0;
+ }
+ return 1;
+}
+#endif
--- /dev/null
+/* crypto/ecdh/ecdhtest.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_EC */
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/objects.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+#include <openssl/err.h>
+
+#ifdef OPENSSL_NO_EC
+int main(int argc, char *argv[])
+{
+ printf("No ECDH support\n");
+ return (0);
+}
+#else
+# include <openssl/ec.h>
+# include <openssl/ecdh.h>
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+static const int KDF1_SHA1_len = 20;
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
+ size_t *outlen)
+{
+ if (*outlen < SHA_DIGEST_LENGTH)
+ return NULL;
+ *outlen = SHA_DIGEST_LENGTH;
+ return SHA1(in, inlen, out);
+}
+
+static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
+{
+ EC_KEY *a = NULL;
+ EC_KEY *b = NULL;
+ BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL;
+ char buf[12];
+ unsigned char *abuf = NULL, *bbuf = NULL;
+ int i, alen, blen, aout, bout, ret = 0;
+ const EC_GROUP *group;
+
+ a = EC_KEY_new_by_curve_name(nid);
+ b = EC_KEY_new_by_curve_name(nid);
+ if (a == NULL || b == NULL)
+ goto err;
+
+ group = EC_KEY_get0_group(a);
+
+ if ((x_a = BN_new()) == NULL)
+ goto err;
+ if ((y_a = BN_new()) == NULL)
+ goto err;
+ if ((x_b = BN_new()) == NULL)
+ goto err;
+ if ((y_b = BN_new()) == NULL)
+ goto err;
+
+ BIO_puts(out, "Testing key generation with ");
+ BIO_puts(out, text);
+# ifdef NOISY
+ BIO_puts(out, "\n");
+# else
+ (void)BIO_flush(out);
+# endif
+
+ if (!EC_KEY_generate_key(a))
+ goto err;
+
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+ NID_X9_62_prime_field) {
+ if (!EC_POINT_get_affine_coordinates_GFp
+ (group, EC_KEY_get0_public_key(a), x_a, y_a, ctx))
+ goto err;
+ }
+# ifndef OPENSSL_NO_EC2M
+ else {
+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
+ EC_KEY_get0_public_key(a),
+ x_a, y_a, ctx))
+ goto err;
+ }
+# endif
+# ifdef NOISY
+ BIO_puts(out, " pri 1=");
+ BN_print(out, a->priv_key);
+ BIO_puts(out, "\n pub 1=");
+ BN_print(out, x_a);
+ BIO_puts(out, ",");
+ BN_print(out, y_a);
+ BIO_puts(out, "\n");
+# else
+ BIO_printf(out, " .");
+ (void)BIO_flush(out);
+# endif
+
+ if (!EC_KEY_generate_key(b))
+ goto err;
+
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+ NID_X9_62_prime_field) {
+ if (!EC_POINT_get_affine_coordinates_GFp
+ (group, EC_KEY_get0_public_key(b), x_b, y_b, ctx))
+ goto err;
+ }
+# ifndef OPENSSL_NO_EC2M
+ else {
+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
+ EC_KEY_get0_public_key(b),
+ x_b, y_b, ctx))
+ goto err;
+ }
+# endif
+
+# ifdef NOISY
+ BIO_puts(out, " pri 2=");
+ BN_print(out, b->priv_key);
+ BIO_puts(out, "\n pub 2=");
+ BN_print(out, x_b);
+ BIO_puts(out, ",");
+ BN_print(out, y_b);
+ BIO_puts(out, "\n");
+# else
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+# endif
+
+ alen = KDF1_SHA1_len;
+ abuf = (unsigned char *)OPENSSL_malloc(alen);
+ aout =
+ ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(b), a, KDF1_SHA1);
+
+# ifdef NOISY
+ BIO_puts(out, " key1 =");
+ for (i = 0; i < aout; i++) {
+ sprintf(buf, "%02X", abuf[i]);
+ BIO_puts(out, buf);
+ }
+ BIO_puts(out, "\n");
+# else
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+# endif
+
+ blen = KDF1_SHA1_len;
+ bbuf = (unsigned char *)OPENSSL_malloc(blen);
+ bout =
+ ECDH_compute_key(bbuf, blen, EC_KEY_get0_public_key(a), b, KDF1_SHA1);
+
+# ifdef NOISY
+ BIO_puts(out, " key2 =");
+ for (i = 0; i < bout; i++) {
+ sprintf(buf, "%02X", bbuf[i]);
+ BIO_puts(out, buf);
+ }
+ BIO_puts(out, "\n");
+# else
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+# endif
+
+ if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
+# ifndef NOISY
+ BIO_printf(out, " failed\n\n");
+ BIO_printf(out, "key a:\n");
+ BIO_printf(out, "private key: ");
+ BN_print(out, EC_KEY_get0_private_key(a));
+ BIO_printf(out, "\n");
+ BIO_printf(out, "public key (x,y): ");
+ BN_print(out, x_a);
+ BIO_printf(out, ",");
+ BN_print(out, y_a);
+ BIO_printf(out, "\nkey b:\n");
+ BIO_printf(out, "private key: ");
+ BN_print(out, EC_KEY_get0_private_key(b));
+ BIO_printf(out, "\n");
+ BIO_printf(out, "public key (x,y): ");
+ BN_print(out, x_b);
+ BIO_printf(out, ",");
+ BN_print(out, y_b);
+ BIO_printf(out, "\n");
+ BIO_printf(out, "generated key a: ");
+ for (i = 0; i < bout; i++) {
+ sprintf(buf, "%02X", bbuf[i]);
+ BIO_puts(out, buf);
+ }
+ BIO_printf(out, "\n");
+ BIO_printf(out, "generated key b: ");
+ for (i = 0; i < aout; i++) {
+ sprintf(buf, "%02X", abuf[i]);
+ BIO_puts(out, buf);
+ }
+ BIO_printf(out, "\n");
+# endif
+ fprintf(stderr, "Error in ECDH routines\n");
+ ret = 0;
+ } else {
+# ifndef NOISY
+ BIO_printf(out, " ok\n");
+# endif
+ ret = 1;
+ }
+ err:
+ ERR_print_errors_fp(stderr);
+
+ if (abuf != NULL)
+ OPENSSL_free(abuf);
+ if (bbuf != NULL)
+ OPENSSL_free(bbuf);
+ if (x_a)
+ BN_free(x_a);
+ if (y_a)
+ BN_free(y_a);
+ if (x_b)
+ BN_free(x_b);
+ if (y_b)
+ BN_free(y_b);
+ EC_KEY_free(b);
+ EC_KEY_free(a);
+ return (ret);
+}
+
+/* Keys and shared secrets from RFC 7027 */
+
+static const unsigned char bp256_da[] = {
+ 0x81, 0xDB, 0x1E, 0xE1, 0x00, 0x15, 0x0F, 0xF2, 0xEA, 0x33, 0x8D, 0x70,
+ 0x82, 0x71, 0xBE, 0x38, 0x30, 0x0C, 0xB5, 0x42, 0x41, 0xD7, 0x99, 0x50,
+ 0xF7, 0x7B, 0x06, 0x30, 0x39, 0x80, 0x4F, 0x1D
+};
+
+static const unsigned char bp256_db[] = {
+ 0x55, 0xE4, 0x0B, 0xC4, 0x1E, 0x37, 0xE3, 0xE2, 0xAD, 0x25, 0xC3, 0xC6,
+ 0x65, 0x45, 0x11, 0xFF, 0xA8, 0x47, 0x4A, 0x91, 0xA0, 0x03, 0x20, 0x87,
+ 0x59, 0x38, 0x52, 0xD3, 0xE7, 0xD7, 0x6B, 0xD3
+};
+
+static const unsigned char bp256_Z[] = {
+ 0x89, 0xAF, 0xC3, 0x9D, 0x41, 0xD3, 0xB3, 0x27, 0x81, 0x4B, 0x80, 0x94,
+ 0x0B, 0x04, 0x25, 0x90, 0xF9, 0x65, 0x56, 0xEC, 0x91, 0xE6, 0xAE, 0x79,
+ 0x39, 0xBC, 0xE3, 0x1F, 0x3A, 0x18, 0xBF, 0x2B
+};
+
+static const unsigned char bp384_da[] = {
+ 0x1E, 0x20, 0xF5, 0xE0, 0x48, 0xA5, 0x88, 0x6F, 0x1F, 0x15, 0x7C, 0x74,
+ 0xE9, 0x1B, 0xDE, 0x2B, 0x98, 0xC8, 0xB5, 0x2D, 0x58, 0xE5, 0x00, 0x3D,
+ 0x57, 0x05, 0x3F, 0xC4, 0xB0, 0xBD, 0x65, 0xD6, 0xF1, 0x5E, 0xB5, 0xD1,
+ 0xEE, 0x16, 0x10, 0xDF, 0x87, 0x07, 0x95, 0x14, 0x36, 0x27, 0xD0, 0x42
+};
+
+static const unsigned char bp384_db[] = {
+ 0x03, 0x26, 0x40, 0xBC, 0x60, 0x03, 0xC5, 0x92, 0x60, 0xF7, 0x25, 0x0C,
+ 0x3D, 0xB5, 0x8C, 0xE6, 0x47, 0xF9, 0x8E, 0x12, 0x60, 0xAC, 0xCE, 0x4A,
+ 0xCD, 0xA3, 0xDD, 0x86, 0x9F, 0x74, 0xE0, 0x1F, 0x8B, 0xA5, 0xE0, 0x32,
+ 0x43, 0x09, 0xDB, 0x6A, 0x98, 0x31, 0x49, 0x7A, 0xBA, 0xC9, 0x66, 0x70
+};
+
+static const unsigned char bp384_Z[] = {
+ 0x0B, 0xD9, 0xD3, 0xA7, 0xEA, 0x0B, 0x3D, 0x51, 0x9D, 0x09, 0xD8, 0xE4,
+ 0x8D, 0x07, 0x85, 0xFB, 0x74, 0x4A, 0x6B, 0x35, 0x5E, 0x63, 0x04, 0xBC,
+ 0x51, 0xC2, 0x29, 0xFB, 0xBC, 0xE2, 0x39, 0xBB, 0xAD, 0xF6, 0x40, 0x37,
+ 0x15, 0xC3, 0x5D, 0x4F, 0xB2, 0xA5, 0x44, 0x4F, 0x57, 0x5D, 0x4F, 0x42
+};
+
+static const unsigned char bp512_da[] = {
+ 0x16, 0x30, 0x2F, 0xF0, 0xDB, 0xBB, 0x5A, 0x8D, 0x73, 0x3D, 0xAB, 0x71,
+ 0x41, 0xC1, 0xB4, 0x5A, 0xCB, 0xC8, 0x71, 0x59, 0x39, 0x67, 0x7F, 0x6A,
+ 0x56, 0x85, 0x0A, 0x38, 0xBD, 0x87, 0xBD, 0x59, 0xB0, 0x9E, 0x80, 0x27,
+ 0x96, 0x09, 0xFF, 0x33, 0x3E, 0xB9, 0xD4, 0xC0, 0x61, 0x23, 0x1F, 0xB2,
+ 0x6F, 0x92, 0xEE, 0xB0, 0x49, 0x82, 0xA5, 0xF1, 0xD1, 0x76, 0x4C, 0xAD,
+ 0x57, 0x66, 0x54, 0x22
+};
+
+static const unsigned char bp512_db[] = {
+ 0x23, 0x0E, 0x18, 0xE1, 0xBC, 0xC8, 0x8A, 0x36, 0x2F, 0xA5, 0x4E, 0x4E,
+ 0xA3, 0x90, 0x20, 0x09, 0x29, 0x2F, 0x7F, 0x80, 0x33, 0x62, 0x4F, 0xD4,
+ 0x71, 0xB5, 0xD8, 0xAC, 0xE4, 0x9D, 0x12, 0xCF, 0xAB, 0xBC, 0x19, 0x96,
+ 0x3D, 0xAB, 0x8E, 0x2F, 0x1E, 0xBA, 0x00, 0xBF, 0xFB, 0x29, 0xE4, 0xD7,
+ 0x2D, 0x13, 0xF2, 0x22, 0x45, 0x62, 0xF4, 0x05, 0xCB, 0x80, 0x50, 0x36,
+ 0x66, 0xB2, 0x54, 0x29
+};
+
+static const unsigned char bp512_Z[] = {
+ 0xA7, 0x92, 0x70, 0x98, 0x65, 0x5F, 0x1F, 0x99, 0x76, 0xFA, 0x50, 0xA9,
+ 0xD5, 0x66, 0x86, 0x5D, 0xC5, 0x30, 0x33, 0x18, 0x46, 0x38, 0x1C, 0x87,
+ 0x25, 0x6B, 0xAF, 0x32, 0x26, 0x24, 0x4B, 0x76, 0xD3, 0x64, 0x03, 0xC0,
+ 0x24, 0xD7, 0xBB, 0xF0, 0xAA, 0x08, 0x03, 0xEA, 0xFF, 0x40, 0x5D, 0x3D,
+ 0x24, 0xF1, 0x1A, 0x9B, 0x5C, 0x0B, 0xEF, 0x67, 0x9F, 0xE1, 0x45, 0x4B,
+ 0x21, 0xC4, 0xCD, 0x1F
+};
+
+/* Given private value and NID, create EC_KEY structure */
+
+static EC_KEY *mk_eckey(int nid, const unsigned char *p, size_t plen)
+{
+ int ok = 0;
+ EC_KEY *k = NULL;
+ BIGNUM *priv = NULL;
+ EC_POINT *pub = NULL;
+ const EC_GROUP *grp;
+ k = EC_KEY_new_by_curve_name(nid);
+ if (!k)
+ goto err;
+ priv = BN_bin2bn(p, plen, NULL);
+ if (!priv)
+ goto err;
+ if (!EC_KEY_set_private_key(k, priv))
+ goto err;
+ grp = EC_KEY_get0_group(k);
+ pub = EC_POINT_new(grp);
+ if (!pub)
+ goto err;
+ if (!EC_POINT_mul(grp, pub, priv, NULL, NULL, NULL))
+ goto err;
+ if (!EC_KEY_set_public_key(k, pub))
+ goto err;
+ ok = 1;
+ err:
+ if (priv)
+ BN_clear_free(priv);
+ EC_POINT_free(pub);
+ if (ok)
+ return k;
+ EC_KEY_free(k);
+ return NULL;
+}
+
+/*
+ * Known answer test: compute shared secret and check it matches expected
+ * value.
+ */
+
+static int ecdh_kat(BIO *out, const char *cname, int nid,
+ const unsigned char *k1, size_t k1_len,
+ const unsigned char *k2, size_t k2_len,
+ const unsigned char *Z, size_t Zlen)
+{
+ int rv = 0;
+ EC_KEY *key1 = NULL, *key2 = NULL;
+ unsigned char *Ztmp = NULL;
+ size_t Ztmplen;
+ BIO_puts(out, "Testing ECDH shared secret with ");
+ BIO_puts(out, cname);
+ key1 = mk_eckey(nid, k1, k1_len);
+ key2 = mk_eckey(nid, k2, k2_len);
+ if (!key1 || !key2)
+ goto err;
+ Ztmplen = (EC_GROUP_get_degree(EC_KEY_get0_group(key1)) + 7) / 8;
+ if (Ztmplen != Zlen)
+ goto err;
+ Ztmp = OPENSSL_malloc(Ztmplen);
+ if (!ECDH_compute_key(Ztmp, Ztmplen,
+ EC_KEY_get0_public_key(key2), key1, 0))
+ goto err;
+ if (memcmp(Ztmp, Z, Zlen))
+ goto err;
+ memset(Ztmp, 0, Zlen);
+ if (!ECDH_compute_key(Ztmp, Ztmplen,
+ EC_KEY_get0_public_key(key1), key2, 0))
+ goto err;
+ if (memcmp(Ztmp, Z, Zlen))
+ goto err;
+ rv = 1;
+ err:
+ EC_KEY_free(key1);
+ EC_KEY_free(key2);
+ if (Ztmp)
+ OPENSSL_free(Ztmp);
+ if (rv)
+ BIO_puts(out, " ok\n");
+ else {
+ fprintf(stderr, "Error in ECDH routines\n");
+ ERR_print_errors_fp(stderr);
+ }
+ return rv;
+}
+
+# define test_ecdh_kat(bio, curve, bits) \
+ ecdh_kat(bio, curve, NID_brainpoolP##bits##r1, \
+ bp##bits##_da, sizeof(bp##bits##_da), \
+ bp##bits##_db, sizeof(bp##bits##_db), \
+ bp##bits##_Z, sizeof(bp##bits##_Z))
+
+int main(int argc, char *argv[])
+{
+ BN_CTX *ctx = NULL;
+ int ret = 1;
+ BIO *out;
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+# ifdef OPENSSL_SYS_WIN32
+ CRYPTO_malloc_init();
+# endif
+
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+ EXIT(1);
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+ if ((ctx = BN_CTX_new()) == NULL)
+ goto err;
+
+ /* NIST PRIME CURVES TESTS */
+ if (!test_ecdh_curve
+ (NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out))
+ goto err;
+ if (!test_ecdh_curve
+ (NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out))
+ goto err;
+# ifndef OPENSSL_NO_EC2M
+ /* NIST BINARY CURVES TESTS */
+ if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out))
+ goto err;
+# endif
+ if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256))
+ goto err;
+ if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384))
+ goto err;
+ if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512))
+ goto err;
+
+ ret = 0;
+
+ err:
+ ERR_print_errors_fp(stderr);
+ if (ctx)
+ BN_CTX_free(ctx);
+ BIO_free(out);
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ CRYPTO_mem_leaks_fp(stderr);
+ EXIT(ret);
+}
+#endif
--- /dev/null
+/* crypto/ecdsa/ecdsatest.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */
+
+#ifdef OPENSSL_NO_EC
+int main(int argc, char *argv[])
+{
+ puts("Elliptic curves are disabled.");
+ return 0;
+}
+#else
+
+# include <openssl/crypto.h>
+# include <openssl/bio.h>
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/ecdsa.h>
+# ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+# endif
+# include <openssl/err.h>
+# include <openssl/rand.h>
+
+static const char rnd_seed[] = "string to make the random number generator "
+ "think it has entropy";
+
+/* declaration of the test functions */
+int x9_62_tests(BIO *);
+int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s);
+int test_builtin(BIO *);
+
+/* functions to change the RAND_METHOD */
+int change_rand(void);
+int restore_rand(void);
+int fbytes(unsigned char *buf, int num);
+
+RAND_METHOD fake_rand;
+const RAND_METHOD *old_rand;
+
+int change_rand(void)
+{
+ /* save old rand method */
+ if ((old_rand = RAND_get_rand_method()) == NULL)
+ return 0;
+
+ fake_rand.seed = old_rand->seed;
+ fake_rand.cleanup = old_rand->cleanup;
+ fake_rand.add = old_rand->add;
+ fake_rand.status = old_rand->status;
+ /* use own random function */
+ fake_rand.bytes = fbytes;
+ fake_rand.pseudorand = old_rand->bytes;
+ /* set new RAND_METHOD */
+ if (!RAND_set_rand_method(&fake_rand))
+ return 0;
+ return 1;
+}
+
+int restore_rand(void)
+{
+ if (!RAND_set_rand_method(old_rand))
+ return 0;
+ else
+ return 1;
+}
+
+static int fbytes_counter = 0, use_fake = 0;
+static const char *numbers[8] = {
+ "651056770906015076056810763456358567190100156695615665659",
+ "6140507067065001063065065565667405560006161556565665656654",
+ "8763001015071075675010661307616710783570106710677817767166"
+ "71676178726717",
+ "7000000175690566466555057817571571075705015757757057795755"
+ "55657156756655",
+ "1275552191113212300012030439187146164646146646466749494799",
+ "1542725565216523985789236956265265265235675811949404040041",
+ "1456427555219115346513212300075341203043918714616464614664"
+ "64667494947990",
+ "1712787255652165239672857892369562652652652356758119494040"
+ "40041670216363"
+};
+
+int fbytes(unsigned char *buf, int num)
+{
+ int ret;
+ BIGNUM *tmp = NULL;
+
+ if (use_fake == 0)
+ return old_rand->bytes(buf, num);
+
+ use_fake = 0;
+
+ if (fbytes_counter >= 8)
+ return 0;
+ tmp = BN_new();
+ if (!tmp)
+ return 0;
+ if (!BN_dec2bn(&tmp, numbers[fbytes_counter])) {
+ BN_free(tmp);
+ return 0;
+ }
+ fbytes_counter++;
+ if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf))
+ ret = 0;
+ else
+ ret = 1;
+ BN_free(tmp);
+ return ret;
+}
+
+/* some tests from the X9.62 draft */
+int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
+{
+ int ret = 0;
+ const char message[] = "abc";
+ unsigned char digest[20];
+ unsigned int dgst_len = 0;
+ EVP_MD_CTX md_ctx;
+ EC_KEY *key = NULL;
+ ECDSA_SIG *signature = NULL;
+ BIGNUM *r = NULL, *s = NULL;
+ BIGNUM *kinv = NULL, *rp = NULL;
+
+ EVP_MD_CTX_init(&md_ctx);
+ /* get the message digest */
+ if (!EVP_DigestInit(&md_ctx, EVP_ecdsa())
+ || !EVP_DigestUpdate(&md_ctx, (const void *)message, 3)
+ || !EVP_DigestFinal(&md_ctx, digest, &dgst_len))
+ goto x962_int_err;
+
+ BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
+ /* create the key */
+ if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
+ goto x962_int_err;
+ use_fake = 1;
+ if (!EC_KEY_generate_key(key))
+ goto x962_int_err;
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* create the signature */
+ use_fake = 1;
+ /* Use ECDSA_sign_setup to avoid use of ECDSA nonces */
+ if (!ECDSA_sign_setup(key, NULL, &kinv, &rp))
+ goto x962_int_err;
+ signature = ECDSA_do_sign_ex(digest, 20, kinv, rp, key);
+ if (signature == NULL)
+ goto x962_int_err;
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* compare the created signature with the expected signature */
+ if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
+ goto x962_int_err;
+ if (!BN_dec2bn(&r, r_in) || !BN_dec2bn(&s, s_in))
+ goto x962_int_err;
+ if (BN_cmp(signature->r, r) || BN_cmp(signature->s, s))
+ goto x962_int_err;
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* verify the signature */
+ if (ECDSA_do_verify(digest, 20, signature, key) != 1)
+ goto x962_int_err;
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+
+ BIO_printf(out, " ok\n");
+ ret = 1;
+ x962_int_err:
+ if (!ret)
+ BIO_printf(out, " failed\n");
+ EC_KEY_free(key);
+ if (signature)
+ ECDSA_SIG_free(signature);
+ if (r)
+ BN_free(r);
+ if (s)
+ BN_free(s);
+ EVP_MD_CTX_cleanup(&md_ctx);
+ if (kinv)
+ BN_clear_free(kinv);
+ if (rp)
+ BN_clear_free(rp);
+ return ret;
+}
+
+int x9_62_tests(BIO *out)
+{
+ int ret = 0;
+
+ BIO_printf(out, "some tests from X9.62:\n");
+
+ /* set own rand method */
+ if (!change_rand())
+ goto x962_err;
+
+ if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
+ "3342403536405981729393488334694600415596881826869351677613",
+ "5735822328888155254683894997897571951568553642892029982342"))
+ goto x962_err;
+ if (!x9_62_test_internal(out, NID_X9_62_prime239v1,
+ "3086361431751678114926225473006680188549593787585317781474"
+ "62058306432176",
+ "3238135532097973577080787768312505059318910517550078427819"
+ "78505179448783"))
+ goto x962_err;
+# ifndef OPENSSL_NO_EC2M
+ if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
+ "87194383164871543355722284926904419997237591535066528048",
+ "308992691965804947361541664549085895292153777025772063598"))
+ goto x962_err;
+ if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1,
+ "2159633321041961198501834003903461262881815148684178964245"
+ "5876922391552",
+ "1970303740007316867383349976549972270528498040721988191026"
+ "49413465737174"))
+ goto x962_err;
+# endif
+ ret = 1;
+ x962_err:
+ if (!restore_rand())
+ ret = 0;
+ return ret;
+}
+
+int test_builtin(BIO *out)
+{
+ EC_builtin_curve *curves = NULL;
+ size_t crv_len = 0, n = 0;
+ EC_KEY *eckey = NULL, *wrong_eckey = NULL;
+ EC_GROUP *group;
+ ECDSA_SIG *ecdsa_sig = NULL;
+ unsigned char digest[20], wrong_digest[20];
+ unsigned char *signature = NULL;
+ const unsigned char *sig_ptr;
+ unsigned char *sig_ptr2;
+ unsigned char *raw_buf = NULL;
+ unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len;
+ int nid, ret = 0;
+
+ /* fill digest values with some random data */
+ if (RAND_bytes(digest, 20) <= 0 || RAND_bytes(wrong_digest, 20) <= 0) {
+ BIO_printf(out, "ERROR: unable to get random data\n");
+ goto builtin_err;
+ }
+
+ /*
+ * create and verify a ecdsa signature with every availble curve (with )
+ */
+ BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() "
+ "with some internal curves:\n");
+
+ /* get a list of all internal curves */
+ crv_len = EC_get_builtin_curves(NULL, 0);
+
+ curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
+
+ if (curves == NULL) {
+ BIO_printf(out, "malloc error\n");
+ goto builtin_err;
+ }
+
+ if (!EC_get_builtin_curves(curves, crv_len)) {
+ BIO_printf(out, "unable to get internal curves\n");
+ goto builtin_err;
+ }
+
+ /* now create and verify a signature for every curve */
+ for (n = 0; n < crv_len; n++) {
+ unsigned char dirt, offset;
+
+ nid = curves[n].nid;
+ if (nid == NID_ipsec4)
+ continue;
+ /* create new ecdsa key (== EC_KEY) */
+ if ((eckey = EC_KEY_new()) == NULL)
+ goto builtin_err;
+ group = EC_GROUP_new_by_curve_name(nid);
+ if (group == NULL)
+ goto builtin_err;
+ if (EC_KEY_set_group(eckey, group) == 0)
+ goto builtin_err;
+ EC_GROUP_free(group);
+ degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey));
+ if (degree < 160) {
+ /* drop the curve */
+ EC_KEY_free(eckey);
+ eckey = NULL;
+ continue;
+ }
+ BIO_printf(out, "%s: ", OBJ_nid2sn(nid));
+ /* create key */
+ if (!EC_KEY_generate_key(eckey)) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ /* create second key */
+ if ((wrong_eckey = EC_KEY_new()) == NULL)
+ goto builtin_err;
+ group = EC_GROUP_new_by_curve_name(nid);
+ if (group == NULL)
+ goto builtin_err;
+ if (EC_KEY_set_group(wrong_eckey, group) == 0)
+ goto builtin_err;
+ EC_GROUP_free(group);
+ if (!EC_KEY_generate_key(wrong_eckey)) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* check key */
+ if (!EC_KEY_check_key(eckey)) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* create signature */
+ sig_len = ECDSA_size(eckey);
+ if ((signature = OPENSSL_malloc(sig_len)) == NULL)
+ goto builtin_err;
+ if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* verify signature */
+ if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* verify signature with the wrong key */
+ if (ECDSA_verify(0, digest, 20, signature, sig_len, wrong_eckey) == 1) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* wrong digest */
+ if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len, eckey) == 1) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+ /* wrong length */
+ if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, eckey) == 1) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+
+ /*
+ * Modify a single byte of the signature: to ensure we don't garble
+ * the ASN1 structure, we read the raw signature and modify a byte in
+ * one of the bignums directly.
+ */
+ sig_ptr = signature;
+ if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+
+ /* Store the two BIGNUMs in raw_buf. */
+ r_len = BN_num_bytes(ecdsa_sig->r);
+ s_len = BN_num_bytes(ecdsa_sig->s);
+ bn_len = (degree + 7) / 8;
+ if ((r_len > bn_len) || (s_len > bn_len)) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ buf_len = 2 * bn_len;
+ if ((raw_buf = OPENSSL_malloc(buf_len)) == NULL)
+ goto builtin_err;
+ /* Pad the bignums with leading zeroes. */
+ memset(raw_buf, 0, buf_len);
+ BN_bn2bin(ecdsa_sig->r, raw_buf + bn_len - r_len);
+ BN_bn2bin(ecdsa_sig->s, raw_buf + buf_len - s_len);
+
+ /* Modify a single byte in the buffer. */
+ offset = raw_buf[10] % buf_len;
+ dirt = raw_buf[11] ? raw_buf[11] : 1;
+ raw_buf[offset] ^= dirt;
+ /* Now read the BIGNUMs back in from raw_buf. */
+ if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
+ (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
+ goto builtin_err;
+
+ sig_ptr2 = signature;
+ sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
+ if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ /*
+ * Sanity check: undo the modification and verify signature.
+ */
+ raw_buf[offset] ^= dirt;
+ if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
+ (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
+ goto builtin_err;
+
+ sig_ptr2 = signature;
+ sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
+ if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
+ BIO_printf(out, " failed\n");
+ goto builtin_err;
+ }
+ BIO_printf(out, ".");
+ (void)BIO_flush(out);
+
+ BIO_printf(out, " ok\n");
+ /* cleanup */
+ /* clean bogus errors */
+ ERR_clear_error();
+ OPENSSL_free(signature);
+ signature = NULL;
+ EC_KEY_free(eckey);
+ eckey = NULL;
+ EC_KEY_free(wrong_eckey);
+ wrong_eckey = NULL;
+ ECDSA_SIG_free(ecdsa_sig);
+ ecdsa_sig = NULL;
+ OPENSSL_free(raw_buf);
+ raw_buf = NULL;
+ }
+
+ ret = 1;
+ builtin_err:
+ EC_KEY_free(eckey);
+ EC_KEY_free(wrong_eckey);
+ if (ecdsa_sig)
+ ECDSA_SIG_free(ecdsa_sig);
+ if (signature)
+ OPENSSL_free(signature);
+ if (raw_buf)
+ OPENSSL_free(raw_buf);
+ if (curves)
+ OPENSSL_free(curves);
+
+ return ret;
+}
+
+int main(void)
+{
+ int ret = 1;
+ BIO *out;
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* enable memory leak checking unless explicitly disabled */
+ if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) &&
+ (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ } else {
+ /* OPENSSL_DEBUG_MEMORY=off */
+ CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+ }
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+
+ /* initialize the prng */
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
+
+ /* the tests */
+ if (!x9_62_tests(out))
+ goto err;
+ if (!test_builtin(out))
+ goto err;
+
+ ret = 0;
+ err:
+ if (ret)
+ BIO_printf(out, "\nECDSA test failed\n");
+ else
+ BIO_printf(out, "\nECDSA test passed\n");
+ if (ret)
+ ERR_print_errors(out);
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks(out);
+ BIO_free(out);
+ return ret;
+}
+#endif
--- /dev/null
+/* crypto/ec/ectest.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef FLAT_INC
+# include "e_os.h"
+#else
+# include "../e_os.h"
+#endif
+#include <string.h>
+#include <time.h>
+
+#ifdef OPENSSL_NO_EC
+int main(int argc, char *argv[])
+{
+ puts("Elliptic curves are disabled.");
+ return 0;
+}
+#else
+
+# include <openssl/ec.h>
+# ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+# endif
+# include <openssl/err.h>
+# include <openssl/obj_mac.h>
+# include <openssl/objects.h>
+# include <openssl/rand.h>
+# include <openssl/bn.h>
+# include <openssl/opensslconf.h>
+
+# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
+/* suppress "too big too optimize" warning */
+# pragma warning(disable:4959)
+# endif
+
+# define ABORT do { \
+ fflush(stdout); \
+ fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
+ ERR_print_errors_fp(stderr); \
+ EXIT(1); \
+} while (0)
+
+# define TIMING_BASE_PT 0
+# define TIMING_RAND_PT 1
+# define TIMING_SIMUL 2
+
+/* test multiplication with group order, long and negative scalars */
+static void group_order_tests(EC_GROUP *group)
+{
+ BIGNUM *n1, *n2, *order;
+ EC_POINT *P = EC_POINT_new(group);
+ EC_POINT *Q = EC_POINT_new(group);
+ BN_CTX *ctx = BN_CTX_new();
+ int i;
+
+ n1 = BN_new();
+ n2 = BN_new();
+ order = BN_new();
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
+ if (!EC_GROUP_get_order(group, order, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ fprintf(stdout, " ok\n");
+ fprintf(stdout, "long/negative scalar tests ");
+ for (i = 1; i <= 2; i++) {
+ const BIGNUM *scalars[6];
+ const EC_POINT *points[6];
+
+ fprintf(stdout, i == 1 ?
+ "allowing precomputation ... " :
+ "without precomputation ... ");
+ if (!BN_set_word(n1, i))
+ ABORT;
+ /*
+ * If i == 1, P will be the predefined generator for which
+ * EC_GROUP_precompute_mult has set up precomputation.
+ */
+ if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx))
+ ABORT;
+
+ if (!BN_one(n1))
+ ABORT;
+ /* n1 = 1 - order */
+ if (!BN_sub(n1, n1, order))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = 1 + order */
+ if (!BN_add(n2, order, BN_value_one()))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = (1 - order) * (1 + order) = 1 - order^2 */
+ if (!BN_mul(n2, n1, n2, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = order^2 - 1 */
+ BN_set_negative(n2, 0);
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ /* Add P to verify the result. */
+ if (!EC_POINT_add(group, Q, Q, P, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+
+ /* Exercise EC_POINTs_mul, including corner cases. */
+ if (EC_POINT_is_at_infinity(group, P))
+ ABORT;
+ scalars[0] = n1;
+ points[0] = Q; /* => infinity */
+ scalars[1] = n2;
+ points[1] = P; /* => -P */
+ scalars[2] = n1;
+ points[2] = Q; /* => infinity */
+ scalars[3] = n2;
+ points[3] = Q; /* => infinity */
+ scalars[4] = n1;
+ points[4] = P; /* => P */
+ scalars[5] = n2;
+ points[5] = Q; /* => infinity */
+ if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+ }
+ fprintf(stdout, "ok\n");
+
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ BN_free(n1);
+ BN_free(n2);
+ BN_free(order);
+ BN_CTX_free(ctx);
+}
+
+static void prime_field_tests(void)
+{
+ BN_CTX *ctx = NULL;
+ BIGNUM *p, *a, *b;
+ EC_GROUP *group;
+ EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 =
+ NULL, *P_384 = NULL, *P_521 = NULL;
+ EC_POINT *P, *Q, *R;
+ BIGNUM *x, *y, *z;
+ unsigned char buf[100];
+ size_t i, len;
+ int k;
+
+ ctx = BN_CTX_new();
+ if (!ctx)
+ ABORT;
+
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ if (!p || !a || !b)
+ ABORT;
+
+ if (!BN_hex2bn(&p, "17"))
+ ABORT;
+ if (!BN_hex2bn(&a, "1"))
+ ABORT;
+ if (!BN_hex2bn(&b, "1"))
+ ABORT;
+
+ group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use
+ * EC_GROUP_new_curve_GFp so
+ * that the library gets to
+ * choose the EC_METHOD */
+ if (!group)
+ ABORT;
+
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ {
+ EC_GROUP *tmp;
+ tmp = EC_GROUP_new(EC_GROUP_method_of(group));
+ if (!tmp)
+ ABORT;
+ if (!EC_GROUP_copy(tmp, group))
+ ABORT;
+ EC_GROUP_free(group);
+ group = tmp;
+ }
+
+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ fprintf(stdout,
+ "Curve defined by Weierstrass equation\n y^2 = x^3 + a*x + b (mod 0x");
+ BN_print_fp(stdout, p);
+ fprintf(stdout, ")\n a = 0x");
+ BN_print_fp(stdout, a);
+ fprintf(stdout, "\n b = 0x");
+ BN_print_fp(stdout, b);
+ fprintf(stdout, "\n");
+
+ P = EC_POINT_new(group);
+ Q = EC_POINT_new(group);
+ R = EC_POINT_new(group);
+ if (!P || !Q || !R)
+ ABORT;
+
+ if (!EC_POINT_set_to_infinity(group, P))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ buf[0] = 0;
+ if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
+ ABORT;
+
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ x = BN_new();
+ y = BN_new();
+ z = BN_new();
+ if (!x || !y || !z)
+ ABORT;
+
+ if (!BN_hex2bn(&x, "D"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, Q, ctx)) {
+ if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx))
+ ABORT;
+ fprintf(stderr, "Point is not on curve: x = 0x");
+ BN_print_fp(stderr, x);
+ fprintf(stderr, ", y = 0x");
+ BN_print_fp(stderr, y);
+ fprintf(stderr, "\n");
+ ABORT;
+ }
+
+ fprintf(stdout, "A cyclic subgroup:\n");
+ k = 100;
+ do {
+ if (k-- == 0)
+ ABORT;
+
+ if (EC_POINT_is_at_infinity(group, P))
+ fprintf(stdout, " point at infinity\n");
+ else {
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+
+ fprintf(stdout, " x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, ", y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ }
+
+ if (!EC_POINT_copy(R, P))
+ ABORT;
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+
+ }
+ while (!EC_POINT_is_at_infinity(group, P));
+
+ if (!EC_POINT_add(group, P, Q, R, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "Generator as octet string, compressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+ ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+ if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx))
+ ABORT;
+ fprintf(stdout,
+ "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n X = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, ", Y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, ", Z = 0x");
+ BN_print_fp(stdout, z);
+ fprintf(stdout, "\n");
+
+ if (!EC_POINT_invert(group, P, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+
+ /*
+ * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2,
+ * 2000) -- not a NIST curve, but commonly used
+ */
+
+ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82"))
+ ABORT;
+ if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32"))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 160)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_160, group))
+ ABORT;
+
+ /* Curve P-192 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-192 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 192)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_192, group))
+ ABORT;
+
+ /* Curve P-224 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn
+ (&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn
+ (&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"))
+ ABORT;
+ if (!BN_hex2bn
+ (&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn
+ (&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!BN_hex2bn
+ (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-224 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn
+ (&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 224)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_224, group))
+ ABORT;
+
+ /* Curve P-256 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn
+ (&p,
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn
+ (&a,
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn
+ (&b,
+ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn
+ (&x,
+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
+ "84F3B9CAC2FC632551"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn
+ (&z,
+ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 256)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_256, group))
+ ABORT;
+
+ /* Curve P-384 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
+ "120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
+ "9859F741E082542A385502F25DBF55296C3A545E3872760AB7"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-384 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
+ "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 384)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_384, group))
+ ABORT;
+
+ /* Curve P-521 (FIPS PUB 186-2, App. 6) */
+
+ if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF"))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFC"))
+ ABORT;
+ if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"
+ "315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"
+ "DF883D2C34F1EF451FD46B503F00"))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+ ABORT;
+
+ if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
+ "B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
+ "3C1856A429BF97E7E31C2E5BD66"))
+ ABORT;
+ if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
+ "C9B8899C47AEBB6FB71E91386409"))
+ ABORT;
+ if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+ ABORT;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+ ABORT;
+ fprintf(stdout, "\nNIST curve P-521 -- Generator:\n x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, "\n y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ /* G_y value taken from the standard: */
+ if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"
+ "B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"
+ "7086A272C24088BE94769FD16650"))
+ ABORT;
+ if (0 != BN_cmp(y, z))
+ ABORT;
+
+ fprintf(stdout, "verify degree ...");
+ if (EC_GROUP_get_degree(group) != 521)
+ ABORT;
+ fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
+
+ if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))))
+ ABORT;
+ if (!EC_GROUP_copy(P_521, group))
+ ABORT;
+
+ /* more tests using the last curve */
+
+ if (!EC_POINT_copy(Q, P))
+ ABORT;
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ if (!EC_POINT_dbl(group, P, P, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!EC_POINT_invert(group, Q, ctx))
+ ABORT; /* P = -2Q */
+
+ if (!EC_POINT_add(group, R, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_add(group, R, R, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, R))
+ ABORT; /* R = P + 2Q */
+
+ {
+ const EC_POINT *points[4];
+ const BIGNUM *scalars[4];
+ BIGNUM *scalar3;
+
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ points[0] = Q;
+ points[1] = Q;
+ points[2] = Q;
+ points[3] = Q;
+
+ if (!EC_GROUP_get_order(group, z, ctx))
+ ABORT;
+ if (!BN_add(y, z, BN_value_one()))
+ ABORT;
+ if (BN_is_odd(y))
+ ABORT;
+ if (!BN_rshift1(y, y))
+ ABORT;
+ scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
+ scalars[1] = y;
+
+ fprintf(stdout, "combined multiplication ...");
+ fflush(stdout);
+
+ /* z is still the group order */
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, R, Q, ctx))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
+ ABORT;
+ if (!BN_add(z, z, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = y;
+ scalars[1] = z; /* z = -(order + y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
+ ABORT;
+ if (!BN_add(z, x, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = x;
+ scalars[1] = y;
+ scalars[2] = z; /* z = -(x+y) */
+
+ scalar3 = BN_new();
+ if (!scalar3)
+ ABORT;
+ BN_zero(scalar3);
+ scalars[3] = scalar3;
+
+ if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, " ok\n\n");
+
+ BN_free(scalar3);
+ }
+
+ if (ctx)
+ BN_CTX_free(ctx);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ EC_GROUP_free(group);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(R);
+ BN_free(x);
+ BN_free(y);
+ BN_free(z);
+
+ EC_GROUP_free(P_160);
+ EC_GROUP_free(P_192);
+ EC_GROUP_free(P_224);
+ EC_GROUP_free(P_256);
+ EC_GROUP_free(P_384);
+ EC_GROUP_free(P_521);
+
+}
+
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ if (!BN_hex2bn(&x, _x)) ABORT; \
+ if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \
+ if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
+ if (!BN_hex2bn(&z, _order)) ABORT; \
+ if (!BN_hex2bn(&cof, _cof)) ABORT; \
+ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
+ if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
+ fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
+ BN_print_fp(stdout, x); \
+ fprintf(stdout, "\n y = 0x"); \
+ BN_print_fp(stdout, y); \
+ fprintf(stdout, "\n"); \
+ /* G_y value taken from the standard: */ \
+ if (!BN_hex2bn(&z, _y)) ABORT; \
+ if (0 != BN_cmp(y, z)) ABORT;
+# else
+# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ if (!BN_hex2bn(&x, _x)) ABORT; \
+ if (!BN_hex2bn(&y, _y)) ABORT; \
+ if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
+ if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
+ if (!BN_hex2bn(&z, _order)) ABORT; \
+ if (!BN_hex2bn(&cof, _cof)) ABORT; \
+ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
+ fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \
+ BN_print_fp(stdout, x); \
+ fprintf(stdout, "\n y = 0x"); \
+ BN_print_fp(stdout, y); \
+ fprintf(stdout, "\n");
+# endif
+
+# define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ if (!BN_hex2bn(&p, _p)) ABORT; \
+ if (!BN_hex2bn(&a, _a)) ABORT; \
+ if (!BN_hex2bn(&b, _b)) ABORT; \
+ if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \
+ CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+ fprintf(stdout, "verify degree ..."); \
+ if (EC_GROUP_get_degree(group) != _degree) ABORT; \
+ fprintf(stdout, " ok\n"); \
+ group_order_tests(group); \
+ if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \
+ if (!EC_GROUP_copy(_variable, group)) ABORT; \
+
+# ifndef OPENSSL_NO_EC2M
+
+static void char2_field_tests(void)
+{
+ BN_CTX *ctx = NULL;
+ BIGNUM *p, *a, *b;
+ EC_GROUP *group;
+ EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 =
+ NULL, *C2_K571 = NULL;
+ EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 =
+ NULL, *C2_B571 = NULL;
+ EC_POINT *P, *Q, *R;
+ BIGNUM *x, *y, *z, *cof;
+ unsigned char buf[100];
+ size_t i, len;
+ int k;
+
+ ctx = BN_CTX_new();
+ if (!ctx)
+ ABORT;
+
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ if (!p || !a || !b)
+ ABORT;
+
+ if (!BN_hex2bn(&p, "13"))
+ ABORT;
+ if (!BN_hex2bn(&a, "3"))
+ ABORT;
+ if (!BN_hex2bn(&b, "1"))
+ ABORT;
+
+ group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use
+ * EC_GROUP_new_curve_GF2m
+ * so that the library gets
+ * to choose the EC_METHOD */
+ if (!group)
+ ABORT;
+ if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx))
+ ABORT;
+
+ {
+ EC_GROUP *tmp;
+ tmp = EC_GROUP_new(EC_GROUP_method_of(group));
+ if (!tmp)
+ ABORT;
+ if (!EC_GROUP_copy(tmp, group))
+ ABORT;
+ EC_GROUP_free(group);
+ group = tmp;
+ }
+
+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx))
+ ABORT;
+
+ fprintf(stdout,
+ "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x");
+ BN_print_fp(stdout, p);
+ fprintf(stdout, ")\n a = 0x");
+ BN_print_fp(stdout, a);
+ fprintf(stdout, "\n b = 0x");
+ BN_print_fp(stdout, b);
+ fprintf(stdout, "\n(0x... means binary polynomial)\n");
+
+ P = EC_POINT_new(group);
+ Q = EC_POINT_new(group);
+ R = EC_POINT_new(group);
+ if (!P || !Q || !R)
+ ABORT;
+
+ if (!EC_POINT_set_to_infinity(group, P))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ buf[0] = 0;
+ if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
+ ABORT;
+
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ x = BN_new();
+ y = BN_new();
+ z = BN_new();
+ cof = BN_new();
+ if (!x || !y || !z || !cof)
+ ABORT;
+
+ if (!BN_hex2bn(&x, "6"))
+ ABORT;
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx))
+ ABORT;
+# else
+ if (!BN_hex2bn(&y, "8"))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx))
+ ABORT;
+# endif
+ if (!EC_POINT_is_on_curve(group, Q, ctx)) {
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx))
+ ABORT;
+# endif
+ fprintf(stderr, "Point is not on curve: x = 0x");
+ BN_print_fp(stderr, x);
+ fprintf(stderr, ", y = 0x");
+ BN_print_fp(stderr, y);
+ fprintf(stderr, "\n");
+ ABORT;
+ }
+
+ fprintf(stdout, "A cyclic subgroup:\n");
+ k = 100;
+ do {
+ if (k-- == 0)
+ ABORT;
+
+ if (EC_POINT_is_at_infinity(group, P))
+ fprintf(stdout, " point at infinity\n");
+ else {
+ if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx))
+ ABORT;
+
+ fprintf(stdout, " x = 0x");
+ BN_print_fp(stdout, x);
+ fprintf(stdout, ", y = 0x");
+ BN_print_fp(stdout, y);
+ fprintf(stdout, "\n");
+ }
+
+ if (!EC_POINT_copy(R, P))
+ ABORT;
+ if (!EC_POINT_add(group, P, P, Q, ctx))
+ ABORT;
+ }
+ while (!EC_POINT_is_at_infinity(group, P));
+
+ if (!EC_POINT_add(group, P, Q, R, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "Generator as octet string, compressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+# endif
+
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
+ sizeof buf, ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+ len =
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+ ctx);
+ if (len == 0)
+ ABORT;
+ if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, Q, ctx))
+ ABORT;
+ fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
+ for (i = 0; i < len; i++)
+ fprintf(stdout, "%02X", buf[i]);
+# endif
+
+ fprintf(stdout, "\n");
+
+ if (!EC_POINT_invert(group, P, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+
+ /* Curve K-163 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-163",
+ "0800000000000000000000000000000000000000C9",
+ "1",
+ "1",
+ "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
+ "0289070FB05D38FF58321F2E800536D538CCDAA3D9",
+ 1, "04000000000000000000020108A2E0CC0D99F8A5EF", "2", 163, C2_K163);
+
+ /* Curve B-163 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-163",
+ "0800000000000000000000000000000000000000C9",
+ "1",
+ "020A601907B8C953CA1481EB10512F78744A3205FD",
+ "03F0EBA16286A2D57EA0991168D4994637E8343E36",
+ "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
+ 1, "040000000000000000000292FE77E70C12A4234C33", "2", 163, C2_B163);
+
+ /* Curve K-233 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-233",
+ "020000000000000000000000000000000000000004000000000000000001",
+ "0",
+ "1",
+ "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
+ "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
+ 0,
+ "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
+ "4", 233, C2_K233);
+
+ /* Curve B-233 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-233",
+ "020000000000000000000000000000000000000004000000000000000001",
+ "000000000000000000000000000000000000000000000000000000000001",
+ "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
+ "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
+ "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
+ 1,
+ "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
+ "2", 233, C2_B233);
+
+ /* Curve K-283 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-283",
+ "0800000000000000000000000000000000000000000000000000000000000000000010A1",
+ "0",
+ "1",
+ "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",
+ "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
+ 0,
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
+ "4", 283, C2_K283);
+
+ /* Curve B-283 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-283",
+ "0800000000000000000000000000000000000000000000000000000000000000000010A1",
+ "000000000000000000000000000000000000000000000000000000000000000000000001",
+ "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
+ "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",
+ "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
+ 1,
+ "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
+ "2", 283, C2_B283);
+
+ /* Curve K-409 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-409",
+ "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
+ "0",
+ "1",
+ "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
+ "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
+ 1,
+ "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
+ "4", 409, C2_K409);
+
+ /* Curve B-409 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-409",
+ "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
+ "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
+ "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
+ "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",
+ "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
+ 1,
+ "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
+ "2", 409, C2_B409);
+
+ /* Curve K-571 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve K-571",
+ "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
+ "0",
+ "1",
+ "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",
+ "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
+ 0,
+ "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
+ "4", 571, C2_K571);
+
+ /* Curve B-571 (FIPS PUB 186-2, App. 6) */
+ CHAR2_CURVE_TEST
+ ("NIST curve B-571",
+ "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
+ "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
+ "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
+ "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",
+ "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
+ 1,
+ "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
+ "2", 571, C2_B571);
+
+ /* more tests using the last curve */
+
+ if (!EC_POINT_copy(Q, P))
+ ABORT;
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ if (!EC_POINT_dbl(group, P, P, ctx))
+ ABORT;
+ if (!EC_POINT_is_on_curve(group, P, ctx))
+ ABORT;
+ if (!EC_POINT_invert(group, Q, ctx))
+ ABORT; /* P = -2Q */
+
+ if (!EC_POINT_add(group, R, P, Q, ctx))
+ ABORT;
+ if (!EC_POINT_add(group, R, R, Q, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, R))
+ ABORT; /* R = P + 2Q */
+
+ {
+ const EC_POINT *points[3];
+ const BIGNUM *scalars[3];
+
+ if (EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ points[0] = Q;
+ points[1] = Q;
+ points[2] = Q;
+
+ if (!BN_add(y, z, BN_value_one()))
+ ABORT;
+ if (BN_is_odd(y))
+ ABORT;
+ if (!BN_rshift1(y, y))
+ ABORT;
+ scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
+ scalars[1] = y;
+
+ fprintf(stdout, "combined multiplication ...");
+ fflush(stdout);
+
+ /* z is still the group order */
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, P, R, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, R, Q, ctx))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
+ ABORT;
+ if (!BN_add(z, z, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = y;
+ scalars[1] = z; /* z = -(order + y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
+ ABORT;
+ if (!BN_add(z, x, y))
+ ABORT;
+ BN_set_negative(z, 1);
+ scalars[0] = x;
+ scalars[1] = y;
+ scalars[2] = z; /* z = -(x+y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+
+ fprintf(stdout, " ok\n\n");
+ }
+
+ if (ctx)
+ BN_CTX_free(ctx);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ EC_GROUP_free(group);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(R);
+ BN_free(x);
+ BN_free(y);
+ BN_free(z);
+ BN_free(cof);
+
+ EC_GROUP_free(C2_K163);
+ EC_GROUP_free(C2_B163);
+ EC_GROUP_free(C2_K233);
+ EC_GROUP_free(C2_B233);
+ EC_GROUP_free(C2_K283);
+ EC_GROUP_free(C2_B283);
+ EC_GROUP_free(C2_K409);
+ EC_GROUP_free(C2_B409);
+ EC_GROUP_free(C2_K571);
+ EC_GROUP_free(C2_B571);
+
+}
+# endif
+
+static void internal_curve_test(void)
+{
+ EC_builtin_curve *curves = NULL;
+ size_t crv_len = 0, n = 0;
+ int ok = 1;
+
+ crv_len = EC_get_builtin_curves(NULL, 0);
+
+ curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
+
+ if (curves == NULL)
+ return;
+
+ if (!EC_get_builtin_curves(curves, crv_len)) {
+ OPENSSL_free(curves);
+ return;
+ }
+
+ fprintf(stdout, "testing internal curves: ");
+
+ for (n = 0; n < crv_len; n++) {
+ EC_GROUP *group = NULL;
+ int nid = curves[n].nid;
+ if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) {
+ ok = 0;
+ fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with"
+ " curve %s\n", OBJ_nid2sn(nid));
+ /* try next curve */
+ continue;
+ }
+ if (!EC_GROUP_check(group, NULL)) {
+ ok = 0;
+ fprintf(stdout, "\nEC_GROUP_check() failed with"
+ " curve %s\n", OBJ_nid2sn(nid));
+ EC_GROUP_free(group);
+ /* try the next curve */
+ continue;
+ }
+ fprintf(stdout, ".");
+ fflush(stdout);
+ EC_GROUP_free(group);
+ }
+ if (ok)
+ fprintf(stdout, " ok\n\n");
+ else {
+ fprintf(stdout, " failed\n\n");
+ ABORT;
+ }
+ OPENSSL_free(curves);
+ return;
+}
+
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/*
+ * nistp_test_params contains magic numbers for testing our optimized
+ * implementations of several NIST curves with characteristic > 3.
+ */
+struct nistp_test_params {
+ const EC_METHOD *(*meth) ();
+ int degree;
+ /*
+ * Qx, Qy and D are taken from
+ * http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
+ * Otherwise, values are standard curve parameters from FIPS 180-3
+ */
+ const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
+};
+
+static const struct nistp_test_params nistp_tests_params[] = {
+ {
+ /* P-224 */
+ EC_GFp_nistp224_method,
+ 224,
+ /* p */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
+ /* a */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
+ /* b */
+ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
+ /* Qx */
+ "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E",
+ /* Qy */
+ "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555",
+ /* Gx */
+ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
+ /* Gy */
+ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
+ /* order */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
+ /* d */
+ "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8",
+ },
+ {
+ /* P-256 */
+ EC_GFp_nistp256_method,
+ 256,
+ /* p */
+ "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
+ /* a */
+ "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
+ /* b */
+ "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
+ /* Qx */
+ "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19",
+ /* Qy */
+ "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09",
+ /* Gx */
+ "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
+ /* Gy */
+ "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
+ /* order */
+ "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
+ /* d */
+ "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96",
+ },
+ {
+ /* P-521 */
+ EC_GFp_nistp521_method,
+ 521,
+ /* p */
+ "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+ /* a */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
+ /* b */
+ "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
+ /* Qx */
+ "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4",
+ /* Qy */
+ "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e",
+ /* Gx */
+ "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
+ /* Gy */
+ "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
+ /* order */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
+ /* d */
+ "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722",
+ },
+};
+
+static void nistp_single_test(const struct nistp_test_params *test)
+{
+ BN_CTX *ctx;
+ BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
+ EC_GROUP *NISTP;
+ EC_POINT *G, *P, *Q, *Q_CHECK;
+
+ fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n",
+ test->degree);
+ ctx = BN_CTX_new();
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ x = BN_new();
+ y = BN_new();
+ m = BN_new();
+ n = BN_new();
+ order = BN_new();
+
+ NISTP = EC_GROUP_new(test->meth());
+ if (!NISTP)
+ ABORT;
+ if (!BN_hex2bn(&p, test->p))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, test->a))
+ ABORT;
+ if (!BN_hex2bn(&b, test->b))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx))
+ ABORT;
+ G = EC_POINT_new(NISTP);
+ P = EC_POINT_new(NISTP);
+ Q = EC_POINT_new(NISTP);
+ Q_CHECK = EC_POINT_new(NISTP);
+ if (!BN_hex2bn(&x, test->Qx))
+ ABORT;
+ if (!BN_hex2bn(&y, test->Qy))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx))
+ ABORT;
+ if (!BN_hex2bn(&x, test->Gx))
+ ABORT;
+ if (!BN_hex2bn(&y, test->Gy))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx))
+ ABORT;
+ if (!BN_hex2bn(&order, test->order))
+ ABORT;
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+ ABORT;
+
+ fprintf(stdout, "verify degree ... ");
+ if (EC_GROUP_get_degree(NISTP) != test->degree)
+ ABORT;
+ fprintf(stdout, "ok\n");
+
+ fprintf(stdout, "NIST test vectors ... ");
+ if (!BN_hex2bn(&n, test->d))
+ ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* set generator to P = 2*G, where G is the standard generator */
+ if (!EC_POINT_dbl(NISTP, P, G, ctx))
+ ABORT;
+ if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
+ ABORT;
+ /* set the scalar to m=n/2, where n is the NIST test scalar */
+ if (!BN_rshift(m, n, 1))
+ ABORT;
+
+ /* test the non-standard generator */
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* now repeat all tests with precomputation */
+ if (!EC_GROUP_precompute_mult(NISTP, ctx))
+ ABORT;
+
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* reset generator */
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+ ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ fprintf(stdout, "ok\n");
+ group_order_tests(NISTP);
+ EC_GROUP_free(NISTP);
+ EC_POINT_free(G);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(Q_CHECK);
+ BN_free(n);
+ BN_free(m);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ BN_free(x);
+ BN_free(y);
+ BN_free(order);
+ BN_CTX_free(ctx);
+}
+
+static void nistp_tests()
+{
+ unsigned i;
+
+ for (i = 0;
+ i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params);
+ i++) {
+ nistp_single_test(&nistp_tests_params[i]);
+ }
+}
+# endif
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+{
+
+ /* enable memory leak checking unless explicitly disabled */
+ if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
+ && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ } else {
+ /* OPENSSL_DEBUG_MEMORY=off */
+ CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+ }
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+ ERR_load_crypto_strings();
+
+ RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+
+ prime_field_tests();
+ puts("");
+# ifndef OPENSSL_NO_EC2M
+ char2_field_tests();
+# endif
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ nistp_tests();
+# endif
+ /* test the internal curves */
+ internal_curve_test();
+
+# ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
+# endif
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+ ERR_remove_thread_state(NULL);
+ CRYPTO_mem_leaks_fp(stderr);
+
+ return 0;
+}
+#endif
--- /dev/null
+/* crypto/engine/enginetest.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/e_os2.h>
+
+#ifdef OPENSSL_NO_ENGINE
+int main(int argc, char *argv[])
+{
+ printf("No ENGINE support\n");
+ return (0);
+}
+#else
+# include <openssl/buffer.h>
+# include <openssl/crypto.h>
+# include <openssl/engine.h>
+# include <openssl/err.h>
+
+static void display_engine_list(void)
+{
+ ENGINE *h;
+ int loop;
+
+ h = ENGINE_get_first();
+ loop = 0;
+ printf("listing available engine types\n");
+ while (h) {
+ printf("engine %i, id = \"%s\", name = \"%s\"\n",
+ loop++, ENGINE_get_id(h), ENGINE_get_name(h));
+ h = ENGINE_get_next(h);
+ }
+ printf("end of list\n");
+ /*
+ * ENGINE_get_first() increases the struct_ref counter, so we must call
+ * ENGINE_free() to decrease it again
+ */
+ ENGINE_free(h);
+}
+
+int main(int argc, char *argv[])
+{
+ ENGINE *block[512];
+ char buf[256];
+ const char *id, *name;
+ ENGINE *ptr;
+ int loop;
+ int to_return = 1;
+ ENGINE *new_h1 = NULL;
+ ENGINE *new_h2 = NULL;
+ ENGINE *new_h3 = NULL;
+ ENGINE *new_h4 = NULL;
+
+ /* enable memory leak checking unless explicitly disabled */
+ if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
+ && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ } else {
+ /* OPENSSL_DEBUG_MEMORY=off */
+ CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+ }
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+ ERR_load_crypto_strings();
+
+ memset(block, 0, 512 * sizeof(ENGINE *));
+ if (((new_h1 = ENGINE_new()) == NULL) ||
+ !ENGINE_set_id(new_h1, "test_id0") ||
+ !ENGINE_set_name(new_h1, "First test item") ||
+ ((new_h2 = ENGINE_new()) == NULL) ||
+ !ENGINE_set_id(new_h2, "test_id1") ||
+ !ENGINE_set_name(new_h2, "Second test item") ||
+ ((new_h3 = ENGINE_new()) == NULL) ||
+ !ENGINE_set_id(new_h3, "test_id2") ||
+ !ENGINE_set_name(new_h3, "Third test item") ||
+ ((new_h4 = ENGINE_new()) == NULL) ||
+ !ENGINE_set_id(new_h4, "test_id3") ||
+ !ENGINE_set_name(new_h4, "Fourth test item")) {
+ printf("Couldn't set up test ENGINE structures\n");
+ goto end;
+ }
+ printf("\nenginetest beginning\n\n");
+ display_engine_list();
+ if (!ENGINE_add(new_h1)) {
+ printf("Add failed!\n");
+ goto end;
+ }
+ display_engine_list();
+ ptr = ENGINE_get_first();
+ if (!ENGINE_remove(ptr)) {
+ printf("Remove failed!\n");
+ goto end;
+ }
+ if (ptr)
+ ENGINE_free(ptr);
+ display_engine_list();
+ if (!ENGINE_add(new_h3) || !ENGINE_add(new_h2)) {
+ printf("Add failed!\n");
+ goto end;
+ }
+ display_engine_list();
+ if (!ENGINE_remove(new_h2)) {
+ printf("Remove failed!\n");
+ goto end;
+ }
+ display_engine_list();
+ if (!ENGINE_add(new_h4)) {
+ printf("Add failed!\n");
+ goto end;
+ }
+ display_engine_list();
+ if (ENGINE_add(new_h3)) {
+ printf("Add *should* have failed but didn't!\n");
+ goto end;
+ } else
+ printf("Add that should fail did.\n");
+ ERR_clear_error();
+ if (ENGINE_remove(new_h2)) {
+ printf("Remove *should* have failed but didn't!\n");
+ goto end;
+ } else
+ printf("Remove that should fail did.\n");
+ ERR_clear_error();
+ if (!ENGINE_remove(new_h3)) {
+ printf("Remove failed!\n");
+ goto end;
+ }
+ display_engine_list();
+ if (!ENGINE_remove(new_h4)) {
+ printf("Remove failed!\n");
+ goto end;
+ }
+ display_engine_list();
+ /*
+ * Depending on whether there's any hardware support compiled in, this
+ * remove may be destined to fail.
