Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
9 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 155d7a0e 编写于 作者: R Ralf S. Engelschall
浏览文件
操作

First cut for a very conservative source tree cleanup: 

1. merge various obsolete readme texts into doc/ssleay.txt
   where we collect the old documents and readme texts.

2. remove the first part of files where I'm already sure that we no longer need
   them because of three reasons: either they are just temporary files which
   were left by Eric or they are preserved original files where I've verified
   that the diff is also available in the CVS via "cvs diff -rSSLeay_0_8_1b"
   or they were renamed (as it was definitely the case for the crypto/md/
   stuff).

We've still a horrible mess under crypto/bn/asm/.  There for a lot of files
I'm sure whether we need them or not. So, when someone knows it better, feel
free to cleanup there.
上级 2c2cba0d
展开全部 隐藏空白更改
内联 并排
Showing with 407 addition and 4865 deletion
crypto/asn1/a_bitstr.orig.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/asn1/a_bitstr.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "cryptlib.h"
#include "asn1.h"
/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT);
* ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING);
*/
int i2d_ASN1_BIT_STRING(a,pp)
ASN1_BIT_STRING *a;
unsigned char **pp;
{
int ret,i,j,r,bits,len;
unsigned char *p,*d;
if (a == NULL) return(0);
len=a->length;
if ((len > 0)
{
if (a->flags & ASN1_FG_BITS_LEFT))
{
bits=a->flags&0x07;
}
else
{
for ( ; len > 0; len--)
{
if (a->data[len-1]) break;
}
j=a->data[len-1];
if (j & 0x80) bits=1;
else if (j & 0x40) bits=2;
else if (j & 0x20) bits=3;
else if (j & 0x10) bits=4;
else if (j & 0x08) bits=5;
else if (j & 0x04) bits=6;
else if (j & 0x02) bits=7;
else if (j & 0x01) bits=8;
else bits=0;
}
}
else
bits=0;
ret=1+len;
r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
if (pp == NULL) return(r);
p= *pp;
ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
if (bits == 0)
j=0;
else j=8-bits;
*(p++)=(unsigned char)j;
d=a->data;
memcpy(p,d,len);
p+=len;
if (len > 0) p[-1]&=(0xff<<j);
*pp=p;
return(r);
}
ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length)
ASN1_BIT_STRING **a;
unsigned char **pp;
long length;
{
ASN1_BIT_STRING *ret=NULL;
unsigned char *p,*s;
long len;
int inf,tag,xclass;
int i;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL);
}
else
ret=(*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_BIT_STRING)
{
i=ASN1_R_EXPECTING_A_BIT_STRING;
goto err;
}
if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
i= *(p++);
ret->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear */
if (i > 0)
ret->flag|=(ASN1_FG_BITS_LEFT|(i&0x07)); /* set */
if (len-- > 1) /* using one because of the bits left byte */
{
s=(unsigned char *)Malloc((int)len);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
goto err;
}
memcpy(s,p,(int)len);
s[len-1]&=(0xff<<i);
p+=len;
}
else
s=NULL;
ret->length=(int)len;
if (ret->data != NULL) Free((char *)ret->data);
ret->data=s;
ret->type=V_ASN1_BIT_STRING;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_BIT_STRING_free(ret);
return(NULL);
}
/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
*/
int ASN1_BIT_STRING_set_bit(a,n,value)
ASN1_BIT_STRING *a;
int n;
int value;
{
int w,v,iv;
unsigned char *c;
w=n/8;
v=1<<(7-(n&0x07));
iv= ~v;
a->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear, set on write */
if (a == NULL) return(0);
if ((a->length < (w+1)) || (a->data == NULL))
{
if (!value) return(1); /* Don't need to set */
if (a->data == NULL)
c=(unsigned char *)Malloc(w+1);
else
c=(unsigned char *)Realloc(a->data,w+1);
if (c == NULL) return(0);
a->data=c;
a->length=w+1;
c[w]=0;
}
a->data[w]=((a->data[w])&iv)|v;
while ((a->length > 0) && (a->data[a->length-1] == 0))
a->length--;
return(1);
}
int ASN1_BIT_STRING_get_bit(a,n)
ASN1_BIT_STRING *a;
int n;
{
int w,v;
w=n/8;
v=1<<(7-(n&0x07));
if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
return(0);
return((a->data[w]&v) != 0);
}
crypto/asn1/x 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/asn1/x_crl.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "cryptlib.h"
#include "asn1_mac.h"
#include "x509.h"
/*
* ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH);
* ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE);
* ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH);
* ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH);
* ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
* ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH);
*/
#ifndef NOPROTO
static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b);
static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b);
#else
static int X509_REVOKED_cmp();
static int X509_REVOKED_seq_cmp();
#endif
int i2d_X509_REVOKED(a,pp)
X509_REVOKED *a;
unsigned char **pp;
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME);
M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME);
M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
M_ASN1_I2D_finish();
}
X509_REVOKED *d2i_X509_REVOKED(a,pp,length)
X509_REVOKED **a;
unsigned char **pp;
long length;
{
M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME);
M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION);
M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
}
int i2d_X509_CRL_INFO(a,pp)
X509_CRL_INFO *a;
unsigned char **pp;
{
int v1=0;
long l=0;
M_ASN1_I2D_vars(a);
if (sk_num(a->revoked) != 0)
qsort((char *)a->revoked->data,sk_num(a->revoked),
sizeof(X509_REVOKED *),(int (*)(P_CC_CC))X509_REVOKED_seq_cmp);
if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
{
M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
}
M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
if (a->nextUpdate != NULL)
{ M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME); }
M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
V_ASN1_SEQUENCE,v1);
M_ASN1_I2D_seq_total();
if ((a->version != NULL) && (l != 0))
{
M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
}
M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
if (a->nextUpdate != NULL)
{ M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); }
M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
V_ASN1_SEQUENCE,v1);
M_ASN1_I2D_finish();
}
X509_CRL_INFO *d2i_X509_CRL_INFO(a,pp,length)
X509_CRL_INFO **a;
unsigned char **pp;
long length;
{
int i,ver=0;
M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
if (ret->version != NULL)
ver=ret->version->data[0];
if ((ver == 0) && (ret->version != NULL))
{
ASN1_INTEGER_free(ret->version);
ret->version=NULL;
}
M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME);
M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME,V_ASN1_UTCTIME);
if (ret->revoked != NULL)
{
while (sk_num(ret->revoked))
X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked));
}
M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED);
if (ret->revoked != NULL)
{
for (i=0; i<sk_num(ret->revoked); i++)
{
((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i;
}
}
if (ver >= 1)
{
if (ret->extensions != NULL)
{
while (sk_num(ret->extensions))
X509_EXTENSION_free((X509_EXTENSION *)
sk_pop(ret->extensions));
}
M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,
0,V_ASN1_SEQUENCE);
}
M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
}
int i2d_X509_CRL(a,pp)
X509_CRL *a;
unsigned char **pp;
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
M_ASN1_I2D_finish();
}
X509_CRL *d2i_X509_CRL(a,pp,length)
X509_CRL **a;
unsigned char **pp;
long length;
{
M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
}
X509_REVOKED *X509_REVOKED_new()
{
X509_REVOKED *ret=NULL;
M_ASN1_New_Malloc(ret,X509_REVOKED);
M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
M_ASN1_New(ret->revocationDate,ASN1_UTCTIME_new);
ret->extensions=NULL;
return(ret);
M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
}
X509_CRL_INFO *X509_CRL_INFO_new()
{
X509_CRL_INFO *ret=NULL;
M_ASN1_New_Malloc(ret,X509_CRL_INFO);
ret->version=NULL;
M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
M_ASN1_New(ret->issuer,X509_NAME_new);
M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new);
ret->nextUpdate=NULL;
M_ASN1_New(ret->revoked,sk_new_null);
M_ASN1_New(ret->extensions,sk_new_null);
ret->revoked->comp=(int (*)())X509_REVOKED_cmp;
return(ret);
M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
}
X509_CRL *X509_CRL_new()
{
X509_CRL *ret=NULL;
M_ASN1_New_Malloc(ret,X509_CRL);
ret->references=1;
M_ASN1_New(ret->crl,X509_CRL_INFO_new);
M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
return(ret);
M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
}
void X509_REVOKED_free(a)
X509_REVOKED *a;
{
if (a == NULL) return;
ASN1_INTEGER_free(a->serialNumber);
ASN1_UTCTIME_free(a->revocationDate);
sk_pop_free(a->extensions,X509_EXTENSION_free);
Free((char *)a);
}
void X509_CRL_INFO_free(a)
X509_CRL_INFO *a;
{
if (a == NULL) return;
ASN1_INTEGER_free(a->version);
X509_ALGOR_free(a->sig_alg);
X509_NAME_free(a->issuer);
ASN1_UTCTIME_free(a->lastUpdate);
if (a->nextUpdate)
ASN1_UTCTIME_free(a->nextUpdate);
sk_pop_free(a->revoked,X509_REVOKED_free);
sk_pop_free(a->extensions,X509_EXTENSION_free);
Free((char *)a);
}
void X509_CRL_free(a)
X509_CRL *a;
{
int i;
if (a == NULL) return;
i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
#ifdef REF_PRINT
REF_PRINT("X509_CRL",a);
#endif
if (i > 0) return;
#ifdef REF_CHECK
if (i < 0)
{
fprintf(stderr,"X509_CRL_free, bad reference count\n");
abort();
}
#endif
X509_CRL_INFO_free(a->crl);
X509_ALGOR_free(a->sig_alg);
ASN1_BIT_STRING_free(a->signature);
Free((char *)a);
}
static int X509_REVOKED_cmp(a,b)
X509_REVOKED **a,**b;
{
return(ASN1_STRING_cmp(
(ASN1_STRING *)(*a)->serialNumber,
(ASN1_STRING *)(*b)->serialNumber));
}
static int X509_REVOKED_seq_cmp(a,b)
X509_REVOKED **a,**b;
{
return((*a)->sequence-(*b)->sequence);
}
crypto/bf/bf_locl 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/bf/bf_local.h */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* Always modify bf_locl.org since bf_locl.h is automatically generated from
* it during SSLeay configuration.