+ */
+ ptr = ENGINE_get_first();
+ if (ptr)
+ if (!ENGINE_remove(ptr))
+ printf("Remove failed!i - probably no hardware "
+ "support present.\n");
+ if (ptr)
+ ENGINE_free(ptr);
+ display_engine_list();
+ if (!ENGINE_add(new_h1) || !ENGINE_remove(new_h1)) {
+ printf("Couldn't add and remove to an empty list!\n");
+ goto end;
+ } else
+ printf("Successfully added and removed to an empty list!\n");
+ printf("About to beef up the engine-type list\n");
+ for (loop = 0; loop < 512; loop++) {
+ sprintf(buf, "id%i", loop);
+ id = BUF_strdup(buf);
+ sprintf(buf, "Fake engine type %i", loop);
+ name = BUF_strdup(buf);
+ if (((block[loop] = ENGINE_new()) == NULL) ||
+ !ENGINE_set_id(block[loop], id) ||
+ !ENGINE_set_name(block[loop], name)) {
+ printf("Couldn't create block of ENGINE structures.\n"
+ "I'll probably also core-dump now, damn.\n");
+ goto end;
+ }
+ }
+ for (loop = 0; loop < 512; loop++) {
+ if (!ENGINE_add(block[loop])) {
+ printf("\nAdding stopped at %i, (%s,%s)\n",
+ loop, ENGINE_get_id(block[loop]),
+ ENGINE_get_name(block[loop]));
+ goto cleanup_loop;
+ } else
+ printf(".");
+ fflush(stdout);
+ }
+ cleanup_loop:
+ printf("\nAbout to empty the engine-type list\n");
+ while ((ptr = ENGINE_get_first()) != NULL) {
+ if (!ENGINE_remove(ptr)) {
+ printf("\nRemove failed!\n");
+ goto end;
+ }
+ ENGINE_free(ptr);
+ printf(".");
+ fflush(stdout);
+ }
+ for (loop = 0; loop < 512; loop++) {
+ OPENSSL_free((void *)ENGINE_get_id(block[loop]));
+ OPENSSL_free((void *)ENGINE_get_name(block[loop]));
+ }
+ printf("\nTests completed happily\n");
+ to_return = 0;
+ end:
+ if (to_return)
+ ERR_print_errors_fp(stderr);
+ if (new_h1)
+ ENGINE_free(new_h1);
+ if (new_h2)
+ ENGINE_free(new_h2);
+ if (new_h3)
+ ENGINE_free(new_h3);
+ if (new_h4)
+ ENGINE_free(new_h4);
+ for (loop = 0; loop < 512; loop++)
+ if (block[loop])
+ ENGINE_free(block[loop]);
+ ENGINE_cleanup();
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+ ERR_remove_thread_state(NULL);
+ CRYPTO_mem_leaks_fp(stderr);
+ return to_return;
+}
+#endif
--- /dev/null
+/* Copyright (c) 2014, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+
+/*
+ * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
+ * should never use this key anywhere but in an example.
+ */
+static const unsigned char kExampleRSAKeyDER[] = {
+ 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
+ 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
+ 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
+ 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
+ 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
+ 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
+ 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
+ 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
+ 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
+ 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
+ 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
+ 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
+ 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
+ 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
+ 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
+ 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
+ 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
+ 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
+ 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
+ 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
+ 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
+ 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
+ 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
+ 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
+ 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
+ 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
+ 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
+ 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
+ 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
+ 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
+ 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
+ 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
+ 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
+ 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
+ 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
+ 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
+ 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
+ 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
+ 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
+ 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
+ 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
+ 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
+ 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
+ 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
+ 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
+ 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
+ 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
+ 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
+ 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
+ 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
+};
+
+static const unsigned char kMsg[] = { 1, 2, 3, 4 };
+
+static const unsigned char kSignature[] = {
+ 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
+ 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
+ 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
+ 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
+ 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
+ 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
+ 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
+ 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
+ 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
+ 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
+ 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
+};
+
+/*
+ * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
+ * PrivateKeyInfo.
+ */
+static const unsigned char kExampleRSAKeyPKCS8[] = {
+ 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
+ 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
+ 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
+ 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
+ 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
+ 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
+ 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
+ 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
+ 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
+ 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
+ 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
+ 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
+ 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
+ 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
+ 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
+ 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
+ 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
+ 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
+ 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
+ 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
+ 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
+ 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
+ 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
+ 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
+ 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
+ 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
+ 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
+ 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
+ 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
+ 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
+ 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
+ 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
+ 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
+ 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
+ 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
+ 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
+ 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
+ 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
+ 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
+ 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
+ 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
+ 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
+ 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
+ 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
+ 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
+ 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
+ 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
+ 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
+ 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
+ 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
+ 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
+ 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
+};
+
+#ifndef OPENSSL_NO_EC
+/*
+ * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
+ * structure.
+ */
+static const unsigned char kExampleECKeyDER[] = {
+ 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
+ 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
+ 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
+ 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+ 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
+ 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
+ 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
+ 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
+ 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
+ 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
+ 0xc1,
+};
+
+/*
+ * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
+ * structure. The private key is equal to the order and will fail to import
+ */
+static const unsigned char kExampleBadECKeyDER[] = {
+ 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
+ 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
+ 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
+ 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
+ 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+ 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+};
+#endif
+
+static EVP_PKEY *load_example_rsa_key(void)
+{
+ EVP_PKEY *ret = NULL;
+ const unsigned char *derp = kExampleRSAKeyDER;
+ EVP_PKEY *pkey = NULL;
+ RSA *rsa = NULL;
+
+ if (!d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))) {
+ return NULL;
+ }
+
+ pkey = EVP_PKEY_new();
+ if (pkey == NULL || !EVP_PKEY_set1_RSA(pkey, rsa)) {
+ goto out;
+ }
+
+ ret = pkey;
+ pkey = NULL;
+
+ out:
+ EVP_PKEY_free(pkey);
+ RSA_free(rsa);
+
+ return ret;
+}
+
+static int test_EVP_DigestSignInit(void)
+{
+ int ret = 0;
+ EVP_PKEY *pkey = NULL;
+ unsigned char *sig = NULL;
+ size_t sig_len = 0;
+ EVP_MD_CTX md_ctx, md_ctx_verify;
+
+ EVP_MD_CTX_init(&md_ctx);
+ EVP_MD_CTX_init(&md_ctx_verify);
+
+ pkey = load_example_rsa_key();
+ if (pkey == NULL ||
+ !EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg))) {
+ goto out;
+ }
+ /* Determine the size of the signature. */
+ if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) {
+ goto out;
+ }
+ /* Sanity check for testing. */
+ if (sig_len != (size_t)EVP_PKEY_size(pkey)) {
+ fprintf(stderr, "sig_len mismatch\n");
+ goto out;
+ }
+
+ sig = OPENSSL_malloc(sig_len);
+ if (sig == NULL || !EVP_DigestSignFinal(&md_ctx, sig, &sig_len)) {
+ goto out;
+ }
+
+ /* Ensure that the signature round-trips. */
+ if (!EVP_DigestVerifyInit(&md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
+ || !EVP_DigestVerifyUpdate(&md_ctx_verify, kMsg, sizeof(kMsg))
+ || !EVP_DigestVerifyFinal(&md_ctx_verify, sig, sig_len)) {
+ goto out;
+ }
+
+ ret = 1;
+
+ out:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_cleanup(&md_ctx_verify);
+ EVP_PKEY_free(pkey);
+ if (sig) {
+ OPENSSL_free(sig);
+ }
+
+ return ret;
+}
+
+static int test_EVP_DigestVerifyInit(void)
+{
+ int ret = 0;
+ EVP_PKEY *pkey = NULL;
+ EVP_MD_CTX md_ctx;
+
+ EVP_MD_CTX_init(&md_ctx);
+
+ pkey = load_example_rsa_key();
+ if (pkey == NULL ||
+ !EVP_DigestVerifyInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestVerifyUpdate(&md_ctx, kMsg, sizeof(kMsg)) ||
+ !EVP_DigestVerifyFinal(&md_ctx, kSignature, sizeof(kSignature))) {
+ goto out;
+ }
+ ret = 1;
+
+ out:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_PKEY_free(pkey);
+
+ return ret;
+}
+
+static int test_d2i_AutoPrivateKey(const unsigned char *input,
+ size_t input_len, int expected_id)
+{
+ int ret = 0;
+ const unsigned char *p;
+ EVP_PKEY *pkey = NULL;
+
+ p = input;
+ pkey = d2i_AutoPrivateKey(NULL, &p, input_len);
+ if (pkey == NULL || p != input + input_len) {
+ fprintf(stderr, "d2i_AutoPrivateKey failed\n");
+ goto done;
+ }
+
+ if (EVP_PKEY_id(pkey) != expected_id) {
+ fprintf(stderr, "Did not decode expected type\n");
+ goto done;
+ }
+
+ ret = 1;
+
+ done:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ EVP_PKEY_free(pkey);
+ return ret;
+}
+
+#ifndef OPENSSL_NO_EC
+/* Tests loading a bad key in PKCS8 format */
+static int test_EVP_PKCS82PKEY(void)
+{
+ int ret = 0;
+ const unsigned char *derp = kExampleBadECKeyDER;
+ PKCS8_PRIV_KEY_INFO *p8inf = NULL;
+ EVP_PKEY *pkey = NULL;
+
+ p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, sizeof(kExampleBadECKeyDER));
+
+ if (!p8inf || derp != kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)) {
+ fprintf(stderr, "Failed to parse key\n");
+ goto done;
+ }
+
+ pkey = EVP_PKCS82PKEY(p8inf);
+ if (pkey) {
+ fprintf(stderr, "Imported invalid EC key\n");
+ goto done;
+ }
+
+ ret = 1;
+
+ done:
+ if (p8inf != NULL) {
+ PKCS8_PRIV_KEY_INFO_free(p8inf);
+ }
+
+ EVP_PKEY_free(pkey);
+
+ return ret;
+}
+#endif
+
+int main(void)
+{
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+ /* Load up the software EVP_CIPHER and EVP_MD definitions */
+ OpenSSL_add_all_ciphers();
+ OpenSSL_add_all_digests();
+
+ if (!test_EVP_DigestSignInit()) {
+ fprintf(stderr, "EVP_DigestSignInit failed\n");
+ return 1;
+ }
+
+ if (!test_EVP_DigestVerifyInit()) {
+ fprintf(stderr, "EVP_DigestVerifyInit failed\n");
+ return 1;
+ }
+
+ if (!test_d2i_AutoPrivateKey(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER),
+ EVP_PKEY_RSA)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyDER) failed\n");
+ return 1;
+ }
+
+ if (!test_d2i_AutoPrivateKey
+ (kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyPKCS8) failed\n");
+ return 1;
+ }
+
+#ifndef OPENSSL_NO_EC
+ if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER),
+ EVP_PKEY_EC)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleECKeyDER) failed\n");
+ return 1;
+ }
+
+ if (!test_EVP_PKCS82PKEY()) {
+ fprintf(stderr, "test_EVP_PKCS82PKEY failed\n");
+ return 1;
+ }
+#endif
+
+ EVP_cleanup();
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks_fp(stderr);
+
+ printf("PASS\n");
+ return 0;
+}
--- /dev/null
+/* evp_test.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/x509v3.h>
+
+/* Remove spaces from beginning and end of a string */
+
+static void remove_space(char **pval)
+{
+ unsigned char *p = (unsigned char *)*pval;
+
+ while (isspace(*p))
+ p++;
+
+ *pval = (char *)p;
+
+ p = p + strlen(*pval) - 1;
+
+ /* Remove trailing space */
+ while (isspace(*p))
+ *p-- = 0;
+}
+
+/*
+ * Given a line of the form:
+ * name = value # comment
+ * extract name and value. NB: modifies passed buffer.
+ */
+
+static int parse_line(char **pkw, char **pval, char *linebuf)
+{
+ char *p;
+
+ p = linebuf + strlen(linebuf) - 1;
+
+ if (*p != '\n') {
+ fprintf(stderr, "FATAL: missing EOL\n");
+ exit(1);
+ }
+
+ /* Look for # */
+
+ p = strchr(linebuf, '#');
+
+ if (p)
+ *p = '\0';
+
+ /* Look for = sign */
+ p = strchr(linebuf, '=');
+
+ /* If no '=' exit */
+ if (!p)
+ return 0;
+
+ *p++ = '\0';
+
+ *pkw = linebuf;
+ *pval = p;
+
+ /* Remove spaces from keyword and value */
+ remove_space(pkw);
+ remove_space(pval);
+
+ return 1;
+}
+
+/* For a hex string "value" convert to a binary allocated buffer */
+static int test_bin(const char *value, unsigned char **buf, size_t *buflen)
+{
+ long len;
+ if (!*value) {
+ /* Don't return NULL for zero length buffer */
+ *buf = OPENSSL_malloc(1);
+ if (!*buf)
+ return 0;
+ **buf = 0;
+ *buflen = 0;
+ return 1;
+ }
+ /* Check for string literal */
+ if (value[0] == '"') {
+ size_t vlen;
+ value++;
+ vlen = strlen(value);
+ if (value[vlen - 1] != '"')
+ return 0;
+ vlen--;
+ *buf = BUF_memdup(value, vlen);
+ *buflen = vlen;
+ return 1;
+ }
+ *buf = string_to_hex(value, &len);
+ if (!*buf) {
+ fprintf(stderr, "Value=%s\n", value);
+ ERR_print_errors_fp(stderr);
+ return -1;
+ }
+ /* Size of input buffer means we'll never overflow */
+ *buflen = len;
+ return 1;
+}
+
+/* Structure holding test information */
+struct evp_test {
+ /* file being read */
+ FILE *in;
+ /* List of public and private keys */
+ struct key_list *private;
+ struct key_list *public;
+ /* method for this test */
+ const struct evp_test_method *meth;
+ /* current line being processed */
+ unsigned int line;
+ /* start line of current test */
+ unsigned int start_line;
+ /* Error string for test */
+ const char *err;
+ /* Expected error value of test */
+ char *expected_err;
+ /* Number of tests */
+ int ntests;
+ /* Error count */
+ int errors;
+ /* Number of tests skipped */
+ int nskip;
+ /* If output mismatch expected and got value */
+ unsigned char *out_got;
+ unsigned char *out_expected;
+ size_t out_len;
+ /* test specific data */
+ void *data;
+ /* Current test should be skipped */
+ int skip;
+};
+
+struct key_list {
+ char *name;
+ EVP_PKEY *key;
+ struct key_list *next;
+};
+
+/* Test method structure */
+struct evp_test_method {
+ /* Name of test as it appears in file */
+ const char *name;
+ /* Initialise test for "alg" */
+ int (*init) (struct evp_test * t, const char *alg);
+ /* Clean up method */
+ void (*cleanup) (struct evp_test * t);
+ /* Test specific name value pair processing */
+ int (*parse) (struct evp_test * t, const char *name, const char *value);
+ /* Run the test itself */
+ int (*run_test) (struct evp_test * t);
+};
+
+static const struct evp_test_method digest_test_method, cipher_test_method;
+static const struct evp_test_method mac_test_method;
+static const struct evp_test_method psign_test_method, pverify_test_method;
+static const struct evp_test_method pdecrypt_test_method;
+static const struct evp_test_method pverify_recover_test_method;
+
+static const struct evp_test_method *evp_test_list[] = {
+ &digest_test_method,
+ &cipher_test_method,
+ &mac_test_method,
+ &psign_test_method,
+ &pverify_test_method,
+ &pdecrypt_test_method,
+ &pverify_recover_test_method,
+ NULL
+};
+
+static const struct evp_test_method *evp_find_test(const char *name)
+{
+ const struct evp_test_method **tt;
+ for (tt = evp_test_list; *tt; tt++) {
+ if (!strcmp(name, (*tt)->name))
+ return *tt;
+ }
+ return NULL;
+}
+
+static void hex_print(const char *name, const unsigned char *buf, size_t len)
+{
+ size_t i;
+ fprintf(stderr, "%s ", name);
+ for (i = 0; i < len; i++)
+ fprintf(stderr, "%02X", buf[i]);
+ fputs("\n", stderr);
+}
+
+static void free_expected(struct evp_test *t)
+{
+ if (t->expected_err) {
+ OPENSSL_free(t->expected_err);
+ t->expected_err = NULL;
+ }
+ if (t->out_expected) {
+ OPENSSL_free(t->out_expected);
+ OPENSSL_free(t->out_got);
+ t->out_expected = NULL;
+ t->out_got = NULL;
+ }
+}
+
+static void print_expected(struct evp_test *t)
+{
+ if (t->out_expected == NULL)
+ return;
+ hex_print("Expected:", t->out_expected, t->out_len);
+ hex_print("Got: ", t->out_got, t->out_len);
+ free_expected(t);
+}
+
+static int check_test_error(struct evp_test *t)
+{
+ if (!t->err && !t->expected_err)
+ return 1;
+ if (t->err && !t->expected_err) {
+ fprintf(stderr, "Test line %d: unexpected error %s\n",
+ t->start_line, t->err);
+ print_expected(t);
+ return 0;
+ }
+ if (!t->err && t->expected_err) {
+ fprintf(stderr, "Test line %d: succeeded expecting %s\n",
+ t->start_line, t->expected_err);
+ return 0;
+ }
+ if (!strcmp(t->err, t->expected_err))
+ return 1;
+
+ fprintf(stderr, "Test line %d: expecting %s got %s\n",
+ t->start_line, t->expected_err, t->err);
+ return 0;
+}
+
+/* Setup a new test, run any existing test */
+
+static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth)
+{
+ /* If we already have a test set up run it */
+ if (t->meth) {
+ t->ntests++;
+ if (t->skip) {
+ t->meth = tmeth;
+ t->nskip++;
+ return 1;
+ }
+ t->err = NULL;
+ if (t->meth->run_test(t) != 1) {
+ fprintf(stderr, "%s test error line %d\n",
+ t->meth->name, t->start_line);
+ return 0;
+ }
+ if (!check_test_error(t)) {
+ if (t->err)
+ ERR_print_errors_fp(stderr);
+ t->errors++;
+ }
+ ERR_clear_error();
+ t->meth->cleanup(t);
+ OPENSSL_free(t->data);
+ t->data = NULL;
+ if (t->expected_err) {
+ OPENSSL_free(t->expected_err);
+ t->expected_err = NULL;
+ }
+ free_expected(t);
+ }
+ t->meth = tmeth;
+ return 1;
+}
+
+static int find_key(EVP_PKEY **ppk, const char *name, struct key_list *lst)
+{
+ for (; lst; lst = lst->next) {
+ if (!strcmp(lst->name, name)) {
+ if (ppk)
+ *ppk = lst->key;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static void free_key_list(struct key_list *lst)
+{
+ while (lst != NULL) {
+ struct key_list *ltmp;
+ EVP_PKEY_free(lst->key);
+ OPENSSL_free(lst->name);
+ ltmp = lst->next;
+ OPENSSL_free(lst);
+ lst = ltmp;
+ }
+}
+
+static int check_unsupported()
+{
+ long err = ERR_peek_error();
+ if (ERR_GET_LIB(err) == ERR_LIB_EVP
+ && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
+ ERR_clear_error();
+ return 1;
+ }
+ return 0;
+}
+
+static int process_test(struct evp_test *t, char *buf, int verbose)
+{
+ char *keyword, *value;
+ int rv = 0, add_key = 0;
+ long save_pos;
+ struct key_list **lst, *key;
+ EVP_PKEY *pk = NULL;
+ const struct evp_test_method *tmeth;
+ if (verbose)
+ fputs(buf, stdout);
+ if (!parse_line(&keyword, &value, buf))
+ return 1;
+ if (!strcmp(keyword, "PrivateKey")) {
+ save_pos = ftell(t->in);
+ pk = PEM_read_PrivateKey(t->in, NULL, 0, NULL);
+ if (pk == NULL && !check_unsupported()) {
+ fprintf(stderr, "Error reading private key %s\n", value);
+ ERR_print_errors_fp(stderr);
+ return 0;
+ }
+ lst = &t->private;
+ add_key = 1;
+ }
+ if (!strcmp(keyword, "PublicKey")) {
+ save_pos = ftell(t->in);
+ pk = PEM_read_PUBKEY(t->in, NULL, 0, NULL);
+ if (pk == NULL && !check_unsupported()) {
+ fprintf(stderr, "Error reading public key %s\n", value);
+ ERR_print_errors_fp(stderr);
+ return 0;
+ }
+ lst = &t->public;
+ add_key = 1;
+ }
+ /* If we have a key add to list */
+ if (add_key) {
+ char tmpbuf[80];
+ if (find_key(NULL, value, *lst)) {
+ fprintf(stderr, "Duplicate key %s\n", value);
+ return 0;
+ }
+ key = OPENSSL_malloc(sizeof(struct key_list));
+ if (!key)
+ return 0;
+ key->name = BUF_strdup(value);
+ key->key = pk;
+ key->next = *lst;
+ *lst = key;
+ /* Rewind input, read to end and update line numbers */
+ fseek(t->in, save_pos, SEEK_SET);
+ while (fgets(tmpbuf, sizeof(tmpbuf), t->in)) {
+ t->line++;
+ if (!strncmp(tmpbuf, "-----END", 8))
+ return 1;
+ }
+ fprintf(stderr, "Can't find key end\n");
+ return 0;
+ }
+
+ /* See if keyword corresponds to a test start */
+ tmeth = evp_find_test(keyword);
+ if (tmeth) {
+ if (!setup_test(t, tmeth))
+ return 0;
+ t->start_line = t->line;
+ t->skip = 0;
+ if (!tmeth->init(t, value)) {
+ fprintf(stderr, "Unknown %s: %s\n", keyword, value);
+ return 0;
+ }
+ return 1;
+ } else if (t->skip) {
+ return 1;
+ } else if (!strcmp(keyword, "Result")) {
+ if (t->expected_err) {
+ fprintf(stderr, "Line %d: multiple result lines\n", t->line);
+ return 0;
+ }
+ t->expected_err = BUF_strdup(value);
+ if (!t->expected_err)
+ return 0;
+ } else {
+ /* Must be test specific line: try to parse it */
+ if (t->meth)
+ rv = t->meth->parse(t, keyword, value);
+
+ if (rv == 0)
+ fprintf(stderr, "line %d: unexpected keyword %s\n",
+ t->line, keyword);
+
+ if (rv < 0)
+ fprintf(stderr, "line %d: error processing keyword %s\n",
+ t->line, keyword);
+ if (rv <= 0)
+ return 0;
+ }
+ return 1;
+}
+
+static int check_output(struct evp_test *t, const unsigned char *expected,
+ const unsigned char *got, size_t len)
+{
+ if (!memcmp(expected, got, len))
+ return 0;
+ t->out_expected = BUF_memdup(expected, len);
+ t->out_got = BUF_memdup(got, len);
+ t->out_len = len;
+ if (t->out_expected == NULL || t->out_got == NULL) {
+ fprintf(stderr, "Memory allocation error!\n");
+ exit(1);
+ }
+ return 1;
+}
+
+int main(int argc, char **argv)
+{
+ FILE *in = NULL;
+ char buf[10240];
+ struct evp_test t;
+
+ if (argc != 2) {
+ fprintf(stderr, "usage: evp_test testfile.txt\n");
+ return 1;
+ }
+
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+
+ memset(&t, 0, sizeof(t));
+ t.meth = NULL;
+ t.public = NULL;
+ t.private = NULL;
+ t.err = NULL;
+ t.line = 0;
+ t.start_line = -1;
+ t.errors = 0;
+ t.ntests = 0;
+ t.out_expected = NULL;
+ t.out_got = NULL;
+ t.out_len = 0;
+ in = fopen(argv[1], "r");
+ t.in = in;
+ while (fgets(buf, sizeof(buf), in)) {
+ t.line++;
+ if (!process_test(&t, buf, 0))
+ exit(1);
+ }
+ /* Run any final test we have */
+ if (!setup_test(&t, NULL))
+ exit(1);
+ fprintf(stderr, "%d tests completed with %d errors, %d skipped\n",
+ t.ntests, t.errors, t.nskip);
+ free_key_list(t.public);
+ free_key_list(t.private);
+ fclose(in);
+ EVP_cleanup();
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks_fp(stderr);
+ if (t.errors)
+ return 1;
+ return 0;
+}
+
+static void test_free(void *d)
+{
+ if (d)
+ OPENSSL_free(d);
+}
+
+/* Message digest tests */
+
+struct digest_data {
+ /* Digest this test is for */
+ const EVP_MD *digest;
+ /* Input to digest */
+ unsigned char *input;
+ size_t input_len;
+ /* Repeat count for input */
+ size_t nrpt;
+ /* Expected output */
+ unsigned char *output;
+ size_t output_len;
+};
+
+static int digest_test_init(struct evp_test *t, const char *alg)
+{
+ const EVP_MD *digest;
+ struct digest_data *mdat = t->data;
+ digest = EVP_get_digestbyname(alg);
+ if (!digest) {
+ /* If alg has an OID assume disabled algorithm */
+ if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
+ t->skip = 1;
+ return 1;
+ }
+ return 0;
+ }
+ mdat = OPENSSL_malloc(sizeof(struct digest_data));
+ mdat->digest = digest;
+ mdat->input = NULL;
+ mdat->output = NULL;
+ mdat->nrpt = 1;
+ t->data = mdat;
+ return 1;
+}
+
+static void digest_test_cleanup(struct evp_test *t)
+{
+ struct digest_data *mdat = t->data;
+ test_free(mdat->input);
+ test_free(mdat->output);
+}
+
+static int digest_test_parse(struct evp_test *t,
+ const char *keyword, const char *value)
+{
+ struct digest_data *mdata = t->data;
+ if (!strcmp(keyword, "Input"))
+ return test_bin(value, &mdata->input, &mdata->input_len);
+ if (!strcmp(keyword, "Output"))
+ return test_bin(value, &mdata->output, &mdata->output_len);
+ if (!strcmp(keyword, "Count")) {
+ long nrpt = atoi(value);
+ if (nrpt <= 0)
+ return 0;
+ mdata->nrpt = (size_t)nrpt;
+ return 1;
+ }
+ return 0;
+}
+
+static int digest_test_run(struct evp_test *t)
+{
+ struct digest_data *mdata = t->data;
+ size_t i;
+ const char *err = "INTERNAL_ERROR";
+ EVP_MD_CTX *mctx;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ unsigned int md_len;
+ mctx = EVP_MD_CTX_create();
+ if (!mctx)
+ goto err;
+ err = "DIGESTINIT_ERROR";
+ if (!EVP_DigestInit_ex(mctx, mdata->digest, NULL))
+ goto err;
+ err = "DIGESTUPDATE_ERROR";
+ for (i = 0; i < mdata->nrpt; i++) {
+ if (!EVP_DigestUpdate(mctx, mdata->input, mdata->input_len))
+ goto err;
+ }
+ err = "DIGESTFINAL_ERROR";
+ if (!EVP_DigestFinal(mctx, md, &md_len))
+ goto err;
+ err = "DIGEST_LENGTH_MISMATCH";
+ if (md_len != mdata->output_len)
+ goto err;
+ err = "DIGEST_MISMATCH";
+ if (check_output(t, mdata->output, md, md_len))
+ goto err;
+ err = NULL;
+ err:
+ if (mctx)
+ EVP_MD_CTX_destroy(mctx);
+ t->err = err;
+ return 1;
+}
+
+static const struct evp_test_method digest_test_method = {
+ "Digest",
+ digest_test_init,
+ digest_test_cleanup,
+ digest_test_parse,
+ digest_test_run
+};
+
+/* Cipher tests */
+struct cipher_data {
+ const EVP_CIPHER *cipher;
+ int enc;
+ /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
+ int aead;
+ unsigned char *key;
+ size_t key_len;
+ unsigned char *iv;
+ size_t iv_len;
+ unsigned char *plaintext;
+ size_t plaintext_len;
+ unsigned char *ciphertext;
+ size_t ciphertext_len;
+ /* GCM, CCM only */
+ unsigned char *aad;
+ size_t aad_len;
+ unsigned char *tag;
+ size_t tag_len;
+};
+
+static int cipher_test_init(struct evp_test *t, const char *alg)
+{
+ const EVP_CIPHER *cipher;
+ struct cipher_data *cdat = t->data;
+ cipher = EVP_get_cipherbyname(alg);
+ if (!cipher) {
+ /* If alg has an OID assume disabled algorithm */
+ if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
+ t->skip = 1;
+ return 1;
+ }
+ return 0;
+ }
+ cdat = OPENSSL_malloc(sizeof(struct cipher_data));
+ cdat->cipher = cipher;
+ cdat->enc = -1;
+ cdat->key = NULL;
+ cdat->iv = NULL;
+ cdat->ciphertext = NULL;
+ cdat->plaintext = NULL;
+ cdat->aad = NULL;
+ cdat->tag = NULL;
+ t->data = cdat;
+ if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE
+ || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE
+ || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE)
+ cdat->aead = EVP_CIPHER_mode(cipher);
+ else
+ cdat->aead = 0;
+
+ return 1;
+}
+
+static void cipher_test_cleanup(struct evp_test *t)
+{
+ struct cipher_data *cdat = t->data;
+ test_free(cdat->key);
+ test_free(cdat->iv);
+ test_free(cdat->ciphertext);
+ test_free(cdat->plaintext);
+ test_free(cdat->aad);
+ test_free(cdat->tag);
+}
+
+static int cipher_test_parse(struct evp_test *t, const char *keyword,
+ const char *value)
+{
+ struct cipher_data *cdat = t->data;
+ if (!strcmp(keyword, "Key"))
+ return test_bin(value, &cdat->key, &cdat->key_len);
+ if (!strcmp(keyword, "IV"))
+ return test_bin(value, &cdat->iv, &cdat->iv_len);
+ if (!strcmp(keyword, "Plaintext"))
+ return test_bin(value, &cdat->plaintext, &cdat->plaintext_len);
+ if (!strcmp(keyword, "Ciphertext"))
+ return test_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
+ if (cdat->aead) {
+ if (!strcmp(keyword, "AAD"))
+ return test_bin(value, &cdat->aad, &cdat->aad_len);
+ if (!strcmp(keyword, "Tag"))
+ return test_bin(value, &cdat->tag, &cdat->tag_len);
+ }
+
+ if (!strcmp(keyword, "Operation")) {
+ if (!strcmp(value, "ENCRYPT"))
+ cdat->enc = 1;
+ else if (!strcmp(value, "DECRYPT"))
+ cdat->enc = 0;
+ else
+ return 0;
+ return 1;
+ }
+ return 0;
+}
+
+static int cipher_test_enc(struct evp_test *t, int enc)
+{
+ struct cipher_data *cdat = t->data;
+ unsigned char *in, *out, *tmp = NULL;
+ size_t in_len, out_len;
+ int tmplen, tmpflen;
+ EVP_CIPHER_CTX *ctx = NULL;
+ const char *err;
+ err = "INTERNAL_ERROR";
+ ctx = EVP_CIPHER_CTX_new();
+ if (!ctx)
+ goto err;
+ EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
+ if (enc) {
+ in = cdat->plaintext;
+ in_len = cdat->plaintext_len;
+ out = cdat->ciphertext;
+ out_len = cdat->ciphertext_len;
+ } else {
+ in = cdat->ciphertext;
+ in_len = cdat->ciphertext_len;
+ out = cdat->plaintext;
+ out_len = cdat->plaintext_len;
+ }
+ tmp = OPENSSL_malloc(in_len + 2 * EVP_MAX_BLOCK_LENGTH);
+ if (!tmp)
+ goto err;
+ err = "CIPHERINIT_ERROR";
+ if (!EVP_CipherInit_ex(ctx, cdat->cipher, NULL, NULL, NULL, enc))
+ goto err;
+ err = "INVALID_IV_LENGTH";
+ if (cdat->iv) {
+ if (cdat->aead) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+ cdat->iv_len, 0))
+ goto err;
+ } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
+ goto err;
+ }
+ if (cdat->aead) {
+ unsigned char *tag;
+ /*
+ * If encrypting or OCB just set tag length initially, otherwise
+ * set tag length and value.
+ */
+ if (enc || cdat->aead == EVP_CIPH_OCB_MODE) {
+ err = "TAG_LENGTH_SET_ERROR";
+ tag = NULL;
+ } else {
+ err = "TAG_SET_ERROR";
+ tag = cdat->tag;
+ }
+ if (tag || cdat->aead != EVP_CIPH_GCM_MODE) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+ cdat->tag_len, tag))
+ goto err;
+ }
+ }
+
+ err = "INVALID_KEY_LENGTH";
+ if (!EVP_CIPHER_CTX_set_key_length(ctx, cdat->key_len))
+ goto err;
+ err = "KEY_SET_ERROR";
+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1))
+ goto err;
+
+ if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+ cdat->tag_len, cdat->tag)) {
+ err = "TAG_SET_ERROR";
+ goto err;
+ }
+ }
+
+ if (cdat->aead == EVP_CIPH_CCM_MODE) {
+ if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
+ err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
+ goto err;
+ }
+ }
+ if (cdat->aad) {
+ if (!EVP_CipherUpdate(ctx, NULL, &tmplen, cdat->aad, cdat->aad_len)) {
+ err = "AAD_SET_ERROR";
+ goto err;
+ }
+ }
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
+ err = "CIPHERUPDATE_ERROR";
+ if (!EVP_CipherUpdate(ctx, tmp, &tmplen, in, in_len))
+ goto err;
+ if (cdat->aead == EVP_CIPH_CCM_MODE)
+ tmpflen = 0;
+ else {
+ err = "CIPHERFINAL_ERROR";
+ if (!EVP_CipherFinal_ex(ctx, tmp + tmplen, &tmpflen))
+ goto err;
+ }
+ err = "LENGTH_MISMATCH";
+ if (out_len != (size_t)(tmplen + tmpflen))
+ goto err;
+ err = "VALUE_MISMATCH";
+ if (check_output(t, out, tmp, out_len))
+ goto err;
+ if (enc && cdat->aead) {
+ unsigned char rtag[16];
+ if (cdat->tag_len > sizeof(rtag)) {
+ err = "TAG_LENGTH_INTERNAL_ERROR";
+ goto err;
+ }
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
+ cdat->tag_len, rtag)) {
+ err = "TAG_RETRIEVE_ERROR";
+ goto err;
+ }
+ if (check_output(t, cdat->tag, rtag, cdat->tag_len)) {
+ err = "TAG_VALUE_MISMATCH";
+ goto err;
+ }
+ }
+ err = NULL;
+ err:
+ if (tmp)
+ OPENSSL_free(tmp);
+ EVP_CIPHER_CTX_free(ctx);
+ t->err = err;
+ return err ? 0 : 1;
+}
+
+static int cipher_test_run(struct evp_test *t)
+{
+ struct cipher_data *cdat = t->data;
+ int rv;
+ if (!cdat->key) {
+ t->err = "NO_KEY";
+ return 0;
+ }
+ if (!cdat->iv && EVP_CIPHER_iv_length(cdat->cipher)) {
+ /* IV is optional and usually omitted in wrap mode */
+ if (EVP_CIPHER_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) {
+ t->err = "NO_IV";
+ return 0;
+ }
+ }
+ if (cdat->aead && !cdat->tag) {
+ t->err = "NO_TAG";
+ return 0;
+ }
+ if (cdat->enc) {
+ rv = cipher_test_enc(t, 1);
+ /* Not fatal errors: return */
+ if (rv != 1) {
+ if (rv < 0)
+ return 0;
+ return 1;
+ }
+ }
+ if (cdat->enc != 1) {
+ rv = cipher_test_enc(t, 0);
+ /* Not fatal errors: return */
+ if (rv != 1) {
+ if (rv < 0)
+ return 0;
+ return 1;
+ }
+ }
+ return 1;
+}
+
+static const struct evp_test_method cipher_test_method = {
+ "Cipher",
+ cipher_test_init,
+ cipher_test_cleanup,
+ cipher_test_parse,
+ cipher_test_run
+};
+
+struct mac_data {
+ /* MAC type */
+ int type;
+ /* Algorithm string for this MAC */
+ char *alg;
+ /* MAC key */
+ unsigned char *key;
+ size_t key_len;
+ /* Input to MAC */
+ unsigned char *input;
+ size_t input_len;
+ /* Expected output */
+ unsigned char *output;
+ size_t output_len;
+};
+
+static int mac_test_init(struct evp_test *t, const char *alg)
+{
+ int type;
+ struct mac_data *mdat;
+ if (!strcmp(alg, "HMAC"))
+ type = EVP_PKEY_HMAC;
+ else if (!strcmp(alg, "CMAC"))
+ type = EVP_PKEY_CMAC;
+ else
+ return 0;
+
+ mdat = OPENSSL_malloc(sizeof(struct mac_data));
+ mdat->type = type;
+ mdat->alg = NULL;
+ mdat->key = NULL;
+ mdat->input = NULL;
+ mdat->output = NULL;
+ t->data = mdat;
+ return 1;
+}
+
+static void mac_test_cleanup(struct evp_test *t)
+{
+ struct mac_data *mdat = t->data;
+ test_free(mdat->alg);
+ test_free(mdat->key);
+ test_free(mdat->input);
+ test_free(mdat->output);
+}
+
+static int mac_test_parse(struct evp_test *t,
+ const char *keyword, const char *value)
+{
+ struct mac_data *mdata = t->data;
+ if (!strcmp(keyword, "Key"))
+ return test_bin(value, &mdata->key, &mdata->key_len);
+ if (!strcmp(keyword, "Algorithm")) {
+ mdata->alg = BUF_strdup(value);
+ if (!mdata->alg)
+ return 0;
+ return 1;
+ }
+ if (!strcmp(keyword, "Input"))
+ return test_bin(value, &mdata->input, &mdata->input_len);
+ if (!strcmp(keyword, "Output"))
+ return test_bin(value, &mdata->output, &mdata->output_len);
+ return 0;
+}
+
+static int mac_test_run(struct evp_test *t)
+{
+ struct mac_data *mdata = t->data;
+ const char *err = "INTERNAL_ERROR";
+ EVP_MD_CTX *mctx = NULL;
+ EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
+ EVP_PKEY *key = NULL;
+ const EVP_MD *md = NULL;
+ unsigned char *mac = NULL;
+ size_t mac_len;
+
+ err = "MAC_PKEY_CTX_ERROR";
+ genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL);
+ if (!genctx)
+ goto err;
+
+ err = "MAC_KEYGEN_INIT_ERROR";
+ if (EVP_PKEY_keygen_init(genctx) <= 0)
+ goto err;
+ if (mdata->type == EVP_PKEY_CMAC) {
+ err = "MAC_ALGORITHM_SET_ERROR";
+ if (EVP_PKEY_CTX_ctrl_str(genctx, "cipher", mdata->alg) <= 0)
+ goto err;
+ }
+
+ err = "MAC_KEY_SET_ERROR";
+ if (EVP_PKEY_CTX_set_mac_key(genctx, mdata->key, mdata->key_len) <= 0)
+ goto err;
+
+ err = "MAC_KEY_GENERATE_ERROR";
+ if (EVP_PKEY_keygen(genctx, &key) <= 0)
+ goto err;
+ if (mdata->type == EVP_PKEY_HMAC) {
+ err = "MAC_ALGORITHM_SET_ERROR";
+ md = EVP_get_digestbyname(mdata->alg);
+ if (!md)
+ goto err;
+ }
+ mctx = EVP_MD_CTX_create();
+ if (!mctx)
+ goto err;
+ err = "DIGESTSIGNINIT_ERROR";
+ if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key))
+ goto err;
+
+ err = "DIGESTSIGNUPDATE_ERROR";
+ if (!EVP_DigestSignUpdate(mctx, mdata->input, mdata->input_len))
+ goto err;
+ err = "DIGESTSIGNFINAL_LENGTH_ERROR";
+ if (!EVP_DigestSignFinal(mctx, NULL, &mac_len))
+ goto err;
+ mac = OPENSSL_malloc(mac_len);
+ if (!mac) {
+ fprintf(stderr, "Error allocating mac buffer!\n");
+ exit(1);
+ }
+ if (!EVP_DigestSignFinal(mctx, mac, &mac_len))
+ goto err;
+ err = "MAC_LENGTH_MISMATCH";
+ if (mac_len != mdata->output_len)
+ goto err;
+ err = "MAC_MISMATCH";
+ if (check_output(t, mdata->output, mac, mac_len))
+ goto err;
+ err = NULL;
+ err:
+ if (mctx)
+ EVP_MD_CTX_destroy(mctx);
+ if (mac)
+ OPENSSL_free(mac);
+ EVP_PKEY_CTX_free(genctx);
+ EVP_PKEY_free(key);
+ t->err = err;
+ return 1;
+}
+
+static const struct evp_test_method mac_test_method = {
+ "MAC",
+ mac_test_init,
+ mac_test_cleanup,
+ mac_test_parse,
+ mac_test_run
+};
+
+/*
+ * Public key operations. These are all very similar and can share
+ * a lot of common code.