*
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
/* Special defines which change the way the code is built depending on the
CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
even newer MIPS CPU's, but at the moment one size fits all for
optimization options. Older Sparc's work better with only UNROLL, but
there's no way to tell at compile time what it is you're running on */
#if defined( sun ) /* Newer Sparc's */
# define BF_PTR
#elif defined( __ultrix ) /* Older MIPS */
# define BF_PTR
#elif defined( __osf1__ ) /* Alpha */
/* None */
#elif defined ( _AIX ) /* RS6000 */
/* Unknown */
#elif defined( __hpux ) /* HP-PA */
/* None */
#elif defined( __aux ) /* 68K */
/* Unknown */
#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
/* Unknown */
#elif defined( __sgi ) /* Newer MIPS */
# define BF_PTR
#elif defined( i386 ) /* x86 boxes, should be gcc */
# define BF_PTR2
#elif defined( _MSC_VER ) /* x86 boxes, Visual C */
# define BF_PTR2
#endif /* Systems-specific speed defines */
#undef c2l
#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
l|=((unsigned long)(*((c)++)))<< 8L, \
l|=((unsigned long)(*((c)++)))<<16L, \
l|=((unsigned long)(*((c)++)))<<24L)
/* NOTE - c is not incremented as per c2l */
#undef c2ln
#define c2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
case 5: l2|=((unsigned long)(*(--(c)))); \
case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
case 1: l1|=((unsigned long)(*(--(c)))); \
} \
}
#undef l2c
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
/* NOTE - c is not incremented as per l2c */
#undef l2cn
#define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
/* NOTE - c is not incremented as per n2l */
#define n2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c)))) ; \
case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
case 6: l2|=((unsigned long)(*(--(c))))<<16; \
case 5: l2|=((unsigned long)(*(--(c))))<<24; \
case 4: l1 =((unsigned long)(*(--(c)))) ; \
case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
case 2: l1|=((unsigned long)(*(--(c))))<<16; \
case 1: l1|=((unsigned long)(*(--(c))))<<24; \
} \
}
/* NOTE - c is not incremented as per l2n */
#define l2nn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
} \
}
#undef n2l
#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
l|=((unsigned long)(*((c)++)))<<16L, \
l|=((unsigned long)(*((c)++)))<< 8L, \
l|=((unsigned long)(*((c)++))))
#undef l2n
#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
/* This is actually a big endian algorithm, the most significate byte
* is used to lookup array 0 */
/* use BF_PTR2 for intel boxes,
* BF_PTR for sparc and MIPS/SGI
* use nothing for Alpha and HP.
*/
#if !defined(BF_PTR) && !defined(BF_PTR2)
#undef BF_PTR
#endif
#define BF_M 0x3fc
#define BF_0 22L
#define BF_1 14L
#define BF_2 6L
#define BF_3 2L /* left shift */
#if defined(BF_PTR2)
/* This is basically a special pentium verson */
#define BF_ENC(LL,R,S,P) \
{ \
BF_LONG t,u,v; \
u=R>>BF_0; \
v=R>>BF_1; \
u&=BF_M; \
v&=BF_M; \
t= *(BF_LONG *)((unsigned char *)&(S[ 0])+u); \
u=R>>BF_2; \
t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
v=R<<BF_3; \
u&=BF_M; \
v&=BF_M; \
t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
LL^=P; \
t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
LL^=t; \
}
#elif defined(BF_PTR)
/* This is normally very good */
#define BF_ENC(LL,R,S,P) \
LL^=P; \
LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
*(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
*(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
#else
/* This will always work, even on 64 bit machines and strangly enough,
* on the Alpha it is faster than the pointer versions (both 32 and 64
* versions of BF_LONG) */
#define BF_ENC(LL,R,S,P) \
LL^=P; \
LL^=((( S[ (int)(R>>24L) ] + \
S[0x0100+((int)(R>>16L)&0xff)])^ \
S[0x0200+((int)(R>> 8L)&0xff)])+ \
S[0x0300+((int)(R )&0xff)])&0xffffffffL;
#endif
crypto/bn/DSA 已删除 100644 → 0
浏览文件 @ 2c2cba0d
DSA wants 64*32 to use word mont mul, but
RSA wants to use full.
crypto/des/des 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/des/des.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* Always modify des.org since des.h is automatically generated from
* it during SSLeay configuration.
*
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
#ifndef HEADER_DES_H
#define HEADER_DES_H
#ifdef __cplusplus
extern "C" {
#endif
#include <stdio.h>
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
* %20 speed up (longs are 8 bytes, int's are 4). */
#ifndef DES_LONG
#define DES_LONG unsigned long
#endif
typedef unsigned char des_cblock[8];
typedef struct des_ks_struct
{
union {
des_cblock _;
/* make sure things are correct size on machines with
* 8 byte longs */
DES_LONG pad[2];
} ks;
#undef _
#define _ ks._
} des_key_schedule[16];
#define DES_KEY_SZ (sizeof(des_cblock))
#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
#define DES_CBC_MODE 0
#define DES_PCBC_MODE 1
#define des_ecb2_encrypt(i,o,k1,k2,e) \
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
#define C_Block des_cblock
#define Key_schedule des_key_schedule
#ifdef KERBEROS
#define ENCRYPT DES_ENCRYPT
#define DECRYPT DES_DECRYPT
#endif
#define KEY_SZ DES_KEY_SZ
#define string_to_key des_string_to_key
#define read_pw_string des_read_pw_string
#define random_key des_random_key
#define pcbc_encrypt des_pcbc_encrypt
#define set_key des_set_key
#define key_sched des_key_sched
#define ecb_encrypt des_ecb_encrypt
#define cbc_encrypt des_cbc_encrypt
#define ncbc_encrypt des_ncbc_encrypt
#define xcbc_encrypt des_xcbc_encrypt
#define cbc_cksum des_cbc_cksum
#define quad_cksum des_quad_cksum
/* For compatibility with the MIT lib - eay 20/05/92 */
typedef des_key_schedule bit_64;
#define des_fixup_key_parity des_set_odd_parity
#define des_check_key_parity check_parity
extern int des_check_key; /* defaults to false */
extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
/* The next line is used to disable full ANSI prototypes, if your
* compiler has problems with the prototypes, make sure this line always
* evaluates to true :-) */
#if defined(MSDOS) || defined(__STDC__)
#undef NOPROTO
#endif
#ifndef NOPROTO
char *des_options(void);
void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
des_key_schedule ks1,des_key_schedule ks2,
des_key_schedule ks3, int enc);
DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
long length,des_key_schedule schedule,des_cblock *ivec);
void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule schedule,des_cblock *ivec,int enc);
void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule schedule,des_cblock *ivec,int enc);
void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule schedule,des_cblock *ivec,
des_cblock *inw,des_cblock *outw,int enc);
void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule sk1,des_key_schedule sk2,
des_cblock *ivec1,des_cblock *ivec2,int enc);
void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
long length,des_key_schedule schedule,des_cblock *ivec,int enc);
void des_ecb_encrypt(des_cblock *input,des_cblock *output,
des_key_schedule ks,int enc);
void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
des_key_schedule ks2, des_key_schedule ks3);
void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
des_key_schedule ks2, des_key_schedule ks3);
void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
long length, des_key_schedule ks1, des_key_schedule ks2,
des_key_schedule ks3, des_cblock *ivec, int enc);
void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
long length, des_key_schedule ks1, des_key_schedule ks2,
des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
long length, des_key_schedule ks1, des_key_schedule ks2,
des_key_schedule ks3, des_cblock *ivec, int *num);
void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
des_cblock (*out_white));
int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
des_cblock *iv);
int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
des_cblock *iv);
char *des_fcrypt(const char *buf,const char *salt, char *ret);
#ifdef PERL5
char *des_crypt(const char *buf,const char *salt);
#else
/* some stupid compilers complain because I have declared char instead
* of const char */
#ifdef HEADER_DES_LOCL_H
char *crypt(const char *buf,const char *salt);
#else
char *crypt();
#endif
#endif
void des_ofb_encrypt(unsigned char *in,unsigned char *out,
int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule schedule,des_cblock *ivec,int enc);
DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
long length,int out_count,des_cblock *seed);
void des_random_seed(des_cblock key);
void des_random_key(des_cblock ret);
int des_read_password(des_cblock *key,char *prompt,int verify);
int des_read_2passwords(des_cblock *key1,des_cblock *key2,
char *prompt,int verify);
int des_read_pw_string(char *buf,int length,char *prompt,int verify);
void des_set_odd_parity(des_cblock *key);
int des_is_weak_key(des_cblock *key);
int des_set_key(des_cblock *key,des_key_schedule schedule);
int des_key_sched(des_cblock *key,des_key_schedule schedule);
void des_string_to_key(char *str,des_cblock *key);
void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
des_key_schedule schedule, des_cblock *ivec, int *num);
int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
/* Extra functions from Mark Murray <mark@grondar.za> */
void des_cblock_print_file(des_cblock *cb, FILE *fp);
/* The following functions are not in the normal unix build or the
* SSLeay build. When using the SSLeay build, use RAND_seed()
* and RAND_bytes() instead. */
int des_new_random_key(des_cblock *key);
void des_init_random_number_generator(des_cblock *key);
void des_set_random_generator_seed(des_cblock *key);
void des_set_sequence_number(des_cblock new_sequence_number);
void des_generate_random_block(des_cblock *block);
#else
char *des_options();
void des_ecb3_encrypt();
DES_LONG des_cbc_cksum();
void des_cbc_encrypt();
void des_ncbc_encrypt();
void des_xcbc_encrypt();
void des_3cbc_encrypt();
void des_cfb_encrypt();
void des_ede3_cfb64_encrypt();
void des_ede3_ofb64_encrypt();
void des_ecb_encrypt();
void des_encrypt();
void des_encrypt2();
void des_encrypt3();
void des_decrypt3();
void des_ede3_cbc_encrypt();
int des_enc_read();
int des_enc_write();
char *des_fcrypt();
#ifdef PERL5
char *des_crypt();
#else
char *crypt();
#endif
void des_ofb_encrypt();
void des_pcbc_encrypt();
DES_LONG des_quad_cksum();
void des_random_seed();
void des_random_key();
int des_read_password();
int des_read_2passwords();
int des_read_pw_string();
void des_set_odd_parity();
int des_is_weak_key();
int des_set_key();
int des_key_sched();
void des_string_to_key();
void des_string_to_2keys();
void des_cfb64_encrypt();
void des_ofb64_encrypt();
int des_read_pw();
void des_xwhite_in2out();
/* Extra functions from Mark Murray <mark@grondar.za> */
void des_cblock_print_file();
/* The following functions are not in the normal unix build or the
* SSLeay build. When using the SSLeay build, use RAND_seed()
* and RAND_bytes() instead. */
#ifdef FreeBSD
int des_new_random_key();
void des_init_random_number_generator();
void des_set_random_generator_seed();
void des_set_sequence_number();
void des_generate_random_block();
#endif
#endif
#ifdef __cplusplus
}
#endif
#endif
crypto/md/Makefile.ssl 已删除 100644 → 0
浏览文件 @ 2c2cba0d
#
# SSLeay/crypto/md/Makefile
#
DIR= md
TOP= ../..