+ */
+
+struct pkey_data {
+ /* Context for this operation */
+ EVP_PKEY_CTX *ctx;
+ /* Key operation to perform */
+ int (*keyop) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+ /* Input to MAC */
+ unsigned char *input;
+ size_t input_len;
+ /* Expected output */
+ unsigned char *output;
+ size_t output_len;
+};
+
+/*
+ * Perform public key operation setup: lookup key, allocated ctx and call
+ * the appropriate initialisation function
+ */
+static int pkey_test_init(struct evp_test *t, const char *name,
+ int use_public,
+ int (*keyopinit) (EVP_PKEY_CTX *ctx),
+ int (*keyop) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen)
+ )
+{
+ struct pkey_data *kdata;
+ EVP_PKEY *pkey = NULL;
+ int rv = 0;
+ if (use_public)
+ rv = find_key(&pkey, name, t->public);
+ if (!rv)
+ rv = find_key(&pkey, name, t->private);
+ if (!rv)
+ return 0;
+ if (!pkey) {
+ t->skip = 1;
+ return 1;
+ }
+
+ kdata = OPENSSL_malloc(sizeof(struct pkey_data));
+ if (!kdata) {
+ EVP_PKEY_free(pkey);
+ return 0;
+ }
+ kdata->ctx = NULL;
+ kdata->input = NULL;
+ kdata->output = NULL;
+ kdata->keyop = keyop;
+ t->data = kdata;
+ kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (!kdata->ctx)
+ return 0;
+ if (keyopinit(kdata->ctx) <= 0)
+ return 0;
+ return 1;
+}
+
+static void pkey_test_cleanup(struct evp_test *t)
+{
+ struct pkey_data *kdata = t->data;
+ if (kdata->input)
+ OPENSSL_free(kdata->input);
+ if (kdata->output)
+ OPENSSL_free(kdata->output);
+ EVP_PKEY_CTX_free(kdata->ctx);
+}
+
+static int pkey_test_parse(struct evp_test *t,
+ const char *keyword, const char *value)
+{
+ struct pkey_data *kdata = t->data;
+ if (!strcmp(keyword, "Input"))
+ return test_bin(value, &kdata->input, &kdata->input_len);
+ if (!strcmp(keyword, "Output"))
+ return test_bin(value, &kdata->output, &kdata->output_len);
+ if (!strcmp(keyword, "Ctrl")) {
+ char *p = strchr(value, ':');
+ if (p)
+ *p++ = 0;
+ if (EVP_PKEY_CTX_ctrl_str(kdata->ctx, value, p) <= 0)
+ return 0;
+ return 1;
+ }
+ return 0;
+}
+
+static int pkey_test_run(struct evp_test *t)
+{
+ struct pkey_data *kdata = t->data;
+ unsigned char *out = NULL;
+ size_t out_len;
+ const char *err = "KEYOP_LENGTH_ERROR";
+ if (kdata->keyop(kdata->ctx, NULL, &out_len, kdata->input,
+ kdata->input_len) <= 0)
+ goto err;
+ out = OPENSSL_malloc(out_len);
+ if (!out) {
+ fprintf(stderr, "Error allocating output buffer!\n");
+ exit(1);
+ }
+ err = "KEYOP_ERROR";
+ if (kdata->keyop
+ (kdata->ctx, out, &out_len, kdata->input, kdata->input_len) <= 0)
+ goto err;
+ err = "KEYOP_LENGTH_MISMATCH";
+ if (out_len != kdata->output_len)
+ goto err;
+ err = "KEYOP_MISMATCH";
+ if (check_output(t, kdata->output, out, out_len))
+ goto err;
+ err = NULL;
+ err:
+ if (out)
+ OPENSSL_free(out);
+ t->err = err;
+ return 1;
+}
+
+static int sign_test_init(struct evp_test *t, const char *name)
+{
+ return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign);
+}
+
+static const struct evp_test_method psign_test_method = {
+ "Sign",
+ sign_test_init,
+ pkey_test_cleanup,
+ pkey_test_parse,
+ pkey_test_run
+};
+
+static int verify_recover_test_init(struct evp_test *t, const char *name)
+{
+ return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init,
+ EVP_PKEY_verify_recover);
+}
+
+static const struct evp_test_method pverify_recover_test_method = {
+ "VerifyRecover",
+ verify_recover_test_init,
+ pkey_test_cleanup,
+ pkey_test_parse,
+ pkey_test_run
+};
+
+static int decrypt_test_init(struct evp_test *t, const char *name)
+{
+ return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init,
+ EVP_PKEY_decrypt);
+}
+
+static const struct evp_test_method pdecrypt_test_method = {
+ "Decrypt",
+ decrypt_test_init,
+ pkey_test_cleanup,
+ pkey_test_parse,
+ pkey_test_run
+};
+
+static int verify_test_init(struct evp_test *t, const char *name)
+{
+ return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0);
+}
+
+static int verify_test_run(struct evp_test *t)
+{
+ struct pkey_data *kdata = t->data;
+ if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len,
+ kdata->input, kdata->input_len) <= 0)
+ t->err = "VERIFY_ERROR";
+ return 1;
+}
+
+static const struct evp_test_method pverify_test_method = {
+ "Verify",
+ verify_test_init,
+ pkey_test_cleanup,
+ pkey_test_parse,
+ verify_test_run
+};
--- /dev/null
+#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt)
+#aadcipher:key:iv:plaintext:ciphertext:aad:tag:0/1(decrypt/encrypt)
+#digest:::input:output
+
+# SHA(1) tests (from shatest.c)
+Digest = SHA1
+Input = 616263
+Output = a9993e364706816aba3e25717850c26c9cd0d89d
+
+
+# MD5 tests (from md5test.c)
+Digest = MD5
+Input =
+Output = d41d8cd98f00b204e9800998ecf8427e
+
+Digest = MD5
+Input = 61
+Output = 0cc175b9c0f1b6a831c399e269772661
+
+Digest = MD5
+Input = 616263
+Output = 900150983cd24fb0d6963f7d28e17f72
+
+Digest = MD5
+Input = 6d65737361676520646967657374
+Output = f96b697d7cb7938d525a2f31aaf161d0
+
+Digest = MD5
+Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
+Output = c3fcd3d76192e4007dfb496cca67e13b
+
+Digest = MD5
+Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
+Output = d174ab98d277d9f5a5611c2c9f419d9f
+
+Digest = MD5
+Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
+Output = 57edf4a22be3c955ac49da2e2107b67a
+
+# MD4 tests from md4test.c
+Digest = MD4
+Input = ""
+Output = 31d6cfe0d16ae931b73c59d7e0c089c0
+Digest = MD4
+Input = "a"
+Output = bde52cb31de33e46245e05fbdbd6fb24
+Digest = MD4
+Input = "abc"
+Output = a448017aaf21d8525fc10ae87aa6729d
+Digest = MD4
+Input = "message digest"
+Output = d9130a8164549fe818874806e1c7014b
+Digest = MD4
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = d79e1c308aa5bbcdeea8ed63df412da9
+Digest = MD4
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = 043f8582f241db351ce627e153e7f0e4
+Digest = MD4
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = e33b4ddc9c38f2199c3e7b164fcc0536
+
+# RIPEMD160 tests from rmdtest.c
+Digest = RIPEMD160
+Input = ""
+Output = 9c1185a5c5e9fc54612808977ee8f548b2258d31
+Digest = RIPEMD160
+Input = "a"
+Output = 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
+Digest = RIPEMD160
+Input = "abc"
+Output = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
+Digest = RIPEMD160
+Input = "message digest"
+Output = 5d0689ef49d2fae572b881b123a85ffa21595f36
+Digest = RIPEMD160
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = f71c27109c692c1b56bbdceb5b9d2865b3708dbc
+Digest = RIPEMD160
+Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+Output = 12a053384a9c0c88e405a06c27dcf49ada62eb2b
+Digest = RIPEMD160
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = b0e20b6e3116640286ed3a87a5713079b21f5189
+Digest = RIPEMD160
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = 9b752e45573d4b39f4dbd3323cab82bf63326bfb
+
+# whirlpool tests from wp_test.c
+Digest = whirlpool
+Input = ""
+Output = 19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3
+Digest = whirlpool
+Input = "a"
+Output = 8ACA2602792AEC6F11A67206531FB7D7F0DFF59413145E6973C45001D0087B42D11BC645413AEFF63A42391A39145A591A92200D560195E53B478584FDAE231A
+Digest = whirlpool
+Input = "abc"
+Output = 4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5
+Digest = whirlpool
+Input = "message digest"
+Output = 378C84A4126E2DC6E56DCC7458377AAC838D00032230F53CE1F5700C0FFB4D3B8421557659EF55C106B4B52AC5A4AAA692ED920052838F3362E86DBD37A8903E
+Digest = whirlpool
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = F1D754662636FFE92C82EBB9212A484A8D38631EAD4238F5442EE13B8054E41B08BF2A9251C30B6A0B8AAE86177AB4A6F68F673E7207865D5D9819A3DBA4EB3B
+Digest = whirlpool
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = DC37E008CF9EE69BF11F00ED9ABA26901DD7C28CDEC066CC6AF42E40F82F3A1E08EBA26629129D8FB7CB57211B9281A65517CC879D7B962142C65F5A7AF01467
+Digest = whirlpool
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = 466EF18BABB0154D25B9D38A6414F5C08784372BCCB204D6549C4AFADB6014294D5BD8DF2A6C44E538CD047B2681A51A2C60481E88C5A20B2C2A80CF3A9A083B
+Digest = whirlpool
+Input = "abcdbcdecdefdefgefghfghighijhijk"
+Output = 2A987EA40F917061F5D6F0A0E4644F488A7A5A52DEEE656207C562F988E95C6916BDC8031BC5BE1B7B947639FE050B56939BAAA0ADFF9AE6745B7B181C3BE3FD
+Digest = whirlpool
+Input = "aaaaaaaaaa"
+Count = 100000
+Output = 0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01
+
+# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
+
+Cipher = AES-128-ECB
+Key = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 69C4E0D86A7B0430D8CDB78070B4C55A
+
+# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
+
+Cipher = AES-192-ECB
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = DDA97CA4864CDFE06EAF70A0EC0D7191
+
+
+# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
+
+Cipher = AES-256-ECB
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 8EA2B7CA516745BFEAFC49904B496089
+
+
+# AES 128 ECB tests (from NIST test vectors, encrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1
+
+# AES 128 ECB tests (from NIST test vectors, decrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0
+
+# AES 192 ECB tests (from NIST test vectors, decrypt)
+
+#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0
+
+# AES 256 ECB tests (from NIST test vectors, decrypt)
+
+#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0
+
+# AES 128 CBC tests (from NIST test vectors, encrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1
+
+# AES 192 CBC tests (from NIST test vectors, encrypt)
+
+#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1
+
+# AES 256 CBC tests (from NIST test vectors, encrypt)
+
+#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1
+
+# AES 128 CBC tests (from NIST test vectors, decrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0
+
+# AES tests from NIST document SP800-38A
+# For all ECB encrypts and decrypts, the transformed sequence is
+# AES-bits-ECB:key::plaintext:ciphertext:encdec
+# ECB-AES128.Encrypt and ECB-AES128.Decrypt
+Cipher = AES-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 3AD77BB40D7A3660A89ECAF32466EF97
+
+Cipher = AES-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = F5D3D58503B9699DE785895A96FDBAAF
+
+Cipher = AES-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 43B1CD7F598ECE23881B00E3ED030688
+
+Cipher = AES-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 7B0C785E27E8AD3F8223207104725DD4
+
+# ECB-AES192.Encrypt and ECB-AES192.Decrypt
+Cipher = AES-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = BD334F1D6E45F25FF712A214571FA5CC
+
+Cipher = AES-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 974104846D0AD3AD7734ECB3ECEE4EEF
+
+Cipher = AES-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = EF7AFD2270E2E60ADCE0BA2FACE6444E
+
+Cipher = AES-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 9A4B41BA738D6C72FB16691603C18E0E
+
+# ECB-AES256.Encrypt and ECB-AES256.Decrypt
+Cipher = AES-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = F3EED1BDB5D2A03C064B5A7E3DB181F8
+
+Cipher = AES-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 591CCB10D410ED26DC5BA74A31362870
+
+Cipher = AES-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = B6ED21B99CA6F4F9F153E7B1BEAFED1D
+
+Cipher = AES-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 23304B7A39F9F3FF067D8D8F9E24ECC7
+
+# For all CBC encrypts and decrypts, the transformed sequence is
+# AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-AES128.Encrypt and CBC-AES128.Decrypt
+Cipher = AES-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 7649ABAC8119B246CEE98E9B12E9197D
+
+Cipher = AES-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 7649ABAC8119B246CEE98E9B12E9197D
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 5086CB9B507219EE95DB113A917678B2
+
+Cipher = AES-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 5086CB9B507219EE95DB113A917678B2
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 73BED6B8E3C1743B7116E69E22229516
+
+Cipher = AES-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 73BED6B8E3C1743B7116E69E22229516
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 3FF1CAA1681FAC09120ECA307586E1A7
+
+# CBC-AES192.Encrypt and CBC-AES192.Decrypt
+Cipher = AES-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 4F021DB243BC633D7178183A9FA071E8
+
+Cipher = AES-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 4F021DB243BC633D7178183A9FA071E8
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = B4D9ADA9AD7DEDF4E5E738763F69145A
+
+Cipher = AES-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = B4D9ADA9AD7DEDF4E5E738763F69145A
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 571B242012FB7AE07FA9BAAC3DF102E0
+
+Cipher = AES-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 571B242012FB7AE07FA9BAAC3DF102E0
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 08B0E27988598881D920A9E64F5615CD
+
+# CBC-AES256.Encrypt and CBC-AES256.Decrypt
+Cipher = AES-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = F58C4C04D6E5F1BA779EABFB5F7BFBD6
+
+Cipher = AES-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = F58C4C04D6E5F1BA779EABFB5F7BFBD6
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 9CFC4E967EDB808D679F777BC6702C7D
+
+Cipher = AES-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 9CFC4E967EDB808D679F777BC6702C7D
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 39F23369A9D9BACFA530E26304231461
+
+Cipher = AES-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 39F23369A9D9BACFA530E26304231461
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = B2EB05E2C39BE9FCDA6C19078C6A9D1B
+
+# We don't support CFB{1,8}-AESxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+# AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-AES128.Encrypt
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
+
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 3B3FD92EB72DAD20333449F8E83CFB4A
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = C8A64537A0B3A93FCDE3CDAD9F1CE58B
+
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = C8A64537A0B3A93FCDE3CDAD9F1CE58B
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 26751F67A3CBB140B1808CF187A4F4DF
+
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 26751F67A3CBB140B1808CF187A4F4DF
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = C04B05357C5D1C0EEAC4C66F9FF7F2E6
+
+# CFB128-AES128.Decrypt
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
+
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 3B3FD92EB72DAD20333449F8E83CFB4A
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = C8A64537A0B3A93FCDE3CDAD9F1CE58B
+
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = C8A64537A0B3A93FCDE3CDAD9F1CE58B
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 26751F67A3CBB140B1808CF187A4F4DF
+
+Cipher = AES-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 26751F67A3CBB140B1808CF187A4F4DF
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = C04B05357C5D1C0EEAC4C66F9FF7F2E6
+
+# CFB128-AES192.Encrypt
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
+
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = CDC80D6FDDF18CAB34C25909C99A4174
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 67CE7F7F81173621961A2B70171D3D7A
+
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 67CE7F7F81173621961A2B70171D3D7A
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
+
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = C05F9F9CA9834FA042AE8FBA584B09FF
+
+# CFB128-AES192.Decrypt
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
+
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = CDC80D6FDDF18CAB34C25909C99A4174
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 67CE7F7F81173621961A2B70171D3D7A
+
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 67CE7F7F81173621961A2B70171D3D7A
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
+
+Cipher = AES-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 2E1E8A1DD59B88B1C8E60FED1EFAC4C9
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = C05F9F9CA9834FA042AE8FBA584B09FF
+
+# CFB128-AES256.Encrypt
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
+
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = DC7E84BFDA79164B7ECD8486985D3860
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 39FFED143B28B1C832113C6331E5407B
+
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 39FFED143B28B1C832113C6331E5407B
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = DF10132415E54B92A13ED0A8267AE2F9
+
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = DF10132415E54B92A13ED0A8267AE2F9
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 75A385741AB9CEF82031623D55B1E471
+
+# CFB128-AES256.Decrypt
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
+
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = DC7E84BFDA79164B7ECD8486985D3860
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 39FFED143B28B1C832113C6331E5407B
+
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 39FFED143B28B1C832113C6331E5407B
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = DF10132415E54B92A13ED0A8267AE2F9
+
+Cipher = AES-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = DF10132415E54B92A13ED0A8267AE2F9
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 75A385741AB9CEF82031623D55B1E471
+
+# For all OFB encrypts and decrypts, the transformed sequence is
+# AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-AES128.Encrypt
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
+
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 50FE67CC996D32B6DA0937E99BAFEC60
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 7789508D16918F03F53C52DAC54ED825
+
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = D9A4DADA0892239F6B8B3D7680E15674
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 9740051E9C5FECF64344F7A82260EDCC
+
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A78819583F0308E7A6BF36B1386ABF23
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 304C6528F659C77866A510D9C1D6AE5E
+
+# OFB-AES128.Decrypt
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
+
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 50FE67CC996D32B6DA0937E99BAFEC60
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 7789508D16918F03F53C52DAC54ED825
+
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = D9A4DADA0892239F6B8B3D7680E15674
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 9740051E9C5FECF64344F7A82260EDCC
+
+Cipher = AES-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A78819583F0308E7A6BF36B1386ABF23
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 304C6528F659C77866A510D9C1D6AE5E
+
+# OFB-AES192.Encrypt
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
+
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = A609B38DF3B1133DDDFF2718BA09565E
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = FCC28B8D4C63837C09E81700C1100401
+
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 52EF01DA52602FE0975F78AC84BF8A50
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 8D9A9AEAC0F6596F559C6D4DAF59A5F2
+
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = BD5286AC63AABD7EB067AC54B553F71D
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 6D9F200857CA6C3E9CAC524BD9ACC92A
+
+# OFB-AES192.Decrypt
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CDC80D6FDDF18CAB34C25909C99A4174
+
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = A609B38DF3B1133DDDFF2718BA09565E
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = FCC28B8D4C63837C09E81700C1100401
+
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 52EF01DA52602FE0975F78AC84BF8A50
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 8D9A9AEAC0F6596F559C6D4DAF59A5F2
+
+Cipher = AES-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = BD5286AC63AABD7EB067AC54B553F71D
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 6D9F200857CA6C3E9CAC524BD9ACC92A
+
+# OFB-AES256.Encrypt
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
+
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 4FEBDC6740D20B3AC88F6AD82A4FB08D
+
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E1C656305ED1A7A6563805746FE03EDC
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 71AB47A086E86EEDF39D1C5BBA97C408
+
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 41635BE625B48AFC1666DD42A09D96E7
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 0126141D67F37BE8538F5A8BE740E484
+
+# OFB-AES256.Decrypt
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = DC7E84BFDA79164B7ECD8486985D3860
+
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 4FEBDC6740D20B3AC88F6AD82A4FB08D
+
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E1C656305ED1A7A6563805746FE03EDC
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 71AB47A086E86EEDF39D1C5BBA97C408
+
+Cipher = AES-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 41635BE625B48AFC1666DD42A09D96E7
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 0126141D67F37BE8538F5A8BE740E484
+
+
+# AES Counter test vectors from RFC3686
+Cipher = aes-128-ctr
+Key = AE6852F8121067CC4BF7A5765577F39E
+IV = 00000030000000000000000000000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = E4095D4FB7A7B3792D6175A3261311B8
+
+Cipher = aes-128-ctr
+Key = 7E24067817FAE0D743D6CE1F32539163
+IV = 006CB6DBC0543B59DA48D90B00000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = 5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28
+
+Cipher = aes-128-ctr
+Key = 7691BE035E5020A8AC6E618529F9A0DC
+IV = 00E0017B27777F3F4A1786F000000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F
+
+
+Cipher = aes-192-ctr
+Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515
+IV = 0000004836733C147D6D93CB00000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = 4B55384FE259C9C84E7935A003CBE928
+
+Cipher = aes-192-ctr
+Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A
+IV = 0096B03B020C6EADC2CB500D00000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = 453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00
+
+Cipher = aes-192-ctr
+Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE
+IV = 0007BDFD5CBD60278DCC091200000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = 96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935
+
+
+Cipher = aes-256-ctr
+Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104
+IV = 00000060DB5672C97AA8F0B200000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = 145AD01DBF824EC7560863DC71E3E0C0
+
+Cipher = aes-256-ctr
+Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884
+IV = 00FAAC24C1585EF15A43D87500000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C
+
+Cipher = aes-256-ctr
+Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D
+IV = 001CC5B751A51D70A1C1114800000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8
+
+
+# DES ECB tests (from destest)
+
+Cipher = DES-ECB
+Key = 0000000000000000
+Plaintext = 0000000000000000
+Ciphertext = 8CA64DE9C1B123A7
+
+Cipher = DES-ECB
+Key = FFFFFFFFFFFFFFFF
+Plaintext = FFFFFFFFFFFFFFFF
+Ciphertext = 7359B2163E4EDC58
+
+Cipher = DES-ECB
+Key = 3000000000000000
+Plaintext = 1000000000000001
+Ciphertext = 958E6E627A05557B
+
+Cipher = DES-ECB
+Key = 1111111111111111
+Plaintext = 1111111111111111
+Ciphertext = F40379AB9E0EC533
+
+Cipher = DES-ECB
+Key = 0123456789ABCDEF
+Plaintext = 1111111111111111
+Ciphertext = 17668DFC7292532D
+
+Cipher = DES-ECB
+Key = 1111111111111111
+Plaintext = 0123456789ABCDEF
+Ciphertext = 8A5AE1F81AB8F2DD
+
+Cipher = DES-ECB
+Key = FEDCBA9876543210
+Plaintext = 0123456789ABCDEF
+Ciphertext = ED39D950FA74BCC4
+
+
+# DESX-CBC tests (from destest)
+Cipher = DESX-CBC
+Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
+IV = fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
+Ciphertext = 846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
+
+
+# DES EDE3 CBC tests (from destest)
+Cipher = DES-EDE3-CBC
+Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
+IV = fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
+Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
+
+
+# RC4 tests (from rc4test)
+Cipher = RC4
+Key = 0123456789abcdef0123456789abcdef
+Plaintext = 0123456789abcdef
+Ciphertext = 75b7878099e0c596
+
+Cipher = RC4
+Key = 0123456789abcdef0123456789abcdef
+Plaintext = 0000000000000000
+Ciphertext = 7494c2e7104b0879
+
+Cipher = RC4
+Key = 00000000000000000000000000000000
+Plaintext = 0000000000000000
+Ciphertext = de188941a3375d3a
+
+Cipher = RC4
+Key = ef012345ef012345ef012345ef012345
+Plaintext = 0000000000000000000000000000000000000000
+Ciphertext = d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
+
+Cipher = RC4
+Key = 0123456789abcdef0123456789abcdef
+Plaintext = 123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678
+Ciphertext = 66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
+
+Cipher = RC4
+Key = ef012345ef012345ef012345ef012345
+Plaintext = 00000000000000000000
+Ciphertext = d6a141a7ec3c38dfbd61
+
+
+
+# Camellia tests from RFC3713
+# For all ECB encrypts and decrypts, the transformed sequence is
+# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
+Cipher = CAMELLIA-128-ECB
+Key = 0123456789abcdeffedcba9876543210
+Plaintext = 0123456789abcdeffedcba9876543210
+Ciphertext = 67673138549669730857065648eabe43
+
+Cipher = CAMELLIA-192-ECB
+Key = 0123456789abcdeffedcba98765432100011223344556677
+Plaintext = 0123456789abcdeffedcba9876543210
+Ciphertext = b4993401b3e996f84ee5cee7d79b09b9
+
+Cipher = CAMELLIA-256-ECB
+Key = 0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff
+Plaintext = 0123456789abcdeffedcba9876543210
+Ciphertext = 9acc237dff16d76c20ef7c919e3a7509
+
+
+# ECB-CAMELLIA128.Encrypt
+Cipher = CAMELLIA-128-ECB
+Key = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 77CF412067AF8270613529149919546F
+
+Cipher = CAMELLIA-192-ECB
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = B22F3C36B72D31329EEE8ADDC2906C68
+
+Cipher = CAMELLIA-256-ECB
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 2EDF1F3418D53B88841FC8985FB1ECF2
+
+
+# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 432FC5DCD628115B7C388D770B270C96
+
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 0BE1F14023782A22E8384C5ABB7FAB2B
+
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = A0A1ABCD1893AB6FE0FE5B65DF5F8636
+
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = E61925E0D5DFAA9BB29F815B3076E51A
+
+
+# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CCCC6C4E138B45848514D48D0D3439D3
+
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 5713C62C14B2EC0F8393B6AFD6F5785A
+
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = B40ED2B60EB54D09D030CF511FEEF366
+
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 909DBD95799096748CB27357E73E1D26
+
+
+# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = BEFD219B112FA00098919CD101C9CCFA
+
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = C91D3A8F1AEA08A9386CF4B66C0169EA
+
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = A623D711DC5F25A51BB8A80D56397D28
+
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 7960109FB6DC42947FCFE59EA3C5EB6B
+
+
+# For all CBC encrypts and decrypts, the transformed sequence is
+# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 1607CF494B36BBF00DAEB0B503C831AB
+
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 1607CF494B36BBF00DAEB0B503C831AB
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = A2F2CF671629EF7840C5A5DFB5074887
+
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A2F2CF671629EF7840C5A5DFB5074887
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 0F06165008CF8B8B5A63586362543E54
+
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 36A84CDAFD5F9A85ADA0F0A993D6D577
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 74C64268CDB8B8FAF5B34E8AF3732980
+
+
+# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 2A4830AB5AC4A1A2405955FD2195CF93
+
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 2A4830AB5AC4A1A2405955FD2195CF93
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 5D5A869BD14CE54264F892A6DD2EC3D5
+
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 5D5A869BD14CE54264F892A6DD2EC3D5
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 37D359C3349836D884E310ADDF68C449
+
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 37D359C3349836D884E310ADDF68C449
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 01FAAA930B4AB9916E9668E1428C6B08
+
+
+# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = E6CFA35FC02B134A4D2C0B6737AC3EDA
+
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E6CFA35FC02B134A4D2C0B6737AC3EDA
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 36CBEB73BD504B4070B1B7DE2B21EB50
+
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 36CBEB73BD504B4070B1B7DE2B21EB50
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = E31A6055297D96CA3330CDF1B1860A83
+
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E31A6055297D96CA3330CDF1B1860A83
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 5D563F6D1CCCF236051C0C5C1C58F28F
+
+
+# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-CAMELLIA128.Encrypt
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 14F7646187817EB586599146B82BD719
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = A53D28BB82DF741103EA4F921A44880B
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A53D28BB82DF741103EA4F921A44880B
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 9C2157A664626D1DEF9EA420FDE69B96
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
+
+
+# CFB128-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 14F7646187817EB586599146B82BD719
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = A53D28BB82DF741103EA4F921A44880B
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A53D28BB82DF741103EA4F921A44880B
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 9C2157A664626D1DEF9EA420FDE69B96
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
+
+
+# CFB128-CAMELLIA192.Encrypt
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = C832BB9780677DAA82D9B6860DCD565E
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 86F8491627906D780C7A6D46EA331F98
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 86F8491627906D780C7A6D46EA331F98
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 69511CCE594CF710CB98BB63D7221F01
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 69511CCE594CF710CB98BB63D7221F01
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D5B5378A3ABED55803F25565D8907B84
+
+
+# CFB128-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = C832BB9780677DAA82D9B6860DCD565E
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 86F8491627906D780C7A6D46EA331F98
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 86F8491627906D780C7A6D46EA331F98
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 69511CCE594CF710CB98BB63D7221F01
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 69511CCE594CF710CB98BB63D7221F01
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D5B5378A3ABED55803F25565D8907B84
+
+
+# CFB128-CAMELLIA256.Encrypt
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
+
+
+# CFB128-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
+
+
+# For all OFB encrypts and decrypts, the transformed sequence is
+# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-CAMELLIA128.Encrypt
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 50FE67CC996D32B6DA0937E99BAFEC60
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 25623DB569CA51E01482649977E28D84
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = D9A4DADA0892239F6B8B3D7680E15674
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = C776634A60729DC657D12B9FCA801E98
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A78819583F0308E7A6BF36B1386ABF23
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D776379BE0E50825E681DA1A4C980E8E
+
+
+# OFB-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 50FE67CC996D32B6DA0937E99BAFEC60
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 25623DB569CA51E01482649977E28D84
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = D9A4DADA0892239F6B8B3D7680E15674
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = C776634A60729DC657D12B9FCA801E98
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A78819583F0308E7A6BF36B1386ABF23
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D776379BE0E50825E681DA1A4C980E8E
+
+
+# OFB-CAMELLIA192.Encrypt
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = A609B38DF3B1133DDDFF2718BA09565E
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 52EF01DA52602FE0975F78AC84BF8A50
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = BDD62DBBB9700846C53B507F544696F0
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = BD5286AC63AABD7EB067AC54B553F71D
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = E28014E046B802F385C4C2E13EAD4A72
+
+
+# OFB-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = A609B38DF3B1133DDDFF2718BA09565E
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 52EF01DA52602FE0975F78AC84BF8A50
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = BDD62DBBB9700846C53B507F544696F0
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = BD5286AC63AABD7EB067AC54B553F71D
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = E28014E046B802F385C4C2E13EAD4A72
+
+
+# OFB-CAMELLIA256.Encrypt
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 127AD97E8E3994E4820027D7BA109368
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E1C656305ED1A7A6563805746FE03EDC
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 41635BE625B48AFC1666DD42A09D96E7
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
+
+
+# OFB-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 127AD97E8E3994E4820027D7BA109368
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E1C656305ED1A7A6563805746FE03EDC
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 41635BE625B48AFC1666DD42A09D96E7
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
+
+
+# Camellia test vectors from RFC5528
+Cipher = CAMELLIA-128-CTR
+Key = AE6852F8121067CC4BF7A5765577F39E
+IV = 00000030000000000000000000000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = D09DC29A8214619A20877C76DB1F0B3F
+
+Cipher = CAMELLIA-128-CTR
+Key = 7E24067817FAE0D743D6CE1F32539163
+IV = 006CB6DBC0543B59DA48D90B00000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = DBF3C78DC08396D4DA7C907765BBCB442B8E8E0F31F0DCA72C7417E35360E048
+
+Cipher = CAMELLIA-128-CTR
+Key = 7691BE035E5020A8AC6E618529F9A0DC
+IV = 00E0017B27777F3F4A1786F000000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = B19D1FCDCB75EB882F849CE24D85CF739CE64B2B5C9D73F14F2D5D9DCE9889CDDF508696
+
+Cipher = CAMELLIA-192-CTR
+Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515
+IV = 0000004836733C147D6D93CB00000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = 2379399E8A8D2B2B16702FC78B9E9696
+
+Cipher = CAMELLIA-192-CTR
+Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A
+IV = 0096B03B020C6EADC2CB500D00000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = 7DEF34F7A5D0E415674B7FFCAE67C75DD018B86FF23051E056392A99F35A4CED
+
+Cipher = CAMELLIA-192-CTR
+Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE
+IV = 0007BDFD5CBD60278DCC091200000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = 5710E556E1487A20B5AC0E73F19E4E7876F37FDC91B1EF4D4DADE8E666A64D0ED557AB57
+
+Cipher = CAMELLIA-256-CTR
+Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104
+IV = 00000060DB5672C97AA8F0B200000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = 3401F9C8247EFFCEBD6994714C1BBB11
+
+Cipher = CAMELLIA-256-CTR
+Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884
+IV = 00FAAC24C1585EF15A43D87500000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = D6C30392246F7808A83C2B22A8839E45E51CD48A1CDF406EBC9CC2D3AB834108
+
+Cipher = CAMELLIA-256-CTR
+Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D
+IV = 001CC5B751A51D70A1C1114800000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = A4DA23FCE6A5FFAA6D64AE9A0652A42CD161A34B65F9679F75C01F101F71276F15EF0D8D
+
+# SEED test vectors from RFC4269
+Cipher = SEED-ECB
+Key = 00000000000000000000000000000000
+Operation = DECRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB
+
+Cipher = SEED-ECB
+Key = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 00000000000000000000000000000000
+Ciphertext = C11F22F20140505084483597E4370F43
+
+Cipher = SEED-ECB
+Key = 4706480851E61BE85D74BFB3FD956185
+Operation = DECRYPT
+Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D
+Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A
+
+Cipher = SEED-ECB
+Key = 28DBC3BC49FFD87DCFA509B11D422BE7
+Operation = DECRYPT
+Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7
+Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122
+
+Cipher = SEED-ECB
+Key = 00000000000000000000000000000000
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB
+
+Cipher = SEED-ECB
+Key = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 00000000000000000000000000000000
+Ciphertext = C11F22F20140505084483597E4370F43
+
+Cipher = SEED-ECB
+Key = 4706480851E61BE85D74BFB3FD956185
+Operation = ENCRYPT
+Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D
+Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A
+
+Cipher = SEED-ECB
+Key = 28DBC3BC49FFD87DCFA509B11D422BE7
+Operation = ENCRYPT
+Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7
+Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122
+
+
+# AES CCM 256 bit key
+Cipher = aes-256-ccm
+Key = 1bde3251d41a8b5ea013c195ae128b218b3e0306376357077ef1c1c78548b92e
+IV = 5b8e40746f6b98e00f1d13ff41
+AAD = c17a32514eb6103f3249e076d4c871dc97e04b286699e54491dc18f6d734d4c0
+Tag = 2024931d73bca480c24a24ece6b6c2bf
+Plaintext = 53bd72a97089e312422bf72e242377b3c6ee3e2075389b999c4ef7f28bd2b80a
+Ciphertext = 9a5fcccdb4cf04e7293d2775cc76a488f042382d949b43b7d6bb2b9864786726
+
+
+# AES GCM test vectors from http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = 58e2fccefa7e3061367f1d57a4e7455a
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = ab6e47d42cec13bdf53a67b21257bddf
+Plaintext = 00000000000000000000000000000000
+Ciphertext = 0388dace60b6a392f328c2b971b2fe78
+
+Cipher = aes-128-gcm
+Key = feffe9928665731c6d6a8f9467308308
+IV = cafebabefacedbaddecaf888
+AAD =
+Tag = 4d5c2af327cd64a62cf35abd2ba6fab4
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
+Ciphertext = 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985
+
+Cipher = aes-128-gcm
+Key = feffe9928665731c6d6a8f9467308308
+IV = cafebabefacedbaddecaf888
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = 5bc94fbc3221a5db94fae95ae7121a47
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091
+
+Cipher = aes-128-gcm
+Key = feffe9928665731c6d6a8f9467308308
+IV = cafebabefacedbad
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = 3612d2e79e3b0785561be14aaca2fccb
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = 61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598
+
+Cipher = aes-128-gcm
+Key = feffe9928665731c6d6a8f9467308308
+IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = 619cc5aefffe0bfa462af43c1699d050
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = 8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5
+
+Cipher = aes-192-gcm
+Key = 000000000000000000000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = cd33b28ac773f74ba00ed1f312572435
+Plaintext =
+Ciphertext =
+
+Cipher = aes-192-gcm
+Key = 000000000000000000000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = 2ff58d80033927ab8ef4d4587514f0fb
+Plaintext = 00000000000000000000000000000000
+Ciphertext = 98e7247c07f0fe411c267e4384b0f600
+
+Cipher = aes-192-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
+IV = cafebabefacedbaddecaf888
+AAD =
+Tag = 9924a7c8587336bfb118024db8674a14
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
+Ciphertext = 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256
+
+Cipher = aes-192-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
+IV = cafebabefacedbaddecaf888
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = 2519498e80f1478f37ba55bd6d27618c
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710
+
+Cipher = aes-192-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
+IV = cafebabefacedbad
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = 65dcc57fcf623a24094fcca40d3533f8
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = 0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7
+
+Cipher = aes-192-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c
+IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = dcf566ff291c25bbb8568fc3d376a6d9
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b
+
+Cipher = aes-256-gcm
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = 530f8afbc74536b9a963b4f1c4cb738b
+Plaintext =
+Ciphertext =
+
+Cipher = aes-256-gcm
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = d0d1c8a799996bf0265b98b5d48ab919
+Plaintext = 00000000000000000000000000000000
+Ciphertext = cea7403d4d606b6e074ec5d3baf39d18
+
+Cipher = aes-256-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
+IV = cafebabefacedbaddecaf888
+AAD =
+Tag = b094dac5d93471bdec1a502270e3cc6c
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
+Ciphertext = 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad
+
+Cipher = aes-256-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
+IV = cafebabefacedbaddecaf888
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = 76fc6ece0f4e1768cddf8853bb2d551b
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662
+
+Cipher = aes-256-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
+IV = cafebabefacedbad
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = 3a337dbf46a792c45e454913fe2ea8f2
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f
+
+Cipher = aes-256-gcm
+Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
+IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b
+AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2
+Tag = a44a8266ee1c8eb0c8b5d4cf5ae9f19a
+Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+Ciphertext = 5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f
+
+# local add-ons, primarily streaming ghash tests
+# 128 bytes aad
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = 000000000000000000000000
+AAD = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad
+Tag = 5fea793a2d6f974d37e68e0cb8ff9492
+Plaintext =
+Ciphertext =
+
+# 48 bytes plaintext
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = 9dd0a376b08e40eb00c35f29f9ea61a4
+Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0
+
+# 80 bytes plaintext
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = 98885a3a22bd4742fe7b72172193b163
+Plaintext = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d5270291
+
+# 128 bytes plaintext
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = cac45f60e31efd3b5a43b98a22ce1aa1
+Plaintext = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d527029195b84d1b96c690ff2f2de30bf2ec89e00253786e126504f0dab90c48a30321de3345e6b0461e7c9e6c6b7afedde83f40
+
+# 192 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+AAD =
+Tag = 566f8ef683078bfdeeffa869d751a017
+Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606
+
+# 288 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF
+Cipher = aes-128-gcm
+Key = 00000000000000000000000000000000
+IV = ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+AAD =
+Tag = 8b307f6b33286d0ab026a9ed3fe1e85f
+Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606872ca10dee15b3249b1a1b958f23134c4bccb7d03200bce420a2f8eb66dcf3644d1423c1b5699003c13ecef4bf38a3b60eedc34033bac1902783dc6d89e2e774188a439c7ebcc0672dbda4ddcfb2794613b0be41315ef778708a70ee7d75165c
+
+# 80 bytes plaintext, submitted by Intel
+Cipher = aes-128-gcm
+Key = 843ffcf5d2b72694d19ed01d01249412
+IV = dbcca32ebf9b804617c3aa9e
+AAD = 00000000000000000000000000000000101112131415161718191a1b1c1d1e1f
+Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
+Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5
+
+#AES OCB Test vectors
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 197B9C3C441D3C83EAFB2BEF633B9182
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 0001020304050607
+Tag = 16DC76A46D47E1EAD537209E8A96D14E
+Plaintext = 0001020304050607
+Ciphertext = 92B657130A74B85A
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 0001020304050607
+Tag = 98B91552C8C009185044E30A6EB2FE21
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 971EFFCAE19AD4716F88E87B871FBEED
+Plaintext = 0001020304050607
+Ciphertext = 92B657130A74B85A
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F
+Tag = 776C9924D6723A1FC4524532AC3E5BEB
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F
+Tag = 7DDB8E6CEA6814866212509619B19CC6
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 13CC8B747807121A4CBB3E4BD6B456AF
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
+Tag = 5FA94FC3F38820F1DC3F3D1FD4E55E1C
+Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
+Tag = 282026DA3068BC9FA118681D559F10F6
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 6EF2F52587FDA0ED97DC7EEDE241DF68
+Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Tag = B2A040DD3BD5164372D76D7BB6824240
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Tag = E1E072633BADE51A60E85951D9C42A1B
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 4A3BAE824465CFDAF8C41FC50C7DF9D9
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 659C623211DEEA0DE30D2C381879F4C8
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 7AEB7A69A1687DD082CA27B0D9A37096
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 060C8467F4ABAB5E8B3C2067A2E115DC
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
+
+#AES OCB Non standard test vectors - generated from reference implementation
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 1b6c44f34e3abb3cbf8976e7
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = 09a4fd29de949d9a9aa9924248422097ad4883b4713e6c214ff6567ada08a96766fc4e2ee3e3a5a1
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B0C0D0E
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 1ad62009901f40cba7cd7156f94a7324
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = 5e2fa7367ffbdb3938845cfd415fcc71ec79634eb31451609d27505f5e2978f43c44213d8fa441ee
+
+# AES XTS test vectors from IEEE Std 1619-2007
+Cipher = aes-128-xts
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+IV = 00000000000000000000000000000000
+Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
+
+Cipher = aes-128-xts
+Key = 1111111111111111111111111111111122222222222222222222222222222222
+IV = 33333333330000000000000000000000
+Plaintext = 4444444444444444444444444444444444444444444444444444444444444444
+Ciphertext = c454185e6a16936e39334038acef838bfb186fff7480adc4289382ecd6d394f0
+
+Cipher = aes-128-xts
+Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f022222222222222222222222222222222
+IV = 33333333330000000000000000000000
+Plaintext = 4444444444444444444444444444444444444444444444444444444444444444
+Ciphertext = af85336b597afc1a900b2eb21ec949d292df4c047e0b21532186a5971a227a89
+
+Cipher = aes-128-xts
+Key = 2718281828459045235360287471352631415926535897932384626433832795
+IV = 00000000000000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
+Ciphertext = 27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568
+
+Cipher = aes-128-xts
+Key = 2718281828459045235360287471352631415926535897932384626433832795
+IV = 01000000000000000000000000000000
+Plaintext = 27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568
+Ciphertext = 264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd
+
+Cipher = aes-128-xts
+Key = 2718281828459045235360287471352631415926535897932384626433832795
+IV = 02000000000000000000000000000000
+Plaintext = 264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd
+Ciphertext = fa762a3680b76007928ed4a4f49a9456031b704782e65e16cecb54ed7d017b5e18abd67b338e81078f21edb7868d901ebe9c731a7c18b5e6dec1d6a72e078ac9a4262f860beefa14f4e821018272e411a951502b6e79066e84252c3346f3aa62344351a291d4bedc7a07618bdea2af63145cc7a4b8d4070691ae890cd65733e7946e9021a1dffc4c59f159425ee6d50ca9b135fa6162cea18a939838dc000fb386fad086acce5ac07cb2ece7fd580b00cfa5e98589631dc25e8e2a3daf2ffdec26531659912c9d8f7a15e5865ea8fb5816d6207052bd7128cd743c12c8118791a4736811935eb982a532349e31dd401e0b660a568cb1a4711f552f55ded59f1f15bf7196b3ca12a91e488ef59d64f3a02bf45239499ac6176ae321c4a211ec545365971c5d3f4f09d4eb139bfdf2073d33180b21002b65cc9865e76cb24cd92c874c24c18350399a936ab3637079295d76c417776b94efce3a0ef7206b15110519655c956cbd8b2489405ee2b09a6b6eebe0c53790a12a8998378b33a5b71159625f4ba49d2a2fdba59fbf0897bc7aabd8d707dc140a80f0f309f835d3da54ab584e501dfa0ee977fec543f74186a802b9a37adb3e8291eca04d66520d229e60401e7282bef486ae059aa70696e0e305d777140a7a883ecdcb69b9ff938e8a4231864c69ca2c2043bed007ff3e605e014bcf518138dc3a25c5e236171a2d01d6
+
+Cipher = aes-128-xts
+Key = 2718281828459045235360287471352631415926535897932384626433832795
+IV = fd000000000000000000000000000000
+Plaintext = 8e41b78c390b5af9d758bb214a67e9f6bf7727b09ac6124084c37611398fa45daad94868600ed391fb1acd4857a95b466e62ef9f4b377244d1c152e7b30d731aad30c716d214b707aed99eb5b5e580b3e887cf7497465651d4b60e6042051da3693c3b78c14489543be8b6ad0ba629565bba202313ba7b0d0c94a3252b676f46cc02ce0f8a7d34c0ed229129673c1f61aed579d08a9203a25aac3a77e9db60267996db38df637356d9dcd1632e369939f2a29d89345c66e05066f1a3677aef18dea4113faeb629e46721a66d0a7e785d3e29af2594eb67dfa982affe0aac058f6e15864269b135418261fc3afb089472cf68c45dd7f231c6249ba0255e1e033833fc4d00a3fe02132d7bc3873614b8aee34273581ea0325c81f0270affa13641d052d36f0757d484014354d02d6883ca15c24d8c3956b1bd027bcf41f151fd8023c5340e5606f37e90fdb87c86fb4fa634b3718a30bace06a66eaf8f63c4aa3b637826a87fe8cfa44282e92cb1615af3a28e53bc74c7cba1a0977be9065d0c1a5dec6c54ae38d37f37aa35283e048e5530a85c4e7a29d7b92ec0c3169cdf2a805c7604bce60049b9fb7b8eaac10f51ae23794ceba68bb58112e293b9b692ca721b37c662f8574ed4dba6f88e170881c82cddc1034a0ca7e284bf0962b6b26292d836fa9f73c1ac770eef0f2d3a1eaf61d3e03555fd424eedd67e18a18094f888
+Ciphertext = d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637
+
+Cipher = aes-128-xts
+Key = 2718281828459045235360287471352631415926535897932384626433832795
+IV = fe000000000000000000000000000000
+Plaintext = d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637
+Ciphertext = 72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a
+
+Cipher = aes-128-xts
+Key = 2718281828459045235360287471352631415926535897932384626433832795
+IV = ff000000000000000000000000000000
+Plaintext = 72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a
+Ciphertext = 3260ae8dad1f4a32c5cafe3ab0eb95549d461a67ceb9e5aa2d3afb62dece0553193ba50c75be251e08d1d08f1088576c7efdfaaf3f459559571e12511753b07af073f35da06af0ce0bbf6b8f5ccc5cea500ec1b211bd51f63b606bf6528796ca12173ba39b8935ee44ccce646f90a45bf9ccc567f0ace13dc2d53ebeedc81f58b2e41179dddf0d5a5c42f5d8506c1a5d2f8f59f3ea873cbcd0eec19acbf325423bd3dcb8c2b1bf1d1eaed0eba7f0698e4314fbeb2f1566d1b9253008cbccf45a2b0d9c5c9c21474f4076e02be26050b99dee4fd68a4cf890e496e4fcae7b70f94ea5a9062da0daeba1993d2ccd1dd3c244b8428801495a58b216547e7e847c46d1d756377b6242d2e5fb83bf752b54e0df71e889f3a2bb0f4c10805bf3c590376e3c24e22ff57f7fa965577375325cea5d920db94b9c336b455f6e894c01866fe9fbb8c8d3f70a2957285f6dfb5dcd8cbf54782f8fe7766d4723819913ac773421e3a31095866bad22c86a6036b2518b2059b4229d18c8c2ccbdf906c6cc6e82464ee57bddb0bebcb1dc645325bfb3e665ef7251082c88ebb1cf203bd779fdd38675713c8daadd17e1cabee432b09787b6ddf3304e38b731b45df5df51b78fcfb3d32466028d0ba36555e7e11ab0ee0666061d1645d962444bc47a38188930a84b4d561395c73c087021927ca638b7afc8a8679ccb84c26555440ec7f10445cd
+
+
+Cipher = aes-256-xts
+Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
+IV = ff000000000000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
+Ciphertext = 1c3b3a102f770386e4836c99e370cf9bea00803f5e482357a4ae12d414a3e63b5d31e276f8fe4a8d66b317f9ac683f44680a86ac35adfc3345befecb4bb188fd5776926c49a3095eb108fd1098baec70aaa66999a72a82f27d848b21d4a741b0c5cd4d5fff9dac89aeba122961d03a757123e9870f8acf1000020887891429ca2a3e7a7d7df7b10355165c8b9a6d0a7de8b062c4500dc4cd120c0f7418dae3d0b5781c34803fa75421c790dfe1de1834f280d7667b327f6c8cd7557e12ac3a0f93ec05c52e0493ef31a12d3d9260f79a289d6a379bc70c50841473d1a8cc81ec583e9645e07b8d9670655ba5bbcfecc6dc3966380ad8fecb17b6ba02469a020a84e18e8f84252070c13e9f1f289be54fbc481457778f616015e1327a02b140f1505eb309326d68378f8374595c849d84f4c333ec4423885143cb47bd71c5edae9be69a2ffeceb1bec9de244fbe15992b11b77c040f12bd8f6a975a44a0f90c29a9abc3d4d893927284c58754cce294529f8614dcd2aba991925fedc4ae74ffac6e333b93eb4aff0479da9a410e4450e0dd7ae4c6e2910900575da401fc07059f645e8b7e9bfdef33943054ff84011493c27b3429eaedb4ed5376441a77ed43851ad77f16f541dfd269d50d6a5f14fb0aab1cbb4c1550be97f7ab4066193c4caa773dad38014bd2092fa755c824bb5e54c4f36ffda9fcea70b9c6e693e148c151
+
+Cipher = aes-256-xts
+Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
+IV = ffff0000000000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
+Ciphertext = 77a31251618a15e6b92d1d66dffe7b50b50bad552305ba0217a610688eff7e11e1d0225438e093242d6db274fde801d4cae06f2092c728b2478559df58e837c2469ee4a4fa794e4bbc7f39bc026e3cb72c33b0888f25b4acf56a2a9804f1ce6d3d6e1dc6ca181d4b546179d55544aa7760c40d06741539c7e3cd9d2f6650b2013fd0eeb8c2b8e3d8d240ccae2d4c98320a7442e1c8d75a42d6e6cfa4c2eca1798d158c7aecdf82490f24bb9b38e108bcda12c3faf9a21141c3613b58367f922aaa26cd22f23d708dae699ad7cb40a8ad0b6e2784973dcb605684c08b8d6998c69aac049921871ebb65301a4619ca80ecb485a31d744223ce8ddc2394828d6a80470c092f5ba413c3378fa6054255c6f9df4495862bbb3287681f931b687c888abf844dfc8fc28331e579928cd12bd2390ae123cf03818d14dedde5c0c24c8ab018bfca75ca096f2d531f3d1619e785f1ada437cab92e980558b3dce1474afb75bfedbf8ff54cb2618e0244c9ac0d3c66fb51598cd2db11f9be39791abe447c63094f7c453b7ff87cb5bb36b7c79efb0872d17058b83b15ab0866ad8a58656c5a7e20dbdf308b2461d97c0ec0024a2715055249cf3b478ddd4740de654f75ca686e0d7345c69ed50cdc2a8b332b1f8824108ac937eb050585608ee734097fc09054fbff89eeaeea791f4a7ab1f9868294a4f9e27b42af8100cb9d59cef9645803
+
+Cipher = aes-256-xts
+Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
+IV = ffffff00000000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
+Ciphertext = e387aaa58ba483afa7e8eb469778317ecf4cf573aa9d4eac23f2cdf914e4e200a8b490e42ee646802dc6ee2b471b278195d60918ececb44bf79966f83faba0499298ebc699c0c8634715a320bb4f075d622e74c8c932004f25b41e361025b5a87815391f6108fc4afa6a05d9303c6ba68a128a55705d415985832fdeaae6c8e19110e84d1b1f199a2692119edc96132658f09da7c623efcec712537a3d94c0bf5d7e352ec94ae5797fdb377dc1551150721adf15bd26a8efc2fcaad56881fa9e62462c28f30ae1ceaca93c345cf243b73f542e2074a705bd2643bb9f7cc79bb6e7091ea6e232df0f9ad0d6cf502327876d82207abf2115cdacf6d5a48f6c1879a65b115f0f8b3cb3c59d15dd8c769bc014795a1837f3901b5845eb491adfefe097b1fa30a12fc1f65ba22905031539971a10f2f36c321bb51331cdefb39e3964c7ef079994f5b69b2edd83a71ef549971ee93f44eac3938fcdd61d01fa71799da3a8091c4c48aa9ed263ff0749df95d44fef6a0bb578ec69456aa5408ae32c7af08ad7ba8921287e3bbee31b767be06a0e705c864a769137df28292283ea81a2480241b44d9921cdbec1bc28dc1fda114bd8e5217ac9d8ebafa720e9da4f9ace231cc949e5b96fe76ffc21063fddc83a6b8679c00d35e09576a875305bed5f36ed242c8900dd1fa965bc950dfce09b132263a1eef52dd6888c309f5a7d712826
+
+Cipher = aes-256-xts
+Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
+IV = ffffffff000000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
+Ciphertext = bf53d2dade78e822a4d949a9bc6766b01b06a8ef70d26748c6a7fc36d80ae4c5520f7c4ab0ac8544424fa405162fef5a6b7f229498063618d39f0003cb5fb8d1c86b643497da1ff945c8d3bedeca4f479702a7a735f043ddb1d6aaade3c4a0ac7ca7f3fa5279bef56f82cd7a2f38672e824814e10700300a055e1630b8f1cb0e919f5e942010a416e2bf48cb46993d3cb6a51c19bacf864785a00bc2ecff15d350875b246ed53e68be6f55bd7e05cfc2b2ed6432198a6444b6d8c247fab941f569768b5c429366f1d3f00f0345b96123d56204c01c63b22ce78baf116e525ed90fdea39fa469494d3866c31e05f295ff21fea8d4e6e13d67e47ce722e9698a1c1048d68ebcde76b86fcf976eab8aa9790268b7068e017a8b9b749409514f1053027fd16c3786ea1bac5f15cb79711ee2abe82f5cf8b13ae73030ef5b9e4457e75d1304f988d62dd6fc4b94ed38ba831da4b7634971b6cd8ec325d9c61c00f1df73627ed3745a5e8489f3a95c69639c32cd6e1d537a85f75cc844726e8a72fc0077ad22000f1d5078f6b866318c668f1ad03d5a5fced5219f2eabbd0aa5c0f460d183f04404a0d6f469558e81fab24a167905ab4c7878502ad3e38fdbe62a41556cec37325759533ce8f25f367c87bb5578d667ae93f9e2fd99bcbc5f2fbba88cf6516139420fcff3b7361d86322c4bd84c82f335abb152c4a93411373aaa8220
+
+Cipher = aes-256-xts
+Key = 27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592
+IV = ffffffffff0000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
+Ciphertext = 64497e5a831e4a932c09be3e5393376daa599548b816031d224bbf50a818ed2350eae7e96087c8a0db51ad290bd00c1ac1620857635bf246c176ab463be30b808da548081ac847b158e1264be25bb0910bbc92647108089415d45fab1b3d2604e8a8eff1ae4020cfa39936b66827b23f371b92200be90251e6d73c5f86de5fd4a950781933d79a28272b782a2ec313efdfcc0628f43d744c2dc2ff3dcb66999b50c7ca895b0c64791eeaa5f29499fb1c026f84ce5b5c72ba1083cddb5ce45434631665c333b60b11593fb253c5179a2c8db813782a004856a1653011e93fb6d876c18366dd8683f53412c0c180f9c848592d593f8609ca736317d356e13e2bff3a9f59cd9aeb19cd482593d8c46128bb32423b37a9adfb482b99453fbe25a41bf6feb4aa0bef5ed24bf73c762978025482c13115e4015aac992e5613a3b5c2f685b84795cb6e9b2656d8c88157e52c42f978d8634c43d06fea928f2822e465aa6576e9bf419384506cc3ce3c54ac1a6f67dc66f3b30191e698380bc999b05abce19dc0c6dcc2dd001ec535ba18deb2df1a101023108318c75dc98611a09dc48a0acdec676fabdf222f07e026f059b672b56e5cbc8e1d21bbd867dd927212054681d70ea737134cdfce93b6f82ae22423274e58a0821cc5502e2d0ab4585e94de6975be5e0b4efce51cd3e70c25a1fbbbd609d273ad5b0d59631c531f6a0a57b9
+
+
+Cipher = aes-128-xts
+Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
+IV = 9a785634120000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f10
+Ciphertext = 6c1625db4671522d3d7599601de7ca09ed
+
+Cipher = aes-128-xts
+Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
+IV = 9a785634120000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f1011
+Ciphertext = d069444b7a7e0cab09e24447d24deb1fedbf
+
+Cipher = aes-128-xts
+Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
+IV = 9a785634120000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112
+Ciphertext = e5df1351c0544ba1350b3363cd8ef4beedbf9d
+
+Cipher = aes-128-xts
+Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0
+IV = 9a785634120000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f10111213
+Ciphertext = 9d84c813f719aa2c7be3f66171c7c5c2edbf9dac
+
+Cipher = aes-128-xts
+Key = e0e1e2e3e4e5e6e7e8e9eaebecedeeefc0c1c2c3c4c5c6c7c8c9cacbcccdcecf
+IV = 21436587a90000000000000000000000
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
+Ciphertext = 38b45812ef43a05bd957e545907e223b954ab4aaf088303ad910eadf14b42be68b2461149d8c8ba85f992be970bc621f1b06573f63e867bf5875acafa04e42ccbd7bd3c2a0fb1fff791ec5ec36c66ae4ac1e806d81fbf709dbe29e471fad38549c8e66f5345d7c1eb94f405d1ec785cc6f6a68f6254dd8339f9d84057e01a17741990482999516b5611a38f41bb6478e6f173f320805dd71b1932fc333cb9ee39936beea9ad96fa10fb4112b901734ddad40bc1878995f8e11aee7d141a2f5d48b7a4e1e7f0b2c04830e69a4fd1378411c2f287edf48c6c4e5c247a19680f7fe41cefbd49b582106e3616cbbe4dfb2344b2ae9519391f3e0fb4922254b1d6d2d19c6d4d537b3a26f3bcc51588b32f3eca0829b6a5ac72578fb814fb43cf80d64a233e3f997a3f02683342f2b33d25b492536b93becb2f5e1a8b82f5b883342729e8ae09d16938841a21a97fb543eea3bbff59f13c1a18449e398701c1ad51648346cbc04c27bb2da3b93a1372ccae548fb53bee476f9e9c91773b1bb19828394d55d3e1a20ed69113a860b6829ffa847224604435070221b257e8dff783615d2cae4803a93aa4334ab482a0afac9c0aeda70b45a481df5dec5df8cc0f423c77a5fd46cd312021d4b438862419a791be03bb4d97c0e59578542531ba466a83baf92cefc151b5cc1611a167893819b63fb8a6b18e86de60290fa72b797b0ce59f3
+
+# AES wrap tests from RFC3394
+Cipher = id-aes128-wrap
+Key = 000102030405060708090A0B0C0D0E0F
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5
+
+Cipher = id-aes192-wrap
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D
+
+Cipher = id-aes256-wrap
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7
+
+Cipher = id-aes192-wrap
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+Plaintext = 00112233445566778899AABBCCDDEEFF0001020304050607
+Ciphertext = 031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2
+
+Cipher = id-aes256-wrap
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Plaintext = 00112233445566778899AABBCCDDEEFF0001020304050607
+Ciphertext = A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1
+
+Cipher = id-aes256-wrap
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F
+Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
+
+# Same as previous example but with invalid unwrap key: should be rejected
+# without returning any plaintext
+Cipher = id-aes256-wrap
+Operation = DECRYPT
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E00
+Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F
+Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
+Result = CIPHERUPDATE_ERROR
+
+# AES wrap tests from RFC5649
+Cipher = id-aes192-wrap-pad
+Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8
+Plaintext = c37b7e6492584340bed12207808941155068f738
+Ciphertext = 138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a
+
+Cipher = id-aes192-wrap-pad
+Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8
+Plaintext = 466f7250617369
+Ciphertext = afbeb0f07dfbf5419200f2ccb50bb24f
+
+# HMAC tests from RFC2104
+MAC = HMAC
+Algorithm = MD5
+Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+Input = "Hi There"
+Output = 9294727a3638bb1c13f48ef8158bfc9d
+
+MAC = HMAC
+Algorithm = MD5
+Key = "Jefe"
+Input = "what do ya want for nothing?"
+Output = 750c783e6ab0b503eaa86e310a5db738
+
+MAC = HMAC
+Algorithm = MD5
+Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+Input = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
+Output = 56be34521d144c88dbb8c733f0e8b3f6
+
+# HMAC tests from NIST test data
+
+MAC = HMAC
+Algorithm = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
+MAC = HMAC
+Algorithm = SHA1
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F10111213
+Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
+MAC = HMAC
+Algorithm = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
+MAC = HMAC
+Algorithm = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
+MAC = HMAC
+Algorithm = SHA224
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
+Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
+MAC = HMAC
+Algorithm = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 91C52509E5AF8531601AE6230099D90BEF88AAEFB961F4080ABC014D
+MAC = HMAC
+Algorithm = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
+MAC = HMAC
+Algorithm = SHA256
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
+MAC = HMAC
+Algorithm = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = BDCCB6C72DDEADB500AE768386CB38CC41C63DBB0878DDB9C7A38A431B78378D
+MAC = HMAC
+Algorithm = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = 63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
+MAC = HMAC
+Algorithm = SHA384
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
+Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
+MAC = HMAC
+Algorithm = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = 5B664436DF69B0CA22551231A3F0A3D5B4F97991713CFA84BFF4D0792EFF96C27DCCBBB6F79B65D548B40E8564CEF594
+MAC = HMAC
+Algorithm = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
+MAC = HMAC
+Algorithm = SHA512
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
+MAC = HMAC
+Algorithm = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3
+
+# CMAC tests from FIPS module
+
+MAC = CMAC
+Algorithm = AES-128-CBC
+Key = 77A77FAF290C1FA30C683DF16BA7A77B
+Input = 020683E1F0392F4CAC54318B6029259E9C553DBC4B6AD998E64D58E4E7DC2E13
+Output = FBFEA41BF9740CB501F1292C21CEBB40
+
+MAC = CMAC
+Algorithm = AES-192-CBC
+Key = 7B32391369AA4CA97558095BE3C3EC862BD057CEF1E32D62
+Input =
+Output = E4D9340B03E67DEFD4969CC1ED3735E6
+
+MAC = CMAC
+Algorithm = AES-256-CBC
+Key = 0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1
+Input = 498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F
+Output = F62C46329B41085625669BAF51DEA66A
+
+MAC = CMAC
+Algorithm = DES-EDE3-CBC
+Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
+Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
+Output = 8F49A1B7D6AA2258
+
+# Public key algorithm tests
+
+# Private keys used for PKEY operations.
+
+# RSA 2048 bit key.
+
+PrivateKey = RSA-2048
+
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV
+n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW
+B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP
+6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr
+LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7
+yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt
+A95H4cRPAgMBAAECggEAYCl6x5kbFnoG1rJHWLjL4gi+ubLZ7Jc4vYD5Ci41AF3X
+ziktnim6iFvTFv7x8gkTvArJDWsICLJBTYIQREHYYkozzgIzyPeApIs3Wv8C12cS
+IopwJITbP56+zM+77hcJ26GCgA2Unp5CFuC/81WDiPi9kNo3Oh2CdD7D+90UJ/0W
+glplejFpEuhpU2URfKL4RckJQF/KxV+JX8FdIDhsJu54yemQdQKaF4psHkzwwgDo
+qc+yfp0Vb4bmwq3CKxqEoc1cpbJ5CHXXlAfISzUjlcuBzD/tW7BDtp7eDAcgRVAC
+XO6MX0QBcLYSC7SOD3R7zY9SIRCFDfBDxCjf0YcFMQKBgQD2+WG0fLwDXTrt68fe
+hQqVa2Xs25z2B2QGPxWqSFU8WNly/mZ1BW413f3De/O58vYi7icTNyVoScm+8hdv
+6PfD+LuRujdN1TuvPeyBTSvewQwf3IjN0Wh28mse36PwlBl+301C/x+ylxEDuJjK
+hZxCcocIaoQqtBC7ac8tNa9r4wKBgQDUfnJKf/QQSLJwwlJKQQGHi3MVm7c9PbwY
+eyIOY1s1NPluJDoYTZP4YLa/u2txwe2aHh9FhYMCPDAelqaSwaCLU9DsnKkQEA2A
+RR47fcagG6xK7O+N95iEa8I1oIy7os9MBoBMwRIZ6VYIxxTj8UMNSR+tu6MqV1Gg
+T5d0WDTJpQKBgCHyRSu5uV39AoyRS/eZ8cp36JqV1Q08FtOE+EVfi9evnrPfo9WR
+2YQt7yNfdjCo5IwIj/ZkLhAXlFNakz4el2+oUJ/HKLLaDEoaCNf883q6rh/zABrK
+HcG7sF2d/7qhoJ9/se7zgjfZ68zHIrkzhDbd5xGREnmMJoCcGo3sQyBhAoGAH3UQ
+qmLC2N5KPFMoJ4H0HgLQ6LQCrnhDLkScSBEBYaEUA/AtAYgKjcyTgVLXlyGkcRpg
+esRHHr+WSBD5W+R6ReYEmeKfTJdzyDdzQE9gZjdyjC0DUbsDwybIu3OnIef6VEDq
+IXK7oUZfzDDcsNn4mTDoFaoff5cpqFfgDgM43VkCgYBNHw11b+d+AQmaZS9QqIt7
+aF3FvwCYHV0jdv0Mb+Kc1bY4c0R5MFpzrTwVmdOerjuuA1+9b+0Hwo3nBZM4eaBu
+SOamA2hu2OJWCl9q8fLCT69KqWDjghhvFe7c6aJJGucwaA3Uz3eLcPqoaCarMiNH
+fMkTd7GabVourqIZdgvu1Q==
+-----END PRIVATE KEY-----
+
+# EC P-256 key
+
+PrivateKey=P-256
+
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw
++RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH
++JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ
+-----END PRIVATE KEY-----
+
+# RSA tests
+
+Sign = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+
+Verify = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+
+# Digest too long
+Sign = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF12345"
+Output = 00
+Result = KEYOP_ERROR
+
+# Digest too short
+Sign = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF12345"
+Output = 00
+Result = KEYOP_ERROR
+
+# Mismatched digest
+Verify = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1233"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+Result = VERIFY_ERROR
+
+# Corrupted signature
+Verify = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1233"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ae
+Result = VERIFY_ERROR
+
+# parameter is not NULL: should verify OK
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = 3ec3fc29eb6e122bd7aa361cd09fe1bcbe85311096a7b9e4799cedfb2351ce0ab7fe4e75b4f6b37f67edd9c60c800f9ab941c0c157d7d880ca9de40c951d60fd293ae220d4bc510b1572d6e85a1bbbd8605b52e05f1c64fafdae59a1c2fbed214b7844d0134619de62851d5a0522e32e556e5950f3f97b8150e3f0dffee612c924201c27cd9bc8b423a71533380c276d3d59fcba35a2e80a1a192ec266a6c2255012cd86a349fe90a542b355fa3355b04da6cdf1df77f0e7bd44a90e880e1760266d233e465226f5db1c68857847d82072861ee266ddfc2e596845b77e1803274a579835ab5e4975d81d20b7df9cec7795489e4a2bdb8c1cf6a6b359945ac92c
+
+# embedded digest too long
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
+Result = VERIFY_ERROR
+
+# embedded digest too short
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
+Result = VERIFY_ERROR
+
+# Garbage after DigestInfo
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
+Result = VERIFY_ERROR
+
+# invalid tag for parameter
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
+Result = VERIFY_ERROR
+
+# EC tests
+
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+
+# Digest too long
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF12345"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+Result = VERIFY_ERROR
+
+# Digest too short
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF123"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+Result = VERIFY_ERROR
+
+# Digest invalid
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1235"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+Result = VERIFY_ERROR
+
+# Invalid signature
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7
+Result = VERIFY_ERROR
+
+# Garbage after signature
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800
+Result = VERIFY_ERROR
+
+# BER signature
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000
+Result = VERIFY_ERROR
--- /dev/null
+/* crypto/bn/exptest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#define NUM_BITS (BN_BITS*2)
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+/*
+ * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
+ */
+static int test_exp_mod_zero()
+{
+ BIGNUM *a = NULL, *p = NULL, *m = NULL;
+ BIGNUM *r = NULL;
+ BN_CTX *ctx = BN_CTX_new();
+ int ret = 1;
+
+ m = BN_new();
+ if (!m)
+ goto err;
+ BN_one(m);
+
+ a = BN_new();
+ if (!a)
+ goto err;
+ BN_one(a);
+
+ p = BN_new();
+ if (!p)
+ goto err;
+ BN_zero(p);
+
+ r = BN_new();
+ if (!r)
+ goto err;
+ BN_mod_exp(r, a, p, m, ctx);
+ BN_CTX_free(ctx);
+
+ if (BN_is_zero(r))
+ ret = 0;
+ else {
+ printf("1**0 mod 1 = ");
+ BN_print_fp(stdout, r);
+ printf(", should be 0\n");
+ }
+
+ err:
+ BN_free(r);
+ BN_free(a);
+ BN_free(p);
+ BN_free(m);
+
+ return ret;
+}
+
+int main(int argc, char *argv[])
+{
+ BN_CTX *ctx;
+ BIO *out = NULL;
+ int i, ret;
+ unsigned char c;
+ BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
+
+ RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
+ * don't even check its return
+ * value (which we should) */
+
+ ERR_load_BN_strings();
+
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ EXIT(1);
+ r_mont = BN_new();
+ r_mont_const = BN_new();
+ r_recp = BN_new();
+ r_simple = BN_new();
+ a = BN_new();
+ b = BN_new();
+ m = BN_new();
+ if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
+ goto err;
+
+ out = BIO_new(BIO_s_file());
+
+ if (out == NULL)
+ EXIT(1);
+ BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+ for (i = 0; i < 200; i++) {
+ RAND_bytes(&c, 1);
+ c = (c % BN_BITS) - BN_BITS2;
+ BN_rand(a, NUM_BITS + c, 0, 0);
+
+ RAND_bytes(&c, 1);
+ c = (c % BN_BITS) - BN_BITS2;
+ BN_rand(b, NUM_BITS + c, 0, 0);
+
+ RAND_bytes(&c, 1);
+ c = (c % BN_BITS) - BN_BITS2;
+ BN_rand(m, NUM_BITS + c, 0, 1);
+
+ BN_mod(a, a, m, ctx);
+ BN_mod(b, b, m, ctx);
+
+ ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
+ if (ret <= 0) {
+ printf("BN_mod_exp_mont() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
+ if (ret <= 0) {
+ printf("BN_mod_exp_recp() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
+ if (ret <= 0) {
+ printf("BN_mod_exp_simple() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
+ if (ret <= 0) {
+ printf("BN_mod_exp_mont_consttime() problems\n");
+ ERR_print_errors(out);
+ EXIT(1);
+ }
+
+ if (BN_cmp(r_simple, r_mont) == 0
+ && BN_cmp(r_simple, r_recp) == 0
+ && BN_cmp(r_simple, r_mont_const) == 0) {
+ printf(".");
+ fflush(stdout);
+ } else {
+ if (BN_cmp(r_simple, r_mont) != 0)
+ printf("\nsimple and mont results differ\n");
+ if (BN_cmp(r_simple, r_mont_const) != 0)
+ printf("\nsimple and mont const time results differ\n");
+ if (BN_cmp(r_simple, r_recp) != 0)
+ printf("\nsimple and recp results differ\n");
+
+ printf("a (%3d) = ", BN_num_bits(a));
+ BN_print(out, a);
+ printf("\nb (%3d) = ", BN_num_bits(b));
+ BN_print(out, b);
+ printf("\nm (%3d) = ", BN_num_bits(m));
+ BN_print(out, m);
+ printf("\nsimple =");
+ BN_print(out, r_simple);
+ printf("\nrecp =");
+ BN_print(out, r_recp);
+ printf("\nmont =");
+ BN_print(out, r_mont);
+ printf("\nmont_ct =");
+ BN_print(out, r_mont_const);
+ printf("\n");
+ EXIT(1);
+ }
+ }
+ BN_free(r_mont);
+ BN_free(r_mont_const);
+ BN_free(r_recp);
+ BN_free(r_simple);
+ BN_free(a);
+ BN_free(b);
+ BN_free(m);
+ BN_CTX_free(ctx);
+ ERR_remove_thread_state(NULL);
+ CRYPTO_mem_leaks(out);
+ BIO_free(out);
+ printf("\n");
+
+ if (test_exp_mod_zero() != 0)
+ goto err;
+
+ printf("done\n");
+
+ EXIT(0);
+ err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+#ifdef OPENSSL_SYS_NETWARE
+ printf("ERROR\n");
+#endif
+ EXIT(1);
+}
--- /dev/null
+/* vim: set fileencoding=ascii : Charset: ASCII */
+/* test/gostr2814789t.c */
+/* ====================================================================
+ * Copyright (c) 2012 Crypto-Pro, Ltd., Serguei E. Leontiev,
+ * lse@cryptopro.ru
+ *
+ * This file is distributed under the same license as OpenSSL
+ * ====================================================================
+ */
+#include <stdio.h>
+
+#if defined(OPENSSL_NO_ENGINE) || defined(OPENSSL_NO_GOST)
+int main(int argc, char *argv[])
+{
+ printf("No GOST 28147-89 support\n");
+ return 0;
+}
+#else
+
+# include <stdlib.h>
+# include <string.h>
+# include <openssl/conf.h>
+# include <openssl/crypto.h>
+# include <openssl/engine.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/hmac.h>
+# include <openssl/obj_mac.h>
+
+# define CCGOST_ID "gost"
+
+# include "../engines/ccgost/gost89.h"
+
+# define G89_MAX_TC_LEN (2048)
+# define G89_BLOCK_LEN (8)
+
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef unsigned __int64 u64;
+# define U64(C) C##UI64
+# define FMT64 "%I64u"
+# elif defined(__arch64__)
+typedef unsigned long u64;
+# define U64(C) C##UL
+# define FMT64 "%lu"
+# else
+typedef unsigned long long u64;
+# define U64(C) C##ULL
+# define FMT64 "%llu"
+# endif
+# if defined(__MINGW32__)
+# undef FMT64
+# define FMT64 "%I64u"
+# endif
+
+typedef enum g89_mode_ {
+ G89_ECB,
+ G89_CFB,
+ G89_CNT,
+ G89_IMIT
+} g89_mode;
+
+typedef struct g89_tc_ {
+ u64 ullLen; /* ullLen > G89_MAX_TC_LEN */
+ /* Clear text ullLen */
+ /* of zero bytes */
+ const byte bIn[G89_MAX_TC_LEN]; /* Clear text, when */
+ /* ullLen <= G89_MAX_TC_LEN */
+ const char *szParamSet; /* S-Box ID */
+ const char *szDerive; /* String for derive bRawKey */
+ const byte bRawKey[EVP_MAX_KEY_LENGTH];
+ g89_mode gMode; /* Mode of encryption or MAC */
+ const byte bIV[EVP_MAX_IV_LENGTH]; /* IV for CFB or CNT mode */
+ const byte bOut[G89_MAX_TC_LEN]; /* Cipher text for ECB/CFB/CNT */
+ /*
+ * mode, when ullLen <= G89_MAX_TC_LEN; Last 16 byte of cipher text for
+ * ECB/CFB/CNT, when ullLen > G89_MAX_TC_LEN; 4 byte MAC for imitovstavka
+ */
+} g89_tc;
+
+const g89_tc tcs[] = {
+ /*
+ * GOST R 34.11-94 Test cases
+ */
+ { /* see p. A.3.1 [GOSTR341194], p. 7.3.1
+ * [ENG-GOSTR341194] */
+ /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */
+ /* Iteration 1, K[1], see Errata for RFC 5831 */
+ 8,
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ "id-GostR3410-94-TestParamSet",
+ NULL,
+ {
+ 0x54, 0x6d, 0x20, 0x33, 0x68, 0x65, 0x6c, 0x32,
+ 0x69, 0x73, 0x65, 0x20, 0x73, 0x73, 0x6e, 0x62,
+ 0x20, 0x61, 0x67, 0x79, 0x69, 0x67, 0x74, 0x74,
+ 0x73, 0x65, 0x68, 0x65, 0x20, 0x2c, 0x3d, 0x73},
+ G89_ECB,
+ {0},
+ {
+ 0x1b, 0x0b, 0xbc, 0x32, 0xce, 0xbc, 0xab, 0x42}
+ },
+ { /* see p. A.3.1 [GOSTR341194], p. 7.3.1
+ * [ENG-GOSTR341194] */
+ /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */
+ /* Iteration 1, K[4] */
+ 8,
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ "id-GostR3410-94-TestParamSet",
+ NULL,
+ {
+ 0xec, 0x0a, 0x8b, 0xa1, 0x5e, 0xc0, 0x04, 0xa8,
+ 0xba, 0xc5, 0x0c, 0xac, 0x0c, 0x62, 0x1d, 0xee,
+ 0xe1, 0xc7, 0xb8, 0xe7, 0x00, 0x7a, 0xe2, 0xec,
+ 0xf2, 0x73, 0x1b, 0xff, 0x4e, 0x80, 0xe2, 0xa0},
+ G89_ECB,
+ {0},
+ {
+ 0x2d, 0x56, 0x2a, 0x0d, 0x19, 0x04, 0x86, 0xe7}
+ },
+ { /* see p. A.3.1 [GOSTR341194], p. 7.3.1
+ * [ENG-GOSTR341194] */
+ /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */
+ /* Iteration 2, K[1] */
+ 8,
+ {
+ 0x34, 0xc0, 0x15, 0x33, 0xe3, 0x7d, 0x1c, 0x56},
+ "id-GostR3410-94-TestParamSet",
+ NULL,
+ {
+ 0x34, 0x87, 0x24, 0xa4, 0xc1, 0xa6, 0x76, 0x67,
+ 0x15, 0x3d, 0xde, 0x59, 0x33, 0x88, 0x42, 0x50,
+ 0xe3, 0x24, 0x8c, 0x65, 0x7d, 0x41, 0x3b, 0x8c,
+ 0x1c, 0x9c, 0xa0, 0x9a, 0x56, 0xd9, 0x68, 0xcf},
+ G89_ECB,
+ {0},
+ {
+ 0x86, 0x3e, 0x78, 0xdd, 0x2d, 0x60, 0xd1, 0x3c}
+ },
+ /*
+ * id-Gost28147-89-CryptoPro-A-ParamSet (1.2.643.2.2.31.1)
+ * Test cases
+ */
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 16,
+ {
+ 0x74, 0x3d, 0x76, 0xf9, 0x1b, 0xee, 0x35, 0x3c,
+ 0xa2, 0x5c, 0x3b, 0x10, 0xeb, 0x64, 0xcf, 0xf5},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testecb1",
+ {
+ 0xbb, 0xf1, 0xed, 0xd3, 0x20, 0xaf, 0x8a, 0x62,
+ 0x8e, 0x11, 0xc8, 0xa9, 0x51, 0xcc, 0xbe, 0x81,
+ 0x47, 0x7b, 0x41, 0xa1, 0x6a, 0xf6, 0x7f, 0x05,
+ 0xe8, 0x51, 0x2f, 0x9e, 0x01, 0xf8, 0xcf, 0x49},
+ G89_ECB,
+ {0},
+ {
+ 0xc3, 0x73, 0x90, 0x95, 0x35, 0x58, 0x08, 0x63,
+ 0xcb, 0x68, 0x85, 0x96, 0x77, 0xe8, 0xfb, 0xa9}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 16,
+ {
+ 0xd2, 0xfd, 0xf8, 0x3a, 0xc1, 0xb4, 0x39, 0x23,
+ 0x2e, 0xaa, 0xcc, 0x98, 0x0a, 0x02, 0xda, 0x33},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testcfb1",
+ {
+ 0x8d, 0x5a, 0x2c, 0x83, 0xa7, 0xc7, 0x0a, 0x61,
+ 0xd6, 0x1b, 0x34, 0xb5, 0x1f, 0xdf, 0x42, 0x68,
+ 0x66, 0x71, 0xa3, 0x5d, 0x87, 0x4c, 0xfd, 0x84,
+ 0x99, 0x36, 0x63, 0xb6, 0x1e, 0xd6, 0x0d, 0xad},
+ G89_CFB,
+ {
+ 0x46, 0x60, 0x6f, 0x0d, 0x88, 0x34, 0x23, 0x5a},
+ {
+ 0x88, 0xb7, 0x75, 0x16, 0x74, 0xa5, 0xee, 0x2d,
+ 0x14, 0xfe, 0x91, 0x67, 0xd0, 0x5c, 0xcc, 0x40}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 16,
+ {
+ 0x90, 0xa2, 0x39, 0x66, 0xae, 0x01, 0xb9, 0xa3,
+ 0x52, 0x4e, 0xc8, 0xed, 0x6c, 0xdd, 0x88, 0x30},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testcnt1",
+ {
+ 0x59, 0x9f, 0x84, 0xba, 0xc3, 0xf3, 0xd2, 0xf1,
+ 0x60, 0xe1, 0xe3, 0xf2, 0x6a, 0x96, 0x1a, 0xf9,
+ 0x9c, 0x48, 0xb2, 0x4e, 0xbc, 0xbb, 0xbf, 0x7c,
+ 0xd8, 0xf3, 0xac, 0xcd, 0x96, 0x8d, 0x28, 0x6a},
+ G89_CNT,
+ {
+ 0x8d, 0xaf, 0xa8, 0xd1, 0x58, 0xed, 0x05, 0x8d},
+ {
+ 0x6e, 0x72, 0x62, 0xcc, 0xe3, 0x59, 0x36, 0x90,
+ 0x83, 0x3a, 0xfe, 0xa9, 0x1b, 0xc9, 0xbe, 0xce}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 16,
+ {
+ 0xb5, 0xa1, 0xf0, 0xe3, 0xce, 0x2f, 0x02, 0x1d,
+ 0x67, 0x61, 0x94, 0x34, 0x5c, 0x41, 0xe3, 0x6e},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testimit1",
+ {
+ 0x9d, 0x05, 0xb7, 0x9e, 0x90, 0xca, 0xd0, 0x0a,
+ 0x2c, 0xda, 0xd2, 0x2e, 0xf4, 0xe8, 0x6f, 0x5c,
+ 0xf5, 0xdc, 0x37, 0x68, 0x19, 0x85, 0xb3, 0xbf,
+ 0xaa, 0x18, 0xc1, 0xc3, 0x05, 0x0a, 0x91, 0xa2},
+ G89_IMIT,
+ {0},
+ {
+ 0xf8, 0x1f, 0x08, 0xa3}
+ },
+ /*
+ * Other paramsets and key meshing test cases.
+ */
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 1039,
+ {
+ 0x8c, 0x9c, 0x44, 0x35, 0xfb, 0xe9, 0xa5, 0xa3,
+ 0xa0, 0xae, 0x28, 0x56, 0x91, 0x10, 0x8e, 0x1e,
+ 0xd2, 0xbb, 0x18, 0x53, 0x81, 0x27, 0x0d, 0xa6,
+ 0x68, 0x59, 0x36, 0xc5, 0x81, 0x62, 0x9a, 0x8e,
+ 0x7d, 0x50, 0xf1, 0x6f, 0x97, 0x62, 0x29, 0xec,
+ 0x80, 0x51, 0xe3, 0x7d, 0x6c, 0xc4, 0x07, 0x95,
+ 0x28, 0x63, 0xdc, 0xb4, 0xb9, 0x2d, 0xb8, 0x13,
+ 0xb1, 0x05, 0xb5, 0xf9, 0xeb, 0x75, 0x37, 0x4e,
+ 0xf7, 0xbf, 0x51, 0xf1, 0x98, 0x86, 0x43, 0xc4,
+ 0xe4, 0x3d, 0x3e, 0xa7, 0x62, 0xec, 0x41, 0x59,
+ 0xe0, 0xbd, 0xfb, 0xb6, 0xfd, 0xec, 0xe0, 0x77,
+ 0x13, 0xd2, 0x59, 0x90, 0xa1, 0xb8, 0x97, 0x6b,
+ 0x3d, 0x8b, 0x7d, 0xfc, 0x9d, 0xca, 0x82, 0x73,
+ 0x32, 0x70, 0x0a, 0x74, 0x03, 0xc6, 0x0c, 0x26,
+ 0x7f, 0x56, 0xf0, 0x9d, 0xb2, 0xeb, 0x71, 0x40,
+ 0xd7, 0xc3, 0xb1, 0xa7, 0xc5, 0x1e, 0x20, 0x17,
+ 0xb3, 0x50, 0x1d, 0x8a, 0x6e, 0x19, 0xcb, 0xbe,
+ 0x20, 0x86, 0x2b, 0xd6, 0x1c, 0xfd, 0xb4, 0xb7,
+ 0x5d, 0x9a, 0xb3, 0xe3, 0x7d, 0x15, 0x7a, 0x35,
+ 0x01, 0x9f, 0x5d, 0x65, 0x89, 0x4b, 0x34, 0xc6,
+ 0xf4, 0x81, 0x3f, 0x78, 0x30, 0xcf, 0xe9, 0x15,
+ 0x90, 0x9a, 0xf9, 0xde, 0xba, 0x63, 0xd0, 0x19,
+ 0x14, 0x66, 0x3c, 0xb9, 0xa4, 0xb2, 0x84, 0x94,
+ 0x02, 0xcf, 0xce, 0x20, 0xcf, 0x76, 0xe7, 0xc5,
+ 0x48, 0xf7, 0x69, 0x3a, 0x5d, 0xec, 0xaf, 0x41,
+ 0xa7, 0x12, 0x64, 0x83, 0xf5, 0x99, 0x1e, 0x9e,
+ 0xb2, 0xab, 0x86, 0x16, 0x00, 0x23, 0x8e, 0xe6,
+ 0xd9, 0x80, 0x0b, 0x6d, 0xc5, 0x93, 0xe2, 0x5c,
+ 0x8c, 0xd8, 0x5e, 0x5a, 0xae, 0x4a, 0x85, 0xfd,
+ 0x76, 0x01, 0xea, 0x30, 0xf3, 0x78, 0x34, 0x10,
+ 0x72, 0x51, 0xbc, 0x9f, 0x76, 0xce, 0x1f, 0xd4,
+ 0x8f, 0x33, 0x50, 0x34, 0xc7, 0x4d, 0x7b, 0xcf,
+ 0x91, 0x63, 0x7d, 0x82, 0x9e, 0xa1, 0x23, 0x45,
+ 0xf5, 0x45, 0xac, 0x98, 0x7a, 0x48, 0xff, 0x64,
+ 0xd5, 0x59, 0x47, 0xde, 0x2b, 0x3f, 0xfa, 0xec,
+ 0x50, 0xe0, 0x81, 0x60, 0x8b, 0xc3, 0xfc, 0x80,
+ 0x98, 0x17, 0xc7, 0xa3, 0xc2, 0x57, 0x3d, 0xab,
+ 0x91, 0x67, 0xf5, 0xc4, 0xab, 0x92, 0xc8, 0xd6,
+ 0x3b, 0x6b, 0x3f, 0xff, 0x15, 0x6b, 0xcf, 0x53,
+ 0x65, 0x02, 0xf1, 0x74, 0xca, 0xa9, 0xbe, 0x24,
+ 0xd2, 0xf0, 0xb7, 0x26, 0xa8, 0xd7, 0x6d, 0xed,
+ 0x90, 0x36, 0x7b, 0x3e, 0x41, 0xa9, 0x7f, 0xa3,
+ 0x1b, 0xf4, 0x43, 0xc5, 0x51, 0xbe, 0x28, 0x59,
+ 0xe9, 0x45, 0x26, 0x49, 0x38, 0x32, 0xf8, 0xf3,
+ 0x92, 0x6e, 0x30, 0xcc, 0xb0, 0xa0, 0xf9, 0x01,
+ 0x14, 0xc8, 0xba, 0xd9, 0xf0, 0x2a, 0x29, 0xe2,
+ 0x52, 0x9a, 0x76, 0x95, 0x3a, 0x16, 0x32, 0xec,
+ 0xf4, 0x10, 0xec, 0xee, 0x47, 0x00, 0x70, 0x19,
+ 0xe4, 0x72, 0x35, 0x66, 0x44, 0x53, 0x2d, 0xa2,
+ 0xf3, 0xaa, 0x7e, 0x8a, 0x33, 0x13, 0xcd, 0xc8,
+ 0xbf, 0x0e, 0x40, 0x90, 0x00, 0xe4, 0x42, 0xc3,
+ 0x09, 0x84, 0xe1, 0x66, 0x17, 0xa2, 0xaf, 0x03,
+ 0xab, 0x6b, 0xa1, 0xec, 0xfb, 0x17, 0x72, 0x81,
+ 0xfe, 0x9a, 0x9f, 0xf4, 0xb2, 0x33, 0x1f, 0xae,
+ 0x0c, 0xd1, 0x6a, 0xae, 0x19, 0xb8, 0xaf, 0xec,
+ 0xe3, 0xea, 0x00, 0xf8, 0xac, 0x87, 0x07, 0x5f,
+ 0x6d, 0xb0, 0xac, 0x6b, 0x22, 0x48, 0x36, 0xbf,
+ 0x22, 0x18, 0xb0, 0x03, 0x9f, 0x6c, 0x70, 0x45,
+ 0x36, 0xf0, 0x6b, 0xc6, 0xc2, 0xa5, 0x72, 0x2c,
+ 0xd8, 0xe0, 0x27, 0x3d, 0xec, 0x56, 0x07, 0x05,
+ 0x7d, 0x83, 0xa1, 0x65, 0x7d, 0x41, 0x5b, 0xcd,
+ 0x77, 0x24, 0xe5, 0xaa, 0x76, 0x47, 0xd0, 0x50,
+ 0xf6, 0xe7, 0xb5, 0x59, 0x75, 0x31, 0x27, 0xef,
+ 0xd8, 0xa6, 0x4e, 0x7f, 0xb8, 0x40, 0xb1, 0xdf,
+ 0x53, 0x14, 0xed, 0xf1, 0x68, 0x5f, 0xfc, 0x3f,
+ 0x02, 0xdb, 0x05, 0xeb, 0x31, 0xe4, 0x2c, 0x7f,
+ 0x32, 0xb5, 0x70, 0x8e, 0x75, 0x85, 0xa4, 0x5c,
+ 0x16, 0x23, 0x37, 0xf2, 0x10, 0x79, 0xcb, 0xdc,
+ 0xf8, 0x1c, 0x25, 0xc2, 0xa1, 0x3d, 0x9c, 0x33,
+ 0x6c, 0xed, 0xc3, 0xe7, 0xf3, 0x02, 0x87, 0x82,
+ 0x4e, 0xfb, 0xac, 0xb3, 0x2d, 0xfc, 0xf8, 0x0d,
+ 0x1d, 0x4a, 0x39, 0xd4, 0xb3, 0x09, 0xbb, 0xe9,
+ 0x25, 0xc7, 0xec, 0x6a, 0x87, 0x72, 0x84, 0xed,
+ 0x12, 0x60, 0x19, 0x64, 0xeb, 0x16, 0x2a, 0x5b,
+ 0x10, 0x76, 0x27, 0xff, 0x7b, 0xe4, 0xae, 0xe5,
+ 0xa4, 0x04, 0x02, 0x7f, 0xbb, 0x0a, 0xb5, 0xf4,
+ 0x05, 0xa5, 0x56, 0x1c, 0x53, 0x31, 0x7a, 0x93,
+ 0xba, 0x16, 0x15, 0xab, 0x62, 0x60, 0xfc, 0xde,
+ 0x72, 0x36, 0x6e, 0x28, 0xaf, 0x98, 0x0d, 0xe6,
+ 0xf4, 0xde, 0x60, 0xa7, 0x7e, 0x06, 0x07, 0x86,
+ 0xf3, 0x94, 0xb6, 0x6d, 0x0d, 0x93, 0xa6, 0xbc,
+ 0x60, 0x70, 0x33, 0xac, 0x3f, 0xa1, 0xa8, 0x4a,
+ 0x20, 0x61, 0xb6, 0xb5, 0x43, 0xa3, 0x15, 0x5a,
+ 0x00, 0xbe, 0x76, 0x98, 0x57, 0x72, 0xab, 0x7a,
+ 0x0e, 0x18, 0x93, 0x82, 0x3a, 0x18, 0x78, 0x6e,
+ 0x71, 0x7b, 0x78, 0x4f, 0x7e, 0x8c, 0xde, 0x7a,
+ 0x62, 0xb5, 0x0a, 0x7c, 0x45, 0x1d, 0x16, 0xd5,
+ 0xc3, 0x8c, 0x9b, 0x25, 0xb4, 0x50, 0x90, 0xcd,
+ 0x96, 0x93, 0xad, 0x0f, 0xd4, 0x43, 0xcb, 0x49,
+ 0x0f, 0xfc, 0x5a, 0x31, 0xf4, 0x19, 0xb7, 0xd4,
+ 0xeb, 0x4d, 0x40, 0x58, 0xd0, 0x3b, 0xc8, 0xe0,
+ 0x4a, 0x54, 0x2f, 0xdb, 0x22, 0xc3, 0x29, 0x7b,
+ 0x40, 0x90, 0x61, 0x43, 0xd3, 0x7e, 0xe2, 0x30,
+ 0x2b, 0x48, 0x3c, 0xce, 0x90, 0x93, 0xb1, 0x8b,
+ 0x31, 0x96, 0x65, 0x6d, 0x57, 0x8b, 0x9d, 0x4d,
+ 0x53, 0xf0, 0x83, 0x1c, 0xe5, 0xa1, 0x9d, 0x55,
+ 0xe3, 0xbf, 0x7e, 0xca, 0x1a, 0x74, 0x66, 0x14,
+ 0xcc, 0x47, 0x43, 0xd9, 0xbb, 0xef, 0x97, 0x7d,
+ 0xb7, 0x6e, 0xff, 0xf1, 0x22, 0xf8, 0x10, 0x2d,
+ 0x3f, 0xcd, 0x49, 0x96, 0xd9, 0x09, 0x11, 0xb8,
+ 0x33, 0xd0, 0x23, 0x9a, 0xfa, 0x16, 0xcb, 0x50,
+ 0x26, 0x57, 0x24, 0x5c, 0x0e, 0xba, 0xf0, 0x3f,
+ 0x37, 0x2f, 0xa3, 0xf7, 0x18, 0x57, 0x48, 0x48,
+ 0x95, 0xcf, 0xef, 0x87, 0x67, 0x2a, 0xe9, 0xb6,
+ 0x8a, 0x21, 0x36, 0x7f, 0xff, 0x48, 0x6c, 0x46,
+ 0x35, 0x57, 0xf2, 0xbc, 0x48, 0x67, 0x8f, 0x63,
+ 0x23, 0x78, 0x11, 0x2b, 0xc2, 0x08, 0xde, 0x51,
+ 0xe8, 0x8b, 0x92, 0x29, 0xf9, 0x9a, 0x9e, 0xad,
+ 0xed, 0x0f, 0xeb, 0xa2, 0xd2, 0x40, 0x92, 0xd4,
+ 0xde, 0x62, 0x95, 0x76, 0xfd, 0x6e, 0x3c, 0xbf,
+ 0xc0, 0xd7, 0x0d, 0xe5, 0x1b, 0xa4, 0xc7, 0x18,
+ 0xe1, 0x58, 0xa4, 0x56, 0xef, 0x2e, 0x17, 0x1b,
+ 0x75, 0xcb, 0xbc, 0xf9, 0x2a, 0x95, 0x71, 0xa7,
+ 0x1d, 0x7f, 0xe7, 0x73, 0x63, 0x05, 0x6b, 0x19,
+ 0x4c, 0xf4, 0x22, 0x14, 0xc4, 0x59, 0x88, 0x66,
+ 0x92, 0x86, 0x61, 0x5c, 0x6a, 0xae, 0xec, 0x58,
+ 0xff, 0xc9, 0xf2, 0x44, 0xd4, 0xa2, 0xf5, 0x98,
+ 0xeb, 0x5f, 0x09, 0xbc, 0x8a, 0xbf, 0x3c, 0xb4,
+ 0x3e, 0xb1, 0x20, 0x05, 0x44, 0x96, 0x79, 0x0a,
+ 0x40, 0x92, 0x7f, 0x9d, 0xd1, 0xaf, 0xbc, 0x90,
+ 0x95, 0x0a, 0x81, 0xd4, 0xa7, 0xc6, 0xb8, 0xe0,
+ 0xe4, 0x39, 0x30, 0x1d, 0x79, 0xc0, 0xe5, 0xfa,
+ 0xb4, 0xe9, 0x63, 0xb4, 0x09, 0x72, 0x3b, 0x3e,
+ 0xd9, 0xf6, 0xd9, 0x10, 0x21, 0x18, 0x7e, 0xe5,
+ 0xad, 0x81, 0xd7, 0xd5, 0x82, 0xd0, 0x8c, 0x3b,
+ 0x38, 0x95, 0xf8, 0x92, 0x01, 0xa9, 0x92, 0x00,
+ 0x70, 0xd1, 0xa7, 0x88, 0x77, 0x1f, 0x3a, 0xeb,
+ 0xb5, 0xe4, 0xf5, 0x9d, 0xc7, 0x37, 0x86, 0xb2,
+ 0x12, 0x46, 0x34, 0x19, 0x72, 0x8c, 0xf5, 0x8c,
+ 0xf6, 0x78, 0x98, 0xe0, 0x7c, 0xd3, 0xf4},
+ "id-Gost28147-89-CryptoPro-B-ParamSet",
+ "testcfb2",
+ {
+ 0x48, 0x0c, 0x74, 0x1b, 0x02, 0x6b, 0x55, 0xd5,
+ 0xb6, 0x6d, 0xd7, 0x1d, 0x40, 0x48, 0x05, 0x6b,
+ 0x6d, 0xeb, 0x3c, 0x29, 0x0f, 0x84, 0x80, 0x23,
+ 0xee, 0x0d, 0x47, 0x77, 0xe3, 0xfe, 0x61, 0xc9},
+ G89_CFB,
+ {
+ 0x1f, 0x3f, 0x82, 0x1e, 0x0d, 0xd8, 0x1e, 0x22},
+ {
+ 0x23, 0xc6, 0x7f, 0x20, 0xa1, 0x23, 0x58, 0xbc,
+ 0x7b, 0x05, 0xdb, 0x21, 0x15, 0xcf, 0x96, 0x41,
+ 0xc7, 0x88, 0xef, 0x76, 0x5c, 0x49, 0xdb, 0x42,
+ 0xbf, 0xf3, 0xc0, 0xf5, 0xbd, 0x5d, 0xd9, 0x8e,
+ 0xaf, 0x3d, 0xf4, 0xe4, 0xda, 0x88, 0xbd, 0xbc,
+ 0x47, 0x5d, 0x76, 0x07, 0xc9, 0x5f, 0x54, 0x1d,
+ 0x1d, 0x6a, 0xa1, 0x2e, 0x18, 0xd6, 0x60, 0x84,
+ 0x02, 0x18, 0x37, 0x92, 0x92, 0x15, 0xab, 0x21,
+ 0xee, 0x21, 0xcc, 0x71, 0x6e, 0x51, 0xd9, 0x2b,
+ 0xcc, 0x81, 0x97, 0x3f, 0xeb, 0x45, 0x99, 0xb8,
+ 0x1b, 0xda, 0xff, 0x90, 0xd3, 0x41, 0x06, 0x9c,
+ 0x3f, 0xfb, 0xe4, 0xb2, 0xdc, 0xc9, 0x03, 0x0d,
+ 0xa7, 0xae, 0xd7, 0x7d, 0x02, 0xb8, 0x32, 0xab,
+ 0xf3, 0x65, 0xa3, 0x65, 0x6c, 0x4e, 0xe4, 0xa2,
+ 0x5e, 0x9e, 0xee, 0xcd, 0xde, 0x79, 0x36, 0x6b,
+ 0x1b, 0xe1, 0x3c, 0xdf, 0x10, 0xad, 0x4f, 0x02,
+ 0xe1, 0x14, 0xaa, 0x09, 0xb4, 0x0b, 0x76, 0xeb,
+ 0x69, 0x38, 0x20, 0x02, 0xcb, 0x8e, 0xc0, 0xdf,
+ 0xca, 0x48, 0x74, 0xc3, 0x31, 0xad, 0x42, 0x2c,
+ 0x51, 0x9b, 0xd0, 0x6a, 0xc1, 0x36, 0xd7, 0x21,
+ 0xdf, 0xb0, 0x45, 0xba, 0xca, 0x7f, 0x35, 0x20,
+ 0x28, 0xbb, 0xc1, 0x76, 0xfd, 0x43, 0x5d, 0x23,
+ 0x7d, 0x31, 0x84, 0x1a, 0x97, 0x4d, 0x83, 0xaa,
+ 0x7e, 0xf1, 0xc4, 0xe6, 0x83, 0xac, 0x0d, 0xef,
+ 0xef, 0x3c, 0xa4, 0x7c, 0x48, 0xe4, 0xc8, 0xca,
+ 0x0d, 0x7d, 0xea, 0x7c, 0x45, 0xd7, 0x73, 0x50,
+ 0x25, 0x1d, 0x01, 0xc4, 0x02, 0x1a, 0xcd, 0xe0,
+ 0x38, 0x5b, 0xa8, 0x5a, 0x16, 0x9a, 0x10, 0x59,
+ 0x74, 0xd7, 0x19, 0xc6, 0xf3, 0xb5, 0x17, 0xf6,
+ 0x59, 0x8d, 0x62, 0xaf, 0x44, 0xe8, 0xdc, 0xe9,
+ 0xc1, 0x76, 0xf1, 0xd0, 0xbd, 0x29, 0xd7, 0xec,
+ 0x1d, 0xac, 0x57, 0xdb, 0x1a, 0x3f, 0xd8, 0xf6,
+ 0x6e, 0xb6, 0xe6, 0xdf, 0x36, 0xe7, 0x89, 0xce,
+ 0x56, 0x35, 0x43, 0x1c, 0x7d, 0x57, 0x79, 0x0e,
+ 0xd8, 0xf4, 0xd7, 0xa7, 0x0d, 0xc6, 0x8f, 0x91,
+ 0x66, 0x67, 0x82, 0x0f, 0x49, 0xc9, 0xc5, 0x65,
+ 0x81, 0xa1, 0x39, 0x5a, 0x53, 0x9f, 0x02, 0xa5,
+ 0xd5, 0x36, 0x22, 0xa8, 0xa8, 0x1c, 0x37, 0x0e,
+ 0x76, 0x46, 0xdf, 0xbd, 0x6a, 0xdb, 0xfc, 0x1b,
+ 0xbd, 0x10, 0xb8, 0xb1, 0xbc, 0x72, 0x4c, 0x58,
+ 0x4a, 0xda, 0x6d, 0x66, 0x00, 0xda, 0x7a, 0x66,
+ 0xa0, 0xe7, 0x3b, 0x39, 0xa3, 0xf7, 0x05, 0x07,
+ 0xfa, 0x21, 0x4b, 0xc7, 0x94, 0xc0, 0xd3, 0x7b,
+ 0x19, 0x02, 0x5d, 0x4a, 0x10, 0xf1, 0xc2, 0x0f,
+ 0x19, 0x68, 0x27, 0xc7, 0x7d, 0xbf, 0x55, 0x03,
+ 0x57, 0x7d, 0xaf, 0x77, 0xae, 0x80, 0x2f, 0x7a,
+ 0xe6, 0x1f, 0x4b, 0xdc, 0x15, 0x18, 0xc0, 0x62,
+ 0xa1, 0xe8, 0xd9, 0x1c, 0x9e, 0x8c, 0x96, 0x39,
+ 0xc1, 0xc4, 0x88, 0xf7, 0x0c, 0xe1, 0x04, 0x84,
+ 0x68, 0x51, 0xce, 0xf1, 0x90, 0xda, 0x7f, 0x76,
+ 0xc8, 0xc0, 0x88, 0xef, 0x8e, 0x15, 0x25, 0x3e,
+ 0x7b, 0xe4, 0x79, 0xb5, 0x66, 0x2d, 0x9c, 0xd1,
+ 0x13, 0xda, 0xd0, 0xd5, 0x46, 0xd5, 0x8d, 0x46,
+ 0x18, 0x07, 0xee, 0xd8, 0xc9, 0x64, 0xe3, 0xbe,
+ 0x0e, 0x68, 0x27, 0x09, 0x96, 0x26, 0xf6, 0xe2,
+ 0x19, 0x61, 0x3f, 0xf4, 0x58, 0x27, 0x0a, 0xeb,
+ 0xce, 0x7c, 0xb6, 0x68, 0x92, 0xe7, 0x12, 0x3b,
+ 0x31, 0xd4, 0x48, 0xdf, 0x35, 0x8d, 0xf4, 0x86,
+ 0x42, 0x2a, 0x15, 0x4b, 0xe8, 0x19, 0x1f, 0x26,
+ 0x65, 0x9b, 0xa8, 0xda, 0x4b, 0x79, 0x1f, 0x8e,
+ 0xe6, 0x13, 0x7e, 0x49, 0x8f, 0xc1, 0xce, 0xdc,
+ 0x5e, 0x64, 0x74, 0xce, 0x02, 0x78, 0xe0, 0xcf,
+ 0xa0, 0xed, 0x5e, 0x31, 0x74, 0xd1, 0xd0, 0xb4,
+ 0xee, 0x70, 0x19, 0x14, 0x3c, 0x8f, 0x16, 0xa6,
+ 0xcf, 0x12, 0x93, 0x15, 0x88, 0xeb, 0x91, 0x65,
+ 0x76, 0x98, 0xfd, 0xa1, 0x94, 0x30, 0xba, 0x43,
+ 0x62, 0x65, 0x40, 0x04, 0x77, 0x9e, 0xd6, 0xab,
+ 0x8b, 0x0d, 0x93, 0x80, 0x50, 0x5f, 0xa2, 0x76,
+ 0x20, 0xa7, 0xd6, 0x9c, 0x27, 0x15, 0x27, 0xbc,
+ 0xa5, 0x5a, 0xbf, 0xe9, 0x92, 0x82, 0x05, 0xa8,
+ 0x41, 0xe9, 0xb5, 0x60, 0xd5, 0xc0, 0xd7, 0x4b,
+ 0xad, 0x38, 0xb2, 0xe9, 0xd1, 0xe5, 0x51, 0x5f,
+ 0x24, 0x78, 0x24, 0x9a, 0x23, 0xd2, 0xc2, 0x48,
+ 0xbd, 0x0e, 0xf1, 0x37, 0x72, 0x91, 0x87, 0xb0,
+ 0x4e, 0xbd, 0x99, 0x6b, 0x2c, 0x01, 0xb6, 0x79,
+ 0x69, 0xec, 0x0c, 0xed, 0xe5, 0x3f, 0x50, 0x64,
+ 0x7c, 0xb9, 0xdd, 0xe1, 0x92, 0x81, 0xb5, 0xd0,
+ 0xcb, 0x17, 0x83, 0x86, 0x8b, 0xea, 0x4f, 0x93,
+ 0x08, 0xbc, 0x22, 0x0c, 0xef, 0xe8, 0x0d, 0xf5,
+ 0x9e, 0x23, 0xe1, 0xf9, 0xb7, 0x6b, 0x45, 0x0b,
+ 0xcb, 0xa9, 0xb6, 0x4d, 0x28, 0x25, 0xba, 0x3e,
+ 0x86, 0xf2, 0x75, 0x47, 0x5d, 0x9d, 0x6b, 0xf6,
+ 0x8a, 0x05, 0x58, 0x73, 0x3d, 0x00, 0xde, 0xfd,
+ 0x69, 0xb1, 0x61, 0x16, 0xf5, 0x2e, 0xb0, 0x9f,
+ 0x31, 0x6a, 0x00, 0xb9, 0xef, 0x71, 0x63, 0x47,
+ 0xa3, 0xca, 0xe0, 0x40, 0xa8, 0x7e, 0x02, 0x04,
+ 0xfe, 0xe5, 0xce, 0x48, 0x73, 0xe3, 0x94, 0xcf,
+ 0xe2, 0xff, 0x29, 0x7e, 0xf6, 0x32, 0xbb, 0xb7,
+ 0x55, 0x12, 0x21, 0x7a, 0x9c, 0x75, 0x04, 0x0c,
+ 0xb4, 0x7c, 0xb0, 0x3d, 0x40, 0xb3, 0x11, 0x9a,
+ 0x7a, 0x9a, 0x13, 0xfb, 0x77, 0xa7, 0x51, 0x68,
+ 0xf7, 0x05, 0x47, 0x3b, 0x0f, 0x52, 0x5c, 0xe6,
+ 0xc2, 0x99, 0x3a, 0x37, 0x54, 0x5c, 0x4f, 0x2b,
+ 0xa7, 0x01, 0x08, 0x74, 0xbc, 0x91, 0xe3, 0xe2,
+ 0xfe, 0x65, 0x94, 0xfd, 0x3d, 0x18, 0xe0, 0xf0,
+ 0x62, 0xed, 0xc2, 0x10, 0x82, 0x9c, 0x58, 0x7f,
+ 0xb2, 0xa3, 0x87, 0x8a, 0x74, 0xd9, 0xc1, 0xfb,
+ 0x84, 0x28, 0x17, 0xc7, 0x2b, 0xcb, 0x53, 0x1f,
+ 0x4e, 0x8a, 0x82, 0xfc, 0xb4, 0x3f, 0xc1, 0x47,
+ 0x25, 0xf3, 0x21, 0xdc, 0x4c, 0x2d, 0x08, 0xfa,
+ 0xe7, 0x0f, 0x03, 0xa9, 0x68, 0xde, 0x6b, 0x41,
+ 0xa0, 0xf9, 0x41, 0x6c, 0x57, 0x4d, 0x3a, 0x0e,
+ 0xea, 0x51, 0xca, 0x9f, 0x97, 0x11, 0x7d, 0xf6,
+ 0x8e, 0x88, 0x63, 0x67, 0xc9, 0x65, 0x13, 0xca,
+ 0x38, 0xed, 0x35, 0xbe, 0xf4, 0x27, 0xa9, 0xfc,
+ 0xa9, 0xe6, 0xc3, 0x40, 0x86, 0x08, 0x39, 0x72,
+ 0x37, 0xee, 0xb2, 0x87, 0x09, 0x96, 0xb7, 0x40,
+ 0x87, 0x36, 0x92, 0xc1, 0x5d, 0x6a, 0x2c, 0x43,
+ 0xca, 0x25, 0xc8, 0x35, 0x37, 0x2d, 0xb5, 0xa9,
+ 0x27, 0x44, 0x50, 0xf2, 0x6d, 0x22, 0x75, 0x41,
+ 0x77, 0x2a, 0xdb, 0xb1, 0x8c, 0x6d, 0x05, 0xe8,
+ 0xc9, 0x99, 0xc7, 0x08, 0xf9, 0x14, 0x8f, 0x78,
+ 0xa9, 0x8f, 0xc2, 0x5a, 0x7a, 0x65, 0xc5, 0xd8,
+ 0x86, 0xbb, 0x72, 0x69, 0x6b, 0x6b, 0x45, 0x83,
+ 0x5b, 0xb1, 0xf7, 0xcd, 0x16, 0x73, 0xee, 0xe9,
+ 0x80, 0x85, 0xfe, 0x8e, 0xe1, 0xae, 0x53, 0x8f,
+ 0xde, 0xbe, 0x48, 0x8b, 0x59, 0xef, 0xf6, 0x7e,
+ 0xd8, 0xb5, 0xa8, 0x47, 0xc0, 0x4e, 0x15, 0x58,
+ 0xca, 0xd3, 0x2f, 0xf8, 0x6c, 0xa6, 0x3d, 0x78,
+ 0x4d, 0x7a, 0x54, 0xd6, 0x10, 0xe5, 0xcc, 0x05,
+ 0xe2, 0x29, 0xb5, 0x86, 0x07, 0x39, 0x7d, 0x78,
+ 0x8e, 0x5a, 0x8f, 0x83, 0x4c, 0xe7, 0x3d, 0x68,
+ 0x3e, 0xe5, 0x02, 0xe6, 0x64, 0x4f, 0x5e, 0xb4,
+ 0x49, 0x77, 0xf0, 0xc0, 0xfa, 0x6f, 0xc8, 0xfb,
+ 0x9f, 0x84, 0x6f, 0x55, 0xfb, 0x30, 0x5e, 0x89,
+ 0x93, 0xa9, 0xf3, 0xa6, 0xa3, 0xd7, 0x26, 0xbb,
+ 0xd8, 0xa8, 0xd9, 0x95, 0x1d, 0xfe, 0xfc, 0xd7,
+ 0xa8, 0x93, 0x66, 0x2f, 0x04, 0x53, 0x06, 0x64,
+ 0x7f, 0x31, 0x29, 0xae, 0xb7, 0x9f, 0xba, 0xc4,
+ 0x6d, 0x68, 0xd1, 0x24, 0x32, 0xf4, 0x11}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 4,
+ {
+ 0x07, 0x9c, 0x91, 0xbe},
+ "id-Gost28147-89-CryptoPro-C-ParamSet",
+ "testcfb3",
+ {
+ 0x77, 0xc3, 0x45, 0x8e, 0xf6, 0x42, 0xe7, 0x04,
+ 0x8e, 0xfc, 0x08, 0xe4, 0x70, 0x96, 0xd6, 0x05,
+ 0x93, 0x59, 0x02, 0x6d, 0x6f, 0x97, 0xca, 0xe9,
+ 0xcf, 0x89, 0x44, 0x4b, 0xde, 0x6c, 0x22, 0x1d},
+ G89_CFB,
+ {
+ 0x43, 0x7c, 0x3e, 0x8e, 0x2f, 0x2a, 0x00, 0x98},
+ {
+ 0x19, 0x35, 0x81, 0x34}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 9,
+ {
+ 0x2f, 0x31, 0xd8, 0x83, 0xb4, 0x20, 0xe8, 0x6e,
+ 0xda},
+ "id-Gost28147-89-CryptoPro-D-ParamSet",
+ "testcfb4",
+ {
+ 0x38, 0x9f, 0xe8, 0x37, 0xff, 0x9c, 0x5d, 0x29,
+ 0xfc, 0x48, 0x55, 0xa0, 0x87, 0xea, 0xe8, 0x40,
+ 0x20, 0x87, 0x5b, 0xb2, 0x01, 0x15, 0x55, 0xa7,
+ 0xe3, 0x2d, 0xcb, 0x3d, 0xd6, 0x59, 0x04, 0x73},
+ G89_CFB,
+ {
+ 0xc5, 0xa2, 0xd2, 0x1f, 0x2f, 0xdf, 0xb8, 0xeb},
+ {
+ 0x6d, 0xa4, 0xed, 0x40, 0x08, 0x88, 0x71, 0xad,
+ 0x16}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 5242880 + 8,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test5Mcfb",
+ {
+ 0x61, 0x58, 0x44, 0x5a, 0x41, 0xf6, 0xc7, 0x0f,
+ 0x6b, 0xdb, 0x51, 0x91, 0x6a, 0xf6, 0x81, 0x30,
+ 0x8c, 0xa7, 0x98, 0xdd, 0x38, 0x35, 0x8a, 0x60,
+ 0x85, 0xb4, 0xf0, 0xf9, 0x43, 0xa2, 0x7d, 0x9a},
+ G89_CFB,
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {
+ 0x1c, 0x16, 0xa0, 0xe9, 0x63, 0x94, 0xfe, 0x38,
+ 0x37, 0xa7, 0x9b, 0x70, 0x25, 0x2e, 0xd6, 0x00}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ U64(4294967296) + 16,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test4Gcfb",
+ {
+ 0xae, 0x57, 0xa2, 0xdd, 0xa4, 0xef, 0x4f, 0x96,
+ 0xb8, 0x94, 0xa5, 0xd1, 0x1b, 0xc8, 0x9b, 0x42,
+ 0xa5, 0x24, 0xcc, 0x89, 0x5c, 0xb8, 0x92, 0x52,
+ 0xc1, 0x12, 0x6a, 0xb0, 0x9a, 0x26, 0xe8, 0x06},
+ G89_CFB,
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {
+ 0x2e, 0x62, 0xb0, 0x2e, 0xc7, 0x87, 0x4b, 0x29,
+ 0x33, 0x16, 0x6b, 0xb4, 0xd6, 0x61, 0x66, 0xd9}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 1037,
+ {
+ 0x3d, 0x0b, 0x69, 0xf7, 0xa8, 0xe4, 0xfc, 0x99,
+ 0x22, 0x2e, 0xee, 0xd1, 0x63, 0x12, 0xfe, 0xa8,
+ 0x9d, 0xcb, 0x6c, 0x4d, 0x48, 0x8c, 0xe8, 0xbd,
+ 0x8b, 0x60, 0xf1, 0xbf, 0x7b, 0xe3, 0x79, 0xd5,
+ 0x2b, 0x25, 0x97, 0x13, 0xef, 0x35, 0xda, 0xf4,
+ 0xbc, 0x77, 0xce, 0xea, 0xe9, 0x3f, 0xa4, 0xb6,
+ 0x01, 0xd5, 0x73, 0x29, 0x58, 0xda, 0xd7, 0x67,
+ 0x17, 0xac, 0xe4, 0x75, 0x2f, 0x57, 0x23, 0xac,
+ 0x96, 0x21, 0xc7, 0x62, 0x2d, 0xf7, 0x32, 0xb5,
+ 0x44, 0x5f, 0x72, 0xb1, 0x5f, 0xba, 0x1b, 0x1e,
+ 0xdb, 0x4a, 0x09, 0x8c, 0x92, 0x61, 0xa2, 0xb0,
+ 0x49, 0x68, 0xe5, 0xb3, 0xa2, 0x8f, 0x13, 0x4b,
+ 0xf5, 0x4d, 0x84, 0xda, 0xab, 0xa0, 0xb6, 0xd1,
+ 0x5a, 0x63, 0x19, 0xe8, 0xa2, 0x09, 0xf6, 0x76,
+ 0x6f, 0x9b, 0x48, 0x0a, 0x15, 0x5d, 0xb7, 0x20,
+ 0x21, 0x9a, 0x2e, 0xb9, 0x6d, 0xfa, 0x1e, 0xc2,
+ 0x0e, 0xef, 0x15, 0xab, 0x59, 0x01, 0xfe, 0x43,
+ 0x90, 0xf2, 0x62, 0xca, 0x4a, 0x9a, 0x48, 0x38,
+ 0xab, 0x6f, 0x9d, 0x21, 0xb3, 0xad, 0xa7, 0x60,
+ 0x46, 0xe3, 0xef, 0xd0, 0xe3, 0x1d, 0xc5, 0xe1,
+ 0xb8, 0xa1, 0xe2, 0x99, 0x20, 0xc5, 0x76, 0xcc,
+ 0xaa, 0x8a, 0xa9, 0x45, 0x55, 0xa0, 0x78, 0x00,
+ 0x64, 0xde, 0xcf, 0x5b, 0xdf, 0x26, 0x48, 0xcd,
+ 0xba, 0x8a, 0xb5, 0xfb, 0xfd, 0x4a, 0xd5, 0xc4,
+ 0xe0, 0x43, 0xa6, 0x71, 0x90, 0xa4, 0x8b, 0xca,
+ 0x2e, 0x88, 0x7b, 0xac, 0xb2, 0xdc, 0xf2, 0x01,
+ 0xcb, 0xda, 0x6e, 0x91, 0x27, 0x28, 0x44, 0x88,
+ 0x9a, 0xd2, 0x12, 0xf1, 0xa6, 0xf5, 0xb7, 0x61,
+ 0xce, 0x79, 0x62, 0x52, 0x3c, 0xe6, 0x14, 0x73,
+ 0xd1, 0x41, 0x92, 0x50, 0xbd, 0xdc, 0x3b, 0xd0,
+ 0xa7, 0x11, 0x8c, 0x3a, 0xe4, 0x2d, 0xf2, 0x52,
+ 0xd3, 0x2f, 0x7c, 0x8e, 0x54, 0x90, 0x4e, 0x23,
+ 0xae, 0xb3, 0xa0, 0xf3, 0x25, 0x7e, 0x66, 0xaa,
+ 0x0f, 0x6f, 0x81, 0x72, 0x77, 0xbb, 0xd3, 0x47,
+ 0xe8, 0x05, 0xff, 0xe1, 0x5b, 0xc9, 0x37, 0x50,
+ 0x33, 0x49, 0x17, 0xaf, 0xab, 0x1d, 0xe1, 0x15,
+ 0xf2, 0xe5, 0x98, 0x5e, 0x2d, 0x05, 0x1f, 0x0d,
+ 0x55, 0x97, 0xed, 0xff, 0x5e, 0xe0, 0x0f, 0xc3,
+ 0x9c, 0xbd, 0x82, 0xc2, 0x06, 0xbe, 0x45, 0x66,
+ 0xae, 0x33, 0xbe, 0x28, 0x48, 0xe9, 0x2d, 0x1a,
+ 0xe6, 0x65, 0x8e, 0xdf, 0x76, 0x03, 0x73, 0x4b,
+ 0xc0, 0x80, 0x71, 0xf9, 0xac, 0xba, 0xa0, 0xb0,
+ 0x19, 0x1a, 0x0a, 0xd4, 0x35, 0x12, 0x88, 0x76,
+ 0x05, 0x75, 0x8f, 0x7c, 0xb5, 0xf0, 0x19, 0x75,
+ 0x6d, 0x05, 0xcb, 0x0d, 0xbc, 0x8d, 0xe9, 0xf0,
+ 0xd4, 0xdb, 0x3c, 0x3c, 0x29, 0x8e, 0x2c, 0x32,
+ 0x1d, 0xf7, 0xb6, 0x49, 0xcf, 0xdb, 0x63, 0xee,
+ 0x3c, 0xfa, 0x33, 0x73, 0x6f, 0xe4, 0x97, 0x4e,
+ 0x2f, 0xc9, 0x4c, 0x5c, 0x65, 0xfe, 0xea, 0xfb,
+ 0xc6, 0xdd, 0xc1, 0x1c, 0x47, 0x3f, 0xf4, 0x50,
+ 0x2f, 0xde, 0x1b, 0x5b, 0x0b, 0x16, 0xca, 0xb6,
+ 0x46, 0x44, 0xf2, 0xc1, 0x0d, 0xa1, 0x1d, 0xa6,
+ 0xdb, 0xf0, 0x3d, 0xb1, 0x6c, 0x05, 0x31, 0x85,
+ 0x8e, 0x74, 0xae, 0xf2, 0x39, 0x26, 0xf7, 0xc1,
+ 0xe7, 0x4c, 0xdd, 0x9d, 0x40, 0xb8, 0xf3, 0xc5,
+ 0xc2, 0x16, 0x64, 0x6b, 0xaa, 0xdb, 0x4b, 0x82,
+ 0x5c, 0xd3, 0x02, 0xd3, 0x8f, 0x26, 0x79, 0x8d,
+ 0xb0, 0x78, 0x70, 0x19, 0x58, 0x0c, 0xb4, 0x31,
+ 0x88, 0x44, 0x1c, 0x91, 0x6f, 0xf4, 0x52, 0x39,
+ 0xa8, 0xf5, 0xc0, 0x1b, 0xfe, 0xf2, 0x0e, 0x4b,
+ 0xac, 0x0a, 0xc2, 0x7e, 0x9c, 0x9b, 0xeb, 0x5d,
+ 0x4e, 0x4f, 0x42, 0xd8, 0x71, 0x0a, 0x97, 0x27,
+ 0x03, 0x14, 0x96, 0xa6, 0x3d, 0x04, 0xea, 0x9f,
+ 0x14, 0x14, 0x27, 0x4c, 0xd9, 0xa2, 0x89, 0x5f,
+ 0x65, 0x4a, 0xe1, 0x9d, 0x2c, 0xb8, 0xf8, 0xd4,
+ 0x8f, 0x2a, 0x57, 0x36, 0xcc, 0x06, 0x9c, 0x2c,
+ 0xc5, 0x13, 0x16, 0xdf, 0xfc, 0xae, 0x22, 0x16,
+ 0xa8, 0x2b, 0x71, 0x6f, 0x1d, 0xb3, 0x47, 0x54,
+ 0x3f, 0x2d, 0x0a, 0x68, 0x9f, 0x2e, 0xf6, 0x90,
+ 0xd8, 0xa1, 0x21, 0x09, 0xd4, 0x97, 0xb9, 0x7b,
+ 0x7f, 0x9b, 0x6a, 0xed, 0xd1, 0xf0, 0xe3, 0xb6,
+ 0x28, 0xc7, 0x62, 0x82, 0x00, 0xc9, 0x38, 0xa1,
+ 0x82, 0x78, 0xce, 0x87, 0xc8, 0x53, 0xac, 0x4f,
+ 0x2e, 0x31, 0xb9, 0x50, 0x7f, 0x36, 0x00, 0x4a,
+ 0x32, 0xe6, 0xd8, 0xbb, 0x59, 0x45, 0x0e, 0x91,
+ 0x1b, 0x38, 0xa9, 0xbc, 0xb9, 0x5e, 0x6c, 0x6a,
+ 0x9c, 0x03, 0x01, 0x1c, 0xde, 0xe8, 0x1f, 0x1e,
+ 0xe3, 0xde, 0x25, 0xa2, 0x56, 0x79, 0xe1, 0xbd,
+ 0x58, 0xc4, 0x93, 0xe6, 0xd0, 0x8a, 0x4d, 0x08,
+ 0xab, 0xf7, 0xaa, 0xc3, 0x7d, 0xc1, 0xee, 0x68,
+ 0x37, 0xbc, 0x78, 0x0b, 0x19, 0x68, 0x2b, 0x2b,
+ 0x2e, 0x6d, 0xc4, 0x6f, 0xaa, 0x3b, 0xc6, 0x19,
+ 0xcb, 0xf1, 0x58, 0xb9, 0x60, 0x85, 0x45, 0xae,
+ 0x52, 0x97, 0xba, 0x24, 0x32, 0x13, 0x72, 0x16,
+ 0x6e, 0x7b, 0xc1, 0x98, 0xac, 0xb1, 0xed, 0xb4,
+ 0xcc, 0x6c, 0xcf, 0x45, 0xfc, 0x50, 0x89, 0x80,
+ 0x8e, 0x7a, 0xa4, 0xd3, 0x64, 0x50, 0x63, 0x37,
+ 0xc9, 0x6c, 0xf1, 0xc4, 0x3d, 0xfb, 0xde, 0x5a,
+ 0x5c, 0xa8, 0x21, 0x35, 0xe6, 0x2e, 0x8c, 0x2a,
+ 0x3c, 0x12, 0x17, 0x79, 0x9a, 0x0d, 0x2e, 0x79,
+ 0xeb, 0x67, 0x1f, 0x2b, 0xf8, 0x6e, 0xca, 0xc1,
+ 0xfa, 0x45, 0x18, 0x9e, 0xdf, 0x6a, 0xe6, 0xcb,
+ 0xe9, 0x5c, 0xc3, 0x09, 0xaf, 0x93, 0x58, 0x13,
+ 0xbf, 0x90, 0x84, 0x87, 0x75, 0xd6, 0x82, 0x28,
+ 0x8d, 0xe7, 0x2f, 0xa3, 0xfb, 0x97, 0x74, 0x2a,
+ 0x73, 0x04, 0x82, 0x06, 0x76, 0x69, 0xb1, 0x0b,
+ 0x19, 0xfc, 0xae, 0xb3, 0xdd, 0x2a, 0xe5, 0xc1,
+ 0x05, 0xd8, 0x80, 0x95, 0x22, 0x90, 0x71, 0xfc,
+ 0xc2, 0x92, 0x42, 0xfd, 0xf1, 0x70, 0xb4, 0x68,
+ 0x88, 0xa4, 0x9e, 0x0a, 0x24, 0x40, 0x13, 0xc8,
+ 0xa2, 0x56, 0x4f, 0x39, 0xe6, 0x06, 0xf1, 0xdc,
+ 0xf5, 0x13, 0x0e, 0xad, 0x9c, 0x8b, 0xaf, 0xe9,
+ 0xe3, 0x88, 0x72, 0xff, 0xa0, 0x6d, 0xda, 0x08,
+ 0x70, 0xb9, 0x2e, 0x83, 0xc5, 0xbb, 0x32, 0xa5,
+ 0x74, 0xc7, 0xfb, 0x7b, 0x76, 0xaf, 0x02, 0xbb,
+ 0x2b, 0xb8, 0x5e, 0x65, 0x02, 0xfe, 0x0e, 0xa0,
+ 0x99, 0xce, 0x01, 0x3b, 0x35, 0xe1, 0xb0, 0x22,
+ 0xe5, 0x94, 0xbd, 0xdd, 0x8e, 0xbb, 0xf6, 0x75,
+ 0xbf, 0xbf, 0xee, 0x7a, 0xb1, 0x58, 0xb4, 0x81,
+ 0xb8, 0x39, 0x3e, 0xb6, 0x1e, 0xde, 0xda, 0x1b,
+ 0xd5, 0xf7, 0xdd, 0x7d, 0x65, 0x9c, 0xaa, 0x56,
+ 0x93, 0xb8, 0xaf, 0x48, 0x53, 0xc7, 0x22, 0xe4,
+ 0x1c, 0xdf, 0xe9, 0x79, 0xb4, 0x20, 0x89, 0xcc,
+ 0x2a, 0x79, 0x2c, 0x09, 0xbe, 0x78, 0xcf, 0xcc,
+ 0xf2, 0x90, 0xd6, 0x65, 0xc5, 0x29, 0xfc, 0xda,
+ 0x69, 0xfc, 0xc0, 0xd6, 0x70, 0x99, 0x61, 0x3f,
+ 0x60, 0x02, 0xd8, 0x12, 0x22, 0xc8, 0x34, 0xc6,
+ 0x3b, 0xb3, 0xc2, 0x33, 0xa1, 0x5c, 0x8f, 0x4c,
+ 0xd1, 0x52, 0x72, 0xf2, 0x42, 0x05, 0x8e, 0x18,
+ 0x1f, 0x16, 0xda, 0xb8, 0x53, 0xa1, 0x5f, 0x01,
+ 0x32, 0x1b, 0x90, 0xb3, 0x53, 0x9b, 0xd0, 0x85,
+ 0x61, 0x2d, 0x17, 0xed, 0x0a, 0xa4, 0xa5, 0x27,
+ 0x09, 0x75, 0x7c, 0xbc, 0x30, 0xf7, 0x5e, 0x59,
+ 0x9a, 0x07, 0x96, 0x84, 0x28, 0x86, 0x4b, 0xa7,
+ 0x22, 0x35, 0x28, 0xc7, 0xed, 0x0d, 0xc3, 0xce,
+ 0x98, 0xcc, 0x2d, 0xec, 0xd4, 0x98, 0x09, 0x8e,
+ 0x52, 0x5f, 0x2b, 0x9a, 0x13, 0xbe, 0x99, 0x16,
+ 0x73, 0xd1, 0x1f, 0x81, 0xe5, 0xa2, 0x08, 0x78,
+ 0xcb, 0x0c, 0x20, 0xd4, 0xa5, 0xea, 0x4b, 0x5b,
+ 0x95, 0x5a, 0x92, 0x9a, 0x52},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testcnt2",
+ {
+ 0x1b, 0x5d, 0xdb, 0x77, 0xcf, 0xf9, 0xec, 0x95,
+ 0x5e, 0xcc, 0x67, 0x9f, 0x5d, 0x28, 0xad, 0x4a,
+ 0x27, 0xf4, 0x32, 0xc6, 0xb2, 0xcb, 0xb1, 0x45,
+ 0x6a, 0x88, 0x14, 0x0c, 0x9b, 0x9b, 0x5f, 0x48},
+ G89_CNT,
+ {
+ 0x71, 0x58, 0x8c, 0xe1, 0x55, 0xf4, 0xf6, 0xb3},
+ {
+ 0x8e, 0xcd, 0x8f, 0xc8, 0xac, 0xe1, 0x15, 0x48,
+ 0x2d, 0xae, 0x24, 0x8a, 0xc7, 0xfb, 0xba, 0x0f,
+ 0x1d, 0x8a, 0x95, 0xa2, 0x43, 0xef, 0xcb, 0xdc,
+ 0x59, 0x57, 0xa7, 0xc7, 0x0e, 0xe3, 0xe2, 0xb9,
+ 0x0d, 0x86, 0x29, 0x62, 0xcb, 0x83, 0x4d, 0x07,
+ 0x0c, 0x40, 0xd4, 0x7b, 0x2e, 0xca, 0xba, 0xbf,
+ 0x4a, 0x60, 0x3b, 0x31, 0x98, 0xc8, 0x88, 0x47,
+ 0xd9, 0x82, 0xab, 0xfc, 0x8f, 0x48, 0xe2, 0x46,
+ 0xab, 0xd3, 0xa1, 0xab, 0x8a, 0x05, 0x22, 0x8c,
+ 0xf4, 0xec, 0x9a, 0x1e, 0x76, 0xab, 0x1a, 0x60,
+ 0xd9, 0x25, 0x6b, 0xb8, 0x56, 0xe5, 0xb2, 0xea,
+ 0x10, 0xf3, 0x62, 0x04, 0x32, 0x5e, 0xaa, 0x3b,
+ 0x7b, 0x57, 0xbc, 0x3b, 0x8b, 0x43, 0x47, 0xf2,
+ 0xd5, 0x03, 0x7e, 0x51, 0x01, 0xff, 0x77, 0x28,
+ 0xca, 0x90, 0xa3, 0xfe, 0x7e, 0x2e, 0x70, 0x16,
+ 0x75, 0x18, 0x44, 0xf0, 0x1b, 0x85, 0x05, 0xea,
+ 0xe3, 0x21, 0xf7, 0x26, 0x86, 0x76, 0x3c, 0x67,
+ 0x9d, 0xfc, 0xbc, 0x10, 0x7f, 0x77, 0xe4, 0xed,
+ 0xd3, 0x12, 0xf8, 0x83, 0x00, 0x1f, 0x4b, 0x92,
+ 0x95, 0x92, 0x5c, 0xf3, 0x5a, 0xf3, 0xb7, 0xd0,
+ 0xa9, 0x5f, 0xf2, 0x18, 0xc4, 0x66, 0x62, 0xc1,
+ 0x84, 0x0e, 0x66, 0xe8, 0x80, 0x7d, 0x1f, 0xf0,
+ 0xba, 0x01, 0x9b, 0x71, 0xae, 0x93, 0xcc, 0x27,
+ 0x54, 0x34, 0x9a, 0xbd, 0xca, 0xee, 0x52, 0x09,
+ 0x92, 0x9d, 0xb0, 0xd5, 0xd9, 0xba, 0x2f, 0xb9,
+ 0x96, 0xdc, 0xfa, 0xbd, 0xce, 0xea, 0x1a, 0x7b,
+ 0x9a, 0x1d, 0x13, 0xa7, 0x11, 0xe2, 0x9a, 0x64,
+ 0xf6, 0xd3, 0xee, 0xc6, 0x33, 0xb7, 0x6e, 0xef,
+ 0x25, 0x9e, 0x1e, 0x7c, 0xe3, 0x1f, 0x2c, 0x6e,
+ 0xa9, 0xc0, 0xf8, 0xc1, 0xbf, 0x3b, 0xf8, 0x34,
+ 0x03, 0x9b, 0xa1, 0x40, 0x5b, 0x0c, 0x3c, 0x09,
+ 0x66, 0x9d, 0x63, 0xe2, 0xe2, 0x04, 0x8f, 0x06,
+ 0x84, 0x74, 0x68, 0xb2, 0x5c, 0x3b, 0x4c, 0xad,
+ 0x0b, 0x3f, 0x03, 0xb3, 0x07, 0x8a, 0x64, 0xa7,
+ 0x36, 0x56, 0x26, 0x39, 0x66, 0xda, 0xe9, 0x6d,
+ 0x1b, 0xd5, 0x88, 0xe8, 0x5c, 0xaf, 0x5a, 0x4c,
+ 0x49, 0xf7, 0xf5, 0xb7, 0x78, 0xf0, 0xde, 0xec,
+ 0xcd, 0x16, 0x23, 0x9e, 0x8c, 0x13, 0xbe, 0x6b,
+ 0x6f, 0x9b, 0x07, 0xe5, 0xbb, 0xcc, 0x3a, 0x1b,
+ 0x6f, 0x43, 0xdf, 0xff, 0x46, 0x2a, 0xae, 0x47,
+ 0x19, 0x18, 0x9a, 0x25, 0x09, 0xc9, 0x24, 0x40,
+ 0x0c, 0x4b, 0xa7, 0xda, 0x5e, 0x0d, 0xee, 0xfa,
+ 0x62, 0x45, 0x8e, 0xcc, 0x2f, 0x23, 0x08, 0x1d,
+ 0x92, 0xf0, 0xfe, 0x82, 0x0f, 0xd7, 0x11, 0x60,
+ 0x7e, 0x0b, 0x0b, 0x75, 0xf4, 0xf5, 0x3b, 0xc0,
+ 0xa4, 0xe8, 0x72, 0xa5, 0xb6, 0xfa, 0x5a, 0xad,
+ 0x5a, 0x4f, 0x39, 0xb5, 0xa2, 0x12, 0x96, 0x0a,
+ 0x32, 0x84, 0xb2, 0xa1, 0x06, 0x68, 0x56, 0x57,
+ 0x97, 0xa3, 0x7b, 0x22, 0x61, 0x76, 0x5d, 0x30,
+ 0x1a, 0x31, 0xab, 0x99, 0x06, 0xc5, 0x1a, 0x96,
+ 0xcf, 0xcf, 0x14, 0xff, 0xb2, 0xc4, 0xcc, 0x2b,
+ 0xbf, 0x0c, 0x9d, 0x91, 0x8f, 0x79, 0x5b, 0xbc,
+ 0xa9, 0x6b, 0x91, 0x6a, 0xb4, 0x93, 0x5c, 0x7b,
+ 0x5d, 0xc2, 0x8a, 0x75, 0xc0, 0xc1, 0x08, 0xfa,
+ 0x99, 0xf9, 0x4d, 0x5e, 0x0c, 0x06, 0x64, 0x60,
+ 0xa9, 0x01, 0x4a, 0x34, 0x0f, 0x33, 0x84, 0x95,
+ 0x69, 0x30, 0xc1, 0x1c, 0x36, 0xf8, 0xfc, 0x30,
+ 0x23, 0xb2, 0x71, 0xe5, 0x52, 0x4d, 0x12, 0x1a,
+ 0xc9, 0xbe, 0xee, 0xc9, 0xcb, 0x01, 0x85, 0xf3,
+ 0xdb, 0x30, 0xf9, 0x41, 0xa9, 0x40, 0xb0, 0x06,
+ 0x29, 0x77, 0xcd, 0xc5, 0xec, 0x58, 0x02, 0x48,
+ 0x83, 0x53, 0x44, 0x6a, 0xd2, 0xca, 0x05, 0xd8,
+ 0x5a, 0x08, 0xeb, 0xa9, 0xf4, 0xe6, 0xc7, 0x9d,
+ 0xd5, 0x7b, 0x74, 0x0b, 0x31, 0xb7, 0xa5, 0x57,
+ 0x7c, 0x7a, 0xfd, 0x1a, 0x0e, 0xd7, 0x97, 0x41,
+ 0xbf, 0xdd, 0xc6, 0x19, 0x6c, 0x77, 0x8c, 0x18,
+ 0x52, 0x57, 0x83, 0xba, 0x71, 0x25, 0xee, 0x39,
+ 0xbb, 0xe2, 0x43, 0xa0, 0x14, 0xdc, 0x0e, 0x84,
+ 0xb4, 0x2b, 0xde, 0x3e, 0xe5, 0x36, 0xb7, 0xa2,
+ 0x92, 0x98, 0x05, 0xb8, 0x96, 0xe5, 0xd0, 0x8c,
+ 0x08, 0x93, 0x35, 0xc2, 0x81, 0xe0, 0xfc, 0x59,
+ 0x71, 0xe2, 0x44, 0x49, 0x5d, 0xda, 0xfb, 0x9c,
+ 0xaa, 0x70, 0x9f, 0x43, 0xa8, 0xa5, 0xd9, 0x67,
+ 0xd9, 0x8f, 0xa3, 0x1e, 0xbe, 0x0e, 0xec, 0xdf,
+ 0x12, 0x2b, 0x6a, 0xe7, 0x1c, 0x12, 0x17, 0xe7,
+ 0xc4, 0x6d, 0x50, 0xc9, 0x52, 0x7a, 0xd5, 0xe8,
+ 0x7f, 0xbc, 0x07, 0x15, 0xac, 0xdb, 0x93, 0x66,
+ 0xb1, 0xf0, 0xa7, 0x7b, 0x2f, 0xe9, 0xec, 0xd0,
+ 0x47, 0x69, 0x59, 0x87, 0xf1, 0x4c, 0x3e, 0x4b,
+ 0x9b, 0x11, 0x79, 0x13, 0xe4, 0x96, 0xf6, 0x56,
+ 0x04, 0x6e, 0x0b, 0x33, 0xfc, 0x40, 0xf6, 0xc7,
+ 0xc1, 0x43, 0xb1, 0xbf, 0x0e, 0xb3, 0x87, 0xfd,
+ 0x0b, 0x1c, 0x63, 0x46, 0x3a, 0xd3, 0xa0, 0x17,
+ 0x59, 0x25, 0x94, 0x6c, 0x9c, 0x3d, 0x0c, 0x81,
+ 0xce, 0x82, 0x72, 0x42, 0x28, 0xf9, 0x37, 0x6a,
+ 0x6d, 0xe4, 0x12, 0xf4, 0x21, 0xaa, 0xf7, 0xfe,