CC= cc
INCLUDES=
CFLAG=-g
INSTALLTOP=/usr/local/ssl
MAKE= make -f Makefile.ssl
MAKEDEPEND= $(TOP)/util/domd $(TOP)
MAKEFILE= Makefile.ssl
AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
TEST=md2test.c md5test.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
SRC= $(LIBSRC)
EXHEADER= md2.h md5.h
HEADER= md5_locl.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
sh $(TOP)/util/ranlib.sh $(LIB)
@touch lib
files:
perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
/bin/rm -f Makefile
$(TOP)/util/point.sh Makefile.ssl Makefile ;
$(TOP)/util/mklink.sh ../../include $(EXHEADER)
$(TOP)/util/mklink.sh ../../test $(TEST)
$(TOP)/util/mklink.sh ../../apps $(APPS)
install:
@for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALLTOP)/include/$$i; \
chmod 644 $(INSTALLTOP)/include/$$i ); \
done;
tags:
ctags $(SRC)
tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
depend:
$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
dclean:
perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
clean:
/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
errors:
# DO NOT DELETE THIS LINE -- make depend depends on it.
crypto/md/md2.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md2.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "md2.h"
#define BUFSIZE 1024*16
#ifndef NOPROTO
void do_fp(FILE *f);
void pt(unsigned char *md);
int read(int, void *, unsigned int);
void exit(int);
void perror(const char *);
#else
void do_fp();
void pt();
int read();
void exit();
void perror();
#endif
int main(argc, argv)
int argc;
char *argv[];
{
int i,err=0;
FILE *IN;
if (argc == 1)
{
do_fp(stdin);
}
else
{
for (i=1; i<argc; i++)
{
IN=fopen(argv[i],"r");
if (IN == NULL)
{
perror(argv[i]);
err++;
continue;
}
printf("MD2(%s)= ",argv[i]);
do_fp(IN);
fclose(IN);
}
}
exit(err);
return(err);
}
void do_fp(f)
FILE *f;
{
MD2_CTX c;
unsigned char md[MD2_DIGEST_LENGTH];
int fd,i;
static unsigned char buf[BUFSIZE];
fd=fileno(f);
MD2_Init(&c);
for (;;)
{
i=read(fd,buf,BUFSIZE);
if (i <= 0) break;
MD2_Update(&c,buf,(unsigned long)i);
}
MD2_Final(&(md[0]),&c);
pt(md);
}
void pt(md)
unsigned char *md;
{
int i;
for (i=0; i<MD2_DIGEST_LENGTH; i++)
printf("%02x",md[i]);
printf("\n");
}
crypto/md/md2.h 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md2.org */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* Always modify md2.org since md2.h is automatically generated from
* it during SSLeay configuration.
*
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
#ifndef HEADER_MD2_H
#define HEADER_MD2_H
#ifdef __cplusplus
extern "C" {
#endif
#define MD2_DIGEST_LENGTH 16
#define MD2_BLOCK 16
#define MD2_INT unsigned int
typedef struct MD2state_st
{
int num;
unsigned char data[MD2_BLOCK];
MD2_INT cksm[MD2_BLOCK];
MD2_INT state[MD2_BLOCK];
} MD2_CTX;
#ifndef NOPROTO
char *MD2_options(void);
void MD2_Init(MD2_CTX *c);
void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
void MD2_Final(unsigned char *md, MD2_CTX *c);
unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
#else
char *MD2_options();
void MD2_Init();
void MD2_Update();
void MD2_Final();
unsigned char *MD2();
#endif
#ifdef __cplusplus
}
#endif
#endif
crypto/md/md2.org 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md2.org */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* Always modify md2.org since md2.h is automatically generated from
* it during SSLeay configuration.
*
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
#ifndef HEADER_MD2_H
#define HEADER_MD2_H
#ifdef __cplusplus
extern "C" {
#endif
#define MD2_DIGEST_LENGTH 16
#define MD2_BLOCK 16
#define MD2_INT unsigned int
typedef struct MD2state_st
{
int num;
unsigned char data[MD2_BLOCK];
MD2_INT cksm[MD2_BLOCK];
MD2_INT state[MD2_BLOCK];
} MD2_CTX;
#ifndef NOPROTO
char *MD2_options(void);
void MD2_Init(MD2_CTX *c);
void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
void MD2_Final(unsigned char *md, MD2_CTX *c);
unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
#else
char *MD2_options();
void MD2_Init();
void MD2_Update();
void MD2_Final();
unsigned char *MD2();
#endif
#ifdef __cplusplus
}
#endif
#endif
crypto/md/md2_dgst.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md2_dgst.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "md2.h"
char *MD2_version="MD2 part of SSLeay 0.8.1b 29-Jun-1998";
/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
*/
#define UCHAR unsigned char
#ifndef NOPROTO
static void md2_block(MD2_CTX *c, unsigned char *d);
#else
static void md2_block();
#endif
/* The magic S table - I have converted it to hex since it is
* basicaly just a random byte string. */
static MD2_INT S[256]={
0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
};
char *MD2_options()
{
if (sizeof(MD2_INT) == 1)
return("md2(char)");
else
return("md2(int)");
}
void MD2_Init(c)
MD2_CTX *c;
{
c->num=0;
memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
memset(c->data,0,MD2_BLOCK);
}
void MD2_Update(c, data, len)
MD2_CTX *c;
register unsigned char *data;
unsigned long len;
{
register UCHAR *p;
if (len == 0) return;
p=c->data;
if (c->num != 0)
{
if ((c->num+len) >= MD2_BLOCK)
{
memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
md2_block(c,c->data);
data+=(MD2_BLOCK - c->num);
len-=(MD2_BLOCK - c->num);
c->num=0;
/* drop through and do the rest */
}
else
{
memcpy(&(p[c->num]),data,(int)len);
/* data+=len; */
c->num+=(int)len;
return;
}
}
/* we now can process the input data in blocks of MD2_BLOCK
* chars and save the leftovers to c->data. */
while (len >= MD2_BLOCK)
{
md2_block(c,data);
data+=MD2_BLOCK;
len-=MD2_BLOCK;
}
memcpy(p,data,(int)len);
c->num=(int)len;
}
static void md2_block(c, d)
MD2_CTX *c;
unsigned char *d;
{
register MD2_INT t,*sp1,*sp2;
register int i,j;
MD2_INT state[48];
sp1=c->state;
sp2=c->cksm;
j=sp2[MD2_BLOCK-1];
for (i=0; i<16; i++)
{
state[i]=sp1[i];
state[i+16]=t=d[i];
state[i+32]=(t^sp1[i]);
j=sp2[i]^=S[t^j];
}
t=0;
for (i=0; i<18; i++)
{
for (j=0; j<48; j+=8)
{
t= state[j+ 0]^=S[t];
t= state[j+ 1]^=S[t];
t= state[j+ 2]^=S[t];
t= state[j+ 3]^=S[t];
t= state[j+ 4]^=S[t];
t= state[j+ 5]^=S[t];
t= state[j+ 6]^=S[t];
t= state[j+ 7]^=S[t];
}
t=(t+i)&0xff;
}
memcpy(sp1,state,16*sizeof(MD2_INT));
memset(state,0,48*sizeof(MD2_INT));
}
void MD2_Final(md, c)
unsigned char *md;
MD2_CTX *c;
{
int i,v;
register UCHAR *cp;
register MD2_INT *p1,*p2;
cp=c->data;
p1=c->state;
p2=c->cksm;
v=MD2_BLOCK-c->num;
for (i=c->num; i<MD2_BLOCK; i++)
cp[i]=(UCHAR)v;
md2_block(c,cp);
for (i=0; i<MD2_BLOCK; i++)
cp[i]=(UCHAR)p2[i];
md2_block(c,cp);
for (i=0; i<16; i++)
md[i]=(UCHAR)(p1[i]&0xff);
memset((char *)&c,0,sizeof(c));
}
crypto/md/md2_one.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md2_one.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "cryptlib.h"
#include "md2.h"
/* This is a separate file so that #defines in cryptlib.h can
* map my MD functions to different names */
unsigned char *MD2(d, n, md)
unsigned char *d;
unsigned long n;
unsigned char *md;
{
MD2_CTX c;
static unsigned char m[MD2_DIGEST_LENGTH];
if (md == NULL) md=m;
MD2_Init(&c);
MD2_Update(&c,d,n);
MD2_Final(md,&c);
memset(&c,0,sizeof(c)); /* Security consideration */
return(md);
}
crypto/md/md2test.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md2test.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "md2.h"
char *test[]={
"",
"a",
"abc",
"message digest",
"abcdefghijklmnopqrstuvwxyz",
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
NULL,
};
char *ret[]={
"8350e5a3e24c153df2275c9f80692773",
"32ec01ec4a6dac72c0ab96fb34c0b5d1",
"da853b0d3f88d99b30283a69e6ded6bb",
"ab4f496bfb2a530b219ff33031fe06b0",
"4e8ddff3650292ab5a4108c3aa47940b",
"da33def2a42df13975352846c30338cd",
"d5976f79d83d3a0dc9806c3c66f3efd8",
};
#ifndef NOPROTO
static char *pt(unsigned char *md);
#else