+ 0x27, 0x55, 0x40, 0x1a, 0x14, 0xc3, 0x39, 0x5b,
+ 0xbf, 0x63, 0xc2, 0x5f, 0x10, 0x1f, 0x14, 0x25,
+ 0xd0, 0xce, 0xf3, 0x14, 0x48, 0x13, 0xa5, 0x0b,
+ 0x4d, 0x38, 0xcf, 0x0d, 0x34, 0xc0, 0x0a, 0x11,
+ 0xb4, 0xb5, 0x72, 0xc8, 0x4b, 0xc2, 0x6f, 0xe7,
+ 0x9d, 0x93, 0xf7, 0xdf, 0xb8, 0x43, 0x72, 0x7e,
+ 0xda, 0x3e, 0x20, 0x1f, 0xbc, 0x21, 0x2a, 0xce,
+ 0x00, 0xfa, 0x96, 0x9f, 0x3d, 0xe5, 0x88, 0x96,
+ 0xef, 0x29, 0x84, 0xdf, 0x6c, 0x1c, 0x96, 0xd8,
+ 0x58, 0x47, 0xaa, 0x92, 0xf3, 0x07, 0xe5, 0xfb,
+ 0xaf, 0xea, 0x95, 0x7e, 0x0b, 0x71, 0xcd, 0x81,
+ 0x0f, 0xb7, 0x0a, 0x59, 0x8f, 0x31, 0x4d, 0xd1,
+ 0xc3, 0xf3, 0x2f, 0x70, 0x5c, 0x59, 0x18, 0x97,
+ 0xaf, 0x77, 0x95, 0x5e, 0xaf, 0x40, 0x06, 0x12,
+ 0x81, 0x61, 0x86, 0x08, 0x4e, 0xbc, 0x89, 0x46,
+ 0x07, 0x2e, 0x5b, 0x10, 0xaa, 0x12, 0xf0, 0xa7,
+ 0x84, 0xe2, 0x9a, 0x08, 0xf1, 0xde, 0x59, 0xe3,
+ 0x0e, 0x47, 0x4b, 0xff, 0xc3, 0xc9, 0x18, 0xaf,
+ 0x95, 0x9c, 0x67, 0x2a, 0xde, 0x8a, 0x7a, 0x99,
+ 0x04, 0xc4, 0xb8, 0x97, 0x4c, 0x04, 0x29, 0x71,
+ 0x05, 0xda, 0xb3, 0xd6, 0xdb, 0x6c, 0x71, 0xe6,
+ 0xe8, 0x03, 0xbf, 0x94, 0x7d, 0xde, 0x3d, 0xc8,
+ 0x44, 0xfa, 0x7d, 0x62, 0xb4, 0x36, 0x03, 0xee,
+ 0x36, 0x52, 0x64, 0xb4, 0x85, 0x6d, 0xd5, 0x78,
+ 0xf0, 0x6f, 0x67, 0x2d, 0x0e, 0xe0, 0x2c, 0x88,
+ 0x9b, 0x55, 0x19, 0x29, 0x40, 0xf6, 0x8c, 0x12,
+ 0xbb, 0x2c, 0x83, 0x96, 0x40, 0xc0, 0x36, 0xf5,
+ 0x77, 0xff, 0x70, 0x8c, 0x75, 0x92, 0x0b, 0xad,
+ 0x05, 0x9b, 0x7e, 0xa2, 0xfc, 0xa9, 0xd1, 0x64,
+ 0x76, 0x82, 0x13, 0xba, 0x22, 0x5e, 0x33, 0x0e,
+ 0x26, 0x70, 0xa9, 0xbe, 0x74, 0x28, 0xf5, 0xe2,
+ 0xc4, 0x96, 0xee, 0x3a, 0xbc, 0x97, 0xa6, 0x2c,
+ 0x2a, 0xe0, 0x64, 0x8d, 0x35, 0xc6, 0x1a, 0xca,
+ 0xf4, 0x92, 0xfa, 0xc3, 0xf1, 0x1f, 0x98, 0xe4,
+ 0x43, 0x88, 0x69, 0x3a, 0x09, 0xbf, 0x63, 0xe5,
+ 0x96, 0x29, 0x0b, 0x9b, 0x62, 0x23, 0x14, 0x8a,
+ 0x95, 0xe4, 0x1c, 0x5c, 0x0a, 0xa9, 0xc5, 0xb9,
+ 0x6f, 0x4f, 0x2b, 0x25, 0x6f, 0x74, 0x1e, 0x18,
+ 0xd5, 0xfe, 0x27, 0x7d, 0x3f, 0x6e, 0x55, 0x2c,
+ 0x67, 0xe6, 0xde, 0xb5, 0xcc, 0xc0, 0x2d, 0xff,
+ 0xc4, 0xe4, 0x06, 0x21, 0xa5, 0xc8, 0xd3, 0xd6,
+ 0x6c, 0xa1, 0xc3, 0xfb, 0x88, 0x92, 0xb1, 0x1d,
+ 0x90, 0xe1, 0x35, 0x05, 0x9b, 0x29, 0x6d, 0xba,
+ 0xf1, 0xf4, 0x1e, 0x23, 0x2e}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 5242880 + 8,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test5Mcnt",
+ {
+ 0x07, 0x52, 0x65, 0xe7, 0xca, 0xa3, 0xca, 0x45,
+ 0xcf, 0x3a, 0x05, 0x1d, 0x38, 0x03, 0x53, 0x0c,
+ 0x22, 0x31, 0xba, 0x99, 0x4f, 0x9b, 0x6a, 0x1b,
+ 0x7e, 0x09, 0x9d, 0x4e, 0xb5, 0xc9, 0x84, 0x2e},
+ G89_CNT,
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {
+ 0x3d, 0x05, 0x07, 0x57, 0xc0, 0x75, 0x89, 0x97,
+ 0xd6, 0x94, 0x49, 0x11, 0x1d, 0xd0, 0x91, 0xee}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ U64(4294967296) + 16,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test4Gcnt",
+ {
+ 0x75, 0xa3, 0x3c, 0xae, 0x03, 0x6b, 0x10, 0xdb,
+ 0xc1, 0x56, 0x50, 0x89, 0x03, 0xd2, 0x9f, 0x91,
+ 0xee, 0xe8, 0x64, 0x1d, 0x43, 0xf2, 0x4e, 0xf8,
+ 0xf2, 0x6c, 0xed, 0xda, 0x8f, 0xe4, 0x88, 0xe9},
+ G89_CNT,
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {
+ 0xfa, 0x6c, 0x96, 0x78, 0xe2, 0xf8, 0xdd, 0xaa,
+ 0x67, 0x5a, 0xc9, 0x5d, 0x57, 0xf1, 0xbd, 0x99}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 1035,
+ {
+ 0xd6, 0xcf, 0x31, 0x96, 0x9c, 0xa1, 0xfb, 0xd6,
+ 0x8d, 0xa3, 0xdd, 0x01, 0xd9, 0x88, 0xc0, 0x2f,
+ 0xbc, 0x46, 0xc7, 0x3a, 0xe4, 0x21, 0x86, 0x96,
+ 0x8d, 0xe2, 0xca, 0xb6, 0x37, 0xa2, 0xe1, 0xa8,
+ 0x7e, 0xa7, 0x79, 0x2e, 0xa4, 0x56, 0x75, 0x7f,
+ 0x3e, 0x55, 0x8b, 0x43, 0xae, 0x65, 0xdf, 0xaa,
+ 0x42, 0xb6, 0x00, 0xa6, 0x61, 0x03, 0x0d, 0xd3,
+ 0x41, 0x02, 0x27, 0x23, 0x95, 0x79, 0x9b, 0x34,
+ 0x81, 0xa9, 0x86, 0xb5, 0xa7, 0x90, 0xe2, 0xae,
+ 0xc4, 0x2f, 0xc3, 0x8e, 0x32, 0x56, 0x13, 0xfa,
+ 0x4d, 0x4e, 0x9f, 0x15, 0x75, 0x7e, 0x74, 0xdc,
+ 0x32, 0x2d, 0xee, 0x4d, 0x67, 0x70, 0x9f, 0x62,
+ 0xb9, 0xc4, 0xdb, 0x24, 0x84, 0xcc, 0x16, 0x7b,
+ 0xda, 0x22, 0xf7, 0xc5, 0xf3, 0x93, 0x35, 0x73,
+ 0xc6, 0x03, 0x1c, 0x77, 0xa5, 0xf2, 0x76, 0x56,
+ 0xb4, 0x95, 0xd4, 0x7e, 0x0d, 0x20, 0xc6, 0x6e,
+ 0xee, 0x8f, 0x25, 0x48, 0xff, 0x7e, 0x01, 0x3a,
+ 0xb4, 0x1f, 0xaa, 0x35, 0xc0, 0x33, 0x58, 0x9c,
+ 0xb5, 0xba, 0x65, 0x4b, 0xd3, 0x51, 0x14, 0xec,
+ 0x61, 0xce, 0xe4, 0xba, 0x49, 0xba, 0x39, 0x32,
+ 0xab, 0xce, 0x81, 0x72, 0xce, 0xab, 0xed, 0xd4,
+ 0xd2, 0x19, 0x87, 0x85, 0x92, 0xfa, 0x64, 0x34,
+ 0xd8, 0x86, 0xf4, 0x8a, 0x08, 0x3c, 0xde, 0xee,
+ 0x97, 0x92, 0x92, 0x69, 0xba, 0x9b, 0x5f, 0x7a,
+ 0x03, 0xc1, 0x5d, 0x43, 0x02, 0x8c, 0xbe, 0xd2,
+ 0x46, 0x72, 0x81, 0x40, 0x7d, 0x68, 0x98, 0x45,
+ 0x0b, 0x54, 0x27, 0x1c, 0xaf, 0x80, 0x42, 0xe4,
+ 0xd5, 0xd4, 0xe4, 0xa2, 0x98, 0x07, 0x8f, 0x03,
+ 0xf5, 0x2c, 0x8c, 0x88, 0xca, 0x5a, 0xde, 0xe4,
+ 0x9f, 0xb1, 0x5f, 0x82, 0xff, 0x20, 0x67, 0x52,
+ 0x85, 0x84, 0x4f, 0xc8, 0xfe, 0xa7, 0x9e, 0xae,
+ 0x1c, 0xfa, 0xb8, 0x75, 0xd3, 0xf7, 0x9f, 0x0d,
+ 0xda, 0x2d, 0xe6, 0xcc, 0x86, 0x6b, 0xa4, 0x14,
+ 0x65, 0xc3, 0xf9, 0x15, 0xbc, 0x87, 0xf5, 0xae,
+ 0x8c, 0x10, 0xd4, 0xce, 0x5b, 0x9c, 0xe2, 0xdd,
+ 0x42, 0x03, 0x09, 0x87, 0x47, 0xed, 0x5d, 0xd0,
+ 0x7a, 0x69, 0x4c, 0xfa, 0x43, 0x7d, 0xbf, 0x07,
+ 0x85, 0x6a, 0xee, 0x68, 0xe6, 0x7a, 0x57, 0xb2,
+ 0x20, 0x8d, 0x80, 0xf2, 0x91, 0x6f, 0x5c, 0x07,
+ 0x8c, 0xe4, 0x6a, 0x49, 0x90, 0x85, 0x8b, 0x77,
+ 0x29, 0x56, 0x1c, 0x5e, 0xa9, 0x3f, 0xab, 0x8b,
+ 0x79, 0xa3, 0x6f, 0x6b, 0x34, 0xcb, 0x61, 0xf6,
+ 0xe6, 0x92, 0xd1, 0x48, 0x9e, 0x11, 0xa2, 0x82,
+ 0xc0, 0x4e, 0x23, 0xd2, 0x15, 0x0d, 0x8d, 0xff,
+ 0xfa, 0x17, 0x9d, 0x81, 0xb8, 0xbc, 0xd7, 0x5b,
+ 0x08, 0x81, 0x20, 0x40, 0xc0, 0x3c, 0x06, 0x8b,
+ 0x1a, 0x88, 0x0b, 0x4b, 0x7b, 0x31, 0xf5, 0xd4,
+ 0x4e, 0x09, 0xd1, 0x4d, 0x0d, 0x7f, 0x45, 0xd1,
+ 0x09, 0x35, 0xba, 0xce, 0x65, 0xdd, 0xf2, 0xb8,
+ 0xfb, 0x7a, 0xbc, 0xc4, 0x4b, 0xc8, 0x75, 0xda,
+ 0x6b, 0xce, 0x3d, 0xe8, 0x94, 0xcc, 0x23, 0x6f,
+ 0xb0, 0x3b, 0x4f, 0x7d, 0x07, 0xb9, 0x0f, 0x62,
+ 0x92, 0x7e, 0xda, 0x70, 0x50, 0xce, 0xd3, 0x28,
+ 0x12, 0x11, 0x00, 0xeb, 0x8d, 0x63, 0x70, 0x78,
+ 0xa8, 0x7b, 0x76, 0xab, 0xc6, 0x40, 0xc0, 0x4e,
+ 0x80, 0xdd, 0xf0, 0xfe, 0x83, 0x72, 0x56, 0x4c,
+ 0x09, 0x4c, 0xf1, 0x72, 0x72, 0x86, 0x26, 0x31,
+ 0xc3, 0xc2, 0xdc, 0x8e, 0xc7, 0xf4, 0x35, 0xec,
+ 0x17, 0x06, 0x63, 0x47, 0x49, 0x88, 0x47, 0xaf,
+ 0xb3, 0x38, 0x4f, 0x7e, 0x44, 0x95, 0xb5, 0xbb,
+ 0x1d, 0xbd, 0x5a, 0x91, 0x5b, 0xd0, 0x1a, 0xdf,
+ 0x0d, 0x0b, 0x50, 0xd8, 0xe2, 0x0e, 0xc5, 0x00,
+ 0x2d, 0x5b, 0x29, 0x19, 0xaa, 0x2b, 0x64, 0xc5,
+ 0x40, 0x31, 0x48, 0x11, 0xbc, 0x04, 0xd1, 0xcf,
+ 0x6d, 0xf9, 0xa5, 0x2f, 0x4a, 0xc9, 0x82, 0xfa,
+ 0x59, 0xe1, 0xfc, 0xab, 0x1c, 0x33, 0x26, 0x0a,
+ 0x5f, 0xef, 0xf2, 0x06, 0xd8, 0xd3, 0x7e, 0x16,
+ 0x58, 0x16, 0x78, 0x73, 0xae, 0xba, 0xeb, 0xe5,
+ 0x3d, 0xb2, 0x0a, 0xb3, 0x32, 0x2d, 0x14, 0xa4,
+ 0xfa, 0x3f, 0x1f, 0x43, 0xf9, 0x7b, 0xa9, 0x43,
+ 0x98, 0x18, 0x94, 0x07, 0x07, 0xe5, 0x19, 0x34,
+ 0xa8, 0x16, 0x5f, 0x71, 0x67, 0xaa, 0x29, 0xe5,
+ 0xfa, 0xf0, 0x83, 0x06, 0x1d, 0x9d, 0xfc, 0xfe,
+ 0xfe, 0x8c, 0xb5, 0xb2, 0xa9, 0xe7, 0xa0, 0x40,
+ 0x60, 0xb6, 0x71, 0x9e, 0xab, 0x5b, 0x83, 0xb9,
+ 0x0c, 0x2b, 0x58, 0x23, 0x80, 0x09, 0x9e, 0x5d,
+ 0x94, 0x7d, 0x40, 0x76, 0xa9, 0x16, 0x96, 0x9e,
+ 0x83, 0xe0, 0x0d, 0xec, 0xa0, 0xec, 0x76, 0x2a,
+ 0xb7, 0xa0, 0xff, 0xb8, 0x50, 0x4c, 0x5b, 0xc6,
+ 0x8b, 0x0a, 0x65, 0x2e, 0xfe, 0xb4, 0x40, 0x9a,
+ 0x01, 0xd8, 0xc6, 0xa3, 0xab, 0x99, 0xa2, 0xc5,
+ 0x0c, 0x08, 0xc4, 0xb7, 0xee, 0x4d, 0x1d, 0xc4,
+ 0x08, 0x15, 0xd0, 0xdb, 0xaa, 0x63, 0x4f, 0x31,
+ 0xeb, 0x14, 0x97, 0x43, 0xbd, 0xc1, 0x94, 0x08,
+ 0xe6, 0xde, 0x43, 0x9f, 0x95, 0x0b, 0x96, 0x7e,
+ 0x7f, 0x3c, 0x68, 0xba, 0x6f, 0xc4, 0xc9, 0x35,
+ 0x2b, 0xc4, 0x0e, 0xda, 0x1f, 0x91, 0x68, 0x64,
+ 0x63, 0x34, 0x73, 0xbe, 0x57, 0x75, 0xb9, 0xed,
+ 0xf7, 0x2d, 0x3b, 0x05, 0x21, 0x93, 0x28, 0x48,
+ 0x96, 0x95, 0x97, 0xa0, 0xd2, 0x7d, 0x78, 0xbb,
+ 0x6a, 0x49, 0x8f, 0x76, 0x55, 0x74, 0x63, 0xb9,
+ 0xc5, 0x36, 0x12, 0x25, 0xbf, 0x03, 0x82, 0x8f,
+ 0xf0, 0xf6, 0x80, 0xbb, 0x33, 0xb4, 0xf4, 0x17,
+ 0x27, 0x1c, 0xf3, 0x4c, 0x10, 0xa3, 0xe4, 0xd1,
+ 0x55, 0xd9, 0x68, 0x21, 0x4e, 0x5a, 0x83, 0x67,
+ 0xbf, 0xf8, 0x3c, 0x7d, 0x4e, 0x62, 0xd3, 0x28,
+ 0xa7, 0x26, 0x6f, 0xe9, 0xee, 0xc2, 0x0b, 0x2d,
+ 0x03, 0x84, 0xb1, 0xff, 0xd6, 0x68, 0x1f, 0xb6,
+ 0xf2, 0xe4, 0x0f, 0xda, 0x2d, 0xee, 0x5f, 0x6e,
+ 0x21, 0xc8, 0xe1, 0xfc, 0xad, 0x6b, 0x0e, 0x04,
+ 0x7d, 0xaf, 0xc2, 0x3b, 0xa5, 0x68, 0x9b, 0x0c,
+ 0xf3, 0x56, 0xf3, 0xda, 0x8d, 0xc8, 0x7d, 0x39,
+ 0xdc, 0xd5, 0x99, 0xc6, 0x01, 0x10, 0xce, 0x42,
+ 0x1b, 0xac, 0x48, 0xdc, 0x97, 0x78, 0x0a, 0xec,
+ 0xb3, 0x8f, 0x47, 0x35, 0xa3, 0x6a, 0x64, 0xb2,
+ 0x8e, 0x63, 0x69, 0x22, 0x66, 0xae, 0x2e, 0xe0,
+ 0x88, 0xf9, 0x40, 0x3c, 0xc9, 0xa2, 0x57, 0x61,
+ 0xf6, 0xad, 0xf0, 0xdc, 0x90, 0x56, 0x3f, 0x06,
+ 0x9b, 0x7d, 0xbd, 0xc2, 0x81, 0x02, 0xab, 0xb8,
+ 0x15, 0x09, 0x88, 0x4a, 0xff, 0x2f, 0x31, 0xbf,
+ 0x5e, 0xfa, 0x6a, 0x7e, 0xf6, 0xc5, 0xa7, 0xf7,
+ 0xd5, 0xab, 0x55, 0xac, 0xae, 0x0d, 0x8c, 0x8d,
+ 0x7f, 0x4b, 0x25, 0xbb, 0x32, 0xff, 0x11, 0x33,
+ 0x2e, 0x37, 0x37, 0x69, 0x96, 0x15, 0x17, 0xb1,
+ 0x17, 0x49, 0xe0, 0x9a, 0x9c, 0xd9, 0x5b, 0x8d,
+ 0x58, 0xa3, 0x1d, 0x92, 0x87, 0xf8, 0x80, 0xb9,
+ 0xbd, 0x5a, 0xec, 0x40, 0xe1, 0x00, 0x33, 0x60,
+ 0xe4, 0x86, 0x16, 0x6d, 0x61, 0x81, 0xf2, 0x28,
+ 0x6a, 0xa7, 0xce, 0x3f, 0x95, 0xae, 0x43, 0xca,
+ 0xe1, 0x3f, 0x81, 0x74, 0x7e, 0x1c, 0x47, 0x17,
+ 0x95, 0xc6, 0x60, 0xda, 0x74, 0x77, 0xd9, 0x9f,
+ 0xfa, 0x92, 0xb4, 0xbe, 0xe1, 0x23, 0x98, 0x18,
+ 0x95, 0x63, 0x03, 0x13, 0x4c, 0x1a, 0x2d, 0x41,
+ 0xcd, 0xe4, 0x84, 0xf7, 0xe6, 0x38, 0xef, 0xff,
+ 0x95, 0xb2, 0xe8, 0x7c, 0x8f, 0x58, 0xb5, 0xb5,
+ 0xed, 0x27, 0x7f, 0x3c, 0x18, 0xab, 0xbe, 0x7f,
+ 0x4f, 0xe2, 0x35, 0x15, 0x71, 0xb7, 0x6f, 0x85,
+ 0x38, 0x9b, 0x88, 0xf6, 0x9c, 0x8d, 0x43, 0xb5,
+ 0x58, 0x9e, 0xf2, 0xd1, 0x96, 0xbe, 0xb7, 0xad,
+ 0x1a, 0xa0, 0x98},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testimit2",
+ {
+ 0x80, 0xd9, 0xa0, 0xdc, 0x21, 0xf9, 0x30, 0x40,
+ 0x75, 0xfe, 0x49, 0x1b, 0x9e, 0x71, 0x90, 0x91,
+ 0x78, 0x88, 0x21, 0x60, 0x39, 0xe7, 0xc9, 0x2b,
+ 0xfb, 0x55, 0x1d, 0xf4, 0xdd, 0x2b, 0x0a, 0x01},
+ G89_IMIT,
+ {0},
+ {
+ 0x90, 0xf2, 0x11, 0x9a}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 10,
+ {
+ 0x1d, 0xeb, 0xe6, 0x79, 0x0a, 0x59, 0x00, 0xe6,
+ 0x8e, 0x5c},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testimit3",
+ {
+ 0xa9, 0xb6, 0x37, 0xcc, 0x6d, 0x9b, 0x2f, 0x25,
+ 0xb0, 0xdf, 0x47, 0x04, 0x50, 0x68, 0xb0, 0x27,
+ 0x41, 0x27, 0x58, 0x6a, 0xbd, 0x0a, 0x6e, 0x50,
+ 0x2f, 0xc6, 0xfc, 0xc0, 0x3e, 0x29, 0x42, 0xa5},
+ G89_IMIT,
+ {0},
+ {
+ 0x31, 0x7c, 0x16, 0xe4}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 6,
+ {
+ 0xef, 0x06, 0x8f, 0x14, 0xc9, 0x04},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testimit4",
+ {
+ 0xb0, 0x6c, 0x48, 0x23, 0x0a, 0x6e, 0xf4, 0xec,
+ 0x27, 0x98, 0x01, 0x23, 0xa7, 0xd8, 0xbf, 0x60,
+ 0x89, 0xef, 0xad, 0xe8, 0x8f, 0x79, 0x14, 0x8c,
+ 0x18, 0x5c, 0x9a, 0xda, 0xef, 0x0b, 0xdd, 0xa0},
+ G89_IMIT,
+ {0},
+ {
+ 0xe9, 0x72, 0xae, 0xbf}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 16,
+ {
+ 0x02, 0xf8, 0xec, 0x2b, 0x4d, 0x1f, 0xbc, 0x7c,
+ 0x6e, 0x47, 0xe3, 0x87, 0x22, 0x75, 0x41, 0xa7},
+ "id-Gost28147-89-CryptoPro-B-ParamSet",
+ "testimit5",
+ {
+ 0x33, 0xd3, 0xef, 0x01, 0x19, 0x95, 0x0e, 0x15,
+ 0xa1, 0x69, 0x75, 0xae, 0x56, 0x27, 0x17, 0x79,
+ 0x63, 0x47, 0xab, 0x62, 0x9d, 0x4a, 0xf0, 0x34,
+ 0xd3, 0x1e, 0x69, 0x74, 0xec, 0x31, 0x48, 0xfc},
+ G89_IMIT,
+ {0},
+ {
+ 0xf5, 0x55, 0x1f, 0x28}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 8,
+ {
+ 0xf3, 0xb2, 0x29, 0xd2, 0x7a, 0x37, 0x03, 0x12},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testimit6",
+ {
+ 0x42, 0x35, 0x81, 0x91, 0x0b, 0xa9, 0x99, 0xff,
+ 0xd9, 0x43, 0xf8, 0xc6, 0x19, 0x55, 0x1f, 0x2f,
+ 0x2d, 0x45, 0x40, 0x20, 0x1e, 0x1d, 0x32, 0x7a,
+ 0xb1, 0x07, 0x6b, 0x4f, 0x45, 0x90, 0xd9, 0x80},
+ G89_IMIT,
+ {0},
+ {
+ 0x6e, 0x15, 0xfa, 0xe8}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 0,
+ {
+ 0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "testimit7",
+ {
+ 0x26, 0xcb, 0xb9, 0xf0, 0x0c, 0x62, 0x9f, 0xaa,
+ 0x4a, 0x1d, 0xb6, 0x30, 0x09, 0x01, 0x56, 0x89,
+ 0x66, 0xd4, 0xe4, 0x0e, 0xfe, 0xf6, 0x10, 0x6b,
+ 0x6c, 0xe8, 0x04, 0x3a, 0xe3, 0x61, 0x4b, 0x19},
+ G89_IMIT,
+ {0},
+ {
+ 0x00, 0x00, 0x00, 0x00}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 5242880,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test5Mimit",
+ {
+ 0xaa, 0x85, 0x84, 0xcd, 0x65, 0x28, 0xe1, 0xdb,
+ 0xb8, 0x20, 0x19, 0x43, 0xe0, 0x36, 0x35, 0x10,
+ 0x19, 0xc3, 0x70, 0x5b, 0x27, 0xc1, 0x9d, 0x84,
+ 0x75, 0xa3, 0xc6, 0x49, 0x46, 0x8f, 0x7c, 0x4e},
+ G89_IMIT,
+ {0},
+ {
+ 0x2a, 0xe6, 0x23, 0xc6}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ 3221225472U + 16,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test3Gimit1",
+ {
+ 0xd5, 0xda, 0xfe, 0x06, 0x60, 0xdc, 0xf0, 0xb3,
+ 0x49, 0x5a, 0x02, 0x59, 0xc8, 0x2e, 0x4a, 0x2b,
+ 0xcc, 0x9b, 0x98, 0x04, 0xb7, 0xf2, 0x78, 0xb7,
+ 0xce, 0xa3, 0xf2, 0xdb, 0x9e, 0xa8, 0x49, 0x1d},
+ G89_IMIT,
+ {0},
+ {
+ 0xcc, 0x46, 0x67, 0xe4}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ U64(4) * 1024 * 1024 * 1024,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test4Gimit3",
+ {
+ 0x0d, 0xf1, 0xa8, 0x7f, 0x57, 0x03, 0x44, 0xcc,
+ 0xdb, 0x20, 0xde, 0xed, 0x85, 0x50, 0x38, 0xda,
+ 0xc9, 0x44, 0xec, 0x2c, 0x0d, 0x66, 0xb7, 0xdc,
+ 0x17, 0x14, 0x55, 0x95, 0x33, 0x6e, 0x43, 0x3e},
+ G89_IMIT,
+ {0},
+ {
+ 0xb7, 0x21, 0x2e, 0x48}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ U64(4) * 1024 * 1024 * 1024 + 4,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test4Gimit1",
+ {
+ 0x0c, 0xf3, 0xe9, 0xb0, 0x28, 0x3b, 0x9f, 0x8b,
+ 0xe3, 0x82, 0xb9, 0xa2, 0xa6, 0xbd, 0x80, 0xd2,
+ 0xcd, 0xfa, 0x3f, 0xf7, 0x90, 0xa7, 0x55, 0x06,
+ 0x9b, 0x7a, 0x58, 0xee, 0xe7, 0xf1, 0x9d, 0xbe},
+ G89_IMIT,
+ {0},
+ {
+ 0xda, 0x15, 0x10, 0x73}
+ },
+ { /* Calculated by libcapi10, CryptoPro CSP
+ * 3.6R2, Mac OSX */
+ U64(4) * 1024 * 1024 * 1024 + 10,
+ {0},
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ "test4Gimit2",
+ {
+ 0x97, 0x1a, 0x42, 0x22, 0xfa, 0x07, 0xb2, 0xca,
+ 0xf9, 0xd2, 0x34, 0x5a, 0x92, 0xb1, 0x1f, 0x6b,
+ 0x53, 0xf8, 0xaf, 0xed, 0x9a, 0x73, 0xc4, 0x38,
+ 0xd7, 0x7d, 0x25, 0x81, 0x00, 0x0d, 0xd4, 0x29},
+ G89_IMIT,
+ {0},
+ {
+ 0x52, 0xaa, 0x22, 0xb4}
+ }
+};
+
+int main(int argc, char *argv[])
+{
+ unsigned int t;
+ u64 ullMaxLen = 6 * 1000 * 1000;
+ int ignore = 0;
+ ENGINE *impl = NULL;
+ EVP_MD_CTX mctx;
+ EVP_CIPHER_CTX ectx;
+ EVP_PKEY *mac_key;
+ byte bDerive[EVP_MAX_KEY_LENGTH];
+ byte bTest[G89_MAX_TC_LEN];
+ byte bTest1[G89_MAX_TC_LEN];
+ u64 ullLeft;
+ static const byte bZB[40 * 1024 * 1024] = { 0 };
+ static byte bTS[40 * 1024 * 1024] = { 0 };
+ unsigned int mdl = 0;
+ int enlu = 0;
+ int enlf = 0;
+ size_t siglen;
+ size_t l = 0;
+
+ const EVP_MD *md_gost94 = NULL;
+ const EVP_CIPHER *cp_g89cfb = NULL;
+ const EVP_CIPHER *cp_g89cnt = NULL;
+ const EVP_CIPHER *ctype = NULL;
+ const EVP_MD *md_g89imit = NULL;
+
+ long lErrLine;
+ CONF *pConfig = NCONF_new(NULL);
+ BIO *bpConf;
+ char sConf[] =
+ "openssl_conf = openssl_def\n"
+ "\n"
+ "[openssl_def]\n"
+ "engines = engine_section\n"
+ "\n"
+ "[engine_section]\n"
+ "gost = gost_section\n"
+ "\n" "[gost_section]\n" "default_algorithms = ALL\n" "\n";
+
+ printf("Testing GOST 28147-89 ");
+
+ if (1 < argc) {
+ if (1 != sscanf(argv[1], FMT64, &ullMaxLen) ||
+ (2 < argc ? 1 != sscanf(argv[2], "%d", &ignore) : 0)) {
+ fflush(NULL);
+ fprintf(stderr, "Usage: %s [maxlen [ignore-error]]\n", argv[0]);
+ return 1;
+ }
+ }
+
+ /*
+ * ccgost engine test on GostR3411_94_CryptoProParamSet
+ */
+ ERR_load_crypto_strings();
+ ENGINE_load_builtin_engines();
+ OPENSSL_load_builtin_modules();
+
+ bpConf = BIO_new_mem_buf(sConf, -1);
+ if (!NCONF_load_bio(pConfig, bpConf, &lErrLine)) {
+ fflush(NULL);
+ fprintf(stderr, "NCONF_load_bio: ErrLine=%ld: %s\n",
+ lErrLine, ERR_error_string(ERR_get_error(), NULL));
+ return 4;
+ }
+ BIO_free(bpConf);
+
+ if (!CONF_modules_load(pConfig, NULL, 0)) {
+ fflush(NULL);
+ fprintf(stderr, "CONF_modules_load: %s\n",
+ ERR_error_string(ERR_get_error(), NULL));
+ return 5;
+ }
+
+ /* Test load engine */
+ if (NULL == (impl = ENGINE_by_id(CCGOST_ID))) {
+ fflush(NULL);
+ fprintf(stderr, "Can't load engine id \"" CCGOST_ID "\"\n");
+ if (!ignore) {
+ return 6;
+ }
+ }
+ if (NULL == (md_gost94 = EVP_get_digestbyname(SN_id_GostR3411_94))) {
+ fflush(NULL);
+ fprintf(stderr, "\"" SN_id_GostR3411_94 "\" - not found\n");
+ if (!ignore) {
+ return 7;
+ }
+ }
+ if (NULL == (cp_g89cfb = EVP_get_cipherbyname(SN_id_Gost28147_89))) {
+ fflush(NULL);
+ fprintf(stderr, "\"" SN_id_Gost28147_89 "\" - not found\n");
+ if (!ignore) {
+ return 8;
+ }
+ }
+ if (NULL == (cp_g89cnt = EVP_get_cipherbyname(SN_gost89_cnt))) {
+ fflush(NULL);
+ fprintf(stderr, "\"" SN_gost89_cnt "\" - not found\n");
+ if (!ignore) {
+ return 9;
+ }
+ }
+ if (NULL == (md_g89imit = EVP_get_digestbyname(SN_id_Gost28147_89_MAC))) {
+ fflush(NULL);
+ fprintf(stderr, "\"" SN_id_Gost28147_89_MAC "\" - not found\n");
+ if (!ignore) {
+ return 10;
+ }
+ }
+
+ /* Test cases */
+ for (t = 0; t < sizeof(tcs) / sizeof(tcs[0]); t++) {
+ if (NULL == tcs[t].szDerive) {
+ continue;
+ }
+ memset(bDerive, 0x3c, sizeof(bDerive));
+ mdl = sizeof(bDerive);
+ EVP_Digest(tcs[t].szDerive, strlen(tcs[t].szDerive),
+ bDerive, &mdl, md_gost94, impl);
+ if (0 != memcmp(tcs[t].bRawKey, bDerive, mdl)) {
+ fflush(NULL);
+ fprintf(stderr, "Engine test t=%d " "derive key error.\n", t);
+ if (!ignore) {
+ return 12;
+ }
+ }
+ if (ullMaxLen < tcs[t].ullLen) {
+ continue;
+ }
+ memset(bTest, 0xa5, sizeof(bTest));
+ memset(bTest1, 0x5a, sizeof(bTest1));
+ if (!ENGINE_ctrl_cmd_string(impl,
+ "CRYPT_PARAMS", tcs[t].szParamSet, 0)) {
+ fflush(NULL);
+ fprintf(stderr, "ENGINE_ctrl_cmd_string: %s\n",
+ ERR_error_string(ERR_get_error(), NULL));
+ return 11;
+ }
+ switch (tcs[t].gMode) {
+ case G89_ECB:
+ /* OpenSSL/ccgost not implemented GOST 28147-89 ECB */
+ continue;
+ case G89_CFB:
+ ctype = cp_g89cfb;
+ goto engine_cipher_check;
+ case G89_CNT:
+ if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet",
+ tcs[t].szParamSet)) {
+ /*
+ * ccgost engine can't change S-Box for gost-cnt
+ */
+ continue;
+ }
+ ctype = cp_g89cnt;
+ engine_cipher_check:
+ EVP_CIPHER_CTX_init(&ectx);
+ EVP_EncryptInit_ex(&ectx, ctype, impl, bDerive, tcs[t].bIV);
+ if (G89_MAX_TC_LEN >= tcs[t].ullLen) {
+ enlu = sizeof(bTest);
+ EVP_EncryptUpdate(&ectx, bTest, &enlu,
+ tcs[t].bIn, (int)tcs[t].ullLen);
+ l = (size_t)tcs[t].ullLen;
+ } else {
+ for (ullLeft = tcs[t].ullLen;
+ ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) {
+ printf("B");
+ fflush(NULL);
+ enlu = sizeof(bTS);
+ EVP_EncryptUpdate(&ectx, bTS, &enlu, bZB, sizeof(bZB));
+ }
+ printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen);
+ fflush(NULL);
+ EVP_EncryptUpdate(&ectx, bTS, &enlu, bZB, (int)ullLeft);
+ memcpy(bTest, &bTS[enlu - 16], 16);
+ enlu = (int)tcs[t].ullLen;
+ l = 16;
+ }
+ enlf = sizeof(bTest1);
+ EVP_EncryptFinal_ex(&ectx, bTest1, &enlf);
+ EVP_CIPHER_CTX_cleanup(&ectx);
+ break;
+ case G89_IMIT:
+ if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet",
+ tcs[t].szParamSet)) {
+ /*
+ * ccgost engine can't change S-Box for gost-mac
+ */
+ continue;
+ }
+ EVP_MD_CTX_init(&mctx);
+ mac_key = EVP_PKEY_new_mac_key(NID_id_Gost28147_89_MAC, NULL,
+ bDerive, mdl);
+ EVP_DigestSignInit(&mctx, NULL, md_g89imit, impl, mac_key);
+ if (G89_MAX_TC_LEN >= tcs[t].ullLen) {
+ EVP_DigestSignUpdate(&mctx, tcs[t].bIn,
+ (unsigned int)tcs[t].ullLen);
+ } else {
+ for (ullLeft = tcs[t].ullLen;
+ ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) {
+ printf("B");
+ fflush(NULL);
+ EVP_DigestSignUpdate(&mctx, bZB, sizeof(bZB));
+ }
+ printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen);
+ fflush(NULL);
+ EVP_DigestSignUpdate(&mctx, bZB, (unsigned int)ullLeft);
+ }
+ siglen = 4;
+ OPENSSL_assert(EVP_DigestSignFinal(&mctx, bTest, &siglen));
+ EVP_MD_CTX_cleanup(&mctx);
+ enlu = (int)tcs[t].ullLen;
+ enlf = 0;
+ l = siglen;
+ break;
+ }
+ if ((int)tcs[t].ullLen != enlu || 0 != enlf ||
+ 0 != memcmp(tcs[t].bOut, bTest, l)) {
+ fflush(NULL);
+ fprintf(stderr, "\nEngine test t=%d len=" FMT64
+ " failed.\n", t, tcs[t].ullLen);
+ if (!ignore) {
+ return 13;
+ }
+ } else {
+ printf(".");
+ fflush(NULL);
+ }
+ }
+
+ printf(" passed\n");
+ fflush(NULL);
+
+ return EXIT_SUCCESS;
+}
+#endif
--- /dev/null
+/* test/heartbeat_test.c */
+/*-
+ * Unit test for TLS heartbeats.
+ *
+ * Acts as a regression test against the Heartbleed bug (CVE-2014-0160).
+ *
+ * Author: Mike Bland (mbland@acm.org, http://mike-bland.com/)
+ * Date: 2014-04-12
+ * License: Creative Commons Attribution 4.0 International (CC By 4.0)
+ * http://creativecommons.org/licenses/by/4.0/deed.en_US
+ *
+ * OUTPUT
+ * ------
+ * The program returns zero on success. It will print a message with a count
+ * of the number of failed tests and return nonzero if any tests fail.
+ *
+ * It will print the contents of the request and response buffers for each
+ * failing test. In a "fixed" version, all the tests should pass and there
+ * should be no output.
+ *
+ * In a "bleeding" version, you'll see:
+ *
+ * test_dtls1_heartbleed failed:
+ * expected payload len: 0
+ * received: 1024
+ * sent 26 characters
+ * "HEARTBLEED "
+ * received 1024 characters
+ * "HEARTBLEED \xde\xad\xbe\xef..."
+ * ** test_dtls1_heartbleed failed **
+ *
+ * The contents of the returned buffer in the failing test will depend on the
+ * contents of memory on your machine.
+ *
+ * MORE INFORMATION
+ * ----------------
+ * http://mike-bland.com/2014/04/12/heartbleed.html
+ * http://mike-bland.com/tags/heartbleed.html
+ */
+
+#define OPENSSL_UNIT_TEST
+
+#include "../ssl/ssl_locl.h"
+
+#include "testutil.h"
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST)
+
+/* As per https://tools.ietf.org/html/rfc6520#section-4 */
+# define MIN_PADDING_SIZE 16
+
+/* Maximum number of payload characters to print as test output */
+# define MAX_PRINTABLE_CHARACTERS 1024
+
+typedef struct heartbeat_test_fixture {
+ SSL_CTX *ctx;
+ SSL *s;
+ const char *test_case_name;
+ int (*process_heartbeat) (SSL *s, unsigned char *p, unsigned int length);
+ unsigned char *payload;
+ int sent_payload_len;
+ int expected_return_value;
+ int return_payload_offset;
+ int expected_payload_len;
+ const char *expected_return_payload;
+} HEARTBEAT_TEST_FIXTURE;
+
+static HEARTBEAT_TEST_FIXTURE set_up(const char *const test_case_name,
+ const SSL_METHOD *meth)
+{
+ HEARTBEAT_TEST_FIXTURE fixture;
+ int setup_ok = 1;
+ memset(&fixture, 0, sizeof(fixture));
+ fixture.test_case_name = test_case_name;
+
+ fixture.ctx = SSL_CTX_new(meth);
+ if (!fixture.ctx) {
+ fprintf(stderr, "Failed to allocate SSL_CTX for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ fixture.s = SSL_new(fixture.ctx);
+ if (!fixture.s) {
+ fprintf(stderr, "Failed to allocate SSL for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ if (!ssl_init_wbio_buffer(fixture.s, 1)) {
+ fprintf(stderr, "Failed to set up wbio buffer for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ if (!ssl3_setup_buffers(fixture.s)) {
+ fprintf(stderr, "Failed to setup buffers for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ /*
+ * Clear the memory for the return buffer, since this isn't automatically
+ * zeroed in opt mode and will cause spurious test failures that will
+ * change with each execution.
+ */
+ memset(fixture.s->rlayer.wbuf.buf, 0, fixture.s->rlayer.wbuf.len);
+
+ fail:
+ if (!setup_ok) {
+ ERR_print_errors_fp(stderr);
+ exit(EXIT_FAILURE);
+ }
+ return fixture;
+}
+
+static HEARTBEAT_TEST_FIXTURE set_up_dtls(const char *const test_case_name)
+{
+ HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
+ DTLSv1_server_method());
+ fixture.process_heartbeat = dtls1_process_heartbeat;
+
+ /*
+ * As per dtls1_get_record(), skipping the following from the beginning
+ * of the returned heartbeat message: type-1 byte; version-2 bytes;
+ * sequence number-8 bytes; length-2 bytes And then skipping the 1-byte
+ * type encoded by process_heartbeat for a total of 14 bytes, at which
+ * point we can grab the length and the payload we seek.
+ */
+ fixture.return_payload_offset = 14;
+ return fixture;
+}
+
+/* Needed by ssl3_write_bytes() */
+static int dummy_handshake(SSL *s)
+{
+ return 1;
+}
+
+static HEARTBEAT_TEST_FIXTURE set_up_tls(const char *const test_case_name)
+{
+ HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
+ TLSv1_server_method());
+ fixture.process_heartbeat = tls1_process_heartbeat;
+ fixture.s->handshake_func = dummy_handshake;
+
+ /*
+ * As per do_ssl3_write(), skipping the following from the beginning of
+ * the returned heartbeat message: type-1 byte; version-2 bytes; length-2
+ * bytes And then skipping the 1-byte type encoded by process_heartbeat
+ * for a total of 6 bytes, at which point we can grab the length and the
+ * payload we seek.
+ */
+ fixture.return_payload_offset = 6;
+ return fixture;
+}
+
+static void tear_down(HEARTBEAT_TEST_FIXTURE fixture)
+{
+ ERR_print_errors_fp(stderr);
+ SSL_free(fixture.s);
+ SSL_CTX_free(fixture.ctx);
+}
+
+static void print_payload(const char *const prefix,
+ const unsigned char *payload, const int n)
+{
+ const int end = n < MAX_PRINTABLE_CHARACTERS ? n
+ : MAX_PRINTABLE_CHARACTERS;
+ int i = 0;
+
+ printf("%s %d character%s", prefix, n, n == 1 ? "" : "s");
+ if (end != n)
+ printf(" (first %d shown)", end);
+ printf("\n \"");
+
+ for (; i != end; ++i) {
+ const unsigned char c = payload[i];
+ if (isprint(c))
+ fputc(c, stdout);
+ else
+ printf("\\x%02x", c);
+ }
+ printf("\"\n");
+}
+
+static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture)
+{
+ int result = 0;
+ SSL *s = fixture.s;
+ unsigned char *payload = fixture.payload;
+ unsigned char sent_buf[MAX_PRINTABLE_CHARACTERS + 1];
+ int return_value;
+ unsigned const char *p;
+ int actual_payload_len;
+
+ s->rlayer.rrec.data = payload;
+ s->rlayer.rrec.length = strlen((const char *)payload);
+ *payload++ = TLS1_HB_REQUEST;
+ s2n(fixture.sent_payload_len, payload);
+
+ /*
+ * Make a local copy of the request, since it gets overwritten at some
+ * point
+ */
+ memcpy((char *)sent_buf, (const char *)payload, sizeof(sent_buf));
+
+ return_value = fixture.process_heartbeat(s, s->rlayer.rrec.data,
+ s->rlayer.rrec.length);
+
+ if (return_value != fixture.expected_return_value) {
+ printf("%s failed: expected return value %d, received %d\n",
+ fixture.test_case_name, fixture.expected_return_value,
+ return_value);
+ result = 1;
+ }
+
+ /*
+ * If there is any byte alignment, it will be stored in wbuf.offset.
+ */
+ p = &(s->rlayer.