static char *pt();
#endif
int main(argc,argv)
int argc;
char *argv[];
{
int i,err=0;
char **P,**R;
char *p;
P=test;
R=ret;
i=1;
while (*P != NULL)
{
p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
if (strcmp(p,*R) != 0)
{
printf("error calculating MD2 on '%s'\n",*P);
printf("got %s instead of %s\n",p,*R);
err++;
}
else
printf("test %d ok\n",i);
i++;
R++;
P++;
}
exit(err);
return(0);
}
static char *pt(md)
unsigned char *md;
{
int i;
static char buf[80];
for (i=0; i<MD2_DIGEST_LENGTH; i++)
sprintf(&(buf[i*2]),"%02x",md[i]);
return(buf);
}
crypto/md/md5.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md5.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include "md5.h"
#define BUFSIZE 1024*16
#ifndef NOPROTO
void do_fp(FILE *f);
void pt(unsigned char *md);
int read(int, void *, unsigned int);
#else
void do_fp();
void pt();
int read();
#endif
int main(argc, argv)
int argc;
char **argv;
{
int i,err=0;
FILE *IN;
if (argc == 1)
{
do_fp(stdin);
}
else
{
for (i=1; i<argc; i++)
{
IN=fopen(argv[i],"r");
if (IN == NULL)
{
perror(argv[i]);
err++;
continue;
}
printf("MD5(%s)= ",argv[i]);
do_fp(IN);
fclose(IN);
}
}
exit(err);
}
void do_fp(f)
FILE *f;
{
MD5_CTX c;
unsigned char md[MD5_DIGEST_LENGTH];
int fd;
int i;
static unsigned char buf[BUFSIZE];
fd=fileno(f);
MD5_Init(&c);
for (;;)
{
i=read(fd,buf,BUFSIZE);
if (i <= 0) break;
MD5_Update(&c,buf,(unsigned long)i);
}
MD5_Final(&(md[0]),&c);
pt(md);
}
void pt(md)
unsigned char *md;
{
int i;
for (i=0; i<MD5_DIGEST_LENGTH; i++)
printf("%02x",md[i]);
printf("\n");
}
crypto/md/md5.h 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md5.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef HEADER_MD5_H
#define HEADER_MD5_H
#ifdef __cplusplus
extern "C" {
#endif
#define MD5_CBLOCK 64
#define MD5_LBLOCK 16
#define MD5_BLOCK 16
#define MD5_LAST_BLOCK 56
#define MD5_LENGTH_BLOCK 8
#define MD5_DIGEST_LENGTH 16
typedef struct MD5state_st
{
unsigned long A,B,C,D;
unsigned long Nl,Nh;
unsigned long data[MD5_LBLOCK];
int num;
} MD5_CTX;
#ifndef NOPROTO
void MD5_Init(MD5_CTX *c);
void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len);
void MD5_Final(unsigned char *md, MD5_CTX *c);
unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
#else
void MD5_Init();
void MD5_Update();
void MD5_Final();
unsigned char *MD5();
#endif
#ifdef __cplusplus
}
#endif
#endif
crypto/md/md5_dgst.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md5_dgst.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "md5_locl.h"
char *MD5_version="MD5 part of SSLeay 0.8.1b 29-Jun-1998";
/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
*/
#define INIT_DATA_A (unsigned long)0x67452301L
#define INIT_DATA_B (unsigned long)0xefcdab89L
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
#ifndef NOPROTO
static void md5_block(MD5_CTX *c, unsigned long *p);
#else
static void md5_block();
#endif
void MD5_Init(c)
MD5_CTX *c;
{
c->A=INIT_DATA_A;
c->B=INIT_DATA_B;
c->C=INIT_DATA_C;
c->D=INIT_DATA_D;
c->Nl=0;
c->Nh=0;
c->num=0;
}
void MD5_Update(c, data, len)
MD5_CTX *c;
register unsigned char *data;
unsigned long len;
{
register ULONG *p;
int sw,sc;
ULONG l;
if (len == 0) return;
l=(c->Nl+(len<<3))&0xffffffffL;
/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
* Wei Dai <weidai@eskimo.com> for pointing it out. */
if (l < c->Nl) /* overflow */
c->Nh++;
c->Nh+=(len>>29);
c->Nl=l;
if (c->num != 0)
{
p=c->data;
sw=c->num>>2;
sc=c->num&0x03;
if ((c->num+len) >= MD5_CBLOCK)
{
l= p[sw];
p_c2l(data,l,sc);
p[sw++]=l;
for (; sw<MD5_LBLOCK; sw++)
{
c2l(data,l);
p[sw]=l;
}
len-=(MD5_CBLOCK-c->num);
md5_block(c,p);
c->num=0;
/* drop through and do the rest */
}
else
{
int ew,ec;
c->num+=(int)len;
if ((sc+len) < 4) /* ugly, add char's to a word */
{
l= p[sw];
p_c2l_p(data,l,sc,len);
p[sw]=l;
}
else
{
ew=(c->num>>2);
ec=(c->num&0x03);
l= p[sw];
p_c2l(data,l,sc);
p[sw++]=l;
for (; sw < ew; sw++)
{ c2l(data,l); p[sw]=l; }
if (ec)
{
c2l_p(data,l,ec);
p[sw]=l;
}
}
return;
}
}
/* we now can process the input data in blocks of MD5_CBLOCK
* chars and save the leftovers to c->data. */
p=c->data;
while (len >= MD5_CBLOCK)
{
#if defined(L_ENDIAN) || defined(B_ENDIAN)
memcpy(p,data,MD5_CBLOCK);
data+=MD5_CBLOCK;
#ifdef B_ENDIAN
for (sw=(MD5_LBLOCK/4); sw; sw--)
{
Endian_Reverse32(p[0]);
Endian_Reverse32(p[1]);
Endian_Reverse32(p[2]);
Endian_Reverse32(p[3]);
p+=4;
}
#endif
#else
for (sw=(MD5_LBLOCK/4); sw; sw--)
{
c2l(data,l); *(p++)=l;
c2l(data,l); *(p++)=l;
c2l(data,l); *(p++)=l;
c2l(data,l); *(p++)=l;
}
#endif
p=c->data;
md5_block(c,p);
len-=MD5_CBLOCK;
}
sc=(int)len;
c->num=sc;
if (sc)
{
sw=sc>>2; /* words to copy */
#ifdef L_ENDIAN
p[sw]=0;
memcpy(p,data,sc);
#else
sc&=0x03;
for ( ; sw; sw--)
{ c2l(data,l); *(p++)=l; }
c2l_p(data,l,sc);
*p=l;
#endif
}
}
static void md5_block(c, X)
MD5_CTX *c;
register ULONG *X;
{
register ULONG A,B,C,D;
A=c->A;
B=c->B;
C=c->C;
D=c->D;
/* Round 0 */
R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
R0(C,D,A,B,X[ 2],17,0x242070dbL);
R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
R0(D,A,B,C,X[ 5],12,0x4787c62aL);
R0(C,D,A,B,X[ 6],17,0xa8304613L);
R0(B,C,D,A,X[ 7],22,0xfd469501L);
R0(A,B,C,D,X[ 8], 7,0x698098d8L);
R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
R0(C,D,A,B,X[10],17,0xffff5bb1L);
R0(B,C,D,A,X[11],22,0x895cd7beL);
R0(A,B,C,D,X[12], 7,0x6b901122L);
R0(D,A,B,C,X[13],12,0xfd987193L);
R0(C,D,A,B,X[14],17,0xa679438eL);
R0(B,C,D,A,X[15],22,0x49b40821L);
/* Round 1 */
R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
R1(D,A,B,C,X[ 6], 9,0xc040b340L);
R1(C,D,A,B,X[11],14,0x265e5a51L);
R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
R1(D,A,B,C,X[10], 9,0x02441453L);
R1(C,D,A,B,X[15],14,0xd8a1e681L);
R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
R1(D,A,B,C,X[14], 9,0xc33707d6L);
R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
R1(B,C,D,A,X[ 8],20,0x455a14edL);
R1(A,B,C,D,X[13], 5,0xa9e3e905L);
R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
R1(C,D,A,B,X[ 7],14,0x676f02d9L);
R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
/* Round 2 */
R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
R2(D,A,B,C,X[ 8],11,0x8771f681L);
R2(C,D,A,B,X[11],16,0x6d9d6122L);
R2(B,C,D,A,X[14],23,0xfde5380cL);
R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
R2(B,C,D,A,X[10],23,0xbebfbc70L);
R2(A,B,C,D,X[13], 4,0x289b7ec6L);
R2(D,A,B,C,X[ 0],11,0xeaa127faL);
R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
R2(B,C,D,A,X[ 6],23,0x04881d05L);
R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
R2(D,A,B,C,X[12],11,0xe6db99e5L);
R2(C,D,A,B,X[15],16,0x1fa27cf8L);
R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
/* Round 3 */
R3(A,B,C,D,X[ 0], 6,0xf4292244L);
R3(D,A,B,C,X[ 7],10,0x432aff97L);
R3(C,D,A,B,X[14],15,0xab9423a7L);
R3(B,C,D,A,X[ 5],21,0xfc93a039L);
R3(A,B,C,D,X[12], 6,0x655b59c3L);
R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
R3(C,D,A,B,X[10],15,0xffeff47dL);
R3(B,C,D,A,X[ 1],21,0x85845dd1L);
R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
R3(C,D,A,B,X[ 6],15,0xa3014314L);
R3(B,C,D,A,X[13],21,0x4e0811a1L);
R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
R3(D,A,B,C,X[11],10,0xbd3af235L);
R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
R3(B,C,D,A,X[ 9],21,0xeb86d391L);
c->A+=A&0xffffffffL;
c->B+=B&0xffffffffL;
c->C+=C&0xffffffffL;
c->D+=D&0xffffffffL;
}
void MD5_Final(md, c)
unsigned char *md;
MD5_CTX *c;
{
register int i,j;
register ULONG l;
register ULONG *p;
static unsigned char end[4]={0x80,0x00,0x00,0x00};
unsigned char *cp=end;
/* c->num should definitly have room for at least one more byte. */
p=c->data;
j=c->num;
i=j>>2;
/* purify often complains about the following line as an
* Uninitialized Memory Read. While this can be true, the
* following p_c2l macro will reset l when that case is true.
* This is because j&0x03 contains the number of 'valid' bytes
* already in p[i]. If and only if j&0x03 == 0, the UMR will
* occur but this is also the only time p_c2l will do
* l= *(cp++) instead of l|= *(cp++)
* Many thanks to Alex Tang <altitude@cic.net> for pickup this
* 'potential bug' */
#ifdef PURIFY
if ((j&0x03) == 0) p[i]=0;
#endif
l=p[i];
p_c2l(cp,l,j&0x03);
p[i]=l;
i++;
/* i is the next 'undefined word' */
if (c->num >= MD5_LAST_BLOCK)
{
for (; i<MD5_LBLOCK; i++)
p[i]=0;
md5_block(c,p);
i=0;
}
for (; i<(MD5_LBLOCK-2); i++)
p[i]=0;
p[MD5_LBLOCK-2]=c->Nl;
p[MD5_LBLOCK-1]=c->Nh;
md5_block(c,p);
cp=md;
l=c->A; l2c(l,cp);
l=c->B; l2c(l,cp);
l=c->C; l2c(l,cp);
l=c->D; l2c(l,cp);
/* clear stuff, md5_block may be leaving some stuff on the stack
* but I'm not worried :-) */
c->num=0;
/* memset((char *)&c,0,sizeof(c));*/
}
#ifdef undef
int printit(l)
unsigned long *l;
{
int i,ii;
for (i=0; i<2; i++)
{
for (ii=0; ii<8; ii++)
{
fprintf(stderr,"%08lx ",l[i*8+ii]);
}
fprintf(stderr,"\n");
}
}
#endif
crypto/md/md5_locl.h 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md5_locl.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdlib.h>
#include <string.h>
#include "md5.h"
#define ULONG unsigned long
#define UCHAR unsigned char
#define UINT unsigned int
#if defined(NOCONST)
#define const
#endif
#undef c2l
#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
l|=(((unsigned long)(*((c)++)))<< 8), \
l|=(((unsigned long)(*((c)++)))<<16), \
l|=(((unsigned long)(*((c)++)))<<24))
#undef p_c2l
#define p_c2l(c,l,n) { \
switch (n) { \
case 0: l =((unsigned long)(*((c)++))); \
case 1: l|=((unsigned long)(*((c)++)))<< 8; \
case 2: l|=((unsigned long)(*((c)++)))<<16; \
case 3: l|=((unsigned long)(*((c)++)))<<24; \
} \
}
/* NOTE the pointer is not incremented at the end of this */
#undef c2l_p
#define c2l_p(c,l,n) { \
l=0; \
(c)+=n; \
switch (n) { \
case 3: l =((unsigned long)(*(--(c))))<<16; \
case 2: l|=((unsigned long)(*(--(c))))<< 8; \
case 1: l|=((unsigned long)(*(--(c)))) ; \
} \
}
#undef p_c2l_p
#define p_c2l_p(c,l,sc,len) { \
switch (sc) \
{ \
case 0: l =((unsigned long)(*((c)++))); \
if (--len == 0) break; \
case 1: l|=((unsigned long)(*((c)++)))<< 8; \
if (--len == 0) break; \
case 2: l|=((unsigned long)(*((c)++)))<<16; \
} \
}
#undef l2c
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff))
/* NOTE - c is not incremented as per l2c */
#undef l2cn
#define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
#if defined(WIN32)
/* 5 instructions with rotate instruction, else 9 */
#define Endian_Reverse32(a) \
{ \
unsigned long l=(a); \
(a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
}
#else
/* 6 instructions with rotate instruction, else 8 */
#define Endian_Reverse32(a) \
{ \
unsigned long l=(a); \
l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
(a)=ROTATE(l,16L); \
}
#endif
/*
#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
*/
/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
* simplified to the code below. Wei attributes these optimisations
* to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
*/
#define F(x,y,z) ((((y) ^ (z)) & (x)) ^ (z))
#define G(x,y,z) ((((x) ^ (y)) & (z)) ^ (y))
#define H(x,y,z) ((x) ^ (y) ^ (z))
#define I(x,y,z) (((x) | (~(z))) ^ (y))
#undef ROTATE
#if defined(WIN32)
#define ROTATE(a,n) _lrotl(a,n)
#else
#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
#endif
#define R0(a,b,c,d,k,s,t) { \
a+=((k)+(t)+F((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };\
#define R1(a,b,c,d,k,s,t) { \
a+=((k)+(t)+G((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };
#define R2(a,b,c,d,k,s,t) { \
a+=((k)+(t)+H((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };
#define R3(a,b,c,d,k,s,t) { \
a+=((k)+(t)+I((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };
crypto/md/md5_one.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md5_one.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "cryptlib.h"
#include "md5_locl.h"
unsigned char *MD5(d, n, md)
unsigned char *d;
unsigned long n;
unsigned char *md;
{
MD5_CTX c;
static unsigned char m[MD5_DIGEST_LENGTH];
if (md == NULL) md=m;
MD5_Init(&c);
MD5_Update(&c,d,n);
MD5_Final(md,&c);
memset(&c,0,sizeof(c)); /* security consideration */
return(md);
}
crypto/md/md5test.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/md/md5test.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "md5.h"
char *test[]={
"",
"a",
"abc",
"message digest",
"abcdefghijklmnopqrstuvwxyz",
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
NULL,
};
char *ret[]={
"d41d8cd98f00b204e9800998ecf8427e",
"0cc175b9c0f1b6a831c399e269772661",
"900150983cd24fb0d6963f7d28e17f72",
"f96b697d7cb7938d525a2f31aaf161d0",
"c3fcd3d76192e4007dfb496cca67e13b",
"d174ab98d277d9f5a5611c2c9f419d9f",
"57edf4a22be3c955ac49da2e2107b67a",
};
#ifndef NOPROTO
static char *pt(unsigned char *md);
#else
static char *pt();
#endif
int main(argc,argv)
int argc;
char *argv[];
{
int i,err=0;
unsigned char **P,**R;
char *p;
P=(unsigned char **)test;
R=(unsigned char **)ret;
i=1;
while (*P != NULL)
{
p=pt(MD5(*P,(unsigned long)strlen((char *)*P),NULL));
if (strcmp(p,(char *)*R) != 0)
{
printf("error calculating MD5 on '%s'\n",*P);
printf("got %s instead of %s\n",p,*R);
err++;
}
else
printf("test %d ok\n",i);
i++;
R++;
P++;
}
exit(err);
return(0);
}
static char *pt(md)
unsigned char *md;
{
int i;
static char buf[80];
for (i=0; i<MD5_DIGEST_LENGTH; i++)
sprintf(&(buf[i*2]),"%02x",md[i]);
return(buf);
}
crypto/rsa/rsa_enc.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
/* crypto/rsa/rsa_enc.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "cryptlib.h"
#include "bn.h"
#include "rsa.h"
#include "rand.h"
#ifndef NOPROTO
static int RSA_eay_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_private_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
#else
static int RSA_eay_public_encrypt();
static int RSA_eay_private_encrypt();
static int RSA_eay_public_decrypt();
static int RSA_eay_private_decrypt();
static int RSA_eay_mod_exp();
#endif
static RSA_METHOD rsa_pkcs1_eay_meth={
"Eric Young's PKCS#1 RSA",
RSA_eay_public_encrypt,
RSA_eay_public_decrypt,
RSA_eay_private_encrypt,
RSA_eay_private_decrypt,
RSA_eay_mod_exp,
BN_mod_exp,
NULL,
NULL,
};
RSA_METHOD *RSA_PKCS1_SSLeay()
{
return(&rsa_pkcs1_eay_meth);
}
static int RSA_eay_public_encrypt(flen, from, to, rsa, padding)
int flen;
unsigned char *from;
unsigned char *to;
RSA *rsa;
int padding;
{
BIGNUM *f=NULL,*ret=NULL;
int i,j,k,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
if ( (padding != RSA_PKCS1_PADDING) &&
(padding != RSA_SSLV23_PADDING))
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
num=BN_num_bytes(rsa->n);
if (flen > (num-11))
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
buf=(unsigned char *)Malloc(num);
if (buf == NULL)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
p=(unsigned char *)buf;
*(p++)=0;
*(p++)=2; /* Public Key BT (Block Type) */
/* pad out with non-zero random data */
j=num-3-flen;
RAND_bytes(p,j);
for (i=0; i<j; i++)
{
if (*p == '\0')
do {
RAND_bytes(p,1);
} while (*p == '\0');
p++;
}
if (padding == RSA_SSLV23_PADDING)
memset(&(p[-8]),3,8);
*(p++)='\0';
memcpy(p,from,(unsigned int)flen);
f=BN_new();
ret=BN_new();
if ((f == NULL) || (ret == NULL)) goto err;
if (BN_bin2bn(buf,num,f) == NULL) goto err;
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
j=BN_num_bytes(ret);
i=BN_bn2bin(ret,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
if (ctx != NULL) BN_CTX_free(ctx);
if (f != NULL) BN_free(f);
if (ret != NULL) BN_free(ret);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_private_encrypt(flen, from, to, rsa, padding)
int flen;
unsigned char *from;
unsigned char *to;
RSA *rsa;
int padding;
{
BIGNUM *f=NULL,*ret=NULL;
int i,j,k,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
if (padding != RSA_PKCS1_PADDING)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
num=BN_num_bytes(rsa->n);
if (flen > (num-11))