+ wbuf.buf[fixture.return_payload_offset + s->rlayer.wbuf.offset]);
+ actual_payload_len = 0;
+ n2s(p, actual_payload_len);
+
+ if (actual_payload_len != fixture.expected_payload_len) {
+ printf("%s failed:\n expected payload len: %d\n received: %d\n",
+ fixture.test_case_name, fixture.expected_payload_len,
+ actual_payload_len);
+ print_payload("sent", sent_buf, strlen((const char *)sent_buf));
+ print_payload("received", p, actual_payload_len);
+ result = 1;
+ } else {
+ char *actual_payload =
+ BUF_strndup((const char *)p, actual_payload_len);
+ if (strcmp(actual_payload, fixture.expected_return_payload) != 0) {
+ printf
+ ("%s failed:\n expected payload: \"%s\"\n received: \"%s\"\n",
+ fixture.test_case_name, fixture.expected_return_payload,
+ actual_payload);
+ result = 1;
+ }
+ OPENSSL_free(actual_payload);
+ }
+
+ if (result != 0) {
+ printf("** %s failed **\n--------\n", fixture.test_case_name);
+ }
+ return result;
+}
+
+static int honest_payload_size(unsigned char payload_buf[])
+{
+ /* Omit three-byte pad at the beginning for type and payload length */
+ return strlen((const char *)&payload_buf[3]) - MIN_PADDING_SIZE;
+}
+
+# define SETUP_HEARTBEAT_TEST_FIXTURE(type)\
+ SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type)
+
+# define EXECUTE_HEARTBEAT_TEST()\
+ EXECUTE_TEST(execute_heartbeat, tear_down)
+
+static int test_dtls1_not_bleeding()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
+ " Not bleeding, sixteen spaces of padding" " ";
+ const int payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload =
+ "Not bleeding, sixteen spaces of padding";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_not_bleeding_empty_payload()
+{
+ int payload_buf_len;
+
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /*
+ * Three-byte pad at the beginning for type and payload length, plus a
+ * NUL at the end
+ */
+ unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS];
+ memset(payload_buf, ' ', MIN_PADDING_SIZE + 3);
+ payload_buf[MIN_PADDING_SIZE + 3] = '\0';
+ payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS] =
+ " HEARTBLEED ";
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed_empty_payload()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /*
+ * Excluding the NUL at the end, one byte short of type + payload length
+ * + minimum padding
+ */
+ unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4];
+ memset(payload_buf, ' ', MIN_PADDING_SIZE + 2);
+ payload_buf[MIN_PADDING_SIZE + 2] = '\0';
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed_excessive_plaintext_length()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /*
+ * Excluding the NUL at the end, one byte in excess of maximum allowed
+ * heartbeat message length
+ */
+ unsigned char payload_buf[SSL3_RT_MAX_PLAIN_LENGTH + 2];
+ memset(payload_buf, ' ', sizeof(payload_buf));
+ payload_buf[sizeof(payload_buf) - 1] = '\0';
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = honest_payload_size(payload_buf);
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_not_bleeding()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
+ " Not bleeding, sixteen spaces of padding" " ";
+ const int payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload =
+ "Not bleeding, sixteen spaces of padding";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_not_bleeding_empty_payload()
+{
+ int payload_buf_len;
+
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /*
+ * Three-byte pad at the beginning for type and payload length, plus a
+ * NUL at the end
+ */
+ unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS];
+ memset(payload_buf, ' ', MIN_PADDING_SIZE + 3);
+ payload_buf[MIN_PADDING_SIZE + 3] = '\0';
+ payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_heartbleed()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
+ " HEARTBLEED ";
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_heartbleed_empty_payload()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /*
+ * Excluding the NUL at the end, one byte short of type + payload length
+ * + minimum padding
+ */
+ unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4];
+ memset(payload_buf, ' ', MIN_PADDING_SIZE + 2);
+ payload_buf[MIN_PADDING_SIZE + 2] = '\0';
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+# undef EXECUTE_HEARTBEAT_TEST
+# undef SETUP_HEARTBEAT_TEST_FIXTURE
+
+int main(int argc, char *argv[])
+{
+ int result = 0;
+
+ SSL_library_init();
+ SSL_load_error_strings();
+
+ ADD_TEST(test_dtls1_not_bleeding);
+ ADD_TEST(test_dtls1_not_bleeding_empty_payload);
+ ADD_TEST(test_dtls1_heartbleed);
+ ADD_TEST(test_dtls1_heartbleed_empty_payload);
+ ADD_TEST(test_dtls1_heartbleed_excessive_plaintext_length);
+ ADD_TEST(test_tls1_not_bleeding);
+ ADD_TEST(test_tls1_not_bleeding_empty_payload);
+ ADD_TEST(test_tls1_heartbleed);
+ ADD_TEST(test_tls1_heartbleed_empty_payload);
+
+ result = run_tests(argv[0]);
+ ERR_print_errors_fp(stderr);
+ return result;
+}
+
+#else /* OPENSSL_NO_HEARTBEATS */
+
+int main(int argc, char *argv[])
+{
+ return EXIT_SUCCESS;
+}
+#endif /* OPENSSL_NO_HEARTBEATS */
--- /dev/null
+/* crypto/hmac/hmactest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+# include <openssl/hmac.h>
+# ifndef OPENSSL_NO_MD5
+# include <openssl/md5.h>
+# endif
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+# ifndef OPENSSL_NO_MD5
+static struct test_st {
+ unsigned char key[16];
+ int key_len;
+ unsigned char data[64];
+ int data_len;
+ unsigned char *digest;
+} test[8] = {
+ {
+ "", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
+ (unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
+ },
+ {
+ {
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ }, 16, "Hi There", 8,
+ (unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",
+ },
+ {
+ "Jefe", 4, "what do ya want for nothing?", 28,
+ (unsigned char *)"750c783e6ab0b503eaa86e310a5db738",
+ },
+ {
+ {
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ }, 16, {
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd
+ }, 50, (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
+ },
+ {
+ "", 0, "My test data", 12,
+ (unsigned char *)"61afdecb95429ef494d61fdee15990cabf0826fc"
+ },
+ {
+ "", 0, "My test data", 12,
+ (unsigned char *)"2274b195d90ce8e03406f4b526a47e0787a88a65479938f1a5baa3ce0f079776"
+ },
+ {
+ "123456", 6, "My test data", 12,
+ (unsigned char *)"bab53058ae861a7f191abe2d0145cbb123776a6369ee3f9d79ce455667e411dd"
+ },
+ {
+ "12345", 5, "My test data again", 12,
+ (unsigned char *)"7dbe8c764c068e3bcd6e6b0fbcd5e6fc197b15bb"
+ }
+};
+# endif
+
+static char *pt(unsigned char *md, unsigned int len);
+
+int main(int argc, char *argv[])
+{
+# ifndef OPENSSL_NO_MD5
+ int i;
+ char *p;
+# endif
+ int err = 0;
+ HMAC_CTX ctx, ctx2;
+ unsigned char buf[EVP_MAX_MD_SIZE];
+ unsigned int len;
+
+# ifdef OPENSSL_NO_MD5
+ printf("test skipped: MD5 disabled\n");
+# else
+
+# ifdef CHARSET_EBCDIC
+ ebcdic2ascii(test[0].data, test[0].data, test[0].data_len);
+ ebcdic2ascii(test[1].data, test[1].data, test[1].data_len);
+ ebcdic2ascii(test[2].key, test[2].key, test[2].key_len);
+ ebcdic2ascii(test[2].data, test[2].data, test[2].data_len);
+# endif
+
+ for (i = 0; i < 4; i++) {
+ p = pt(HMAC(EVP_md5(),
+ test[i].key, test[i].key_len,
+ test[i].data, test[i].data_len, NULL, NULL),
+ MD5_DIGEST_LENGTH);
+
+ if (strcmp(p, (char *)test[i].digest) != 0) {
+ printf("Error calculating HMAC on %d entry'\n", i);
+ printf("got %s instead of %s\n", p, test[i].digest);
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ }
+# endif /* OPENSSL_NO_MD5 */
+
+/* test4 */
+ HMAC_CTX_init(&ctx);
+ if(HMAC_Init_ex(&ctx, NULL, 0, NULL, NULL)) {
+ printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
+ err++;
+ goto test5;
+ }
+ if(HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
+ err++;
+ goto test5;
+ }
+ if(HMAC_Init_ex(&ctx, NULL, 0, EVP_sha1(), NULL)) {
+ printf("Should fail to initialise HMAC with empty key (test 4)\n");
+ err++;
+ goto test5;
+ }
+ if(HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
+ err++;
+ goto test5;
+ }
+ printf("test 4 ok\n");
+test5:
+ HMAC_CTX_init(&ctx);
+ if(HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, NULL, NULL)) {
+ printf("Should fail to initialise HMAC with empty MD (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Should fail HMAC_Update with ctx not set up (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(HMAC_Init_ex(&ctx, test[4].key, -1, EVP_sha1(), NULL)) {
+ printf("Should fail to initialise HMAC with invalid key len(test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL)) {
+ printf("Failed to initialise HMAC (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Error updating HMAC with data (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Final(&ctx, buf, &len)) {
+ printf("Error finalising data (test 5)\n");
+ err++;
+ goto test6;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[4].digest) != 0) {
+ printf("Error calculating interim HMAC on test 5\n");
+ printf("got %s instead of %s\n", p, test[4].digest);
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) {
+ printf("Failed to reinitialise HMAC (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Update(&ctx, test[5].data, test[5].data_len)) {
+ printf("Error updating HMAC with data (sha256) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Final(&ctx, buf, &len)) {
+ printf("Error finalising data (sha256) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[5].digest) != 0) {
+ printf("Error calculating 2nd interim HMAC on test 5\n");
+ printf("got %s instead of %s\n", p, test[5].digest);
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Init_ex(&ctx, test[6].key, test[6].key_len, NULL, NULL)) {
+ printf("Failed to reinitialise HMAC with key (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Update(&ctx, test[6].data, test[6].data_len)) {
+ printf("Error updating HMAC with data (new key) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if(!HMAC_Final(&ctx, buf, &len)) {
+ printf("Error finalising data (new key) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[6].digest) != 0) {
+ printf("error calculating HMAC on test 5\n");
+ printf("got %s instead of %s\n", p, test[6].digest);
+ err++;
+ } else {
+ printf("test 5 ok\n");
+ }
+test6:
+ HMAC_CTX_init(&ctx);
+ if(!HMAC_Init_ex(&ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL)) {
+ printf("Failed to initialise HMAC (test 6)\n");
+ err++;
+ goto end;
+ }
+ if(!HMAC_Update(&ctx, test[7].data, test[7].data_len)) {
+ printf("Error updating HMAC with data (test 6)\n");
+ err++;
+ goto end;
+ }
+ if(!HMAC_CTX_copy(&ctx2, &ctx)) {
+ printf("Failed to copy HMAC_CTX (test 6)\n");
+ err++;
+ goto end;
+ }
+ if(!HMAC_Final(&ctx2, buf, &len)) {
+ printf("Error finalising data (test 6)\n");
+ err++;
+ goto end;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[7].digest) != 0) {
+ printf("Error calculating HMAC on test 6\n");
+ printf("got %s instead of %s\n", p, test[7].digest);
+ err++;
+ } else {
+ printf("test 6 ok\n");
+ }
+end:
+ EXIT(err);
+}
+
+# ifndef OPENSSL_NO_MD5
+static char *pt(unsigned char *md, unsigned int len)
+{
+ unsigned int i;
+ static char buf[80];
+
+ for (i = 0; i < len; i++)
+ sprintf(&(buf[i * 2]), "%02x", md[i]);
+ return (buf);
+}
+# endif
--- /dev/null
+/* crypto/idea/ideatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_IDEA
+int main(int argc, char *argv[])
+{
+ printf("No IDEA support\n");
+ return (0);
+}
+#else
+# include <openssl/idea.h>
+
+unsigned char k[16] = {
+ 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
+ 0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08
+};
+
+unsigned char in[8] = { 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03 };
+unsigned char c[8] = { 0x11, 0xFB, 0xED, 0x2B, 0x01, 0x98, 0x6D, 0xE5 };
+
+unsigned char out[80];
+
+char *text = "Hello to all people out there";
+
+static unsigned char cfb_key[16] = {
+ 0xe1, 0xf0, 0xc3, 0xd2, 0xa5, 0xb4, 0x87, 0x96,
+ 0x69, 0x78, 0x4b, 0x5a, 0x2d, 0x3c, 0x0f, 0x1e,
+};
+static unsigned char cfb_iv[80] =
+ { 0x34, 0x12, 0x78, 0x56, 0xab, 0x90, 0xef, 0xcd };
+static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
+# define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE] = {
+ 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
+ 0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
+ 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
+ 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
+};
+
+static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
+ 0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
+ 0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
+ 0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
+/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+ 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+ 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+};
+
+static int cfb64_test(unsigned char *cfb_cipher);
+static char *pt(unsigned char *p);
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ IDEA_KEY_SCHEDULE key, dkey;
+ unsigned char iv[8];
+
+ idea_set_encrypt_key(k, &key);
+ idea_ecb_encrypt(in, out, &key);
+ if (memcmp(out, c, 8) != 0) {
+ printf("ecb idea error encrypting\n");
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", c[i]);
+ err = 20;
+ printf("\n");
+ }
+
+ idea_set_decrypt_key(&key, &dkey);
+ idea_ecb_encrypt(c, out, &dkey);
+ if (memcmp(out, in, 8) != 0) {
+ printf("ecb idea error decrypting\n");
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", in[i]);
+ printf("\n");
+ err = 3;
+ }
+
+ if (err == 0)
+ printf("ecb idea ok\n");
+
+ memcpy(iv, k, 8);
+ idea_cbc_encrypt((unsigned char *)text, out, strlen(text) + 1, &key, iv,
+ 1);
+ memcpy(iv, k, 8);
+ idea_cbc_encrypt(out, out, 8, &dkey, iv, 0);
+ idea_cbc_encrypt(&(out[8]), &(out[8]), strlen(text) + 1 - 8, &dkey, iv,
+ 0);
+ if (memcmp(text, out, strlen(text) + 1) != 0) {
+ printf("cbc idea bad\n");
+ err = 4;
+ } else
+ printf("cbc idea ok\n");
+
+ printf("cfb64 idea ");
+ if (cfb64_test(cfb_cipher64)) {
+ printf("bad\n");
+ err = 5;
+ } else
+ printf("ok\n");
+
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ EXIT(err);
+}
+
+static int cfb64_test(unsigned char *cfb_cipher)
+{
+ IDEA_KEY_SCHEDULE eks, dks;
+ int err = 0, i, n;
+
+ idea_set_encrypt_key(cfb_key, &eks);
+ idea_set_decrypt_key(&eks, &dks);
+ memcpy(cfb_tmp, cfb_iv, 8);
+ n = 0;
+ idea_cfb64_encrypt(plain, cfb_buf1, (long)12, &eks,
+ cfb_tmp, &n, IDEA_ENCRYPT);
+ idea_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
+ (long)CFB_TEST_SIZE - 12, &eks,
+ cfb_tmp, &n, IDEA_ENCRYPT);
+ if (memcmp(cfb_cipher, cfb_buf1, CFB_TEST_SIZE) != 0) {
+ err = 1;
+ printf("idea_cfb64_encrypt encrypt error\n");
+ for (i = 0; i < CFB_TEST_SIZE; i += 8)
+ printf("%s\n", pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp, cfb_iv, 8);
+ n = 0;
+ idea_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)13, &eks,
+ cfb_tmp, &n, IDEA_DECRYPT);
+ idea_cfb64_encrypt(&(cfb_buf1[13]), &(cfb_buf2[13]),
+ (long)CFB_TEST_SIZE - 13, &eks,
+ cfb_tmp, &n, IDEA_DECRYPT);
+ if (memcmp(plain, cfb_buf2, CFB_TEST_SIZE) != 0) {
+ err = 1;
+ printf("idea_cfb_encrypt decrypt error\n");
+ for (i = 0; i < 24; i += 8)
+ printf("%s\n", pt(&(cfb_buf2[i])));
+ }
+ return (err);
+}
+
+static char *pt(unsigned char *p)
+{
+ static char bufs[10][20];
+ static int bnum = 0;
+ char *ret;
+ int i;
+ static char *f = "0123456789ABCDEF";
+
+ ret = &(bufs[bnum++][0]);
+ bnum %= 10;
+ for (i = 0; i < 8; i++) {
+ ret[i * 2] = f[(p[i] >> 4) & 0xf];
+ ret[i * 2 + 1] = f[p[i] & 0xf];
+ }
+ ret[16] = '\0';
+ return (ret);
+}
+#endif
--- /dev/null
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_JPAKE
+
+# include <stdio.h>
+
+int main(int argc, char *argv[])
+{
+ printf("No J-PAKE support\n");
+ return (0);
+}
+
+#else
+
+# include <openssl/jpake.h>
+# include <openssl/err.h>
+
+static void showbn(const char *name, const BIGNUM *bn)
+{
+ fputs(name, stdout);
+ fputs(" = ", stdout);
+ BN_print_fp(stdout, bn);
+ putc('\n', stdout);
+}
+
+static int run_jpake(JPAKE_CTX *alice, JPAKE_CTX *bob)
+{
+ JPAKE_STEP1 alice_s1;
+ JPAKE_STEP1 bob_s1;
+ JPAKE_STEP2 alice_s2;
+ JPAKE_STEP2 bob_s2;
+ JPAKE_STEP3A alice_s3a;
+ JPAKE_STEP3B bob_s3b;
+
+ /* Alice -> Bob: step 1 */
+ puts("A->B s1");
+ JPAKE_STEP1_init(&alice_s1);
+ JPAKE_STEP1_generate(&alice_s1, alice);
+ if (!JPAKE_STEP1_process(bob, &alice_s1)) {
+ printf("Bob fails to process Alice's step 1\n");
+ ERR_print_errors_fp(stdout);
+ return 1;
+ }
+ JPAKE_STEP1_release(&alice_s1);
+
+ /* Bob -> Alice: step 1 */
+ puts("B->A s1");
+ JPAKE_STEP1_init(&bob_s1);
+ JPAKE_STEP1_generate(&bob_s1, bob);
+ if (!JPAKE_STEP1_process(alice, &bob_s1)) {
+ printf("Alice fails to process Bob's step 1\n");
+ ERR_print_errors_fp(stdout);
+ return 2;
+ }
+ JPAKE_STEP1_release(&bob_s1);
+
+ /* Alice -> Bob: step 2 */
+ puts("A->B s2");
+ JPAKE_STEP2_init(&alice_s2);
+ JPAKE_STEP2_generate(&alice_s2, alice);
+ if (!JPAKE_STEP2_process(bob, &alice_s2)) {
+ printf("Bob fails to process Alice's step 2\n");
+ ERR_print_errors_fp(stdout);
+ return 3;
+ }
+ JPAKE_STEP2_release(&alice_s2);
+
+ /* Bob -> Alice: step 2 */
+ puts("B->A s2");
+ JPAKE_STEP2_init(&bob_s2);
+ JPAKE_STEP2_generate(&bob_s2, bob);
+ if (!JPAKE_STEP2_process(alice, &bob_s2)) {
+ printf("Alice fails to process Bob's step 2\n");
+ ERR_print_errors_fp(stdout);
+ return 4;
+ }
+ JPAKE_STEP2_release(&bob_s2);
+
+ showbn("Alice's key", JPAKE_get_shared_key(alice));
+ showbn("Bob's key ", JPAKE_get_shared_key(bob));
+
+ /* Alice -> Bob: step 3a */
+ puts("A->B s3a");
+ JPAKE_STEP3A_init(&alice_s3a);
+ JPAKE_STEP3A_generate(&alice_s3a, alice);
+ if (!JPAKE_STEP3A_process(bob, &alice_s3a)) {
+ printf("Bob fails to process Alice's step 3a\n");
+ ERR_print_errors_fp(stdout);
+ return 5;
+ }
+ JPAKE_STEP3A_release(&alice_s3a);
+
+ /* Bob -> Alice: step 3b */
+ puts("B->A s3b");
+ JPAKE_STEP3B_init(&bob_s3b);
+ JPAKE_STEP3B_generate(&bob_s3b, bob);
+ if (!JPAKE_STEP3B_process(alice, &bob_s3b)) {
+ printf("Alice fails to process Bob's step 3b\n");
+ ERR_print_errors_fp(stdout);
+ return 6;
+ }
+ JPAKE_STEP3B_release(&bob_s3b);
+
+ return 0;
+}
+
+int main(int argc, char **argv)
+{
+ JPAKE_CTX *alice;
+ JPAKE_CTX *bob;
+ BIGNUM *p = NULL;
+ BIGNUM *g = NULL;
+ BIGNUM *q = NULL;
+ BIGNUM *secret = BN_new();
+ BIO *bio_err;
+
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+
+ /*-
+ BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
+ BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
+ BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
+ */
+ /*-
+ p = BN_new();
+ BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
+ */
+ /* Use a safe prime for p (that we found earlier) */
+ BN_hex2bn(&p,
+ "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
+ showbn("p", p);
+ g = BN_new();
+ BN_set_word(g, 2);
+ showbn("g", g);
+ q = BN_new();
+ BN_rshift1(q, p);
+ showbn("q", q);
+
+ BN_rand(secret, 32, -1, 0);
+
+ /* A normal run, expect this to work... */
+ alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
+ bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
+
+ if (run_jpake(alice, bob) != 0) {
+ fprintf(stderr, "Plain JPAKE run failed\n");
+ return 1;
+ }
+
+ JPAKE_CTX_free(bob);
+ JPAKE_CTX_free(alice);
+
+ /* Now give Alice and Bob different secrets */
+ alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
+ BN_add_word(secret, 1);
+ bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
+
+ if (run_jpake(alice, bob) != 5) {
+ fprintf(stderr, "Mismatched secret JPAKE run failed\n");
+ return 1;
+ }
+
+ JPAKE_CTX_free(bob);
+ JPAKE_CTX_free(alice);
+
+ BN_free(secret);
+ BN_free(q);
+ BN_free(g);
+ BN_free(p);
+
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks(bio_err);
+
+ return 0;
+}
+
+#endif
--- /dev/null
+/* crypto/md2/md2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_MD2
+int main(int argc, char *argv[])
+{
+ printf("No MD2 support\n");
+ return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/md2.h>
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+static char *test[] = {
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+};
+
+static char *ret[] = {
+ "8350e5a3e24c153df2275c9f80692773",
+ "32ec01ec4a6dac72c0ab96fb34c0b5d1",
+ "da853b0d3f88d99b30283a69e6ded6bb",
+ "ab4f496bfb2a530b219ff33031fe06b0",
+ "4e8ddff3650292ab5a4108c3aa47940b",
+ "da33def2a42df13975352846c30338cd",
+ "d5976f79d83d3a0dc9806c3c66f3efd8",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ char **P, **R;
+ char *p;
+ unsigned char md[MD2_DIGEST_LENGTH];
+
+ P = test;
+ R = ret;
+ i = 1;
+ while (*P != NULL) {
+ EVP_Digest((unsigned char *)*P, strlen(*P), md, NULL, EVP_md2(),
+ NULL);
+ p = pt(md);
+ if (strcmp(p, *R) != 0) {
+ printf("error calculating MD2 on '%s'\n", *P);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ i++;
+ R++;
+ P++;
+ }
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ EXIT(err);
+ return err;
+}
+
+static char *pt(unsigned char *md)
+{
+ int i;
+ static char buf[80];
+
+ for (i = 0; i < MD2_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i * 2]), "%02x", md[i]);
+ return (buf);
+}
+#endif
--- /dev/null
+/* crypto/md4/md4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_MD4
+int main(int argc, char *argv[])
+{
+ printf("No MD4 support\n");
+ return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/md4.h>
+
+static char *test[] = {
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+};
+
+static char *ret[] = {
+ "31d6cfe0d16ae931b73c59d7e0c089c0",
+ "bde52cb31de33e46245e05fbdbd6fb24",
+ "a448017aaf21d8525fc10ae87aa6729d",
+ "d9130a8164549fe818874806e1c7014b",
+ "d79e1c308aa5bbcdeea8ed63df412da9",
+ "043f8582f241db351ce627e153e7f0e4",
+ "e33b4ddc9c38f2199c3e7b164fcc0536",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ char **P, **R;
+ char *p;
+ unsigned char md[MD4_DIGEST_LENGTH];
+
+ P = test;
+ R = ret;
+ i = 1;
+ while (*P != NULL) {
+ EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md4(), NULL);
+ p = pt(md);
+ if (strcmp(p, (char *)*R) != 0) {
+ printf("error calculating MD4 on '%s'\n", *P);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ i++;
+ R++;
+ P++;
+ }
+ EXIT(err);
+}
+
+static char *pt(unsigned char *md)
+{
+ int i;
+ static char buf[80];
+
+ for (i = 0; i < MD4_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i * 2]), "%02x", md[i]);
+ return (buf);
+}
+#endif
--- /dev/null
+/* crypto/md5/md5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_MD5
+int main(int argc, char *argv[])
+{
+ printf("No MD5 support\n");
+ return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/md5.h>
+
+static char *test[] = {
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+};
+
+static char *ret[] = {
+ "d41d8cd98f00b204e9800998ecf8427e",
+ "0cc175b9c0f1b6a831c399e269772661",
+ "900150983cd24fb0d6963f7d28e17f72",
+ "f96b697d7cb7938d525a2f31aaf161d0",
+ "c3fcd3d76192e4007dfb496cca67e13b",
+ "d174ab98d277d9f5a5611c2c9f419d9f",
+ "57edf4a22be3c955ac49da2e2107b67a",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ char **P, **R;
+ char *p;
+ unsigned char md[MD5_DIGEST_LENGTH];
+
+ P = test;
+ R = ret;
+ i = 1;
+ while (*P != NULL) {
+ EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md5(), NULL);
+ p = pt(md);
+ if (strcmp(p, (char *)*R) != 0) {
+ printf("error calculating MD5 on '%s'\n", *P);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ i++;
+ R++;
+ P++;
+ }
+
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ EXIT(err);
+}
+
+static char *pt(unsigned char *md)
+{
+ int i;
+ static char buf[80];
+
+ for (i = 0; i < MD5_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i * 2]), "%02x", md[i]);
+ return (buf);
+}
+#endif
--- /dev/null
+/* crypto/mdc2/mdc2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#if defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_MDC2)
+# define OPENSSL_NO_MDC2
+#endif
+
+#ifdef OPENSSL_NO_MDC2
+int main(int argc, char *argv[])
+{
+ printf("No MDC2 support\n");
+ return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/mdc2.h>
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+static unsigned char pad1[16] = {
+ 0x42, 0xE5, 0x0C, 0xD2, 0x24, 0xBA, 0xCE, 0xBA,
+ 0x76, 0x0B, 0xDD, 0x2B, 0xD4, 0x09, 0x28, 0x1A
+};
+
+static unsigned char pad2[16] = {
+ 0x2E, 0x46, 0x79, 0xB5, 0xAD, 0xD9, 0xCA, 0x75,
+ 0x35, 0xD8, 0x7A, 0xFE, 0xAB, 0x33, 0xBE, 0xE2
+};
+
+int main(int argc, char *argv[])
+{
+ int ret = 0;
+ unsigned char md[MDC2_DIGEST_LENGTH];
+ int i;
+ EVP_MD_CTX c;
+ static char *text = "Now is the time for all ";
+
+# ifdef CHARSET_EBCDIC
+ ebcdic2ascii(text, text, strlen(text));
+# endif
+
+ EVP_MD_CTX_init(&c);
+ EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
+ EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
+ EVP_DigestFinal_ex(&c, &(md[0]), NULL);
+
+ if (memcmp(md, pad1, MDC2_DIGEST_LENGTH) != 0) {
+ for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+ printf("%02X", md[i]);
+ printf(" <- generated\n");
+ for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+ printf("%02X", pad1[i]);
+ printf(" <- correct\n");
+ ret = 1;
+ } else
+ printf("pad1 - ok\n");
+
+ EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
+ /* FIXME: use a ctl function? */
+ ((MDC2_CTX *)c.md_data)->pad_type = 2;
+ EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
+ EVP_DigestFinal_ex(&c, &(md[0]), NULL);
+
+ if (memcmp(md, pad2, MDC2_DIGEST_LENGTH) != 0) {
+ for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+ printf("%02X", md[i]);
+ printf(" <- generated\n");
+ for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+ printf("%02X", pad2[i]);
+ printf(" <- correct\n");
+ ret = 1;
+ } else
+ printf("pad2 - ok\n");
+
+ EVP_MD_CTX_cleanup(&c);
+# ifdef OPENSSL_SYS_NETWARE
+ if (ret)
+ printf("ERROR: %d\n", ret);
+# endif
+ EXIT(ret);
+}
+#endif
--- /dev/null
+/* Written by Christian Heimes, 2013 */
+/*
+ * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/opensslconf.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/err.h>
+#include <openssl/conf.h>
+
+typedef struct {
+ const char *pass;
+ int passlen;
+ const char *salt;
+ int saltlen;
+ int iter;
+} testdata;
+
+static testdata test_cases[] = {
+ {"password", 8, "salt", 4, 1},
+ {"password", 8, "salt", 4, 2},
+ {"password", 8, "salt", 4, 4096},
+ {"passwordPASSWORDpassword", 24,
+ "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36, 4096},
+ {"pass\0word", 9, "sa\0lt", 5, 4096},
+ {NULL},
+};
+
+static const char *sha1_results[] = {
+ "0c60c80f961f0e71f3a9b524af6012062fe037a6",
+ "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957",
+ "4b007901b765489abead49d926f721d065a429c1",
+ "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038",
+ "56fa6aa75548099dcc37d7f03425e0c3",
+};
+
+static const char *sha256_results[] = {
+ "120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b",
+ "ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43",
+ "c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a",
+ "348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c63551"
+ "8c7dac47e9",
+ "89b69d0516f829893c696226650a8687",
+};
+
+static const char *sha512_results[] = {
+ "867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d47"
+ "0a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce",
+ "e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab"
+ "2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e",
+ "d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30"
+ "602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5",
+ "8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59"
+ "f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8",
+ "9d9e9c4cd21fe4be24d5b8244c759665",
+};
+
+static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
+{
+ int i;
+ fprintf(f, "%s", title);
+ for (i = 0; i < l; i++) {
+ fprintf(f, "%02x", s[i]);
+ }
+ fprintf(f, "\n");
+}
+
+static void convert(unsigned char *dst, const unsigned char *src, int len)
+{
+ int i;
+ for (i = 0; i < len; i++, dst++, src += 2) {
+ unsigned int n;
+ sscanf((char *)src, "%2x", &n);
+ *dst = (unsigned char)n;
+ }
+ *dst = 0;
+}
+
+static void
+test_p5_pbkdf2(int i, char *digestname, testdata *test, const char *hex)
+{
+ const EVP_MD *digest;
+ unsigned char *out;
+ unsigned char *expected;
+ int keylen, r;
+
+ digest = EVP_get_digestbyname(digestname);
+ if (digest == NULL) {
+ fprintf(stderr, "unknown digest %s\n", digestname);
+ EXIT(5);
+ }
+
+ if ((strlen(hex) % 2) != 0) {
+ fprintf(stderr, "odd hex digest %s %i\n", digestname, i);
+ EXIT(5);
+ }
+ keylen = strlen(hex) / 2;
+ expected = OPENSSL_malloc(keylen + 1);
+ out = OPENSSL_malloc(keylen + 1);
+ if ((expected == NULL) || (out == NULL)) {
+ fprintf(stderr, "malloc() failed\n");
+ EXIT(5);
+ }
+ convert(expected, (const unsigned char *)hex, keylen);
+
+ r = PKCS5_PBKDF2_HMAC(test->pass, test->passlen,
+ (const unsigned char *)test->salt, test->saltlen,
+ test->iter, digest, keylen, out);
+
+ if (r == 0) {
+ fprintf(stderr, "PKCS5_PBKDF2_HMAC(%s) failure test %i\n",
+ digestname, i);
+ EXIT(3);
+ }
+ if (memcmp(expected, out, keylen) != 0) {
+ fprintf(stderr, "Wrong result for PKCS5_PBKDF2_HMAC(%s) test %i\n",
+ digestname, i);
+ hexdump(stderr, "expected: ", expected, keylen);
+ hexdump(stderr, "result: ", out, keylen);
+ EXIT(2);
+ }
+ OPENSSL_free(expected);
+ OPENSSL_free(out);
+}
+
+int main(int argc, char **argv)
+{
+ int i;
+ testdata *test = test_cases;
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ OpenSSL_add_all_digests();
+# ifndef OPENSSL_NO_ENGINE
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_digests();
+# endif
+
+ printf("PKCS5_PBKDF2_HMAC() tests ");
+ for (i = 0; test->pass != NULL; i++, test++) {
+ test_p5_pbkdf2(i, "sha1", test, sha1_results[i]);
+ test_p5_pbkdf2(i, "sha256", test, sha256_results[i]);
+ test_p5_pbkdf2(i, "sha512", test, sha512_results[i]);
+ printf(".");
+ }
+ printf(" done\n");
+
+# ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
+# endif
+ EVP_cleanup();
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks_fp(stderr);
+ return 0;
+}
--- /dev/null
+/* crypto/rand/randtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rand.h>
+
+#include "../e_os.h"
+
+/* some FIPS 140-1 random number test */
+/* some simple tests */
+
+int main(int argc, char **argv)
+{
+ unsigned char buf[2500];
+ int i, j, k, s, sign, nsign, err = 0;
+ unsigned long n1;
+ unsigned long n2[16];
+ unsigned long runs[2][34];
+ /*
+ * double d;
+ */
+ long d;
+
+ i = RAND_bytes(buf, 2500);
+ if (i <= 0) {
+ printf("init failed, the rand method is not properly installed\n");
+ err++;
+ goto err;
+ }
+
+ n1 = 0;
+ for (i = 0; i < 16; i++)
+ n2[i] = 0;
+ for (i = 0; i < 34; i++)
+ runs[0][i] = runs[1][i] = 0;
+
+ /* test 1 and 2 */
+ sign = 0;
+ nsign = 0;
+ for (i = 0; i < 2500; i++) {
+ j = buf[i];
+
+ n2[j & 0x0f]++;
+ n2[(j >> 4) & 0x0f]++;
+
+ for (k = 0; k < 8; k++) {
+ s = (j & 0x01);
+ if (s == sign)
+ nsign++;
+ else {
+ if (nsign > 34)
+ nsign = 34;
+ if (nsign != 0) {
+ runs[sign][nsign - 1]++;
+ if (nsign > 6)
+ runs[sign][5]++;
+ }
+ sign = s;
+ nsign = 1;
+ }
+
+ if (s)
+ n1++;
+ j >>= 1;
+ }
+ }
+ if (nsign > 34)
+ nsign = 34;
+ if (nsign != 0)
+ runs[sign][nsign - 1]++;
+
+ /* test 1 */
+ if (!((9654 < n1) && (n1 < 10346))) {
+ printf("test 1 failed, X=%lu\n", n1);
+ err++;
+ }
+ printf("test 1 done\n");
+
+ /* test 2 */
+ d = 0;
+ for (i = 0; i < 16; i++)
+ d += n2[i] * n2[i];
+ d = (d * 8) / 25 - 500000;
+ if (!((103 < d) && (d < 5740))) {
+ printf("test 2 failed, X=%ld.%02ld\n", d / 100L, d % 100L);
+ err++;
+ }
+ printf("test 2 done\n");
+
+ /* test 3 */
+ for (i = 0; i < 2; i++) {
+ if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) {
+ printf("test 3 failed, bit=%d run=%d num=%lu\n",
+ i, 1, runs[i][0]);
+ err++;
+ }
+ if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) {
+ printf("test 3 failed, bit=%d run=%d num=%lu\n",
+ i, 2, runs[i][1]);
+ err++;
+ }
+ if (!((502 < runs[i][2]) && (runs[i][2] < 748))) {
+ printf("test 3 failed, bit=%d run=%d num=%lu\n",
+ i, 3, runs[i][2]);
+ err++;
+ }
+ if (!((223 < runs[i][3]) && (runs[i][3] < 402))) {
+ printf("test 3 failed, bit=%d run=%d num=%lu\n",
+ i, 4, runs[i][3]);
+ err++;
+ }
+ if (!((90 < runs[i][4]) && (runs[i][4] < 223))) {
+ printf("test 3 failed, bit=%d run=%d num=%lu\n",
+ i, 5, runs[i][4]);
+ err++;
+ }
+ if (!((90 < runs[i][5]) && (runs[i][5] < 223))) {
+ printf("test 3 failed, bit=%d run=%d num=%lu\n",
+ i, 6, runs[i][5]);
+ err++;
+ }
+ }
+ printf("test 3 done\n");
+
+ /* test 4 */
+ if (runs[0][33] != 0) {
+ printf("test 4 failed, bit=%d run=%d num=%lu\n", 0, 34, runs[0][33]);
+ err++;
+ }
+ if (runs[1][33] != 0) {
+ printf("test 4 failed, bit=%d run=%d num=%lu\n", 1, 34, runs[1][33]);
+ err++;
+ }
+ printf("test 4 done\n");
+ err:
+ err = ((err) ? 1 : 0);
+#ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+#endif
+ EXIT(err);
+}
--- /dev/null
+/* crypto/rc2/rc2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RC2
+int main(int argc, char *argv[])
+{
+ printf("No RC2 support\n");
+ return (0);
+}
+#else
+# include <openssl/rc2.h>
+
+static unsigned char RC2key[4][16] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F},
+};
+
+static unsigned char RC2plain[4][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+};
+
+static unsigned char RC2cipher[4][8] = {
+ {0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7},
+ {0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74},
+ {0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E},
+ {0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31},
+};
+
+int main(int argc, char *argv[])
+{
+ int i, n, err = 0;
+ RC2_KEY key;
+ unsigned char buf[8], buf2[8];
+
+ for (n = 0; n < 4; n++) {
+ RC2_set_key(&key, 16, &(RC2key[n][0]), 0 /* or 1024 */ );
+
+ RC2_ecb_encrypt(&(RC2plain[n][0]), buf, &key, RC2_ENCRYPT);
+ if (memcmp(&(RC2cipher[n][0]), buf, 8) != 0) {
+ printf("ecb rc2 error encrypting\n");
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", RC2cipher[n][i]);
+ err = 20;
+ printf("\n");
+ }
+
+ RC2_ecb_encrypt(buf, buf2, &key, RC2_DECRYPT);
+ if (memcmp(&(RC2plain[n][0]), buf2, 8) != 0) {
+ printf("ecb RC2 error decrypting\n");
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", RC2plain[n][i]);
+ printf("\n");
+ err = 3;
+ }
+ }
+
+ if (err == 0)
+ printf("ecb RC2 ok\n");
+
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ EXIT(err);
+}
+
+#endif
--- /dev/null
+/* crypto/rc4/rc4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RC4
+int main(int argc, char *argv[])
+{
+ printf("No RC4 support\n");
+ return (0);
+}
+#else
+# include <openssl/rc4.h>
+# include <openssl/sha.h>
+
+static unsigned char keys[7][30] = {
+ {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
+ {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
+ {8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {4, 0xef, 0x01, 0x23, 0x45},
+ {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
+ {4, 0xef, 0x01, 0x23, 0x45},
+};
+
+static unsigned char data_len[7] = { 8, 8, 8, 20, 28, 10 };
+
+static unsigned char data[7][30] = {
+ {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xff},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xff},
+ {0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
+ 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
+ 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
+ 0x12, 0x34, 0x56, 0x78, 0xff},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
+ {0},
+};
+
+static unsigned char output[7][30] = {
+ {0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96, 0x00},
+ {0x74, 0x94, 0xc2, 0xe7, 0x10, 0x4b, 0x08, 0x79, 0x00},
+ {0xde, 0x18, 0x89, 0x41, 0xa3, 0x37, 0x5d, 0x3a, 0x00},
+ {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf,
+ 0xbd, 0x61, 0x5a, 0x11, 0x62, 0xe1, 0xc7, 0xba,
+ 0x36, 0xb6, 0x78, 0x58, 0x00},
+ {0x66, 0xa0, 0x94, 0x9f, 0x8a, 0xf7, 0xd6, 0x89,
+ 0x1f, 0x7f, 0x83, 0x2b, 0xa8, 0x33, 0xc0, 0x0c,
+ 0x89, 0x2e, 0xbe, 0x30, 0x14, 0x3c, 0xe2, 0x87,
+ 0x40, 0x01, 0x1e, 0xcf, 0x00},
+ {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, 0xbd, 0x61, 0x00},
+ {0},
+};
+
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ int j;
+ unsigned char *p;
+ RC4_KEY key;
+ unsigned char obuf[512];
+
+# if !defined(OPENSSL_PIC)
+ void OPENSSL_cpuid_setup(void);
+
+ OPENSSL_cpuid_setup();
+# endif
+
+ for (i = 0; i < 6; i++) {
+ RC4_set_key(&key, keys[i][0], &(keys[i][1]));
+ memset(obuf, 0x00, sizeof(obuf));
+ RC4(&key, data_len[i], &(data[i][0]), obuf);
+ if (memcmp(obuf, output[i], data_len[i] + 1) != 0) {
+ printf("error calculating RC4\n");
+ printf("output:");
+ for (j = 0; j < data_len[i] + 1; j++)
+ printf(" %02x", obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p = &(output[i][0]);
+ for (j = 0; j < data_len[i] + 1; j++)
+ printf(" %02x", *(p++));
+ printf("\n");
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ }
+ printf("test end processing ");
+ for (i = 0; i < data_len[3]; i++) {
+ RC4_set_key(&key, keys[3][0], &(keys[3][1]));
+ memset(obuf, 0x00, sizeof(obuf));
+ RC4(&key, i, &(data[3][0]), obuf);
+ if ((memcmp(obuf, output[3], i) != 0) || (obuf[i] != 0)) {
+ printf("error in RC4 length processing\n");
+ printf("output:");
+ for (j = 0; j < i + 1; j++)
+ printf(" %02x", obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p = &(output[3][0]);
+ for (j = 0; j < i; j++)
+ printf(" %02x", *(p++));
+ printf(" 00\n");
+ err++;
+ } else {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf("done\n");
+ printf("test multi-call ");
+ for (i = 0; i < data_len[3]; i++) {
+ RC4_set_key(&key, keys[3][0], &(keys[3][1]));
+ memset(obuf, 0x00, sizeof(obuf));
+ RC4(&key, i, &(data[3][0]), obuf);
+ RC4(&key, data_len[3] - i, &(data[3][i]), &(obuf[i]));
+ if (memcmp(obuf, output[3], data_len[3] + 1) != 0) {
+ printf("error in RC4 multi-call processing\n");
+ printf("output:");
+ for (j = 0; j < data_len[3] + 1; j++)
+ printf(" %02x", obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p = &(output[3][0]);
+ for (j = 0; j < data_len[3] + 1; j++)
+ printf(" %02x", *(p++));
+ err++;
+ } else {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf("done\n");
+ printf("bulk test ");
+ {
+ unsigned char buf[513];
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+ static unsigned char expected[] = {
+ 0xa4, 0x7b, 0xcc, 0x00, 0x3d, 0xd0, 0xbd, 0xe1, 0xac, 0x5f,
+ 0x12, 0x1e, 0x45, 0xbc, 0xfb, 0x1a, 0xa1, 0xf2, 0x7f, 0xc5
+ };
+
+ RC4_set_key(&key, keys[0][0], &(keys[3][1]));
+ memset(buf, '\0', sizeof(buf));
+ SHA1_Init(&c);
+ for (i = 0; i < 2571; i++) {
+ RC4(&key, sizeof(buf), buf, buf);
+ SHA1_Update(&c, buf, sizeof(buf));
+ }
+ SHA1_Final(md, &c);
+
+ if (memcmp(md, expected, sizeof(md))) {
+ printf("error in RC4 bulk test\n");
+ printf("output:");
+ for (j = 0; j < (int)sizeof(md); j++)
+ printf(" %02x", md[j]);
+ printf("\n");
+ printf("expect:");
+ for (j = 0; j < (int)sizeof(md); j++)
+ printf(" %02x", expected[j]);
+ printf("\n");
+ err++;
+ } else
+ printf("ok\n");
+ }
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ EXIT(err);
+}
+#endif
--- /dev/null
+/* crypto/rc5/rc5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC5 modes, more of the code will be uncommented.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RC5
+int main(int argc, char *argv[])
+{
+ printf("No RC5 support\n");
+ return (0);
+}
+#else
+# include <openssl/rc5.h>
+
+static unsigned char RC5key[5][16] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x91, 0x5f, 0x46, 0x19, 0xbe, 0x41, 0xb2, 0x51,
+ 0x63, 0x55, 0xa5, 0x01, 0x10, 0xa9, 0xce, 0x91},
+ {0x78, 0x33, 0x48, 0xe7, 0x5a, 0xeb, 0x0f, 0x2f,
+ 0xd7, 0xb1, 0x69, 0xbb, 0x8d, 0xc1, 0x67, 0x87},
+ {0xdc, 0x49, 0xdb, 0x13, 0x75, 0xa5, 0x58, 0x4f,
+ 0x64, 0x85, 0xb4, 0x13, 0xb5, 0xf1, 0x2b, 0xaf},
+ {0x52, 0x69, 0xf1, 0x49, 0xd4, 0x1b, 0xa0, 0x15,
+ 0x24, 0x97, 0x57, 0x4d, 0x7f, 0x15, 0x31, 0x25},
+};
+
+static unsigned char RC5plain[5][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x21, 0xA5, 0xDB, 0xEE, 0x15, 0x4B, 0x8F, 0x6D},
+ {0xF7, 0xC0, 0x13, 0xAC, 0x5B, 0x2B, 0x89, 0x52},
+ {0x2F, 0x42, 0xB3, 0xB7, 0x03, 0x69, 0xFC, 0x92},
+ {0x65, 0xC1, 0x78, 0xB2, 0x84, 0xD1, 0x97, 0xCC},
+};
+
+static unsigned char RC5cipher[5][8] = {
+ {0x21, 0xA5, 0xDB, 0xEE, 0x15, 0x4B, 0x8F, 0x6D},
+ {0xF7, 0xC0, 0x13, 0xAC, 0x5B, 0x2B, 0x89, 0x52},
+ {0x2F, 0x42, 0xB3, 0xB7, 0x03, 0x69, 0xFC, 0x92},
+ {0x65, 0xC1, 0x78, 0xB2, 0x84, 0xD1, 0x97, 0xCC},
+ {0xEB, 0x44, 0xE4, 0x15, 0xDA, 0x31, 0x98, 0x24},
+};
+
+# define RC5_CBC_NUM 27
+static unsigned char rc5_cbc_cipher[RC5_CBC_NUM][8] = {
+ {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1e},
+ {0x79, 0x7b, 0xba, 0x4d, 0x78, 0x11, 0x1d, 0x1e},
+ {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1f},
+ {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1f},
+ {0x8b, 0x9d, 0xed, 0x91, 0xce, 0x77, 0x94, 0xa6},
+ {0x2f, 0x75, 0x9f, 0xe7, 0xad, 0x86, 0xa3, 0x78},
+ {0xdc, 0xa2, 0x69, 0x4b, 0xf4, 0x0e, 0x07, 0x88},
+ {0xdc, 0xa2, 0x69, 0x4b, 0xf4, 0x0e, 0x07, 0x88},
+ {0xdc, 0xfe, 0x09, 0x85, 0x77, 0xec, 0xa5, 0xff},
+ {0x96, 0x46, 0xfb, 0x77, 0x63, 0x8f, 0x9c, 0xa8},
+ {0xb2, 0xb3, 0x20, 0x9d, 0xb6, 0x59, 0x4d, 0xa4},
+ {0x54, 0x5f, 0x7f, 0x32, 0xa5, 0xfc, 0x38, 0x36},
+ {0x82, 0x85, 0xe7, 0xc1, 0xb5, 0xbc, 0x74, 0x02},
+ {0xfc, 0x58, 0x6f, 0x92, 0xf7, 0x08, 0x09, 0x34},
+ {0xcf, 0x27, 0x0e, 0xf9, 0x71, 0x7f, 0xf7, 0xc4},
+ {0xe4, 0x93, 0xf1, 0xc1, 0xbb, 0x4d, 0x6e, 0x8c},
+ {0x5c, 0x4c, 0x04, 0x1e, 0x0f, 0x21, 0x7a, 0xc3},
+ {0x92, 0x1f, 0x12, 0x48, 0x53, 0x73, 0xb4, 0xf7},
+ {0x5b, 0xa0, 0xca, 0x6b, 0xbe, 0x7f, 0x5f, 0xad},
+ {0xc5, 0x33, 0x77, 0x1c, 0xd0, 0x11, 0x0e, 0x63},
+ {0x29, 0x4d, 0xdb, 0x46, 0xb3, 0x27, 0x8d, 0x60},
+ {0xda, 0xd6, 0xbd, 0xa9, 0xdf, 0xe8, 0xf7, 0xe8},
+ {0x97, 0xe0, 0x78, 0x78, 0x37, 0xed, 0x31, 0x7f},
+ {0x78, 0x75, 0xdb, 0xf6, 0x73, 0x8c, 0x64, 0x78},
+ {0x8f, 0x34, 0xc3, 0xc6, 0x81, 0xc9, 0x96, 0x95},
+ {0x7c, 0xb3, 0xf1, 0xdf, 0x34, 0xf9, 0x48, 0x11},
+ {0x7f, 0xd1, 0xa0, 0x23, 0xa5, 0xbb, 0xa2, 0x17},
+};
+
+static unsigned char rc5_cbc_key[RC5_CBC_NUM][17] = {
+ {1, 0x00},
+ {1, 0x00},
+ {1, 0x00},
+ {1, 0x00},
+ {1, 0x00},
+ {1, 0x11},
+ {1, 0x00},
+ {4, 0x00, 0x00, 0x00, 0x00},
+ {1, 0x00},
+ {1, 0x00},
+ {1, 0x00},
+ {1, 0x00},
+ {4, 0x01, 0x02, 0x03, 0x04},
+ {4, 0x01, 0x02, 0x03, 0x04},
+ {4, 0x01, 0x02, 0x03, 0x04},
+ {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+ {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+ {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+ {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+ {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+};
+
+static unsigned char rc5_cbc_plain[RC5_CBC_NUM][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x01},
+};
+
+static int rc5_cbc_rounds[RC5_CBC_NUM] = {
+ 0, 0, 0, 0, 0, 1, 2, 2,
+ 8, 8, 12, 16, 8, 12, 16, 12,
+ 8, 12, 16, 8, 12, 16, 12, 8,
+ 8, 8, 8,
+};
+
+static unsigned char rc5_cbc_iv[RC5_CBC_NUM][8] = {
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x78, 0x75, 0xdb, 0xf6, 0x73, 0x8c, 0x64, 0x78},
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+ {0x7c, 0xb3, 0xf1, 0xdf, 0x34, 0xf9, 0x48, 0x11},
+};
+
+int main(int argc, char *argv[])
+{
+ int i, n, err = 0;
+ RC5_32_KEY key;
+ unsigned char buf[8], buf2[8], ivb[8];
+
+ for (n = 0; n < 5; n++) {
+ RC5_32_set_key(&key, 16, &(RC5key[n][0]), 12);
+
+ RC5_32_ecb_encrypt(&(RC5plain[n][0]), buf, &key, RC5_ENCRYPT);
+ if (memcmp(&(RC5cipher[n][0]), buf, 8) != 0) {
+ printf("ecb RC5 error encrypting (%d)\n", n + 1);
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", RC5cipher[n][i]);
+ err = 20;
+ printf("\n");
+ }
+
+ RC5_32_ecb_encrypt(buf, buf2, &key, RC5_DECRYPT);
+ if (memcmp(&(RC5plain[n][0]), buf2, 8) != 0) {
+ printf("ecb RC5 error decrypting (%d)\n", n + 1);
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", buf2[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", RC5plain[n][i]);
+ printf("\n");
+ err = 3;
+ }
+ }
+ if (err == 0)
+ printf("ecb RC5 ok\n");
+
+ for (n = 0; n < RC5_CBC_NUM; n++) {
+ i = rc5_cbc_rounds[n];
+ if (i < 8)
+ continue;
+
+ RC5_32_set_key(&key, rc5_cbc_key[n][0], &(rc5_cbc_key[n][1]), i);
+
+ memcpy(ivb, &(rc5_cbc_iv[n][0]), 8);
+ RC5_32_cbc_encrypt(&(rc5_cbc_plain[n][0]), buf, 8,
+ &key, &(ivb[0]), RC5_ENCRYPT);
+
+ if (memcmp(&(rc5_cbc_cipher[n][0]), buf, 8) != 0) {
+ printf("cbc RC5 error encrypting (%d)\n", n + 1);
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", rc5_cbc_cipher[n][i]);
+ err = 30;
+ printf("\n");
+ }
+
+ memcpy(ivb, &(rc5_cbc_iv[n][0]), 8);
+ RC5_32_cbc_encrypt(buf, buf2, 8, &key, &(ivb[0]), RC5_DECRYPT);
+ if (memcmp(&(rc5_cbc_plain[n][0]), buf2, 8) != 0) {
+ printf("cbc RC5 error decrypting (%d)\n", n + 1);
+ printf("got :");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", buf2[i]);
+ printf("\n");
+ printf("expected:");
+ for (i = 0; i < 8; i++)
+ printf("%02X ", rc5_cbc_plain[n][i]);
+ printf("\n");
+ err = 3;
+ }
+ }
+ if (err == 0)
+ printf("cbc RC5 ok\n");
+
+ EXIT(err);
+ return (err);
+}
+
+#endif
--- /dev/null
+/* crypto/ripemd/rmdtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RMD160
+int main(int argc, char *argv[])
+{
+ printf("No ripemd support\n");
+ return (0);
+}
+#else
+# include <openssl/ripemd.h>
+# include <openssl/evp.h>
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+static char *test[] = {
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+};
+
+static char *ret[] = {
+ "9c1185a5c5e9fc54612808977ee8f548b2258d31",
+ "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
+ "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
+ "5d0689ef49d2fae572b881b123a85ffa21595f36",
+ "f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
+ "12a053384a9c0c88e405a06c27dcf49ada62eb2b",
+ "b0e20b6e3116640286ed3a87a5713079b21f5189",
+ "9b752e45573d4b39f4dbd3323cab82bf63326bfb",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ char **P, **R;
+ char *p;
+ unsigned char md[RIPEMD160_DIGEST_LENGTH];
+
+ P = test;
+ R = ret;
+ i = 1;
+ while (*P != NULL) {
+# ifdef CHARSET_EBCDIC
+ ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));
+# endif
+ EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_ripemd160(),
+ NULL);
+ p = pt(md);
+ if (strcmp(p, (char *)*R) != 0) {
+ printf("error calculating RIPEMD160 on '%s'\n", *P);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ i++;
+ R++;
+ P++;
+ }
+ EXIT(err);
+}
+
+static char *pt(unsigned char *md)
+{
+ int i;
+ static char buf[80];
+
+ for (i = 0; i < RIPEMD160_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i * 2]), "%02x", md[i]);
+ return (buf);
+}
+#endif
--- /dev/null
+/* test vectors from p1ovect1.txt */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#ifdef OPENSSL_NO_RSA
+int main(int argc, char *argv[])
+{
+ printf("No RSA support\n");
+ return (0);
+}
+#else
+# include <openssl/rsa.h>
+
+# define SetKey \
+ key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
+ key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
+ key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
+ key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
+ key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
+ key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
+ key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
+ key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
+ memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
+ return (sizeof(ctext_ex) - 1);
+
+static int key1(RSA *key, unsigned char *c)
+{
+ static unsigned char n[] =
+ "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
+ "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
+ "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
+ "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
+ "\xF5";
+
+ static unsigned char e[] = "\x11";
+
+ static unsigned char d[] =
+ "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
+ "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
+ "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
+ "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
+
+ static unsigned char p[] =
+ "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+ "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
+ "\x0D";
+
+ static unsigned char q[] =
+ "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+ "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+ "\x89";
+
+ static unsigned char dmp1[] =
+ "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
+ "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
+
+ static unsigned char dmq1[] =
+ "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
+ "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
+ "\x51";
+
+ static unsigned char iqmp[] =
+ "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
+ "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
+
+ static unsigned char ctext_ex[] =
+ "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
+ "\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
+ "\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
+ "\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
+
+ SetKey;
+}
+
+static int key2(RSA *key, unsigned char *c)
+{
+ static unsigned char n[] =
+ "\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
+ "\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
+ "\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
+ "\x34\x77\xCF";
+
+ static unsigned char e[] = "\x3";
+
+ static unsigned char d[] =
+ "\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
+ "\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
+ "\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
+ "\xE5\xEB";
+
+ static unsigned char p[] =
+ "\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
+ "\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
+
+ static unsigned char q[] =
+ "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+ "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
+
+ static unsigned char dmp1[] =
+ "\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
+ "\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
+
+ static unsigned char dmq1[] =
+ "\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
+ "\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
+
+ static unsigned char iqmp[] =
+ "\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
+ "\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
+
+ static unsigned char ctext_ex[] =
+ "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
+ "\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
+ "\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
+ "\x62\x51";
+
+ SetKey;
+}
+
+static int key3(RSA *key, unsigned char *c)
+{
+ static unsigned char n[] =
+ "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
+ "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
+ "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
+ "\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
+ "\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
+ "\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
+ "\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
+ "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
+ "\xCB";
+
+ static unsigned char e[] = "\x11";
+
+ static unsigned char d[] =
+ "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
+ "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
+ "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
+ "\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
+ "\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
+ "\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
+ "\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
+ "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
+ "\xC1";
+
+ static unsigned char p[] =
+ "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
+ "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
+ "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
+ "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
+ "\x99";
+
+ static unsigned char q[] =
+ "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+ "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+ "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+ "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
+ "\x03";
+
+ static unsigned char dmp1[] =
+ "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
+ "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
+ "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
+ "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
+
+ static unsigned char dmq1[] =
+ "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
+ "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
+ "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
+ "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
+
+ static unsigned char iqmp[] =
+ "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
+ "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
+ "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
+ "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
+ "\xF7";
+
+ static unsigned char ctext_ex[] =
+ "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
+ "\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
+ "\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
+ "\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
+ "\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
+ "\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
+ "\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
+ "\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
+
+ SetKey;
+}
+
+static int pad_unknown(void)
+{
+ unsigned long l;
+ while ((l = ERR_get_error()) != 0)
+ if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
+ return (1);
+ return (0);
+}
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+{
+ int err = 0;
+ int v;
+ RSA *key;
+ unsigned char ptext[256];
+ unsigned char ctext[256];
+ static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
+ unsigned char ctext_ex[256];
+ int plen;
+ int clen = 0;
+ int num;
+ int n;
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+
+ plen = sizeof(ptext_ex) - 1;
+
+ for (v = 0; v < 6; v++) {
+ key = RSA_new();
+ switch (v % 3) {
+ case 0:
+ clen = key1(key, ctext_ex);
+ break;
+ case 1:
+ clen = key2(key, ctext_ex);
+ break;
+ case 2:
+ clen = key3(key, ctext_ex);
+ break;
+ }
+ if (v / 3 >= 1)
+ key->flags |= RSA_FLAG_NO_CONSTTIME;
+
+ num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+ RSA_PKCS1_PADDING);
+ if (num != clen) {
+ printf("PKCS#1 v1.5 encryption failed!\n");
+ err = 1;
+ goto oaep;
+ }
+
+ num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING);
+ if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
+ printf("PKCS#1 v1.5 decryption failed!\n");
+ err = 1;
+ } else
+ printf("PKCS #1 v1.5 encryption/decryption ok\n");
+
+ oaep:
+ ERR_clear_error();
+ num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+ RSA_PKCS1_OAEP_PADDING);
+ if (num == -1 && pad_unknown()) {
+ printf("No OAEP support\n");
+ goto next;
+ }
+ if (num != clen) {
+ printf("OAEP encryption failed!\n");
+ err = 1;
+ goto next;
+ }
+
+ num = RSA_private_decrypt(num, ctext, ptext, key,
+ RSA_PKCS1_OAEP_PADDING);
+ if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
+ printf("OAEP decryption (encrypted data) failed!\n");
+ err = 1;
+ } else if (memcmp(ctext, ctext_ex, num) == 0)
+ printf("OAEP test vector %d passed!\n", v);
+
+ /*
+ * Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). Try
+ * decrypting ctext_ex
+ */
+
+ num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
+ RSA_PKCS1_OAEP_PADDING);
+
+ if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
+ printf("OAEP decryption (test vector data) failed!\n");
+ err = 1;
+ } else
+ printf("OAEP encryption/decryption ok\n");
+
+ /* Try decrypting corrupted ciphertexts */
+ for (n = 0; n < clen; ++n) {
+ int b;
+ unsigned char saved = ctext[n];
+ for (b = 0; b < 256; ++b) {
+ if (b == saved)
+ continue;
+ ctext[n] = b;
+ num = RSA_private_decrypt(num, ctext, ptext, key,
+ RSA_PKCS1_OAEP_PADDING);
+ if (num > 0) {
+ printf("Corrupt data decrypted!\n");
+ err = 1;
+ }
+ }
+ }
+ next:
+ RSA_free(key);
+ }
+
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+
+ CRYPTO_mem_leaks_fp(stderr);
+
+# ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+# endif
+ return err;
+}
+#endif
--- /dev/null
+/* crypto/sha/sha1test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+#include <openssl/evp.h>
+#include <openssl/sha.h>
+
+#ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+#endif
+
+static char *test[] = {
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+};
+
+static char *ret[] = {
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+};
+
+static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+ int i, err = 0;
+ char **P, **R;
+ static unsigned char buf[1000];
+ char *p, *r;
+ EVP_MD_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+#ifdef CHARSET_EBCDIC
+ ebcdic2ascii(test[0], test[0], strlen(test[0]));
+ ebcdic2ascii(test[1], test[1], strlen(test[1]));
+#endif
+
+ EVP_MD_CTX_init(&c);
+ P = test;
+ R = ret;
+ i = 1;
+ while (*P != NULL) {
+ EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);
+ p = pt(md);
+ if (strcmp(p, (char *)*R) != 0) {
+ printf("error calculating SHA1 on '%s'\n", *P);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+ printf("test %d ok\n", i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf, 'a', 1000);
+#ifdef CHARSET_EBCDIC
+ ebcdic2ascii(buf, buf, 1000);
+#endif /* CHARSET_EBCDIC */
+ EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
+ for (i = 0; i < 1000; i++)
+ EVP_DigestUpdate(&c, buf, 1000);
+ EVP_DigestFinal_ex(&c, md, NULL);
+ p = pt(md);
+
+ r = bigret;
+ if (strcmp(p, r) != 0) {
+ printf("error calculating SHA1 on 'a' * 1000\n");
+ printf("got %s instead of %s\n", p, r);
+ err++;
+ } else
+ printf("test 3 ok\n");
+
+#ifdef OPENSSL_SYS_NETWARE
+ if (err)
+ printf("ERROR: %d\n", err);
+#endif
+ EXIT(err);
+ EVP_MD_CTX_cleanup(&c);
+ return (0);
+}
+
+static char *pt(unsigned char *md)
+{
+ int i;
+ static char buf[80];
+
+ for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i * 2]), "%02x", md[i]);
+ return (buf);
+}
--- /dev/null
+/* crypto/sha/sha256t.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ * ====================================================================
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/sha.h>
+#include <openssl/evp.h>
+
+unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
+ 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
+ 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
+ 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
+ 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
+};
+
+unsigned char app_b2[SHA256_DIGEST_LENGTH] = {
+ 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
+ 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
+ 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
+ 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1
+};
+
+unsigned char app_b3[SHA256_DIGEST_LENGTH] = {
+ 0xcd, 0xc7, 0x6e, 0x5c, 0x99, 0x14, 0xfb, 0x92,
+ 0x81, 0xa1, 0xc7, 0xe2, 0x84, 0xd7, 0x3e, 0x67,
+ 0xf1, 0x80, 0x9a, 0x48, 0xa4, 0x97, 0x20, 0x0e,
+ 0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0
+};
+
+unsigned char addenum_1[SHA224_DIGEST_LENGTH] = {
+ 0x23, 0x09, 0x7d, 0x22, 0x34, 0x05, 0xd8, 0x22,
+ 0x86, 0x42, 0xa4, 0x77, 0xbd, 0xa2, 0x55, 0xb3,
+ 0x2a, 0xad, 0xbc, 0xe4, 0xbd, 0xa0, 0xb3, 0xf7,
+ 0xe3, 0x6c, 0x9d, 0xa7
+};
+
+unsigned char addenum_2[SHA224_DIGEST_LENGTH] = {
+ 0x75, 0x38, 0x8b, 0x16, 0x51, 0x27, 0x76, 0xcc,
+ 0x5d, 0xba, 0x5d, 0xa1, 0xfd, 0x89, 0x01, 0x50,
+ 0xb0, 0xc6, 0x45, 0x5c, 0xb4, 0xf5, 0x8b, 0x19,
+ 0x52, 0x52, 0x25, 0x25
+};
+
+unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
+ 0x20, 0x79, 0x46, 0x55, 0x98, 0x0c, 0x91, 0xd8,
+ 0xbb, 0xb4, 0xc1, 0xea, 0x97, 0x61, 0x8a, 0x4b,
+ 0xf0, 0x3f, 0x42, 0x58, 0x19, 0x48, 0xb2, 0xee,
+ 0x4e, 0xe7, 0xad, 0x67
+};
+
+int main(int argc, char **argv)
+{
+ unsigned char md[SHA256_DIGEST_LENGTH];
+ int i;
+ EVP_MD_CTX evp;
+
+ fprintf(stdout, "Testing SHA-256 ");
+
+ EVP_Digest("abc", 3, md, NULL, EVP_sha256(), NULL);
+ if (memcmp(md, app_b1, sizeof(app_b1))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
+ "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha256(),
+ NULL);
+ if (memcmp(md, app_b2, sizeof(app_b2))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_MD_CTX_init(&evp);
+ EVP_DigestInit_ex(&evp, EVP_sha256(), NULL);
+ for (i = 0; i < 1000000; i += 288)
+ EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+ (1000000 - i) < 288 ? 1000000 - i : 288);
+ EVP_DigestFinal_ex(&evp, md, NULL);
+ EVP_MD_CTX_cleanup(&evp);
+
+ if (memcmp(md, app_b3, sizeof(app_b3))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ fprintf(stdout, " passed.\n");
+ fflush(stdout);
+
+ fprintf(stdout, "Testing SHA-224 ");
+
+ EVP_Digest("abc", 3, md, NULL, EVP_sha224(), NULL);
+ if (memcmp(md, addenum_1, sizeof(addenum_1))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
+ "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha224(),
+ NULL);
+ if (memcmp(md, addenum_2, sizeof(addenum_2))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_MD_CTX_init(&evp);
+ EVP_DigestInit_ex(&evp, EVP_sha224(), NULL);
+ for (i = 0; i < 1000000; i += 64)
+ EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+ (1000000 - i) < 64 ? 1000000 - i : 64);
+ EVP_DigestFinal_ex(&evp, md, NULL);
+ EVP_MD_CTX_cleanup(&evp);
+
+ if (memcmp(md, addenum_3, sizeof(addenum_3))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ fprintf(stdout, " passed.\n");
+ fflush(stdout);
+
+ return 0;
+}
--- /dev/null
+/* crypto/sha/sha512t.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ * ====================================================================
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/sha.h>
+#include <openssl/evp.h>
+#include <openssl/crypto.h>
+
+unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
+ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
+ 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
+ 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
+ 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
+ 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
+ 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
+ 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
+ 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f
+};
+
+unsigned char app_c2[SHA512_DIGEST_LENGTH] = {
+ 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
+ 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
+ 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
+ 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
+ 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
+ 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
+ 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
+ 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09
+};
+
+unsigned char app_c3[SHA512_DIGEST_LENGTH] = {
+ 0xe7, 0x18, 0x48, 0x3d, 0x0c, 0xe7, 0x69, 0x64,
+ 0x4e, 0x2e, 0x42, 0xc7, 0xbc, 0x15, 0xb4, 0x63,
+ 0x8e, 0x1f, 0x98, 0xb1, 0x3b, 0x20, 0x44, 0x28,
+ 0x56, 0x32, 0xa8, 0x03, 0xaf, 0xa9, 0x73, 0xeb,
+ 0xde, 0x0f, 0xf2, 0x44, 0x87, 0x7e, 0xa6, 0x0a,
+ 0x4c, 0xb0, 0x43, 0x2c, 0xe5, 0x77, 0xc3, 0x1b,
+ 0xeb, 0x00, 0x9c, 0x5c, 0x2c, 0x49, 0xaa, 0x2e,
+ 0x4e, 0xad, 0xb2, 0x17, 0xad, 0x8c, 0xc0, 0x9b
+};
+
+unsigned char app_d1[SHA384_DIGEST_LENGTH] = {
+ 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b,
+ 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
+ 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63,
+ 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
+ 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23,
+ 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7
+};
+
+unsigned char app_d2[SHA384_DIGEST_LENGTH] = {
+ 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8,
+ 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47,
+ 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2,
+ 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12,
+ 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9,
+ 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39
+};
+
+unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
+ 0x9d, 0x0e, 0x18, 0x09, 0x71, 0x64, 0x74, 0xcb,
+ 0x08, 0x6e, 0x83, 0x4e, 0x31, 0x0a, 0x4a, 0x1c,
+ 0xed, 0x14, 0x9e, 0x9c, 0x00, 0xf2, 0x48, 0x52,
+ 0x79, 0x72, 0xce, 0xc5, 0x70, 0x4c, 0x2a, 0x5b,
+ 0x07, 0xb8, 0xb3, 0xdc, 0x38, 0xec, 0xc4, 0xeb,
+ 0xae, 0x97, 0xdd, 0xd8, 0x7f, 0x3d, 0x89, 0x85
+};
+
+int main(int argc, char **argv)
+{
+ unsigned char md[SHA512_DIGEST_LENGTH];
+ int i;
+ EVP_MD_CTX evp;
+
+# ifdef OPENSSL_IA32_SSE2
+ /*
+ * Alternative to this is to call OpenSSL_add_all_algorithms... The below
+ * code is retained exclusively for debugging purposes.