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
buf=(unsigned char *)Malloc(num);
if (buf == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
p=buf;
*(p++)=0;
*(p++)=1; /* Private Key BT (Block Type) */
/* padd out with 0xff data */
j=num-3-flen;
for (i=0; i<j; i++)
*(p++)=0xff;
*(p++)='\0';
memcpy(p,from,(unsigned int)flen);
ret=BN_new();
f=BN_new();
if ((ret == NULL) || (f == NULL)) goto err;
if (BN_bin2bn(buf,num,f) == NULL) goto err;
if ( (rsa->p != NULL) &&
(rsa->q != NULL) &&
(rsa->dmp1 != NULL) &&
(rsa->dmq1 != NULL) &&
(rsa->iqmp != NULL))
{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
else
{ if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
p=buf;
BN_bn2bin(ret,p);
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
j=BN_num_bytes(ret);
i=BN_bn2bin(ret,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
if (ctx != NULL) BN_CTX_free(ctx);
if (ret != NULL) BN_free(ret);
if (f != NULL) BN_free(f);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_private_decrypt(flen, from, to, rsa,padding)
int flen;
unsigned char *from;
unsigned char *to;
RSA *rsa;
int padding;
{
BIGNUM *f=NULL,*ret=NULL;
int i,j,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
if ((padding != RSA_PKCS1_PADDING) && (padding != RSA_SSLV23_PADDING))
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
num=BN_num_bytes(rsa->n);
buf=(unsigned char *)Malloc(num);
if (buf == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
/* This check was for equallity but PGP does evil things
* and chops off the top '0' bytes */
if (flen > num)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
goto err;
}
/* make data into a big number */
ret=BN_new();
f=BN_new();
if ((ret == NULL) || (f == NULL)) goto err;
if (BN_bin2bn(from,(int)flen,f) == NULL) goto err;
/* do the decrypt */
if ( (rsa->p != NULL) &&
(rsa->q != NULL) &&
(rsa->dmp1 != NULL) &&
(rsa->dmq1 != NULL) &&
(rsa->iqmp != NULL))
{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
else
{ if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
p=buf;
BN_bn2bin(ret,p);
/* BT must be 02 */
if (*(p++) != 02)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_02);
goto err;
}
/* scan over padding data */
j=num-2; /* one for type and one for the prepended 0. */
for (i=0; i<j; i++)
if (*(p++) == 0) break;
if (i == j)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
goto err;
}
if (i < 8)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
goto err;
}
#undef RSA_DEBUG
#ifdef RSA_DEBUG
{
int z;
unsigned char *q;
q= &(p[-9]);
fprintf(stderr,"\n");
for (z=0; z<8; z++) fprintf(stderr,"%02X",q[z]);
fprintf(stderr,"\n");
}
#endif
if (padding == RSA_SSLV23_PADDING)
{
int z;
unsigned char *q;
/* -9 because we have jumped the '\0' */
q= &(p[-9]);
for (z=0; z<8; z++)
{
if (*(q++) != 0x03)
break;
}
if (z == 8)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_SSLV3_ROLLBACK_ATTACK);
goto err;
}
}
/* skip over the '\0' */
i++;
j-=i;
/* output data */
memcpy(to,p,(unsigned int)j);
r=j;
err:
if (ctx != NULL) BN_CTX_free(ctx);
if (f != NULL) BN_free(f);
if (ret != NULL) BN_free(ret);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_public_decrypt(flen, from, to, rsa, padding)
int flen;
unsigned char *from;
unsigned char *to;
RSA *rsa;
int padding;
{
BIGNUM *f=NULL,*ret=NULL;
int i,j,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
if (padding != RSA_PKCS1_PADDING)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
num=BN_num_bytes(rsa->n);
buf=(unsigned char *)Malloc(num);
if (buf == NULL)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
/* This check was for equallity but PGP does evil things
* and chops off the top '0' bytes */
if (flen > num)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
goto err;
}
/* make data into a big number */
f=BN_new();
ret=BN_new();
if ((f == NULL) || (ret == NULL)) goto err;
if (BN_bin2bn(from,flen,f) == NULL) goto err;
/* do the decrypt */
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
p=buf;
i=BN_bn2bin(ret,p);
/* BT must be 01 */
if (*(p++) != 01)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_01);
goto err;
}
/* scan over padding data */
j=num-2; /* one for type and one for the prepended 0. */
for (i=0; i<j; i++)
{
if (*p != 0xff) /* should decrypt to 0xff */
{
if (*p == 0)
{ p++; break; }
else {
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_FIXED_HEADER_DECRYPT);
goto err;
}
}
p++;
}
if (i == j)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
goto err;
}
if (i < 8)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
goto err;
}
/* skip over the '\0' */
i++;
j-=i;
/* output data */
memcpy(to,p,(unsigned int)j);
r=j;
err:
if (ctx != NULL) BN_CTX_free(ctx);
if (f != NULL) BN_free(f);
if (ret != NULL) BN_free(ret);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_mod_exp(r0, I, rsa)
BIGNUM *r0;
BIGNUM *I;
RSA *rsa;
{
BIGNUM *r1=NULL,*m1=NULL;
int ret=0;
BN_CTX *ctx;
if ((ctx=BN_CTX_new()) == NULL) goto err;
m1=BN_new();
r1=BN_new();
if ((m1 == NULL) || (r1 == NULL)) goto err;
if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx)) goto err;
if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx)) goto err;
if (!BN_add(r1,r0,rsa->p)) goto err;
if (!BN_sub(r0,r1,m1)) goto err;
if (!BN_mul(r1,r0,rsa->iqmp)) goto err;
if (!BN_mod(r0,r1,rsa->p,ctx)) goto err;
if (!BN_mul(r1,r0,rsa->q)) goto err;
if (!BN_add(r0,r1,m1)) goto err;
ret=1;
err:
if (m1 != NULL) BN_free(m1);
if (r1 != NULL) BN_free(r1);
BN_CTX_free(ctx);
return(ret);
}
crypto/x509/attrib 已删除 100644 → 0
浏览文件 @ 2c2cba0d
PKCS7
STACK of X509_ATTRIBUTES
ASN1_OBJECT
STACK of ASN1_TYPE
So it is
p7.xa[].obj
p7.xa[].data[]
get_obj_by_nid(STACK , nid)
get_num_by_nid(STACK , nid)
get_data_by_nid(STACK , nid, index)
X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
int nid, STACK *value);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
int nid, STACK *value);
int X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
int X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
ASN1_TYPE *value);
ASN1_OBJECT * X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
int X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
ASN1_TYPE * X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
ASN1_TYPE * X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
ASN1_OBJECT *obj);
X509_ATTRUBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
X509_ATTRUBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
crypto/x509/f 已删除 100644 → 0
浏览文件 @ 2c2cba0d
*** x509name.c Wed Jul 2 09:35:35 1997
--- /home/eay/play/x Sat Jul 5 01:39:56 1997
***************
*** 1,202 ****
! /* crypto/x509/x509name.c */
! /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
! * All rights reserved.
! *
! * This package is an SSL implementation written
! * by Eric Young (eay@cryptsoft.com).
! * The implementation was written so as to conform with Netscapes SSL.
! *
! * This library is free for commercial and non-commercial use as long as
! * the following conditions are aheared to. The following conditions
! * apply to all code found in this distribution, be it the RC4, RSA,
! * lhash, DES, etc., code; not just the SSL code. The SSL documentation
! * included with this distribution is covered by the same copyright terms
! * except that the holder is Tim Hudson (tjh@cryptsoft.com).
! *
! * Copyright remains Eric Young's, and as such any Copyright notices in
! * the code are not to be removed.
! * If this package is used in a product, Eric Young should be given attribution
! * as the author of the parts of the library used.
! * This can be in the form of a textual message at program startup or
! * in documentation (online or textual) provided with the package.
! *
! * Redistribution and use in source and binary forms, with or without
! * modification, are permitted provided that the following conditions
! * are met:
! * 1. Redistributions of source code must retain the copyright
! * notice, this list of conditions and the following disclaimer.