+ */
+ {
+ char *env;
+
+ if ((env = getenv("OPENSSL_ia32cap")))
+ OPENSSL_ia32cap = strtoul(env, NULL, 0);
+ }
+# endif
+
+ fprintf(stdout, "Testing SHA-512 ");
+
+ EVP_Digest("abc", 3, md, NULL, EVP_sha512(), NULL);
+ if (memcmp(md, app_c1, sizeof(app_c1))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
+ "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
+ "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
+ "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha512(), NULL);
+ if (memcmp(md, app_c2, sizeof(app_c2))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_MD_CTX_init(&evp);
+ EVP_DigestInit_ex(&evp, EVP_sha512(), NULL);
+ for (i = 0; i < 1000000; i += 288)
+ EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+ (1000000 - i) < 288 ? 1000000 - i : 288);
+ EVP_DigestFinal_ex(&evp, md, NULL);
+ EVP_MD_CTX_cleanup(&evp);
+
+ if (memcmp(md, app_c3, sizeof(app_c3))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ fprintf(stdout, " passed.\n");
+ fflush(stdout);
+
+ fprintf(stdout, "Testing SHA-384 ");
+
+ EVP_Digest("abc", 3, md, NULL, EVP_sha384(), NULL);
+ if (memcmp(md, app_d1, sizeof(app_d1))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
+ "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
+ "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
+ "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha384(), NULL);
+ if (memcmp(md, app_d2, sizeof(app_d2))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ EVP_MD_CTX_init(&evp);
+ EVP_DigestInit_ex(&evp, EVP_sha384(), NULL);
+ for (i = 0; i < 1000000; i += 64)
+ EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+ (1000000 - i) < 64 ? 1000000 - i : 64);
+ EVP_DigestFinal_ex(&evp, md, NULL);
+ EVP_MD_CTX_cleanup(&evp);
+
+ if (memcmp(md, app_d3, sizeof(app_d3))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ fprintf(stdout, " passed.\n");
+ fflush(stdout);
+
+ return 0;
+}
--- /dev/null
+#include <openssl/opensslconf.h>
+#ifdef OPENSSL_NO_SRP
+
+# include <stdio.h>
+
+int main(int argc, char *argv[])
+{
+ printf("No SRP support\n");
+ return (0);
+}
+
+#else
+
+# include <openssl/srp.h>
+# include <openssl/rand.h>
+# include <openssl/err.h>
+
+static void showbn(const char *name, const BIGNUM *bn)
+{
+ fputs(name, stdout);
+ fputs(" = ", stdout);
+ BN_print_fp(stdout, bn);
+ putc('\n', stdout);
+}
+
+# define RANDOM_SIZE 32 /* use 256 bits on each side */
+
+static int run_srp(const char *username, const char *client_pass,
+ const char *server_pass)
+{
+ int ret = -1;
+ BIGNUM *s = NULL;
+ BIGNUM *v = NULL;
+ BIGNUM *a = NULL;
+ BIGNUM *b = NULL;
+ BIGNUM *u = NULL;
+ BIGNUM *x = NULL;
+ BIGNUM *Apub = NULL;
+ BIGNUM *Bpub = NULL;
+ BIGNUM *Kclient = NULL;
+ BIGNUM *Kserver = NULL;
+ unsigned char rand_tmp[RANDOM_SIZE];
+ /* use builtin 1024-bit params */
+ const SRP_gN *GN = SRP_get_default_gN("1024");
+
+ if (GN == NULL) {
+ fprintf(stderr, "Failed to get SRP parameters\n");
+ return -1;
+ }
+ /* Set up server's password entry */
+ if (!SRP_create_verifier_BN(username, server_pass, &s, &v, GN->N, GN->g)) {
+ fprintf(stderr, "Failed to create SRP verifier\n");
+ return -1;
+ }
+
+ showbn("N", GN->N);
+ showbn("g", GN->g);
+ showbn("Salt", s);
+ showbn("Verifier", v);
+
+ /* Server random */
+ RAND_bytes(rand_tmp, sizeof(rand_tmp));
+ b = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
+ /* TODO - check b != 0 */
+ showbn("b", b);
+
+ /* Server's first message */
+ Bpub = SRP_Calc_B(b, GN->N, GN->g, v);
+ showbn("B", Bpub);
+
+ if (!SRP_Verify_B_mod_N(Bpub, GN->N)) {
+ fprintf(stderr, "Invalid B\n");
+ return -1;
+ }
+
+ /* Client random */
+ RAND_bytes(rand_tmp, sizeof(rand_tmp));
+ a = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
+ /* TODO - check a != 0 */
+ showbn("a", a);
+
+ /* Client's response */
+ Apub = SRP_Calc_A(a, GN->N, GN->g);
+ showbn("A", Apub);
+
+ if (!SRP_Verify_A_mod_N(Apub, GN->N)) {
+ fprintf(stderr, "Invalid A\n");
+ return -1;
+ }
+
+ /* Both sides calculate u */
+ u = SRP_Calc_u(Apub, Bpub, GN->N);
+
+ /* Client's key */
+ x = SRP_Calc_x(s, username, client_pass);
+ Kclient = SRP_Calc_client_key(GN->N, Bpub, GN->g, x, a, u);
+ showbn("Client's key", Kclient);
+
+ /* Server's key */
+ Kserver = SRP_Calc_server_key(Apub, v, u, b, GN->N);
+ showbn("Server's key", Kserver);
+
+ if (BN_cmp(Kclient, Kserver) == 0) {
+ ret = 0;
+ } else {
+ fprintf(stderr, "Keys mismatch\n");
+ ret = 1;
+ }
+
+ BN_clear_free(Kclient);
+ BN_clear_free(Kserver);
+ BN_clear_free(x);
+ BN_free(u);
+ BN_free(Apub);
+ BN_clear_free(a);
+ BN_free(Bpub);
+ BN_clear_free(b);
+ BN_free(s);
+ BN_clear_free(v);
+
+ return ret;
+}
+
+int main(int argc, char **argv)
+{
+ BIO *bio_err;
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+
+ /* "Negative" test, expect a mismatch */
+ if (run_srp("alice", "password1", "password2") == 0) {
+ fprintf(stderr, "Mismatched SRP run failed\n");
+ return 1;
+ }
+
+ /* "Positive" test, should pass */
+ if (run_srp("alice", "password", "password") != 0) {
+ fprintf(stderr, "Plain SRP run failed\n");
+ return 1;
+ }
+
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks(bio_err);
+
+ return 0;
+}
+#endif
--- /dev/null
+/* ssl/ssltest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+/* Or gethostname won't be declared properly on Linux and GNU platforms. */
+#define _BSD_SOURCE 1
+
+#include <assert.h>
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+#define USE_SOCKETS
+#include "e_os.h"
+
+#ifdef OPENSSL_SYS_VMS
+/*
+ * Or isascii won't be declared properly on VMS (at least with DECompHP C).
+ */
+# define _XOPEN_SOURCE 500
+#endif
+
+#include <ctype.h>
+
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/ssl.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
+#include <openssl/bn.h>
+
+#include "../ssl/ssl_locl.h"
+
+/*
+ * Or gethostname won't be declared properly
+ * on Compaq platforms (at least with DEC C).
+ * Do not try to put it earlier, or IPv6 includes
+ * get screwed...
+ */
+#define _XOPEN_SOURCE_EXTENDED 1
+
+#ifdef OPENSSL_SYS_WINDOWS
+# include <winsock.h>
+#else
+# include OPENSSL_UNISTD
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
+# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
+#elif defined(OPENSSL_SYS_WINCE)
+# define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
+# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
+#elif defined(OPENSSL_SYS_NETWARE)
+# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
+# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
+#else
+# define TEST_SERVER_CERT "../apps/server.pem"
+# define TEST_CLIENT_CERT "../apps/client.pem"
+#endif
+
+/*
+ * There is really no standard for this, so let's assign some tentative
+ * numbers. In any case, these numbers are only for this test
+ */
+#define COMP_RLE 255
+#define COMP_ZLIB 1
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
+static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
+static void free_tmp_rsa(void);
+#endif
+static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
+#define APP_CALLBACK_STRING "Test Callback Argument"
+struct app_verify_arg {
+ char *string;
+ int app_verify;
+ int allow_proxy_certs;
+ char *proxy_auth;
+ char *proxy_cond;
+};
+
+#ifndef OPENSSL_NO_DH
+static DH *get_dh512(void);
+static DH *get_dh1024(void);
+static DH *get_dh1024dsa(void);
+#endif
+
+static char *psk_key = NULL; /* by default PSK is not used */
+#ifndef OPENSSL_NO_PSK
+static unsigned int psk_client_callback(SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+#endif
+
+#ifndef OPENSSL_NO_SRP
+/* SRP client */
+/* This is a context that we pass to all callbacks */
+typedef struct srp_client_arg_st {
+ char *srppassin;
+ char *srplogin;
+} SRP_CLIENT_ARG;
+
+# define PWD_STRLEN 1024
+
+static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+{
+ SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
+ return BUF_strdup((char *)srp_client_arg->srppassin);
+}
+
+/* SRP server */
+/* This is a context that we pass to SRP server callbacks */
+typedef struct srp_server_arg_st {
+ char *expected_user;
+ char *pass;
+} SRP_SERVER_ARG;
+
+static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+{
+ SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
+
+ if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
+ fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
+ return SSL3_AL_FATAL;
+ }
+ if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
+ *ad = SSL_AD_INTERNAL_ERROR;
+ return SSL3_AL_FATAL;
+ }
+ return SSL_ERROR_NONE;
+}
+#endif
+
+static BIO *bio_err = NULL;
+static BIO *bio_stdout = NULL;
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+/* Note that this code assumes that this is only a one element list: */
+static const char NEXT_PROTO_STRING[] = "\x09testproto";
+int npn_client = 0;
+int npn_server = 0;
+int npn_server_reject = 0;
+
+static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
+ const unsigned char *in, unsigned int inlen,
+ void *arg)
+{
+ /*
+ * This callback only returns the protocol string, rather than a length
+ * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
+ * and remove the first byte to chop off the length prefix.
+ */
+ *out = (unsigned char *)NEXT_PROTO_STRING + 1;
+ *outlen = sizeof(NEXT_PROTO_STRING) - 2;
+ return SSL_TLSEXT_ERR_OK;
+}
+
+static int cb_server_npn(SSL *s, const unsigned char **data,
+ unsigned int *len, void *arg)
+{
+ *data = (const unsigned char *)NEXT_PROTO_STRING;
+ *len = sizeof(NEXT_PROTO_STRING) - 1;
+ return SSL_TLSEXT_ERR_OK;
+}
+
+static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
+ unsigned int *len, void *arg)
+{
+ return SSL_TLSEXT_ERR_NOACK;
+}
+
+static int verify_npn(SSL *client, SSL *server)
+{
+ const unsigned char *client_s;
+ unsigned client_len;
+ const unsigned char *server_s;
+ unsigned server_len;
+
+ SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
+ SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
+
+ if (client_len) {
+ BIO_printf(bio_stdout, "Client NPN: ");
+ BIO_write(bio_stdout, client_s, client_len);
+ BIO_printf(bio_stdout, "\n");
+ }
+
+ if (server_len) {
+ BIO_printf(bio_stdout, "Server NPN: ");
+ BIO_write(bio_stdout, server_s, server_len);
+ BIO_printf(bio_stdout, "\n");
+ }
+
+ /*
+ * If an NPN string was returned, it must be the protocol that we
+ * expected to negotiate.
+ */
+ if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
+ memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
+ return -1;
+ if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
+ memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
+ return -1;
+
+ if (!npn_client && client_len)
+ return -1;
+ if (!npn_server && server_len)
+ return -1;
+ if (npn_server_reject && server_len)
+ return -1;
+ if (npn_client && npn_server && (!client_len || !server_len))
+ return -1;
+
+ return 0;
+}
+#endif
+
+static const char *alpn_client;
+static const char *alpn_server;
+static const char *alpn_expected;
+static unsigned char *alpn_selected;
+
+/*-
+ * next_protos_parse parses a comma separated list of strings into a string
+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
+ * outlen: (output) set to the length of the resulting buffer on success.
+ * err: (maybe NULL) on failure, an error message line is written to this BIO.
+ * in: a NUL terminated string like "abc,def,ghi"
+ *
+ * returns: a malloced buffer or NULL on failure.
+ */
+static unsigned char *next_protos_parse(unsigned short *outlen,
+ const char *in)
+{
+ size_t len;
+ unsigned char *out;
+ size_t i, start = 0;
+
+ len = strlen(in);
+ if (len >= 65535)
+ return NULL;
+
+ out = OPENSSL_malloc(strlen(in) + 1);
+ if (!out)
+ return NULL;
+
+ for (i = 0; i <= len; ++i) {
+ if (i == len || in[i] == ',') {
+ if (i - start > 255) {
+ OPENSSL_free(out);
+ return NULL;
+ }
+ out[start] = i - start;
+ start = i + 1;
+ } else
+ out[i + 1] = in[i];
+ }
+
+ *outlen = len + 1;
+ return out;
+}
+
+static int cb_server_alpn(SSL *s, const unsigned char **out,
+ unsigned char *outlen, const unsigned char *in,
+ unsigned int inlen, void *arg)
+{
+ unsigned char *protos;
+ unsigned short protos_len;
+
+ protos = next_protos_parse(&protos_len, alpn_server);
+ if (protos == NULL) {
+ fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
+ alpn_server);
+ abort();
+ }
+
+ if (SSL_select_next_proto
+ ((unsigned char **)out, outlen, protos, protos_len, in,
+ inlen) != OPENSSL_NPN_NEGOTIATED) {
+ OPENSSL_free(protos);
+ return SSL_TLSEXT_ERR_NOACK;
+ }
+
+ /*
+ * Make a copy of the selected protocol which will be freed in
+ * verify_alpn.
+ */
+ alpn_selected = OPENSSL_malloc(*outlen);
+ memcpy(alpn_selected, *out, *outlen);
+ *out = alpn_selected;
+
+ OPENSSL_free(protos);
+ return SSL_TLSEXT_ERR_OK;
+}
+
+static int verify_alpn(SSL *client, SSL *server)
+{
+ const unsigned char *client_proto, *server_proto;
+ unsigned int client_proto_len = 0, server_proto_len = 0;
+ SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
+ SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
+
+ if (alpn_selected != NULL) {
+ OPENSSL_free(alpn_selected);
+ alpn_selected = NULL;
+ }
+
+ if (client_proto_len != server_proto_len ||
+ memcmp(client_proto, server_proto, client_proto_len) != 0) {
+ BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
+ goto err;
+ }
+
+ if (client_proto_len > 0 && alpn_expected == NULL) {
+ BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
+ goto err;
+ }
+
+ if (alpn_expected != NULL &&
+ (client_proto_len != strlen(alpn_expected) ||
+ memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
+ BIO_printf(bio_stdout,
+ "ALPN selected protocols not equal to expected protocol: %s\n",
+ alpn_expected);
+ goto err;
+ }
+
+ return 0;
+
+ err:
+ BIO_printf(bio_stdout, "ALPN results: client: '");
+ BIO_write(bio_stdout, client_proto, client_proto_len);
+ BIO_printf(bio_stdout, "', server: '");
+ BIO_write(bio_stdout, server_proto, server_proto_len);
+ BIO_printf(bio_stdout, "'\n");
+ BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
+ alpn_client, alpn_server);
+ return -1;
+}
+
+#define SCT_EXT_TYPE 18
+
+/*
+ * WARNING : below extension types are *NOT* IETF assigned, and could
+ * conflict if these types are reassigned and handled specially by OpenSSL
+ * in the future
+ */
+#define TACK_EXT_TYPE 62208
+#define CUSTOM_EXT_TYPE_0 1000
+#define CUSTOM_EXT_TYPE_1 1001
+#define CUSTOM_EXT_TYPE_2 1002
+#define CUSTOM_EXT_TYPE_3 1003
+
+const char custom_ext_cli_string[] = "abc";
+const char custom_ext_srv_string[] = "defg";
+
+/* These set from cmdline */
+char *serverinfo_file = NULL;
+int serverinfo_sct = 0;
+int serverinfo_tack = 0;
+
+/* These set based on extension callbacks */
+int serverinfo_sct_seen = 0;
+int serverinfo_tack_seen = 0;
+int serverinfo_other_seen = 0;
+
+/* This set from cmdline */
+int custom_ext = 0;
+
+/* This set based on extension callbacks */
+int custom_ext_error = 0;
+
+static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in, size_t inlen,
+ int *al, void *arg)
+{
+ if (ext_type == SCT_EXT_TYPE)
+ serverinfo_sct_seen++;
+ else if (ext_type == TACK_EXT_TYPE)
+ serverinfo_tack_seen++;
+ else
+ serverinfo_other_seen++;
+ return 1;
+}
+
+static int verify_serverinfo()
+{
+ if (serverinfo_sct != serverinfo_sct_seen)
+ return -1;
+ if (serverinfo_tack != serverinfo_tack_seen)
+ return -1;
+ if (serverinfo_other_seen)
+ return -1;
+ return 0;
+}
+
+/*-
+ * Four test cases for custom extensions:
+ * 0 - no ClientHello extension or ServerHello response
+ * 1 - ClientHello with "abc", no response
+ * 2 - ClientHello with "abc", empty response
+ * 3 - ClientHello with "abc", "defg" response
+ */
+
+static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_0)
+ custom_ext_error = 1;
+ return 0; /* Don't send an extension */
+}
+
+static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ return 1;
+}
+
+static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_1)
+ custom_ext_error = 1;
+ *out = (const unsigned char *)custom_ext_cli_string;
+ *outlen = strlen(custom_ext_cli_string);
+ return 1; /* Send "abc" */
+}
+
+static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ return 1;
+}
+
+static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_2)
+ custom_ext_error = 1;
+ *out = (const unsigned char *)custom_ext_cli_string;
+ *outlen = strlen(custom_ext_cli_string);
+ return 1; /* Send "abc" */
+}
+
+static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_2)
+ custom_ext_error = 1;
+ if (inlen != 0)
+ custom_ext_error = 1; /* Should be empty response */
+ return 1;
+}
+
+static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_3)
+ custom_ext_error = 1;
+ *out = (const unsigned char *)custom_ext_cli_string;
+ *outlen = strlen(custom_ext_cli_string);
+ return 1; /* Send "abc" */
+}
+
+static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_3)
+ custom_ext_error = 1;
+ if (inlen != strlen(custom_ext_srv_string))
+ custom_ext_error = 1;
+ if (memcmp(custom_ext_srv_string, in, inlen) != 0)
+ custom_ext_error = 1; /* Check for "defg" */
+ return 1;
+}
+
+/*
+ * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
+ * for this extension
+ */
+static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ custom_ext_error = 1;
+ return 1;
+}
+
+/* 'add' callbacks are only called if the 'parse' callback is called */
+static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ /* Error: should not have been called */
+ custom_ext_error = 1;
+ return 0; /* Don't send an extension */
+}
+
+static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_1)
+ custom_ext_error = 1;
+ /* Check for "abc" */
+ if (inlen != strlen(custom_ext_cli_string))
+ custom_ext_error = 1;
+ if (memcmp(in, custom_ext_cli_string, inlen) != 0)
+ custom_ext_error = 1;
+ return 1;
+}
+
+static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ return 0; /* Don't send an extension */
+}
+
+static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_2)
+ custom_ext_error = 1;
+ /* Check for "abc" */
+ if (inlen != strlen(custom_ext_cli_string))
+ custom_ext_error = 1;
+ if (memcmp(in, custom_ext_cli_string, inlen) != 0)
+ custom_ext_error = 1;
+ return 1;
+}
+
+static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ *out = NULL;
+ *outlen = 0;
+ return 1; /* Send empty extension */
+}
+
+static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
+ const unsigned char *in,
+ size_t inlen, int *al, void *arg)
+{
+ if (ext_type != CUSTOM_EXT_TYPE_3)
+ custom_ext_error = 1;
+ /* Check for "abc" */
+ if (inlen != strlen(custom_ext_cli_string))
+ custom_ext_error = 1;
+ if (memcmp(in, custom_ext_cli_string, inlen) != 0)
+ custom_ext_error = 1;
+ return 1;
+}
+
+static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
+ const unsigned char **out,
+ size_t *outlen, int *al, void *arg)
+{
+ *out = (const unsigned char *)custom_ext_srv_string;
+ *outlen = strlen(custom_ext_srv_string);
+ return 1; /* Send "defg" */
+}
+
+static char *cipher = NULL;
+static int verbose = 0;
+static int debug = 0;
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
+ clock_t *c_time);
+int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
+static int do_test_cipherlist(void);
+
+static void sv_usage(void)
+{
+ fprintf(stderr, "usage: ssltest [args ...]\n");
+ fprintf(stderr, "\n");
+#ifdef OPENSSL_FIPS
+ fprintf(stderr, "-F - run test in FIPS mode\n");
+#endif
+ fprintf(stderr, " -server_auth - check server certificate\n");
+ fprintf(stderr, " -client_auth - do client authentication\n");
+ fprintf(stderr, " -proxy - allow proxy certificates\n");
+ fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
+ fprintf(stderr,
+ " -proxy_cond <val> - expression to test proxy policy rights\n");
+ fprintf(stderr, " -v - more output\n");
+ fprintf(stderr, " -d - debug output\n");
+ fprintf(stderr, " -reuse - use session-id reuse\n");
+ fprintf(stderr, " -num <val> - number of connections to perform\n");
+ fprintf(stderr,
+ " -bytes <val> - number of bytes to swap between client/server\n");
+#ifndef OPENSSL_NO_DH
+ fprintf(stderr,
+ " -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
+ fprintf(stderr,
+ " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
+ fprintf(stderr, " -no_dhe - disable DHE\n");
+#endif
+#ifndef OPENSSL_NO_EC
+ fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
+#endif
+#ifndef OPENSSL_NO_PSK
+ fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
+#endif
+#ifndef OPENSSL_NO_SRP
+ fprintf(stderr, " -srpuser user - SRP username to use\n");
+ fprintf(stderr, " -srppass arg - password for 'user'\n");
+#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
+ fprintf(stderr, " -ssl3 - use SSLv3\n");
+#endif
+ fprintf(stderr, " -tls1 - use TLSv1\n");
+#ifndef OPENSSL_NO_DTLS
+ fprintf(stderr, " -dtls1 - use DTLSv1\n");
+ fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
+#endif
+ fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
+ fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
+ fprintf(stderr, " -cert arg - Server certificate file\n");
+ fprintf(stderr,
+ " -key arg - Server key file (default: same as -cert)\n");
+ fprintf(stderr, " -c_cert arg - Client certificate file\n");
+ fprintf(stderr,
+ " -c_key arg - Client key file (default: same as -c_cert)\n");
+ fprintf(stderr, " -cipher arg - The cipher list\n");
+ fprintf(stderr, " -bio_pair - Use BIO pairs\n");
+ fprintf(stderr, " -f - Test even cases that can't work\n");
+ fprintf(stderr,
+ " -time - measure processor time used by client and server\n");
+ fprintf(stderr, " -zlib - use zlib compression\n");
+ fprintf(stderr, " -rle - use rle compression\n");
+#ifndef OPENSSL_NO_EC
+ fprintf(stderr,
+ " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
+ " Use \"openssl ecparam -list_curves\" for all names\n"
+ " (default is sect163r2).\n");
+#endif
+ fprintf(stderr,
+ " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
+ " When this option is requested, the cipherlist\n"
+ " tests are run instead of handshake tests.\n");
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ fprintf(stderr, " -npn_client - have client side offer NPN\n");
+ fprintf(stderr, " -npn_server - have server side offer NPN\n");
+ fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
+#endif
+ fprintf(stderr, " -serverinfo_file file - have server use this file\n");
+ fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
+ fprintf(stderr,
+ " -serverinfo_tack - have client offer and expect TACK\n");
+ fprintf(stderr,
+ " -custom_ext - try various custom extension callbacks\n");
+ fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
+ fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
+ fprintf(stderr,
+ " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
+}
+
+static void print_key_details(BIO *out, EVP_PKEY *key)
+{
+ int keyid = EVP_PKEY_id(key);
+#ifndef OPENSSL_NO_EC
+ if (keyid == EVP_PKEY_EC) {
+ EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
+ int nid;
+ const char *cname;
+ nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
+ EC_KEY_free(ec);
+ cname = EC_curve_nid2nist(nid);
+ if (!cname)
+ cname = OBJ_nid2sn(nid);
+ BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
+ } else
+#endif
+ {
+ const char *algname;
+ switch (keyid) {
+ case EVP_PKEY_RSA:
+ algname = "RSA";
+ break;
+ case EVP_PKEY_DSA:
+ algname = "DSA";
+ break;
+ case EVP_PKEY_DH:
+ algname = "DH";
+ break;
+ default:
+ algname = OBJ_nid2sn(keyid);
+ break;
+ }
+ BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
+ }
+}
+
+static void print_details(SSL *c_ssl, const char *prefix)
+{
+ const SSL_CIPHER *ciph;
+ int mdnid;
+ X509 *cert;
+ EVP_PKEY *pkey;
+
+ ciph = SSL_get_current_cipher(c_ssl);
+ BIO_printf(bio_stdout, "%s%s, cipher %s %s",
+ prefix,
+ SSL_get_version(c_ssl),
+ SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
+ cert = SSL_get_peer_certificate(c_ssl);
+ if (cert != NULL) {
+ pkey = X509_get_pubkey(cert);
+ if (pkey != NULL) {
+ BIO_puts(bio_stdout, ", ");
+ print_key_details(bio_stdout, pkey);
+ EVP_PKEY_free(pkey);
+ }
+ X509_free(cert);
+ }
+ if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
+ BIO_puts(bio_stdout, ", temp key: ");
+ print_key_details(bio_stdout, pkey);
+ EVP_PKEY_free(pkey);
+ }
+ if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
+ BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
+ BIO_printf(bio_stdout, "\n");
+}
+
+static void lock_dbg_cb(int mode, int type, const char *file, int line)
+{
+ static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
+ const char *errstr = NULL;
+ int rw;
+
+ rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
+ if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
+ errstr = "invalid mode";
+ goto err;
+ }
+
+ if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
+ errstr = "type out of bounds";
+ goto err;
+ }
+
+ if (mode & CRYPTO_LOCK) {
+ if (modes[type]) {
+ errstr = "already locked";
+ /*
+ * must not happen in a single-threaded program (would deadlock)
+ */
+ goto err;
+ }
+
+ modes[type] = rw;
+ } else if (mode & CRYPTO_UNLOCK) {
+ if (!modes[type]) {
+ errstr = "not locked";
+ goto err;
+ }
+
+ if (modes[type] != rw) {
+ errstr = (rw == CRYPTO_READ) ?
+ "CRYPTO_r_unlock on write lock" :
+ "CRYPTO_w_unlock on read lock";
+ }
+
+ modes[type] = 0;
+ } else {
+ errstr = "invalid mode";
+ goto err;
+ }
+
+ err:
+ if (errstr) {
+ /* we cannot use bio_err here */
+ fprintf(stderr,
+ "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
+ errstr, mode, type, file, line);
+ }
+}
+
+int main(int argc, char *argv[])
+{
+ char *CApath = NULL, *CAfile = NULL;
+ int badop = 0;
+ int bio_pair = 0;
+ int force = 0;
+ int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl3 = 0, ret = 1;
+ int client_auth = 0;
+ int server_auth = 0, i;
+ struct app_verify_arg app_verify_arg =
+ { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
+ char *server_cert = TEST_SERVER_CERT;
+ char *server_key = NULL;
+ char *client_cert = TEST_CLIENT_CERT;
+ char *client_key = NULL;
+#ifndef OPENSSL_NO_EC
+ char *named_curve = NULL;
+#endif
+ SSL_CTX *s_ctx = NULL;
+ SSL_CTX *c_ctx = NULL;
+ const SSL_METHOD *meth = NULL;
+ SSL *c_ssl, *s_ssl;
+ int number = 1, reuse = 0;
+ long bytes = 256L;
+#ifndef OPENSSL_NO_DH
+ DH *dh;
+ int dhe1024 = 0, dhe1024dsa = 0;
+#endif
+#ifndef OPENSSL_NO_EC
+ EC_KEY *ecdh = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ /* client */
+ SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
+ /* server */
+ SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
+#endif
+ int no_dhe = 0;
+ int no_ecdhe = 0;
+ int no_psk = 0;
+ int print_time = 0;
+ clock_t s_time = 0, c_time = 0;
+#ifndef OPENSSL_NO_COMP
+ int comp = 0;
+ COMP_METHOD *cm = NULL;
+ STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+#endif
+ int test_cipherlist = 0;
+#ifdef OPENSSL_FIPS
+ int fips_mode = 0;
+#endif
+ int no_protocol = 0;
+
+ SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
+ STACK_OF(OPENSSL_STRING) *conf_args = NULL;
+ const char *arg = NULL, *argn = NULL;
+
+ verbose = 0;
+ debug = 0;
+ cipher = 0;
+
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+ CRYPTO_set_locking_callback(lock_dbg_cb);
+
+ /* enable memory leak checking unless explicitly disabled */
+ if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
+ && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ } else {
+ /* OPENSSL_DEBUG_MEMORY=off */
+ CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+ }
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+
+ bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+
+ s_cctx = SSL_CONF_CTX_new();
+ c_cctx = SSL_CONF_CTX_new();
+
+ if (!s_cctx || !c_cctx) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_CONF_CTX_set_flags(s_cctx,
+ SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER);
+ if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_CONF_CTX_set_flags(c_cctx,
+ SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT);
+ if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ argc--;
+ argv++;
+
+ while (argc >= 1) {
+ if (!strcmp(*argv, "-F")) {
+#ifdef OPENSSL_FIPS
+ fips_mode = 1;
+#else
+ fprintf(stderr,
+ "not compiled with FIPS support, so exiting without running.\n");
+ EXIT(0);
+#endif
+ } else if (strcmp(*argv, "-server_auth") == 0)
+ server_auth = 1;
+ else if (strcmp(*argv, "-client_auth") == 0)
+ client_auth = 1;
+ else if (strcmp(*argv, "-proxy_auth") == 0) {
+ if (--argc < 1)
+ goto bad;
+ app_verify_arg.proxy_auth = *(++argv);
+ } else if (strcmp(*argv, "-proxy_cond") == 0) {
+ if (--argc < 1)
+ goto bad;
+ app_verify_arg.proxy_cond = *(++argv);
+ } else if (strcmp(*argv, "-v") == 0)
+ verbose = 1;
+ else if (strcmp(*argv, "-d") == 0)
+ debug = 1;
+ else if (strcmp(*argv, "-reuse") == 0)
+ reuse = 1;
+ else if (strcmp(*argv, "-dhe1024") == 0) {
+#ifndef OPENSSL_NO_DH
+ dhe1024 = 1;
+#else
+ fprintf(stderr,
+ "ignoring -dhe1024, since I'm compiled without DH\n");
+#endif
+ } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
+#ifndef OPENSSL_NO_DH
+ dhe1024dsa = 1;
+#else
+ fprintf(stderr,
+ "ignoring -dhe1024, since I'm compiled without DH\n");
+#endif
+ } else if (strcmp(*argv, "-no_dhe") == 0)
+ no_dhe = 1;
+ else if (strcmp(*argv, "-no_ecdhe") == 0)
+ no_ecdhe = 1;
+ else if (strcmp(*argv, "-psk") == 0) {
+ if (--argc < 1)
+ goto bad;
+ psk_key = *(++argv);
+#ifndef OPENSSL_NO_PSK
+ if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
+ BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+ goto bad;
+ }
+#else
+ no_psk = 1;
+#endif
+ }
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv, "-srpuser") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_server_arg.expected_user = srp_client_arg.srplogin =
+ *(++argv);
+ tls1 = 1;
+ } else if (strcmp(*argv, "-srppass") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
+ tls1 = 1;
+ }
+#endif
+ else if (strcmp(*argv, "-tls1") == 0) {
+ tls1 = 1;
+ } else if (strcmp(*argv, "-ssl3") == 0) {
+#ifdef OPENSSL_NO_SSL3_METHOD
+ no_protocol = 1;
+#endif
+ ssl3 = 1;
+ } else if (strcmp(*argv, "-dtls1") == 0) {
+#ifdef OPENSSL_NO_DTLS
+ no_protocol = 1;
+#endif
+ dtls1 = 1;
+ } else if (strcmp(*argv, "-dtls12") == 0) {
+#ifdef OPENSSL_NO_DTLS
+ no_protocol = 1;
+#endif
+ dtls12 = 1;
+ } else if (strncmp(*argv, "-num", 4) == 0) {
+ if (--argc < 1)
+ goto bad;
+ number = atoi(*(++argv));
+ if (number == 0)
+ number = 1;
+ } else if (strcmp(*argv, "-bytes") == 0) {
+ if (--argc < 1)
+ goto bad;
+ bytes = atol(*(++argv));
+ if (bytes == 0L)
+ bytes = 1L;
+ i = strlen(argv[0]);
+ if (argv[0][i - 1] == 'k')
+ bytes *= 1024L;
+ if (argv[0][i - 1] == 'm')
+ bytes *= 1024L * 1024L;
+ } else if (strcmp(*argv, "-cert") == 0) {
+ if (--argc < 1)
+ goto bad;
+ server_cert = *(++argv);
+ } else if (strcmp(*argv, "-s_cert") == 0) {
+ if (--argc < 1)
+ goto bad;
+ server_cert = *(++argv);
+ } else if (strcmp(*argv, "-key") == 0) {
+ if (--argc < 1)
+ goto bad;
+ server_key = *(++argv);
+ } else if (strcmp(*argv, "-s_key") == 0) {
+ if (--argc < 1)
+ goto bad;
+ server_key = *(++argv);
+ } else if (strcmp(*argv, "-c_cert") == 0) {
+ if (--argc < 1)
+ goto bad;
+ client_cert = *(++argv);
+ } else if (strcmp(*argv, "-c_key") == 0) {
+ if (--argc < 1)
+ goto bad;
+ client_key = *(++argv);
+ } else if (strcmp(*argv, "-cipher") == 0) {
+ if (--argc < 1)
+ goto bad;
+ cipher = *(++argv);
+ } else if (strcmp(*argv, "-CApath") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CApath = *(++argv);
+ } else if (strcmp(*argv, "-CAfile") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAfile = *(++argv);
+ } else if (strcmp(*argv, "-bio_pair") == 0) {
+ bio_pair = 1;
+ } else if (strcmp(*argv, "-f") == 0) {
+ force = 1;
+ } else if (strcmp(*argv, "-time") == 0) {
+ print_time = 1;
+ }
+#ifndef OPENSSL_NO_COMP
+ else if (strcmp(*argv, "-zlib") == 0) {
+ comp = COMP_ZLIB;
+ } else if (strcmp(*argv, "-rle") == 0) {
+ comp = COMP_RLE;
+ }
+#endif
+ else if (strcmp(*argv, "-named_curve") == 0) {
+ if (--argc < 1)
+ goto bad;
+#ifndef OPENSSL_NO_EC
+ named_curve = *(++argv);
+#else
+ fprintf(stderr,
+ "ignoring -named_curve, since I'm compiled without ECDH\n");
+ ++argv;
+#endif
+ } else if (strcmp(*argv, "-app_verify") == 0) {
+ app_verify_arg.app_verify = 1;
+ } else if (strcmp(*argv, "-proxy") == 0) {
+ app_verify_arg.allow_proxy_certs = 1;
+ } else if (strcmp(*argv, "-test_cipherlist") == 0) {
+ test_cipherlist = 1;
+ }
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (strcmp(*argv, "-npn_client") == 0) {
+ npn_client = 1;
+ } else if (strcmp(*argv, "-npn_server") == 0) {
+ npn_server = 1;
+ } else if (strcmp(*argv, "-npn_server_reject") == 0) {
+ npn_server_reject = 1;
+ }
+#endif
+ else if (strcmp(*argv, "-serverinfo_sct") == 0) {
+ serverinfo_sct = 1;
+ } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
+ serverinfo_tack = 1;
+ } else if (strcmp(*argv, "-serverinfo_file") == 0) {
+ if (--argc < 1)
+ goto bad;
+ serverinfo_file = *(++argv);
+ } else if (strcmp(*argv, "-custom_ext") == 0) {
+ custom_ext = 1;
+ } else if (strcmp(*argv, "-alpn_client") == 0) {
+ if (--argc < 1)
+ goto bad;
+ alpn_client = *(++argv);
+ } else if (strcmp(*argv, "-alpn_server") == 0) {
+ if (--argc < 1)
+ goto bad;
+ alpn_server = *(++argv);
+ } else if (strcmp(*argv, "-alpn_expected") == 0) {
+ if (--argc < 1)
+ goto bad;
+ alpn_expected = *(++argv);
+ } else {
+ int rv;
+ arg = argv[0];
+ argn = argv[1];
+ /* Try to process command using SSL_CONF */
+ rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
+ /* If not processed try server */
+ if (rv == 0)
+ rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
+ /* Recognised: store it for later use */
+ if (rv > 0) {
+ if (rv == 1)
+ argn = NULL;
+ if (!conf_args) {
+ conf_args = sk_OPENSSL_STRING_new_null();
+ if (!conf_args)
+ goto end;
+ }
+ if (!sk_OPENSSL_STRING_push(conf_args, arg))
+ goto end;
+ if (!sk_OPENSSL_STRING_push(conf_args, argn))
+ goto end;
+ continue;
+ }
+ if (rv == -3)
+ BIO_printf(bio_err, "Missing argument for %s\n", arg);
+ else if (rv < 0)
+ BIO_printf(bio_err, "Error with command %s\n", arg);
+ else if (rv == 0)
+ BIO_printf(bio_err, "unknown option %s\n", arg);
+ badop = 1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop) {
+ bad:
+ sv_usage();
+ goto end;
+ }
+
+ /*
+ * test_cipherlist prevails over protocol switch: we test the cipherlist
+ * for all enabled protocols.
+ */
+ if (test_cipherlist == 1) {
+ /*
+ * ensure that the cipher list are correctly sorted and exit
+ */
+ fprintf(stdout, "Testing cipherlist order only. Ignoring all "
+ "other options.\n");
+ if (do_test_cipherlist() == 0)
+ EXIT(1);
+ ret = 0;
+ goto end;
+ }
+
+ if (ssl3 + tls1 + dtls1 + dtls12 > 1) {
+ fprintf(stderr, "At most one of -ssl3, -tls1, -dtls1 or -dtls12 should "
+ "be requested.\n");
+ EXIT(1);
+ }
+
+ /*
+ * Testing was requested for a compiled-out protocol (e.g. SSLv3).
+ * Ideally, we would error out, but the generic test wrapper can't know
+ * when to expect failure. So we do nothing and return success.
+ */
+ if (no_protocol) {
+ fprintf(stderr, "Testing was requested for a disabled protocol. "
+ "Skipping tests.\n");
+ ret = 0;
+ goto end;
+ }
+
+ if (!ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
+ fprintf(stderr, "This case cannot work. Use -f to perform "
+ "the test anyway (and\n-d to see what happens), "
+ "or add one of -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
+ "to avoid protocol mismatch.\n");
+ EXIT(1);
+ }
+#ifdef OPENSSL_FIPS
+ if (fips_mode) {
+ if (!FIPS_mode_set(1)) {
+ ERR_load_crypto_strings();
+ ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
+ EXIT(1);
+ } else
+ fprintf(stderr, "*** IN FIPS MODE ***\n");
+ }
+#endif
+
+ if (print_time) {
+ if (!bio_pair) {
+ fprintf(stderr, "Using BIO pair (-bio_pair)\n");
+ bio_pair = 1;
+ }
+ if (number < 50 && !force)
+ fprintf(stderr,
+ "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
+ }
+
+/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
+
+ SSL_library_init();
+ SSL_load_error_strings();
+
+#ifndef OPENSSL_NO_COMP
+ if (comp == COMP_ZLIB)
+ cm = COMP_zlib();
+ if (comp == COMP_RLE)
+ cm = COMP_rle();
+ if (cm != NULL) {
+ if (cm->type != NID_undef) {
+ if (SSL_COMP_add_compression_method(comp, cm) != 0) {
+ fprintf(stderr, "Failed to add compression method\n");
+ ERR_print_errors_fp(stderr);
+ }
+ } else {
+ fprintf(stderr,
+ "Warning: %s compression not supported\n",
+ (comp == COMP_RLE ? "rle" :
+ (comp == COMP_ZLIB ? "zlib" : "unknown")));
+ ERR_print_errors_fp(stderr);
+ }
+ }
+ ssl_comp_methods = SSL_COMP_get_compression_methods();
+ fprintf(stderr, "Available compression methods:\n");
+ {
+ int j, n = sk_SSL_COMP_num(ssl_comp_methods);
+ if (n == 0)
+ fprintf(stderr, " NONE\n");
+ else
+ for (j = 0; j < n; j++) {
+ SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
+ fprintf(stderr, " %d: %s\n", c->id, c->name);
+ }
+ }
+#endif
+
+ /*
+ * At this point, ssl3/tls1 is only set if the protocol is available.
+ * (Otherwise we exit early.) However the compiler doesn't know this, so
+ * we ifdef.
+ */
+#ifndef OPENSSL_NO_SSL3
+ if (ssl3)
+ meth = SSLv3_method();
+ else
+#endif
+#ifndef OPENSSL_NO_DTLS
+ if (dtls1)
+ meth = DTLSv1_method();
+ else if (dtls12)
+ meth = DTLSv1_2_method();
+ else
+#endif
+ if (tls1)
+ meth = TLSv1_method();
+ else
+ meth = SSLv23_method();
+
+ c_ctx = SSL_CTX_new(meth);
+ s_ctx = SSL_CTX_new(meth);
+ if ((c_ctx == NULL) || (s_ctx == NULL)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ /*
+ * Since we will use low security ciphersuites and keys for testing set
+ * security level to zero.
+ */
+ SSL_CTX_set_security_level(c_ctx, 0);
+ SSL_CTX_set_security_level(s_ctx, 0);
+
+ if (cipher != NULL) {
+ if(!SSL_CTX_set_cipher_list(c_ctx, cipher)
+ || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ /* Process SSL_CONF arguments */
+ SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
+ SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
+
+ for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
+ int rv;
+ arg = sk_OPENSSL_STRING_value(conf_args, i);
+ argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
+ rv = SSL_CONF_cmd(c_cctx, arg, argn);
+ /* If not recognised use server context */
+ if (rv == -2)
+ rv = SSL_CONF_cmd(s_cctx, arg, argn);
+ if (rv <= 0) {
+ BIO_printf(bio_err, "Error processing %s %s\n",
+ arg, argn ? argn : "");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
+ BIO_puts(bio_err, "Error finishing context\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#ifndef OPENSSL_NO_DH
+ if (!no_dhe) {
+ if (dhe1024dsa) {
+ /*
+ * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
+ */
+ SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
+ dh = get_dh1024dsa();
+ } else if (dhe1024)
+ dh = get_dh1024();
+ else
+ dh = get_dh512();
+ SSL_CTX_set_tmp_dh(s_ctx, dh);
+ DH_free(dh);
+ }
+#else
+ (void)no_dhe;
+#endif
+
+#ifndef OPENSSL_NO_EC
+ if (!no_ecdhe) {
+ int nid;
+
+ if (named_curve != NULL) {
+ nid = OBJ_sn2nid(named_curve);
+ if (nid == 0) {
+ BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
+ goto end;
+ }
+ } else
+# ifdef OPENSSL_NO_EC2M
+ nid = NID_X9_62_prime256v1;
+# else
+ nid = NID_sect163r2;
+# endif
+
+ ecdh = EC_KEY_new_by_curve_name(nid);
+ if (ecdh == NULL) {
+ BIO_printf(bio_err, "unable to create curve\n");
+ goto end;
+ }
+
+ SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
+ SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
+ EC_KEY_free(ecdh);
+ }
+#else
+ (void)no_ecdhe;
+#endif
+
+#ifndef OPENSSL_NO_RSA
+ SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
+#endif
+
+ if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
+ ERR_print_errors(bio_err);
+ } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
+ (server_key ? server_key :
+ server_cert),
+ SSL_FILETYPE_PEM)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth) {
+ if(!SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM)
+ || !SSL_CTX_use_PrivateKey_file(c_ctx,
+ (client_key ? client_key : client_cert),
+ SSL_FILETYPE_PEM)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(c_ctx))) {
+ /* fprintf(stderr,"SSL_load_verify_locations\n"); */
+ ERR_print_errors(bio_err);
+ /* goto end; */
+ }
+
+ if (client_auth) {
+ BIO_printf(bio_err, "client authentication\n");
+ SSL_CTX_set_verify(s_ctx,
+ SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
+ &app_verify_arg);
+ }
+ if (server_auth) {
+ BIO_printf(bio_err, "server authentication\n");
+ SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
+ SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
+ &app_verify_arg);
+ }
+
+ {
+ int session_id_context = 0;
+ if(!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
+ sizeof session_id_context)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ /* Use PSK only if PSK key is given */
+ if (psk_key != NULL) {
+ /*
+ * no_psk is used to avoid putting psk command to openssl tool
+ */
+ if (no_psk) {
+ /*
+ * if PSK is not compiled in and psk key is given, do nothing and
+ * exit successfully
+ */
+ ret = 0;
+ goto end;
+ }
+#ifndef OPENSSL_NO_PSK
+ SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
+ SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
+ if (debug)
+ BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
+ if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
+ BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#endif
+ }
+#ifndef OPENSSL_NO_SRP
+ if (srp_client_arg.srplogin) {
+ if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
+ BIO_printf(bio_err, "Unable to set SRP username\n");
+ goto end;
+ }
+ SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
+ SSL_CTX_set_srp_client_pwd_callback(c_ctx,
+ ssl_give_srp_client_pwd_cb);
+ /*
+ * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
+ */
+ }
+
+ if (srp_server_arg.expected_user != NULL) {
+ SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
+ SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
+ SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
+ }
+#endif
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ if (npn_client) {
+ SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
+ }
+ if (npn_server) {
+ if (npn_server_reject) {
+ BIO_printf(bio_err,
+ "Can't have both -npn_server and -npn_server_reject\n");
+ goto end;
+ }
+ SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
+ }
+ if (npn_server_reject) {
+ SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
+ NULL);
+ }
+#endif
+
+ if (serverinfo_sct) {
+ if(!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
+ NULL, NULL, NULL,
+ serverinfo_cli_parse_cb, NULL)) {
+ BIO_printf(bio_err, "Error adding SCT extension\n");
+ goto end;
+ }
+ }
+ if (serverinfo_tack) {
+ if(!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
+ NULL, NULL, NULL,
+ serverinfo_cli_parse_cb, NULL)) {
+ BIO_printf(bio_err, "Error adding TACK extension\n");
+ goto end;
+ }
+ }
+ if (serverinfo_file)
+ if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
+ BIO_printf(bio_err, "missing serverinfo file\n");
+ goto end;
+ }
+
+ if (custom_ext) {
+ if(!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
+ custom_ext_0_cli_add_cb,
+ NULL, NULL,
+ custom_ext_0_cli_parse_cb, NULL)
+ || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
+ custom_ext_1_cli_add_cb,
+ NULL, NULL,
+ custom_ext_1_cli_parse_cb, NULL)
+ || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
+ custom_ext_2_cli_add_cb,
+ NULL, NULL,
+ custom_ext_2_cli_parse_cb, NULL)
+ || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
+ custom_ext_3_cli_add_cb,
+ NULL, NULL,
+ custom_ext_3_cli_parse_cb, NULL)
+ || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
+ custom_ext_0_srv_add_cb,
+ NULL, NULL,
+ custom_ext_0_srv_parse_cb, NULL)
+ || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
+ custom_ext_1_srv_add_cb,
+ NULL, NULL,
+ custom_ext_1_srv_parse_cb, NULL)
+ || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
+ custom_ext_2_srv_add_cb,
+ NULL, NULL,
+ custom_ext_2_srv_parse_cb, NULL)
+ || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
+ custom_ext_3_srv_add_cb,
+ NULL, NULL,
+ custom_ext_3_srv_parse_cb, NULL)) {
+ BIO_printf(bio_err, "Error setting custom extensions\n");
+ goto end;
+ }
+ }
+
+ if (alpn_server)
+ SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
+
+ if (alpn_client) {
+ unsigned short alpn_len;
+ unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
+
+ if (alpn == NULL) {
+ BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
+ goto end;
+ }
+ /* Returns 0 on success!! */
+ if(SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
+ BIO_printf(bio_err, "Error setting ALPN\n");
+ OPENSSL_free(alpn);
+ goto end;
+ }
+ OPENSSL_free(alpn);
+ }
+
+ c_ssl = SSL_new(c_ctx);
+ s_ssl = SSL_new(s_ctx);
+
+#ifndef OPENSSL_NO_KRB5
+ if (c_ssl && c_ssl->kssl_ctx) {
+ char localhost[MAXHOSTNAMELEN + 2];
+
+ if (gethostname(localhost, sizeof localhost - 1) == 0) {
+ localhost[sizeof localhost - 1] = '\0';
+ if (strlen(localhost) == sizeof localhost - 1) {
+ BIO_printf(bio_err, "localhost name too long\n");
+ goto end;
+ }
+ kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
+ }
+ }
+#endif /* OPENSSL_NO_KRB5 */
+
+ for (i = 0; i < number; i++) {
+ if (!reuse) {
+ if(!SSL_set_session(c_ssl, NULL)) {
+ BIO_printf(bio_err, "Failed to set session\n");
+ goto end;
+ }
+ }
+ if (bio_pair)
+ ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
+ else
+ ret = doit(s_ssl, c_ssl, bytes);
+ if (ret) break;
+ }
+
+ if (!verbose) {
+ print_details(c_ssl, "");
+ }
+ if ((i > 1) || (bytes > 1L))
+ BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", i,
+ bytes);
+ if (print_time) {
+#ifdef CLOCKS_PER_SEC
+ /*
+ * "To determine the time in seconds, the value returned by the clock
+ * function should be divided by the value of the macro
+ * CLOCKS_PER_SEC." -- ISO/IEC 9899
+ */
+ BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
+ "Approximate total client time: %6.2f s\n",
+ (double)s_time / CLOCKS_PER_SEC,
+ (double)c_time / CLOCKS_PER_SEC);
+#else
+ BIO_printf(bio_stdout,
+ "Approximate total server time: %6.2f units\n"
+ "Approximate total client time: %6.2f units\n",
+ (double)s_time, (double)c_time);
+#endif
+ }
+
+ SSL_free(s_ssl);
+ SSL_free(c_ssl);
+
+ end:
+ if (s_ctx != NULL)
+ SSL_CTX_free(s_ctx);
+ if (c_ctx != NULL)
+ SSL_CTX_free(c_ctx);
+
+ if (s_cctx)
+ SSL_CONF_CTX_free(s_cctx);
+ if (c_cctx)
+ SSL_CONF_CTX_free(c_cctx);
+ sk_OPENSSL_STRING_free(conf_args);
+
+ BIO_free(bio_stdout);
+
+#ifndef OPENSSL_NO_RSA
+ free_tmp_rsa();
+#endif
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
+#endif
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+ ERR_remove_thread_state(NULL);
+ EVP_cleanup();
+ CRYPTO_mem_leaks(bio_err);
+ BIO_free(bio_err);
+ EXIT(ret);
+}
+
+int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
+ clock_t *s_time, clock_t *c_time)
+{
+ long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
+ BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
+ BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
+ int ret = 1;
+
+ size_t bufsiz = 256; /* small buffer for testing */
+
+ if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
+ goto err;
+ if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
+ goto err;
+
+ s_ssl_bio = BIO_new(BIO_f_ssl());
+ if (!s_ssl_bio)
+ goto err;
+
+ c_ssl_bio = BIO_new(BIO_f_ssl());
+ if (!c_ssl_bio)
+ goto err;
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl, client, client);
+ (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl, server, server);
+ (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
+
+ do {
+ /*-
+ * c_ssl_bio: SSL filter BIO
+ *
+ * client: pseudo-I/O for SSL library
+ *
+ * client_io: client's SSL communication; usually to be
+ * relayed over some I/O facility, but in this
+ * test program, we're the server, too:
+ *
+ * server_io: server's SSL communication
+ *
+ * server: pseudo-I/O for SSL library
+ *
+ * s_ssl_bio: SSL filter BIO
+ *
+ * The client and the server each employ a "BIO pair":
+ * client + client_io, server + server_io.
+ * BIO pairs are symmetric. A BIO pair behaves similar
+ * to a non-blocking socketpair (but both endpoints must
+ * be handled by the same thread).
+ * [Here we could connect client and server to the ends
+ * of a single BIO pair, but then this code would be less
+ * suitable as an example for BIO pairs in general.]
+ *
+ * Useful functions for querying the state of BIO pair endpoints:
+ *
+ * BIO_ctrl_pending(bio) number of bytes we can read now
+ * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
+ * other side's read attempt
+ * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
+ *
+ * ..._read_request is never more than ..._write_guarantee;
+ * it depends on the application which one you should use.
+ */
+
+ /*
+ * We have non-blocking behaviour throughout this test program, but
+ * can be sure that there is *some* progress in each iteration; so we
+ * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
+ * we just try everything in each iteration
+ */
+
+ {
+ /* CLIENT */
+
+ char cbuf[1024 * 8];
+ int i, r;
+ clock_t c_clock = clock();
+
+ memset(cbuf, 0, sizeof(cbuf));
+
+ if (debug)
+ if (SSL_in_init(c_ssl))
+ printf("client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+
+ if (cw_num > 0) {
+ /* Write to server. */
+
+ if (cw_num > (long)sizeof cbuf)
+ i = sizeof cbuf;
+ else
+ i = (int)cw_num;
+ r = BIO_write(c_ssl_bio, cbuf, i);
+ if (r < 0) {
+ if (!BIO_should_retry(c_ssl_bio)) {
+ fprintf(stderr, "ERROR in CLIENT\n");
+ goto err;
+ }
+ /*
+ * BIO_should_retry(...) can just be ignored here. The
+ * library expects us to call BIO_write with the same
+ * arguments again, and that's what we will do in the
+ * next iteration.
+ */
+ } else if (r == 0) {
+ fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("client wrote %d\n", r);
+ cw_num -= r;
+ }
+ }
+
+ if (cr_num > 0) {
+ /* Read from server. */
+
+ r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
+ if (r < 0) {
+ if (!BIO_should_retry(c_ssl_bio)) {
+ fprintf(stderr, "ERROR in CLIENT\n");
+ goto err;
+ }
+ /*
+ * Again, "BIO_should_retry" can be ignored.
+ */
+ } else if (r == 0) {
+ fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("client read %d\n", r);
+ cr_num -= r;
+ }
+ }
+
+ /*
+ * c_time and s_time increments will typically be very small
+ * (depending on machine speed and clock tick intervals), but
+ * sampling over a large number of connections should result in
+ * fairly accurate figures. We cannot guarantee a lot, however
+ * -- if each connection lasts for exactly one clock tick, it
+ * will be counted only for the client or only for the server or
+ * even not at all.
+ */
+ *c_time += (clock() - c_clock);
+ }
+
+ {
+ /* SERVER */
+
+ char sbuf[1024 * 8];
+ int i, r;
+ clock_t s_clock = clock();
+
+ memset(sbuf, 0, sizeof(sbuf));
+
+ if (debug)
+ if (SSL_in_init(s_ssl))
+ printf("server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+
+ if (sw_num > 0) {
+ /* Write to client. */
+
+ if (sw_num > (long)sizeof sbuf)
+ i = sizeof sbuf;
+ else
+ i = (int)sw_num;
+ r = BIO_write(s_ssl_bio, sbuf, i);
+ if (r < 0) {
+ if (!BIO_should_retry(s_ssl_bio)) {
+ fprintf(stderr, "ERROR in SERVER\n");
+ goto err;
+ }
+ /* Ignore "BIO_should_retry". */
+ } else if (r == 0) {
+ fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("server wrote %d\n", r);
+ sw_num -= r;
+ }
+ }
+
+ if (sr_num > 0) {
+ /* Read from client. */
+
+ r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
+ if (r < 0) {
+ if (!BIO_should_retry(s_ssl_bio)) {
+ fprintf(stderr, "ERROR in SERVER\n");
+ goto err;
+ }
+ /* blah, blah */
+ } else if (r == 0) {
+ fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("server read %d\n", r);
+ sr_num -= r;
+ }
+ }
+
+ *s_time += (clock() - s_clock);
+ }
+
+ {
+ /* "I/O" BETWEEN CLIENT AND SERVER. */
+
+ size_t r1, r2;
+ BIO *io1 = server_io, *io2 = client_io;
+ /*
+ * we use the non-copying interface for io1 and the standard
+ * BIO_write/BIO_read interface for io2
+ */
+
+ static int prev_progress = 1;
+ int progress = 0;
+
+ /* io1 to io2 */
+ do {
+ size_t num;
+ int r;
+
+ r1 = BIO_ctrl_pending(io1);
+ r2 = BIO_ctrl_get_write_guarantee(io2);
+
+ num = r1;
+ if (r2 < num)
+ num = r2;
+ if (num) {
+ char *dataptr;
+
+ if (INT_MAX < num) /* yeah, right */
+ num = INT_MAX;
+
+ r = BIO_nread(io1, &dataptr, (int)num);
+ assert(r > 0);
+ assert(r <= (int)num);
+ /*
+ * possibly r < num (non-contiguous data)
+ */
+ num = r;
+ r = BIO_write(io2, dataptr, (int)num);
+ if (r != (int)num) { /* can't happen */
+ fprintf(stderr, "ERROR: BIO_write could not write "
+ "BIO_ctrl_get_write_guarantee() bytes");
+ goto err;
+ }
+ progress = 1;
+
+ if (debug)
+ printf((io1 == client_io) ?
+ "C->S relaying: %d bytes\n" :
+ "S->C relaying: %d bytes\n", (int)num);
+ }
+ }
+ while (r1 && r2);
+
+ /* io2 to io1 */
+ {
+ size_t num;
+ int r;
+
+ r1 = BIO_ctrl_pending(io2);
+ r2 = BIO_ctrl_get_read_request(io1);
+ /*
+ * here we could use ..._get_write_guarantee instead of
+ * ..._get_read_request, but by using the latter we test
+ * restartability of the SSL implementation more thoroughly
+ */
+ num = r1;
+ if (r2 < num)
+ num = r2;
+ if (num) {
+ char *dataptr;
+
+ if (INT_MAX < num)
+ num = INT_MAX;
+
+ if (num > 1)
+ --num; /* test restartability even more thoroughly */
+
+ r = BIO_nwrite0(io1, &dataptr);
+ assert(r > 0);
+ if (r < (int)num)
+ num = r;
+ r = BIO_read(io2, dataptr, (int)num);
+ if (r != (int)num) { /* can't happen */
+ fprintf(stderr, "ERROR: BIO_read could not read "
+ "BIO_ctrl_pending() bytes");
+ goto err;
+ }
+ progress = 1;
+ r = BIO_nwrite(io1, &dataptr, (int)num);
+ if (r != (int)num) { /* can't happen */
+ fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
+ "BIO_nwrite0() bytes");
+ goto err;
+ }
+
+ if (debug)
+ printf((io2 == client_io) ?
+ "C->S relaying: %d bytes\n" :
+ "S->C relaying: %d bytes\n", (int)num);
+ }
+ } /* no loop, BIO_ctrl_get_read_request now
+ * returns 0 anyway */
+
+ if (!progress && !prev_progress)
+ if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
+ fprintf(stderr, "ERROR: got stuck\n");
+ fprintf(stderr, " ERROR.\n");
+ goto err;
+ }
+ prev_progress = progress;
+ }
+ }
+ while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
+
+ if (verbose)
+ print_details(c_ssl, "DONE via BIO pair: ");
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ if (verify_npn(c_ssl, s_ssl) < 0) {
+ ret = 1;
+ goto end;
+ }
+#endif
+ if (verify_serverinfo() < 0) {
+ fprintf(stderr, "Server info verify error\n");
+ ret = 1;
+ goto err;
+ }
+ if (verify_alpn(c_ssl, s_ssl) < 0) {
+ ret = 1;
+ goto err;
+ }
+
+ if (custom_ext_error) {
+ fprintf(stderr, "Custom extension error\n");
+ ret = 1;
+ goto err;
+ }
+
+ end:
+ ret = 0;
+
+ err:
+ ERR_print_errors(bio_err);
+
+ BIO_free(server);
+ BIO_free(server_io);
+ BIO_free(client);
+ BIO_free(client_io);
+ BIO_free(s_ssl_bio);
+ BIO_free(c_ssl_bio);
+
+ return ret;
+}
+
+#define W_READ 1
+#define W_WRITE 2
+#define C_DONE 1
+#define S_DONE 2
+
+int doit(SSL *s_ssl, SSL *c_ssl, long count)
+{
+ char *cbuf = NULL, *sbuf = NULL;
+ long bufsiz;
+ long cw_num = count, cr_num = count;
+ long sw_num = count, sr_num = count;
+ int ret = 1;
+ BIO *c_to_s = NULL;
+ BIO *s_to_c = NULL;
+ BIO *c_bio = NULL;
+ BIO *s_bio = NULL;
+ int c_r, c_w, s_r, s_w;
+ int i, j;
+ int done = 0;
+ int c_write, s_write;
+ int do_server = 0, do_client = 0;
+ int max_frag = 5 * 1024;
+
+ bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
+
+ if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
+ goto err;
+ if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
+ goto err;
+
+ memset(cbuf, 0, bufsiz);
+ memset(sbuf, 0, bufsiz);
+
+ c_to_s = BIO_new(BIO_s_mem());
+ s_to_c = BIO_new(BIO_s_mem());
+ if ((s_to_c == NULL) || (c_to_s == NULL)) {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ c_bio = BIO_new(BIO_f_ssl());
+ s_bio = BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL)) {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl, s_to_c, c_to_s);
+ SSL_set_max_send_fragment(c_ssl, max_frag);
+ BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl, c_to_s, s_to_c);
+ SSL_set_max_send_fragment(s_ssl, max_frag);
+ BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
+
+ c_r = 0;
+ s_r = 1;
+ c_w = 1;
+ s_w = 0;
+ c_write = 1, s_write = 0;
+
+ /* We can always do writes */
+ for (;;) {
+ do_server = 0;
+ do_client = 0;
+
+ i = (int)BIO_pending(s_bio);
+ if ((i && s_r) || s_w)
+ do_server = 1;
+
+ i = (int)BIO_pending(c_bio);
+ if ((i && c_r) || c_w)
+ do_client = 1;
+
+ if (do_server && debug) {
+ if (SSL_in_init(s_ssl))
+ printf("server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+/*-
+ else if (s_write)
+ printf("server:SSL_write()\n");
+ else
+ printf("server:SSL_read()\n"); */
+ }
+
+ if (do_client && debug) {
+ if (SSL_in_init(c_ssl))
+ printf("client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+/*-
+ else if (c_write)
+ printf("client:SSL_write()\n");
+ else
+ printf("client:SSL_read()\n"); */
+ }
+
+ if (!do_client && !do_server) {
+ fprintf(stdout, "ERROR IN STARTUP\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ if (do_client && !(done & C_DONE)) {
+ if (c_write) {
+ j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
+ i = BIO_write(c_bio, cbuf, j);
+ if (i < 0) {
+ c_r = 0;
+ c_w = 0;
+ if (BIO_should_retry(c_bio)) {
+ if (BIO_should_read(c_bio))
+ c_r = 1;
+ if (BIO_should_write(c_bio))
+ c_w = 1;
+ } else {
+ fprintf(stderr, "ERROR in CLIENT\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ } else if (i == 0) {
+ fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("client wrote %d\n", i);
+ /* ok */
+ s_r = 1;
+ c_write = 0;
+ cw_num -= i;
+ if (max_frag > 1029)
+ SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
+ }
+ } else {
+ i = BIO_read(c_bio, cbuf, bufsiz);
+ if (i < 0) {
+ c_r = 0;
+ c_w = 0;
+ if (BIO_should_retry(c_bio)) {
+ if (BIO_should_read(c_bio))
+ c_r = 1;
+ if (BIO_should_write(c_bio))
+ c_w = 1;
+ } else {
+ fprintf(stderr, "ERROR in CLIENT\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ } else if (i == 0) {
+ fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("client read %d\n", i);
+ cr_num -= i;
+ if (sw_num > 0) {
+ s_write = 1;
+ s_w = 1;
+ }
+ if (cr_num <= 0) {
+ s_write = 1;
+ s_w = 1;
+ done = S_DONE | C_DONE;
+ }
+ }
+ }
+ }
+
+ if (do_server && !(done & S_DONE)) {
+ if (!s_write) {
+ i = BIO_read(s_bio, sbuf, bufsiz);
+ if (i < 0) {
+ s_r = 0;
+ s_w = 0;
+ if (BIO_should_retry(s_bio)) {
+ if (BIO_should_read(s_bio))
+ s_r = 1;
+ if (BIO_should_write(s_bio))
+ s_w = 1;
+ } else {
+ fprintf(stderr, "ERROR in SERVER\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ } else if (i == 0) {
+ ERR_print_errors(bio_err);
+ fprintf(stderr,
+ "SSL SERVER STARTUP FAILED in SSL_read\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("server read %d\n", i);
+ sr_num -= i;
+ if (cw_num > 0) {
+ c_write = 1;
+ c_w = 1;
+ }
+ if (sr_num <= 0) {
+ s_write = 1;
+ s_w = 1;
+ c_write = 0;
+ }
+ }
+ } else {
+ j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
+ i = BIO_write(s_bio, sbuf, j);
+ if (i < 0) {
+ s_r = 0;
+ s_w = 0;
+ if (BIO_should_retry(s_bio)) {
+ if (BIO_should_read(s_bio))
+ s_r = 1;
+ if (BIO_should_write(s_bio))
+ s_w = 1;
+ } else {
+ fprintf(stderr, "ERROR in SERVER\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ } else if (i == 0) {
+ ERR_print_errors(bio_err);
+ fprintf(stderr,
+ "SSL SERVER STARTUP FAILED in SSL_write\n");
+ goto err;
+ } else {
+ if (debug)
+ printf("server wrote %d\n", i);
+ sw_num -= i;
+ s_write = 0;
+ c_r = 1;
+ if (sw_num <= 0)
+ done |= S_DONE;
+ if (max_frag > 1029)
+ SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
+ }
+ }
+ }
+
+ if ((done & S_DONE) && (done & C_DONE))
+ break;
+ }
+
+ if (verbose)
+ print_details(c_ssl, "DONE: ");
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ if (verify_npn(c_ssl, s_ssl) < 0) {
+ ret = 1;
+ goto err;
+ }
+#endif
+ if (verify_serverinfo() < 0) {
+ fprintf(stderr, "Server info verify error\n");
+ ret = 1;
+ goto err;
+ }
+ if (custom_ext_error) {
+ fprintf(stderr, "Custom extension error\n");
+ ret = 1;
+ goto err;
+ }
+ ret = 0;
+ err:
+ /*
+ * We have to set the BIO's to NULL otherwise they will be
+ * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
+ * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
+ * c_ssl are sharing the same BIO structure and SSL_set_bio() and
+ * SSL_free() automatically BIO_free non NULL entries. You should not
+ * normally do this or be required to do this
+ */
+ if (s_ssl != NULL) {
+ s_ssl->rbio = NULL;
+ s_ssl->wbio = NULL;
+ }
+ if (c_ssl != NULL) {
+ c_ssl->rbio = NULL;
+ c_ssl->wbio = NULL;
+ }
+
+ BIO_free(c_to_s);
+ BIO_free(s_to_c);
+ BIO_free_all(c_bio);
+ BIO_free_all(s_bio);
+
+ if (cbuf)
+ OPENSSL_free(cbuf);
+ if (sbuf)
+ OPENSSL_free(sbuf);
+
+ return (ret);
+}
+
+static int get_proxy_auth_ex_data_idx(void)
+{
+ static volatile int idx = -1;
+ if (idx < 0) {
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ if (idx < 0) {
+ idx = X509_STORE_CTX_get_ex_new_index(0,
+ "SSLtest for verify callback",
+ NULL, NULL, NULL);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ }
+ return idx;
+}
+
+static int verify_callback(int ok, X509_STORE_CTX *ctx)
+{
+ char *s, buf[256];
+
+ s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
+ sizeof buf);
+ if (s != NULL) {
+ if (ok)
+ fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
+ else {
+ fprintf(stderr, "depth=%d error=%d %s\n",
+ ctx->error_depth, ctx->error, buf);
+ }
+ }
+
+ if (ok == 0) {
+ fprintf(stderr, "Error string: %s\n",
+ X509_verify_cert_error_string(ctx->error));
+ switch (ctx->error) {
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ fprintf(stderr, " ... ignored.\n");
+ ok = 1;
+ }
+ }
+
+ if (ok == 1) {
+ X509 *xs = ctx->current_cert;
+ if (xs->ex_flags & EXFLAG_PROXY) {
+ unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
+ get_proxy_auth_ex_data_idx
+ ());
+
+ if (letters) {
+ int found_any = 0;
+ int i;
+ PROXY_CERT_INFO_EXTENSION *pci =
+ X509_get_ext_d2i(xs, NID_proxyCertInfo,
+ NULL, NULL);
+
+ switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
+ case NID_Independent:
+ /*
+ * Completely meaningless in this program, as there's no
+ * way to grant explicit rights to a specific PrC.
+ * Basically, using id-ppl-Independent is the perfect way
+ * to grant no rights at all.
+ */
+ fprintf(stderr, " Independent proxy certificate");
+ for (i = 0; i < 26; i++)
+ letters[i] = 0;
+ break;
+ case NID_id_ppl_inheritAll:
+ /*
+ * This is basically a NOP, we simply let the current
+ * rights stand as they are.
+ */
+ fprintf(stderr, " Proxy certificate inherits all");
+ break;
+ default:
+ s = (char *)
+ pci->proxyPolicy->policy->data;
+ i = pci->proxyPolicy->policy->length;
+
+ /*
+ * The algorithm works as follows: it is assumed that
+ * previous iterations or the initial granted rights has
+ * already set some elements of `letters'. What we need
+ * to do is to clear those that weren't granted by the
+ * current PrC as well. The easiest way to do this is to
+ * add 1 to all the elements whose letters are given with
+ * the current policy. That way, all elements that are
+ * set by the current policy and were already set by
+ * earlier policies and through the original grant of
+ * rights will get the value 2 or higher. The last thing
+ * to do is to sweep through `letters' and keep the
+ * elements having the value 2 as set, and clear all the
+ * others.
+ */
+
+ fprintf(stderr, " Certificate proxy rights = %*.*s", i,
+ i, s);
+ while (i-- > 0) {
+ int c = *s++;
+ if (isascii(c) && isalpha(c)) {
+ if (islower(c))
+ c = toupper(c);
+ letters[c - 'A']++;
+ }
+ }
+ for (i = 0; i < 26; i++)
+ if (letters[i] < 2)
+ letters[i] = 0;
+ else
+ letters[i] = 1;
+ }
+
+ found_any = 0;
+ fprintf(stderr, ", resulting proxy rights = ");
+ for (i = 0; i < 26; i++)
+ if (letters[i]) {
+ fprintf(stderr, "%c", i + 'A');
+ found_any = 1;
+ }
+ if (!found_any)
+ fprintf(stderr, "none");
+ fprintf(stderr, "\n");
+
+ PROXY_CERT_INFO_EXTENSION_free(pci);
+ }
+ }
+ }
+
+ return (ok);
+}
+
+static void process_proxy_debug(int indent, const char *format, ...)
+{
+ /* That's 80 > */
+ static const char indentation[] =
+ ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
+ ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
+ char my_format[256];
+ va_list args;
+
+ BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
+ indent, indent, indentation, format);
+
+ va_start(args, format);
+ vfprintf(stderr, my_format, args);
+ va_end(args);
+}
+
+/*-
+ * Priority levels:
+ * 0 [!]var, ()
+ * 1 & ^
+ * 2 |
+ */
+static int process_proxy_cond_adders(unsigned int letters[26],
+ const char *cond, const char **cond_end,
+ int *pos, int indent);
+static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
+ const char **cond_end, int *pos, int indent)
+{
+ int c;
+ int ok = 1;
+ int negate = 0;
+
+ while (isspace((int)*cond)) {
+ cond++;
+ (*pos)++;
+ }
+ c = *cond;
+
+ if (debug)
+ process_proxy_debug(indent,
+ "Start process_proxy_cond_val at position %d: %s\n",
+ *pos, cond);
+
+ while (c == '!') {
+ negate = !negate;
+ cond++;
+ (*pos)++;
+ while (isspace((int)*cond)) {
+ cond++;
+ (*pos)++;
+ }
+ c = *cond;
+ }
+
+ if (c == '(') {
+ cond++;
+ (*pos)++;
+ ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
+ indent + 1);
+ cond = *cond_end;
+ if (ok < 0)
+ goto end;
+ while (isspace((int)*cond)) {
+ cond++;
+ (*pos)++;
+ }
+ c = *cond;
+ if (c != ')') {
+ fprintf(stderr,
+ "Weird condition character in position %d: "
+ "%c\n", *pos, c);
+ ok = -1;
+ goto end;
+ }
+ cond++;
+ (*pos)++;
+ } else if (isascii(c) && isalpha(c)) {
+ if (islower(c))
+ c = toupper(c);
+ ok = letters[c - 'A'];
+ cond++;
+ (*pos)++;
+ } else {
+ fprintf(stderr,
+ "Weird condition character in position %d: " "%c\n", *pos, c);
+ ok = -1;
+ goto end;
+ }
+ end:
+ *cond_end = cond;
+ if (ok >= 0 && negate)
+ ok = !ok;
+
+ if (debug)
+ process_proxy_debug(indent,
+ "End process_proxy_cond_val at position %d: %s, returning %d\n",
+ *pos, cond, ok);
+
+ return ok;
+}
+
+static int process_proxy_cond_multipliers(unsigned int letters[26],
+ const char *cond,
+ const char **cond_end, int *pos,
+ int indent)
+{
+ int ok;
+ char c;
+
+ if (debug)
+ process_proxy_debug(indent,
+ "Start process_proxy_cond_multipliers at position %d: %s\n",
+ *pos, cond);
+
+ ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
+ cond = *cond_end;
+ if (ok < 0)
+ goto end;
+
+ while (ok >= 0) {
+ while (isspace((int)*cond)) {
+ cond++;
+ (*pos)++;
+ }
+ c = *cond;
+
+ switch (c) {
+ case '&':
+ case '^':
+ {
+ int save_ok = ok;
+
+ cond++;
+ (*pos)++;
+ ok = process_proxy_cond_val(letters,
+ cond, cond_end, pos, indent + 1);
+ cond = *cond_end;
+ if (ok < 0)
+ break;
+
+ switch (c) {
+ case '&':
+ ok &= save_ok;
+ break;
+ case '^':
+ ok ^= save_ok;
+ break;
+ default:
+ fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
+ " STOPPING\n");
+ EXIT(1);
+ }
+ }
+ break;
+ default:
+ goto end;
+ }
+ }
+ end:
+ if (debug)
+ process_proxy_debug(indent,
+ "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
+ *pos, cond, ok);
+
+ *cond_end = cond;
+ return ok;
+}
+
+static int process_proxy_cond_adders(unsigned int letters[26],
+ const char *cond, const char **cond_end,
+ int *pos, int indent)
+{
+ int ok;
+ char c;
+
+ if (debug)
+ process_proxy_debug(indent,
+ "Start process_proxy_cond_adders at position %d: %s\n",
+ *pos, cond);
+
+ ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
+ indent + 1);
+ cond = *cond_end;
+ if (ok < 0)
+ goto end;
+
+ while (ok >= 0) {
+ while (isspace((int)*cond)) {
+ cond++;
+ (*pos)++;
+ }
+ c = *cond;
+
+ switch (c) {
+ case '|':
+ {
+ int save_ok = ok;
+
+ cond++;
+ (*pos)++;
+ ok = process_proxy_cond_multipliers(letters,
+ cond, cond_end, pos,
+ indent + 1);
+ cond = *cond_end;
+ if (ok < 0)
+ break;
+
+ switch (c) {
+ case '|':
+ ok |= save_ok;
+ break;
+ default:
+ fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
+ " STOPPING\n");
+ EXIT(1);
+ }
+ }
+ break;
+ default:
+ goto end;
+ }
+ }
+ end:
+ if (debug)
+ process_proxy_debug(indent,
+ "End process_proxy_cond_adders at position %d: %s, returning %d\n",
+ *pos, cond, ok);
+
+ *cond_end = cond;
+ return ok;
+}
+
+static int process_proxy_cond(unsigned int letters[26],
+ const char *cond, const char **cond_end)
+{
+ int pos = 1;
+ return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
+}
+
+static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
+{
+ int ok = 1;
+ struct app_verify_arg *cb_arg = arg;
+ unsigned int letters[26]; /* only used with proxy_auth */
+
+ if (cb_arg->app_verify) {
+ char *s = NULL, buf[256];
+
+ fprintf(stderr, "In app_verify_callback, allowing cert. ");
+ fprintf(stderr, "Arg is: %s\n", cb_arg->string);
+ fprintf(stderr,
+ "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
+ (void *)ctx, (void *)ctx->cert);
+ if (ctx->cert)
+ s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
+ if (s != NULL) {
+ fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
+ }
+ return (1);
+ }
+ if (cb_arg->proxy_auth) {
+ int found_any = 0, i;
+ char *sp;
+
+ for (i = 0; i < 26; i++)
+ letters[i] = 0;
+ for (sp = cb_arg->proxy_auth; *sp; sp++) {
+ int c = *sp;
+ if (isascii(c) && isalpha(c)) {
+ if (islower(c))
+ c = toupper(c);
+ letters[c - 'A'] = 1;
+ }
+ }
+
+ fprintf(stderr, " Initial proxy rights = ");
+ for (i = 0; i < 26; i++)
+ if (letters[i]) {
+ fprintf(stderr, "%c", i + 'A');
+ found_any = 1;
+ }
+ if (!found_any)
+ fprintf(stderr, "none");
+ fprintf(stderr, "\n");
+
+ X509_STORE_CTX_set_ex_data(ctx,
+ get_proxy_auth_ex_data_idx(), letters);
+ }
+ if (cb_arg->allow_proxy_certs) {
+ X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+ }
+ ok = X509_verify_cert(ctx);
+
+ if (cb_arg->proxy_auth) {
+ if (ok > 0) {
+ const char *cond_end = NULL;
+
+ ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
+
+ if (ok < 0)
+ EXIT(3);
+ if (*cond_end) {
+ fprintf(stderr,
+ "Stopped processing condition before it's end.\n");
+ ok = 0;
+ }
+ if (!ok)
+ fprintf(stderr,
+ "Proxy rights check with condition '%s' proved invalid\n",
+ cb_arg->proxy_cond);
+ else
+ fprintf(stderr,
+ "Proxy rights check with condition '%s' proved valid\n",
+ cb_arg->proxy_cond);
+ }
+ }
+ return (ok);
+}
+
+#ifndef OPENSSL_NO_RSA
+static RSA *rsa_tmp = NULL;
+
+static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
+{
+ BIGNUM *bn = NULL;
+ if (rsa_tmp == NULL) {
+ bn = BN_new();
+ rsa_tmp = RSA_new();
+ if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
+ BIO_printf(bio_err, "Memory error...");
+ goto end;
+ }
+ BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
+ (void)BIO_flush(bio_err);
+ if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
+ BIO_printf(bio_err, "Error generating key.");
+ RSA_free(rsa_tmp);
+ rsa_tmp = NULL;
+ }
+ end:
+ BIO_printf(bio_err, "\n");
+ (void)BIO_flush(bio_err);
+ }
+ if (bn)
+ BN_free(bn);
+ return (rsa_tmp);
+}
+
+static void free_tmp_rsa(void)
+{
+ RSA_free(rsa_tmp);
+ rsa_tmp = NULL;
+}
+#endif
+
+#ifndef OPENSSL_NO_DH
+/*-
+ * These DH parameters have been generated as follows:
+ * $ openssl dhparam -C -noout 512
+ * $ openssl dhparam -C -noout 1024
+ * $ openssl dhparam -C -noout -dsaparam 1024
+ * (The third function has been renamed to avoid name conflicts.)
+ */
+static DH *get_dh512()
+{
+ static unsigned char dh512_p[] = {
+ 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
+ 0xC6,
+ 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
+ 0xB0,
+ 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
+ 0x5F,
+ 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
+ 0xB8,
+ 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
+ 0x33,
+ 0x02, 0xC5, 0xAE, 0x23,
+ };
+ static unsigned char dh512_g[] = {
+ 0x02,
+ };
+ DH *dh;
+
+ if ((dh = DH_new()) == NULL)
+ return (NULL);
+ dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+ dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+ if ((dh->p == NULL) || (dh->g == NULL)) {
+ DH_free(dh);
+ return (NULL);
+ }
+ return (dh);
+}
+
+static DH *get_dh1024()
+{
+ static unsigned char dh1024_p[] = {
+ 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
+ 0x3A,
+ 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
+ 0xA2,
+ 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
+ 0xB0,
+ 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
+ 0xC2,
+ 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
+ 0x8C,
+ 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
+ 0xB8,
+ 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
+ 0x52,
+ 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
+ 0xC1,
+ 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
+ 0xB1,
+ 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
+ 0xAB,
+ 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
+ };
+ static unsigned char dh1024_g[] = {
+ 0x02,
+ };
+ DH *dh;
+
+ if ((dh = DH_new()) == NULL)
+ return (NULL);
+ dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+ dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
+ if ((dh->p == NULL) || (dh->g == NULL)) {
+ DH_free(dh);
+ return (NULL);
+ }
+ return (dh);
+}
+
+static DH *get_dh1024dsa()
+{
+ static unsigned char dh1024_p[] = {
+ 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
+ 0x00,
+ 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
+ 0x19,
+ 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
+ 0xD2,
+ 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
+ 0x55,
+ 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
+ 0xFC,
+ 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
+ 0x97,
+ 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
+ 0x8D,
+ 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
+ 0xBB,
+ 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
+ 0xF6,
+ 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
+ 0x9E,
+ 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
+ };
+ static unsigned char dh1024_g[] = {
+ 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
+ 0x05,
+ 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
+ 0xF3,
+ 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
+ 0xE9,
+ 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
+ 0x3C,
+ 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
+ 0x65,
+ 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
+ 0x60,
+ 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
+ 0xF6,
+ 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
+ 0xA7,
+ 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
+ 0xA1,
+ 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
+ 0x60,
+ 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
+ };
+ DH *dh;
+
+ if ((dh = DH_new()) == NULL)
+ return (NULL);
+ dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+ dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
+ if ((dh->p == NULL) || (dh->g == NULL)) {
+ DH_free(dh);
+ return (NULL);
+ }
+ dh->length = 160;
+ return (dh);
+}
+#endif
+
+#ifndef OPENSSL_NO_PSK
+/* convert the PSK key (psk_key) in ascii to binary (psk) */
+static int psk_key2bn(const char *pskkey, unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ int ret;
+ BIGNUM *bn = NULL;
+
+ ret = BN_hex2bn(&bn, pskkey);
+ if (!ret) {
+ BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+ pskkey);
+ if (bn)
+ BN_free(bn);
+ return 0;
+ }
+ if (BN_num_bytes(bn) > (int)max_psk_len) {
+ BIO_printf(bio_err,
+ "psk buffer of callback is too small (%d) for key (%d)\n",
+ max_psk_len, BN_num_bytes(bn));
+ BN_free(bn);
+ return 0;
+ }
+ ret = BN_bn2bin(bn, psk);
+ BN_free(bn);
+ return ret;
+}
+
+static unsigned int psk_client_callback(SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ int ret;
+ unsigned int psk_len = 0;
+
+ ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
+ if (ret < 0)
+ goto out_err;
+ if (debug)
+ fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
+ ret);
+ ret = psk_key2bn(psk_key, psk, max_psk_len);
+ if (ret < 0)
+ goto out_err;
+ psk_len = ret;
+ out_err:
+ return psk_len;
+}
+
+static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ unsigned int psk_len = 0;
+
+ if (strcmp(identity, "Client_identity") != 0) {
+ BIO_printf(bio_err, "server: PSK error: client identity not found\n");
+ return 0;
+ }
+ psk_len = psk_key2bn(psk_key, psk, max_psk_len);
+ return psk_len;
+}
+#endif
+
+static int do_test_cipherlist(void)
+{
+ int i = 0;
+ const SSL_METHOD *meth;
+ const SSL_CIPHER *ci, *tci = NULL;
+
+#ifndef OPENSSL_NO_SSL3
+ fprintf(stderr, "testing SSLv3 cipher list order: ");
+ meth = SSLv3_method();
+ tci = NULL;
+ while ((ci = meth->get_cipher(i++)) != NULL) {
+ if (tci != NULL)
+ if (ci->id >= tci->id) {
+ fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+ return 0;
+ }
+ tci = ci;
+ }
+ fprintf(stderr, "ok\n");
+#endif
+ fprintf(stderr, "testing TLSv1 cipher list order: ");
+ meth = TLSv1_method();
+ tci = NULL;
+ while ((ci = meth->get_cipher(i++)) != NULL) {
+ if (tci != NULL)
+ if (ci->id >= tci->id) {
+ fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+ return 0;
+ }
+ tci = ci;
+ }
+ fprintf(stderr, "ok\n");
+
+ return 1;
+}
--- /dev/null
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include "../e_os.h"
+#include <string.h>
+
+static const char *const names[] = {
+ "a", "b", ".", "*", "@",
+ ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..",
+ "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com",
+ "*@example.com", "test@*.example.com", "example.com", "www.example.com",
+ "test.www.example.com", "*.example.com", "*.www.example.com",
+ "test.*.example.com", "www.*.com",
+ ".www.example.com", "*www.example.com",
+ "example.net", "xn--rger-koa.example.com",
+ "a.example.com", "b.example.com",
+ "postmaster@example.com", "Postmaster@example.com",
+ "postmaster@EXAMPLE.COM",
+ NULL
+};
+
+static const char *const exceptions[] = {
+ "set CN: host: [*.example.com] matches [a.example.com]",
+ "set CN: host: [*.example.com] matches [b.example.com]",
+ "set CN: host: [*.example.com] matches [www.example.com]",
+ "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]",
+ "set CN: host: [*.www.example.com] matches [test.www.example.com]",
+ "set CN: host: [*.www.example.com] matches [.www.example.com]",
+ "set CN: host: [*www.example.com] matches [www.example.com]",
+ "set CN: host: [test.www.example.com] matches [.www.example.com]",
+ "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
+ "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
+ "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]",
+ "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
+ "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]",
+ "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
+ "set dnsName: host: [*.example.com] matches [www.example.com]",
+ "set dnsName: host: [*.example.com] matches [a.example.com]",
+ "set dnsName: host: [*.example.com] matches [b.example.com]",
+ "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]",
+ "set dnsName: host: [*.www.example.com] matches [test.www.example.com]",
+ "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
+ "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
+ "set dnsName: host: [*.www.example.com] matches [.www.example.com]",
+ "set dnsName: host: [*www.example.com] matches [www.example.com]",
+ "set dnsName: host: [test.www.example.com] matches [.www.example.com]",
+ "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]",
+ "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]",
+ "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
+ "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
+ NULL
+};
+
+static int is_exception(const char *msg)
+{
+ const char *const *p;
+ for (p = exceptions; *p; ++p)
+ if (strcmp(msg, *p) == 0)
+ return 1;
+ return 0;
+}
+
+static int set_cn(X509 *crt, ...)
+{
+ int ret = 0;
+ X509_NAME *n = NULL;
+ va_list ap;
+ va_start(ap, crt);
+ n = X509_NAME_new();
+ if (n == NULL)
+ goto out;
+ while (1) {
+ int nid;
+ const char *name;
+ nid = va_arg(ap, int);
+ if (nid == 0)
+ break;
+ name = va_arg(ap, const char *);
+ if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC,
+ (unsigned char *)name, -1, -1, 1))
+ goto out;
+ }
+ if (!X509_set_subject_name(crt, n))
+ goto out;
+ ret = 1;
+ out:
+ X509_NAME_free(n);
+ va_end(ap);
+ return ret;
+}
+
+/*-
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+ int nid, int crit, ASN1_OCTET_STRING *data);
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+*/
+
+static int set_altname(X509 *crt, ...)
+{
+ int ret = 0;
+ GENERAL_NAMES *gens = NULL;
+ GENERAL_NAME *gen = NULL;
+ ASN1_IA5STRING *ia5 = NULL;
+ va_list ap;
+ va_start(ap, crt);
+ gens = sk_GENERAL_NAME_new_null();
+ if (gens == NULL)
+ goto out;
+ while (1) {
+ int type;
+ const char *name;
+ type = va_arg(ap, int);
+ if (type == 0)
+ break;
+ name = va_arg(ap, const char *);
+
+ gen = GENERAL_NAME_new();
+ if (gen == NULL)
+ goto out;
+ ia5 = ASN1_IA5STRING_new();
+ if (ia5 == NULL)
+ goto out;
+ if (!ASN1_STRING_set(ia5, name, -1))
+ goto out;
+ switch (type) {
+ case GEN_EMAIL:
+ case GEN_DNS:
+ GENERAL_NAME_set0_value(gen, type, ia5);
+ ia5 = NULL;
+ break;
+ default:
+ abort();
+ }
+ sk_GENERAL_NAME_push(gens, gen);
+ gen = NULL;
+ }
+ if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0))
+ goto out;
+ ret = 1;
+ out:
+ ASN1_IA5STRING_free(ia5);
+ GENERAL_NAME_free(gen);
+ GENERAL_NAMES_free(gens);
+ va_end(ap);
+ return ret;
+}
+
+static int set_cn1(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_commonName, name, 0);
+}
+
+static int set_cn_and_email(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_commonName, name,
+ NID_pkcs9_emailAddress, "dummy@example.com", 0);
+}
+
+static int set_cn2(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_commonName, "dummy value",
+ NID_commonName, name, 0);
+}
+
+static int set_cn3(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_commonName, name,
+ NID_commonName, "dummy value", 0);
+}
+
+static int set_email1(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_pkcs9_emailAddress, name, 0);
+}
+
+static int set_email2(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com",
+ NID_pkcs9_emailAddress, name, 0);
+}
+
+static int set_email3(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_pkcs9_emailAddress, name,
+ NID_pkcs9_emailAddress, "dummy@example.com", 0);
+}
+
+static int set_email_and_cn(X509 *crt, const char *name)
+{
+ return set_cn(crt, NID_pkcs9_emailAddress, name,
+ NID_commonName, "www.example.org", 0);
+}
+
+static int set_altname_dns(X509 *crt, const char *name)
+{
+ return set_altname(crt, GEN_DNS, name, 0);
+}
+
+static int set_altname_email(X509 *crt, const char *name)
+{
+ return set_altname(crt, GEN_EMAIL, name, 0);
+}
+
+struct set_name_fn {
+ int (*fn) (X509 *, const char *);
+ const char *name;
+ int host;
+ int email;
+};
+
+static const struct set_name_fn name_fns[] = {
+ {set_cn1, "set CN", 1, 0},
+ {set_cn2, "set CN", 1, 0},
+ {set_cn3, "set CN", 1, 0},
+ {set_cn_and_email, "set CN", 1, 0},
+ {set_email1, "set emailAddress", 0, 1},
+ {set_email2, "set emailAddress", 0, 1},
+ {set_email3, "set emailAddress", 0, 1},
+ {set_email_and_cn, "set emailAddress", 0, 1},
+ {set_altname_dns, "set dnsName", 1, 0},
+ {set_altname_email, "set rfc822Name", 0, 1},
+ {NULL, NULL, 0}
+};
+
+static X509 *make_cert()
+{
+ X509 *ret = NULL;
+ X509 *crt = NULL;
+ X509_NAME *issuer = NULL;
+ crt = X509_new();
+ if (crt == NULL)
+ goto out;
+ if (!X509_set_version(crt, 3))
+ goto out;
+ ret = crt;
+ crt = NULL;
+ out:
+ X509_NAME_free(issuer);
+ return ret;
+}
+
+static int errors;
+
+static void check_message(const struct set_name_fn *fn, const char *op,
+ const char *nameincert, int match, const char *name)
+{
+ char msg[1024];
+ if (match < 0)
+ return;
+ BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]",
+ fn->name, op, nameincert,
+ match ? "matches" : "does not match", name);
+ if (is_exception(msg))
+ return;
+ puts(msg);
+ ++errors;
+}
+
+static void run_cert(X509 *crt, const char *nameincert,
+ const struct set_name_fn *fn)
+{
+ const char *const *pname = names;
+ while (*pname) {
+ int samename = strcasecmp(nameincert, *pname) == 0;
+ size_t namelen = strlen(*pname);
+ char *name = malloc(namelen);
+ int match, ret;
+ memcpy(name, *pname, namelen);
+
+ ret = X509_check_host(crt, name, namelen, 0, NULL);
+ match = -1;
+ if (ret < 0) {
+ fprintf(stderr, "internal error in X509_check_host");
+ ++errors;
+ } else if (fn->host) {
+ if (ret == 1 && !samename)
+ match = 1;
+ if (ret == 0 && samename)
+ match = 0;
+ } else if (ret == 1)
+ match = 1;
+ check_message(fn, "host", nameincert, match, *pname);
+
+ ret = X509_check_host(crt, name, namelen,
+ X509_CHECK_FLAG_NO_WILDCARDS, NULL);
+ match = -1;
+ if (ret < 0) {
+ fprintf(stderr, "internal error in X509_check_host");
+ ++errors;
+ } else if (fn->host) {
+ if (ret == 1 && !samename)
+ match = 1;
+ if (ret == 0 && samename)
+ match = 0;
+ } else if (ret == 1)
+ match = 1;
+ check_message(fn, "host-no-wildcards", nameincert, match, *pname);
+
+ ret = X509_check_email(crt, name, namelen, 0);
+ match = -1;
+ if (fn->email) {
+ if (ret && !samename)
+ match = 1;
+ if (!ret && samename && strchr(nameincert, '@') != NULL)
+ match = 0;
+ } else if (ret)
+ match = 1;
+ check_message(fn, "email", nameincert, match, *pname);
+ ++pname;
+ free(name);
+ }
+}
+
+int main(void)
+{
+ const struct set_name_fn *pfn = name_fns;
+ while (pfn->name) {
+ const char *const *pname = names;
+ while (*pname) {
+ X509 *crt = make_cert();
+ if (crt == NULL) {
+ fprintf(stderr, "make_cert failed\n");
+ return 1;
+ }
+ if (!pfn->fn(crt, *pname)) {
+ fprintf(stderr, "X509 name setting failed\n");
+ return 1;
+ }
+ run_cert(crt, *pname, pfn);
+ X509_free(crt);
+ ++pname;
+ }
+ ++pfn;
+ }
+ return errors > 0 ? 1 : 0;
+}
--- /dev/null
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+ * ====================================================================
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/whrlpool.h>
+#include <openssl/crypto.h>
+
+#if defined(OPENSSL_NO_WHIRLPOOL)
+int main(int argc, char *argv[])
+{
+ printf("No Whirlpool support\n");
+ return (0);
+}
+#else
+
+/* ISO/IEC 10118-3 test vector set */
+unsigned char iso_test_1[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66,
+ 0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26,
+ 0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8,
+ 0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7,
+ 0x3E, 0x83, 0xBE, 0x69, 0x8B, 0x28, 0x8F, 0xEB,
+ 0xCF, 0x88, 0xE3, 0xE0, 0x3C, 0x4F, 0x07, 0x57,
+ 0xEA, 0x89, 0x64, 0xE5, 0x9B, 0x63, 0xD9, 0x37,
+ 0x08, 0xB1, 0x38, 0xCC, 0x42, 0xA6, 0x6E, 0xB3
+};
+
+unsigned char iso_test_2[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F,
+ 0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7,
+ 0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69,
+ 0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42,
+ 0xD1, 0x1B, 0xC6, 0x45, 0x41, 0x3A, 0xEF, 0xF6,
+ 0x3A, 0x42, 0x39, 0x1A, 0x39, 0x14, 0x5A, 0x59,
+ 0x1A, 0x92, 0x20, 0x0D, 0x56, 0x01, 0x95, 0xE5,
+ 0x3B, 0x47, 0x85, 0x84, 0xFD, 0xAE, 0x23, 0x1A
+};
+
+unsigned char iso_test_3[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB,
+ 0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B,
+ 0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72,
+ 0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C,
+ 0x71, 0x81, 0xEE, 0xBD, 0xB6, 0xC5, 0x7E, 0x27,
+ 0x7D, 0x0E, 0x34, 0x95, 0x71, 0x14, 0xCB, 0xD6,
+ 0xC7, 0x97, 0xFC, 0x9D, 0x95, 0xD8, 0xB5, 0x82,
+ 0xD2, 0x25, 0x29, 0x20, 0x76, 0xD4, 0xEE, 0xF5
+};
+
+unsigned char iso_test_4[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6,
+ 0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC,
+ 0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C,
+ 0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B,
+ 0x84, 0x21, 0x55, 0x76, 0x59, 0xEF, 0x55, 0xC1,
+ 0x06, 0xB4, 0xB5, 0x2A, 0xC5, 0xA4, 0xAA, 0xA6,
+ 0x92, 0xED, 0x92, 0x00, 0x52, 0x83, 0x8F, 0x33,
+ 0x62, 0xE8, 0x6D, 0xBD, 0x37, 0xA8, 0x90, 0x3E
+};
+
+unsigned char iso_test_5[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9,
+ 0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A,
+ 0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5,
+ 0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B,
+ 0x08, 0xBF, 0x2A, 0x92, 0x51, 0xC3, 0x0B, 0x6A,
+ 0x0B, 0x8A, 0xAE, 0x86, 0x17, 0x7A, 0xB4, 0xA6,
+ 0xF6, 0x8F, 0x67, 0x3E, 0x72, 0x07, 0x86, 0x5D,
+ 0x5D, 0x98, 0x19, 0xA3, 0xDB, 0xA4, 0xEB, 0x3B
+};
+
+unsigned char iso_test_6[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B,
+ 0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90,
+ 0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC,
+ 0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E,
+ 0x08, 0xEB, 0xA2, 0x66, 0x29, 0x12, 0x9D, 0x8F,
+ 0xB7, 0xCB, 0x57, 0x21, 0x1B, 0x92, 0x81, 0xA6,
+ 0x55, 0x17, 0xCC, 0x87, 0x9D, 0x7B, 0x96, 0x21,
+ 0x42, 0xC6, 0x5F, 0x5A, 0x7A, 0xF0, 0x14, 0x67
+};
+
+unsigned char iso_test_7[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D,
+ 0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0,
+ 0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6,
+ 0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29,
+ 0x4D, 0x5B, 0xD8, 0xDF, 0x2A, 0x6C, 0x44, 0xE5,
+ 0x38, 0xCD, 0x04, 0x7B, 0x26, 0x81, 0xA5, 0x1A,
+ 0x2C, 0x60, 0x48, 0x1E, 0x88, 0xC5, 0xA2, 0x0B,
+ 0x2C, 0x2A, 0x80, 0xCF, 0x3A, 0x9A, 0x08, 0x3B
+};
+
+unsigned char iso_test_8[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61,
+ 0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48,
+ 0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62,
+ 0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69,
+ 0x16, 0xBD, 0xC8, 0x03, 0x1B, 0xC5, 0xBE, 0x1B,
+ 0x7B, 0x94, 0x76, 0x39, 0xFE, 0x05, 0x0B, 0x56,
+ 0x93, 0x9B, 0xAA, 0xA0, 0xAD, 0xFF, 0x9A, 0xE6,
+ 0x74, 0x5B, 0x7B, 0x18, 0x1C, 0x3B, 0xE3, 0xFD
+};
+
+unsigned char iso_test_9[WHIRLPOOL_DIGEST_LENGTH] = {
+ 0x0C, 0x99, 0x00, 0x5B, 0xEB, 0x57, 0xEF, 0xF5,
+ 0x0A, 0x7C, 0xF0, 0x05, 0x56, 0x0D, 0xDF, 0x5D,
+ 0x29, 0x05, 0x7F, 0xD8, 0x6B, 0x20, 0xBF, 0xD6,
+ 0x2D, 0xEC, 0xA0, 0xF1, 0xCC, 0xEA, 0x4A, 0xF5,
+ 0x1F, 0xC1, 0x54, 0x90, 0xED, 0xDC, 0x47, 0xAF,
+ 0x32, 0xBB, 0x2B, 0x66, 0xC3, 0x4F, 0xF9, 0xAD,
+ 0x8C, 0x60, 0x08, 0xAD, 0x67, 0x7F, 0x77, 0x12,
+ 0x69, 0x53, 0xB2, 0x26, 0xE4, 0xED, 0x8B, 0x01
+};
+
+int main(int argc, char *argv[])
+{
+ unsigned char md[WHIRLPOOL_DIGEST_LENGTH];
+ int i;
+ WHIRLPOOL_CTX ctx;
+
+# ifdef OPENSSL_IA32_SSE2
+ /*
+ * Alternative to this is to call OpenSSL_add_all_algorithms... The below
+ * code is retained exclusively for debugging purposes.
+ */
+ {
+ char *env;
+
+ if ((env = getenv("OPENSSL_ia32cap")))
+ OPENSSL_ia32cap = strtoul(env, NULL, 0);
+ }
+# endif
+
+ fprintf(stdout, "Testing Whirlpool ");
+
+ WHIRLPOOL("", 0, md);
+ if (memcmp(md, iso_test_1, sizeof(iso_test_1))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 1 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL("a", 1, md);
+ if (memcmp(md, iso_test_2, sizeof(iso_test_2))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 2 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL("abc", 3, md);
+ if (memcmp(md, iso_test_3, sizeof(iso_test_3))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 3 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL("message digest", 14, md);
+ if (memcmp(md, iso_test_4, sizeof(iso_test_4))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 4 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL("abcdefghijklmnopqrstuvwxyz", 26, md);
+ if (memcmp(md, iso_test_5, sizeof(iso_test_5))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 5 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz" "0123456789", 62, md);
+ if (memcmp(md, iso_test_6, sizeof(iso_test_6))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 6 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL("1234567890" "1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "1234567890", 80, md);
+ if (memcmp(md, iso_test_7, sizeof(iso_test_7))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 7 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL("abcdbcdecdefdefgefghfghighijhijk", 32, md);
+ if (memcmp(md, iso_test_8, sizeof(iso_test_8))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 8 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ WHIRLPOOL_Init(&ctx);
+ for (i = 0; i < 1000000; i += 288)
+ WHIRLPOOL_Update(&ctx, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+ (1000000 - i) < 288 ? 1000000 - i : 288);
+ WHIRLPOOL_Final(md, &ctx);
+ if (memcmp(md, iso_test_9, sizeof(iso_test_9))) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 9 of 9 failed.\n");
+ return 1;
+ } else
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ fprintf(stdout, " passed.\n");
+ fflush(stdout);
+
+ return 0;
+}
+#endif
%crypto_list=&load_numbers($crypto_num);
$max_crypto = $max_num;
-my $ssl="ssl/ssl.h";
-$ssl.=" ssl/kssl.h";
-$ssl.=" ssl/tls1.h";
-$ssl.=" ssl/srtp.h";
+my $ssl="include/openssl/ssl.h";
+$ssl.=" include/openssl/kssl.h";
+$ssl.=" include/openssl/tls1.h";
+$ssl.=" include/openssl/srtp.h";
-my $crypto ="crypto/crypto.h";
+my $crypto ="include/openssl/crypto.h";
$crypto.=" crypto/cryptlib.h";
$crypto.=" crypto/o_dir.h";
$crypto.=" crypto/o_str.h";
-$crypto.=" crypto/des/des.h" ; # unless $no_des;
-$crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
-$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
-$crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5;
-$crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2;
-$crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf;
-$crypto.=" crypto/cast/cast.h" ; # unless $no_cast;
-$crypto.=" crypto/whrlpool/whrlpool.h" ;
-$crypto.=" crypto/md2/md2.h" ; # unless $no_md2;
-$crypto.=" crypto/md4/md4.h" ; # unless $no_md4;
-$crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
-$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
-$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
-$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
-$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
-$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
-$crypto.=" crypto/seed/seed.h"; # unless $no_seed;
-
-$crypto.=" crypto/bn/bn.h";
-$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
-$crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa;
-$crypto.=" crypto/dh/dh.h" ; # unless $no_dh;
-$crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
-$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
-$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
-$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
-$crypto.=" crypto/cmac/cmac.h" ;
-
-$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
-$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
-$crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer;
-$crypto.=" crypto/bio/bio.h" ; # unless $no_bio;
-$crypto.=" crypto/dso/dso.h" ; # unless $no_dso;
-$crypto.=" crypto/lhash/lhash.h" ; # unless $no_lhash;
-$crypto.=" crypto/conf/conf.h";
-$crypto.=" crypto/txt_db/txt_db.h";
-
-$crypto.=" crypto/evp/evp.h" ; # unless $no_evp;
-$crypto.=" crypto/objects/objects.h";
-$crypto.=" crypto/pem/pem.h";
-#$crypto.=" crypto/meth/meth.h";
-$crypto.=" crypto/asn1/asn1.h";
-$crypto.=" crypto/asn1/asn1t.h";
-$crypto.=" crypto/asn1/asn1_mac.h";
-$crypto.=" crypto/err/err.h" ; # unless $no_err;
-$crypto.=" crypto/pkcs7/pkcs7.h";
-$crypto.=" crypto/pkcs12/pkcs12.h";
-$crypto.=" crypto/x509/x509.h";
-$crypto.=" crypto/x509/x509_vfy.h";
-$crypto.=" crypto/x509v3/x509v3.h";
-$crypto.=" crypto/ts/ts.h";
-$crypto.=" crypto/rand/rand.h";
-$crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
-$crypto.=" crypto/ocsp/ocsp.h";
-$crypto.=" crypto/ui/ui.h";
-$crypto.=" crypto/krb5/krb5_asn.h";
-#$crypto.=" crypto/store/store.h";
-$crypto.=" crypto/pqueue/pqueue.h";
-$crypto.=" crypto/cms/cms.h";
-$crypto.=" crypto/jpake/jpake.h";
-$crypto.=" crypto/srp/srp.h";
-$crypto.=" crypto/modes/modes.h";
-
-my $symhacks="crypto/symhacks.h";
+$crypto.=" include/openssl/des.h" ; # unless $no_des;
+$crypto.=" include/openssl/idea.h" ; # unless $no_idea;
+$crypto.=" include/openssl/rc4.h" ; # unless $no_rc4;
+$crypto.=" include/openssl/rc5.h" ; # unless $no_rc5;
+$crypto.=" include/openssl/rc2.h" ; # unless $no_rc2;
+$crypto.=" include/openssl/blowfish.h" ; # unless $no_bf;
+$crypto.=" include/openssl/cast.h" ; # unless $no_cast;
+$crypto.=" include/openssl/whrlpool.h" ;
+$crypto.=" include/openssl/md2.h" ; # unless $no_md2;
+$crypto.=" include/openssl/md4.h" ; # unless $no_md4;
+$crypto.=" include/openssl/md5.h" ; # unless $no_md5;
+$crypto.=" include/openssl/mdc2.h" ; # unless $no_mdc2;
+$crypto.=" include/openssl/sha.h" ; # unless $no_sha;
+$crypto.=" include/openssl/ripemd.h" ; # unless $no_ripemd;
+$crypto.=" include/openssl/aes.h" ; # unless $no_aes;
+$crypto.=" include/openssl/camellia.h" ; # unless $no_camellia;
+$crypto.=" include/openssl/seed.h"; # unless $no_seed;
+
+$crypto.=" include/openssl/bn.h";
+$crypto.=" include/openssl/rsa.h" ; # unless $no_rsa;
+$crypto.=" include/openssl/dsa.h" ; # unless $no_dsa;
+$crypto.=" include/openssl/dh.h" ; # unless $no_dh;
+$crypto.=" include/openssl/ec.h" ; # unless $no_ec;
+$crypto.=" include/openssl/ecdsa.h" ; # unless $no_ecdsa;
+$crypto.=" include/openssl/ecdh.h" ; # unless $no_ecdh;
+$crypto.=" include/openssl/hmac.h" ; # unless $no_hmac;
+$crypto.=" include/openssl/cmac.h" ;
+
+$crypto.=" include/openssl/engine.h"; # unless $no_engine;
+$crypto.=" include/openssl/stack.h" ; # unless $no_stack;
+$crypto.=" include/openssl/buffer.h" ; # unless $no_buffer;
+$crypto.=" include/openssl/bio.h" ; # unless $no_bio;
+$crypto.=" include/openssl/dso.h" ; # unless $no_dso;
+$crypto.=" include/openssl/lhash.h" ; # unless $no_lhash;
+$crypto.=" include/openssl/conf.h";
+$crypto.=" include/openssl/txt_db.h";
+
+$crypto.=" include/openssl/evp.h" ; # unless $no_evp;
+$crypto.=" include/openssl/objects.h";
+$crypto.=" include/openssl/pem.h";
+#$crypto.=" include/openssl/meth.h";
+$crypto.=" include/openssl/asn1.h";
+$crypto.=" include/openssl/asn1t.h";
+$crypto.=" include/openssl/asn1_mac.h";
+$crypto.=" include/openssl/err.h" ; # unless $no_err;
+$crypto.=" include/openssl/pkcs7.h";
+$crypto.=" include/openssl/pkcs12.h";
+$crypto.=" include/openssl/x509.h";
+$crypto.=" include/openssl/x509_vfy.h";
+$crypto.=" include/openssl/x509v3.h";
+$crypto.=" include/openssl/ts.h";
+$crypto.=" include/openssl/rand.h";
+$crypto.=" include/openssl/comp.h" ; # unless $no_comp;
+$crypto.=" include/openssl/ocsp.h";
+$crypto.=" include/openssl/ui.h";
+$crypto.=" include/openssl/krb5_asn.h";
+#$crypto.=" include/openssl/store.h";
+$crypto.=" include/openssl/pqueue.h";
+$crypto.=" include/openssl/cms.h";
+$crypto.=" include/openssl/jpake.h";
+$crypto.=" include/openssl/srp.h";
+$crypto.=" include/openssl/modes.h";
+
+my $symhacks="include/openssl/symhacks.h";
my @ssl_symbols = &do_defs("SSLEAY", $ssl, $symhacks);
my @crypto_symbols = &do_defs("LIBEAY", $crypto, $symhacks);
# Search out "DECLARE_STACK_OF()" # declarations in .h and .c files,
# and create corresponding macro declarations for crypto/stack/safestack.h.
-my $safestack = "crypto/stack/safestack.h";
+my $safestack = "include/openssl/safestack.h";
my $do_write = 0;
foreach ( @ARGV ) {
my @asn1setlst;
my @p12stklst;
my @lhashlst;
-my @source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>, <apps/*.[ch]>);
+my @source = (<
include/openssl/*.h>, <crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>, <apps/*.[ch]>);
foreach $file (@source) {
next if -l $file;
projects / oweals / openssl.git / commitdiff