! * 2. Redistributions in binary form must reproduce the above copyright
! * notice, this list of conditions and the following disclaimer in the
! * documentation and/or other materials provided with the distribution.
! * 3. All advertising materials mentioning features or use of this software
! * must display the following acknowledgement:
! * "This product includes cryptographic software written by
! * Eric Young (eay@cryptsoft.com)"
! * The word 'cryptographic' can be left out if the rouines from the library
! * being used are not cryptographic related :-).
! * 4. If you include any Windows specific code (or a derivative thereof) from
! * the apps directory (application code) you must include an acknowledgement:
! * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
! *
! * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
! * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
! * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! * SUCH DAMAGE.
! *
! * The licence and distribution terms for any publically available version or
! * derivative of this code cannot be changed. i.e. this code cannot simply be
! * copied and put under another distribution licence
! * [including the GNU Public Licence.]
! */
!
! #include <stdio.h>
! #include "stack.h"
! #include "cryptlib.h"
! #include "asn1.h"
! #include "objects.h"
! #include "evp.h"
! #include "x509.h"
!
! int X509_NAME_get_text_by_NID(name,nid,buf,len)
! X509_NAME *name;
! int nid;
! char *buf;
! int len;
{
ASN1_OBJECT *obj;
obj=OBJ_nid2obj(nid);
! if (obj == NULL) return(-1);
! return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
}
- int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
- X509_NAME *name;
- ASN1_OBJECT *obj;
- char *buf;
- int len;
- {
- int i;
- ASN1_STRING *data;
! i=X509_NAME_get_index_by_OBJ(name,obj,0);
! if (i < 0) return(-1);
! data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
! i=(data->length > (len-1))?(len-1):data->length;
! if (buf == NULL) return(data->length);
! memcpy(buf,data->data,i);
! buf[i]='\0';
! return(i);
! }
! int X509_NAME_entry_count(name)
! X509_NAME *name;
{
! if (name == NULL) return(0);
! return(sk_num(name->entries));
}
! int X509_NAME_get_index_by_NID(name,nid,oldpos)
! X509_NAME *name;
! int nid;
! int oldpos;
! {
! ASN1_OBJECT *obj;
! obj=OBJ_nid2obj(nid);
! if (obj == NULL) return(-2);
! return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
}
- int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
- X509_NAME *name;
- ASN1_OBJECT *obj;
- int oldpos;
- {
- int n;
- X509_NAME_ENTRY *ne;
- STACK *sk;
! if (name == NULL) return(-1);
! if (oldpos < 0)
! oldpos= -1;
! sk=name->entries;
! n=sk_num(sk);
! for (oldpos++; oldpos < n; oldpos++)
{
! ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
! if (OBJ_cmp(ne->object,obj) == 0)
! return(oldpos);
}
! return(-1);
}
- X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
- X509_NAME *name;
- int loc;
- {
- if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
- return(NULL);
- else
- return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
- }
! X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
! X509_NAME *name;
! int loc;
{
! X509_NAME_ENTRY *ret;
! int i,j,n,set_prev,set_next;
! STACK *sk;
!
! if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
! return(NULL);
! sk=name->entries;
! ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
! n=sk_num(sk);
! name->modified=1;
! if (loc == n) return(ret);
!
! /* else we need to fixup the set field */
! if (loc != 0)
! set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
! else
! set_prev=ret->set-1;
! set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
! /* set_prev is the previous set
! * set is the current set
! * set_next is the following
! * prev 1 1 1 1 1 1 1 1
! * set 1 1 2 2
! * next 1 1 2 2 2 2 3 2
! * so basically only if prev and next differ by 2, then
! * re-number down by 1 */
! if (set_prev+1 < set_next)
! {
! j=set_next-set_prev-1;
! for (i=loc; i<n; i++)
! ((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
! }
! return(ret);
}
/* if set is -1, append to previous set, 0 'a new one', and 1,
* prepend to the guy we are about to stomp on. */
! int X509_NAME_add_entry(name,ne,loc,set)
! X509_NAME *name;
! X509_NAME_ENTRY *ne;
! int loc;
! int set;
{
! X509_NAME_ENTRY *new_name=NULL;
int n,i,inc;
STACK *sk;
--- 1,77 ----
! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
! int type,unsigned char *bytes, int len)
{
ASN1_OBJECT *obj;
obj=OBJ_nid2obj(nid);
! if (obj == NULL)
! {
! X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
! return(NULL);
! }
! return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
}
! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
! ASN1_OBJECT *obj, int type,unsigned char *bytes,
! int len)
! {
! X509_NAME_ENTRY *ret;
! if ((ne == NULL) || (*ne == NULL))
{
! if ((ret=X509_NAME_ENTRY_new()) == NULL)
! return(NULL);
}
+ else
+ ret= *ne;
! if (!X509_NAME_ENTRY_set_object(ret,obj))
! goto err;
! if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
! goto err;
! if ((ne != NULL) && (*ne == NULL)) *ne=ret;
! return(ret);
! err:
! if ((ne == NULL) || (ret != *ne))
! X509_NAME_ENTRY_free(ret);
! return(NULL);
}
! int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
! {
! if ((ne == NULL) || (obj == NULL))
{
! X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
! return(0);
}
! ASN1_OBJECT_free(ne->object);
! ne->object=OBJ_dup(obj);
! return((ne->object == NULL)?0:1);
}
! int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne,int type,unsigned char *bytes,int len)
{
! int i;
! if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
! if (len < 0) len=strlen((char *)bytes);
! i=ASN1_STRING_set(ne->value,bytes,len);
! if (!i) return(0);
! ne->value->type=ASN1_PRINTABLE_type(bytes,len);
! return(1);
}
/* if set is -1, append to previous set, 0 'a new one', and 1,
* prepend to the guy we are about to stomp on. */
! int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,int loc,int set)
{
! /* ERIC: renamed new to nenew for C++ users --tjh */
! X509_NAME_ENTRY *nenew;
int n,i,inc;
STACK *sk;
***************
*** 206,213 ****
if (loc > n) loc=n;
else if (loc < 0) loc=n;
- name->modified=1;
-
if (set == -1)
{
if (loc == 0)
--- 81,86 ----
***************
*** 223,245 ****
}
else /* if (set >= 0) */
{
- inc=(set == 0)?1:0;
if (loc >= n)
{
if (loc != 0)
set=((X509_NAME_ENTRY *)
! sk_value(sk,n-1))->set+1;
else
set=0;
}
else
set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
}
! if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
goto err;
! new_name->set=set;
! if (!sk_insert(sk,(char *)new_name,loc))
{
X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
goto err;
--- 96,122 ----
}
else /* if (set >= 0) */
{
if (loc >= n)
{
if (loc != 0)
set=((X509_NAME_ENTRY *)
! sk_value(sk,loc-1))->set+1;
else
set=0;
}
else
set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+ inc=(set == 0)?1:0;
}
! if ((nenew=X509_NAME_ENTRY_dup(ne)) == NULL)
goto err;
! /* eric forgot to put this in when he cut the nice
! * interface so that I don't have to do the icky things
! * that req.c does --tjh :-)
! */
! nenew->set=set;
! if (!sk_insert(sk,(char *)nenew,loc))
{
X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
goto err;
***************
*** 252,357 ****
}
return(1);
err:
! if (new_name != NULL)
X509_NAME_ENTRY_free(ne);
return(0);
- }
-
- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len)
- X509_NAME_ENTRY **ne;
- int nid;
- int type;
- unsigned char *bytes;
- int len;
- {
- ASN1_OBJECT *obj;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL)
- {
- X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
- return(NULL);
- }
- return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
- }
-
- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)
- X509_NAME_ENTRY **ne;
- ASN1_OBJECT *obj;
- int type;
- unsigned char *bytes;
- int len;
- {
- X509_NAME_ENTRY *ret;
-
- if ((ne == NULL) || (*ne == NULL))
- {
- if ((ret=X509_NAME_ENTRY_new()) == NULL)
- return(NULL);
- }
- else
- ret= *ne;
-
- if (!X509_NAME_ENTRY_set_object(ret,obj))
- goto err;
- if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
- goto err;
-
- if ((ne != NULL) && (*ne == NULL)) *ne=ret;
- return(ret);
- err:
- if ((ne == NULL) || (ret != *ne))
- X509_NAME_ENTRY_free(ret);
- return(NULL);
- }
-
- int X509_NAME_ENTRY_set_object(ne,obj)
- X509_NAME_ENTRY *ne;
- ASN1_OBJECT *obj;
- {
- if ((ne == NULL) || (obj == NULL))
- {
- X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- ASN1_OBJECT_free(ne->object);
- ne->object=OBJ_dup(obj);
- return((ne->object == NULL)?0:1);
- }
-
- int X509_NAME_ENTRY_set_data(ne,type,bytes,len)
- X509_NAME_ENTRY *ne;
- int type;
- unsigned char *bytes;
- int len;
- {
- int i;
-
- if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
- if (len < 0) len=strlen((char *)bytes);
- i=ASN1_STRING_set(ne->value,bytes,len);
- if (!i) return(0);
- if (type != V_ASN1_UNDEF)
- {
- if (type == V_ASN1_APP_CHOOSE)
- ne->value->type=ASN1_PRINTABLE_type(bytes,len);
- else
- ne->value->type=type;
- }
- return(1);
- }
-
- ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne)
- X509_NAME_ENTRY *ne;
- {
- if (ne == NULL) return(NULL);
- return(ne->object);
- }
-
- ASN1_STRING *X509_NAME_ENTRY_get_data(ne)
- X509_NAME_ENTRY *ne;
- {
- if (ne == NULL) return(NULL);
- return(ne->value);
}
--- 129,136 ----
}
return(1);
err:
! if (nenew != NULL)
X509_NAME_ENTRY_free(ne);
return(0);
}
crypto/x509/x509.doc 已删除 100644 → 0
浏览文件 @ 2c2cba0d
X509_verify()
X509_sign()
X509_get_version()
X509_get_serialNumber()
X509_get_issuer()
X509_get_subject()
X509_get_notBefore()
X509_get_notAfter()
X509_get_pubkey()
X509_set_version()
X509_set_serialNumber()
X509_set_issuer()
X509_set_subject()
X509_set_notBefore()
X509_set_notAfter()
X509_set_pubkey()
X509_get_extensions()
X509_set_extensions()
X509_EXTENSIONS_clear()
X509_EXTENSIONS_retrieve()
X509_EXTENSIONS_add()
X509_EXTENSIONS_delete()
crypto/x509/x509v3.doc 已删除 100644 → 0
浏览文件 @ 2c2cba0d
The 'new' system.
The X509_EXTENSION_METHOD includes extensions and attributes and/or names.
Basically everthing that can be added to an X509 with an OID identifying it.
It operates via 2 methods per object id.
int a2i_XXX(X509 *x,char *str,int len);
int i2a_XXX(BIO *bp,X509 *x);
The a2i_XXX function will add the object with a value converted from the
string into the X509. Len can be -1 in which case the length is calculated
via strlen(str). Applications can always use direct knowledge to load and
unload the relevent objects themselves.
i2a_XXX will print to the passed BIO, a text representation of the
relevet object. Use a memory BIO if you want it printed to a buffer :-).
X509_add_by_NID(X509 *x,int nid,char *str,int len);
X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
X509_print_by_name(BIO *bp,X509 *x);
X509_print_by_NID(BIO *bp,X509 *x);
X509_print_by_OBJ(BIO *bp,X509 *x);
doc/ssleay.txt
浏览文件 @ 155d7a0e
......@@ -35,6 +35,286 @@ ASN.1 - parsing
PEM - parsing
==== ssl/readme =====================================================
22 Jun 1996
This file belongs in ../apps, but I'll leave it here because it deals
with SSL :-) It is rather dated but it gives you an idea of how
things work.
===
17 Jul 1995
I have been changing things quite a bit and have not fully updated
this file, so take what you read with a grain of salt
eric
===
The s_client and s_server programs can be used to test SSL capable
IP/port addresses and the verification of the X509 certificates in use
by these services. I strongly advise having a look at the code to get
an idea of how to use the authentication under SSLeay. Any feedback
on changes and improvements would be greatly accepted.
This file will probably be gibberish unless you have read
rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM
authentication.
A Brief outline (and examples) how to use them to do so.
NOTE:
The environment variable SSL_CIPER is used to specify the prefered
cipher to use, play around with setting it's value to combinations of
RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL
in a : separated list.
This directory contains 3 X509 certificates which can be used by these programs.
client.pem: a file containing a certificate and private key to be used
by s_client.
server.pem :a file containing a certificate and private key to be used
by s_server.
eay1024.pem:the certificate used to sign client.pem and server.pem.
This would be your CA's certificate. There is also a link
from the file a8556381.0 to eay1024.PEM. The value a8556381
is returned by 'x509 -hash -noout <eay1024.pem' and is the
value used by X509 verification routines to 'find' this
certificte when search a directory for it.
[the above is not true any more, the CA cert is
../certs/testca.pem which is signed by ../certs/mincomca.pem]
When testing the s_server, you may get
bind: Address already in use
errors. These indicate the port is still being held by the unix
kernel and you are going to have to wait for it to let go of it. If
this is the case, remember to use the port commands on the s_server and
s_client to talk on an alternative port.
=====
s_client.
This program can be used to connect to any IP/hostname:port that is
talking SSL. Once connected, it will attempt to authenticate the
certificate it was passed and if everything works as expected, a 2
directional channel will be open. Any text typed will be sent to the
other end. type Q<cr> to exit. Flags are as follows.
-host arg : Arg is the host or IP address to connect to.
-port arg : Arg is the port to connect to (https is 443).
-verify arg : Turn on authentication of the server certificate.
: Arg specifies the 'depth', this will covered below.
-cert arg : The optional certificate to use. This certificate
: will be returned to the server if the server
: requests it for client authentication.
-key arg : The private key that matches the certificate
: specified by the -cert option. If this is not
: specified (but -cert is), the -cert file will be
: searched for the Private key. Both files are
: assumed to be in PEM format.
-CApath arg : When to look for certificates when 'verifying' the
: certificate from the server.
-CAfile arg : A file containing certificates to be used for
: 'verifying' the server certificate.
-reconnect : Once a connection has been made, drop it and
: reconnect with same session-id. This is for testing :-).
The '-verify n' parameter specifies not only to verify the servers
certificate but to also only take notice of 'n' levels. The best way
to explain is to show via examples.
Given
s_server -cert server.PEM is running.
s_client
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:1
CIPHER is CBC-DES-MD5
What has happened is that the 'SSLeay demo server' certificate's
issuer ('CA') could not be found but because verify is not on, we
don't care and the connection has been made anyway. It is now 'up'
using CBC-DES-MD5 mode. This is an unauthenticate secure channel.
You may not be talking to the right person but the data going to them
is encrypted.
s_client -verify 0
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:1
CIPHER is CBC-DES-MD5
We are 'verifying' but only to depth 0, so since the 'SSLeay demo server'
certificate passed the date and checksum, we are happy to proceed.
s_client -verify 1
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:0
ERROR
verify error:unable to get issuer certificate
In this case we failed to make the connection because we could not
authenticate the certificate because we could not find the
'CA' certificate.
s_client -verify 1 -CAfile eay1024.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
We loaded the certificates from the file eay1024.PEM. Everything
checked out and so we made the connection.
s_client -verify 1 -CApath .
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
We looked in out local directory for issuer certificates and 'found'
a8556381.0 and so everything is ok.
It is worth noting that 'CA' is a self certified certificate. If you
are passed one of these, it will fail to 'verify' at depth 0 because
we need to lookup the certifier of a certificate from some information
that we trust and keep locally.
SSL_CIPHER=CBC3-DES-MD5:RC4-MD5
export SSL_CIPHER
s_client -verify 10 -CApath . -reconnect
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
drop the connection and reconnect with the same session id
CIPHER is CBC3-DES-MD5
This has done a full connection and then re-estabished it with the
same session id but a new socket. No RSA stuff occures on the second
connection. Note that we said we would prefer to use CBC3-DES-MD5
encryption and so, since the server supports it, we are.
=====
s_server
This program accepts SSL connections on a specified port
Once connected, it will estabish an SSL connection and optionaly
attempt to authenticate the client. A 2 directional channel will be
open. Any text typed will be sent to the other end. Type Q<cr> to exit.
Flags are as follows.
-port arg : Arg is the port to listen on.
-verify arg : Turn on authentication of the client if they have a
: certificate. Arg specifies the 'depth'.
-Verify arg : Turn on authentication of the client. If they don't
: have a valid certificate, drop the connection.
-cert arg : The certificate to use. This certificate
: will be passed to the client. If it is not
: specified, it will default to server.PEM
-key arg : The private key that matches the certificate
: specified by the -cert option. If this is not
: specified (but -cert is), the -cert file will be
: searched for the Private key. Both files are
: assumed to be in PEM format. Default is server.PEM
-CApath arg : When to look for certificates when 'verifying' the
: certificate from the client.
-CAfile arg : A file containing certificates to be used for
: 'verifying' the client certificate.
For the following 'demo' I will specify the s_server command and
the s_client command and then list the output from the s_server.
s_server
s_client
CONNECTED
CIPHER is CBC-DES-MD5
Everything up and running
s_server -verify 0
s_client
CONNECTED
CIPHER is CBC-DES-MD5
Ok since no certificate was returned and we don't care.
s_server -verify 0
./s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:1
CIPHER is CBC-DES-MD5
Ok since we were only verifying to level 0
s_server -verify 4
s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:0
ERROR
verify error:unable to get issuer certificate
Bad because we could not authenticate the returned certificate.
s_server -verify 4 -CApath .
s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
Ok because we could authenticate the returned certificate :-).
s_server -Verify 0 -CApath .
s_client
CONNECTED
ERROR
SSL error:function is:REQUEST_CERTIFICATE
:error is :client end did not return a certificate
Error because no certificate returned.
s_server -Verify 4 -CApath .
s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
Full authentication of the client.
So in summary to do full authentication of both ends
s_server -Verify 9 -CApath .
s_client -cert client.PEM -CApath . -verify 9
From the server side
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
From the client side
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
For general probing of the 'internet https' servers for the
distribution area, run
s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash
Then enter
GET /
and you should be talking to the https server on that host.
www.rsa.com was refusing to respond to connections on 443 when I was
testing.
have fun :-).
eric
==== a_verify.doc ========================================================
From eay@mincom.com Fri Oct 4 18:29:06 1996
......@@ -121,6 +401,100 @@ eric
Eric Young | BOOL is tri-state according to Bill Gates.
AARNet: eay@mincom.oz.au | RTFM Win32 GetMessage().
==== x509 =======================================================
X509_verify()
X509_sign()
X509_get_version()
X509_get_serialNumber()
X509_get_issuer()
X509_get_subject()
X509_get_notBefore()
X509_get_notAfter()
X509_get_pubkey()
X509_set_version()
X509_set_serialNumber()
X509_set_issuer()
X509_set_subject()
X509_set_notBefore()
X509_set_notAfter()
X509_set_pubkey()
X509_get_extensions()
X509_set_extensions()
X509_EXTENSIONS_clear()
X509_EXTENSIONS_retrieve()
X509_EXTENSIONS_add()
X509_EXTENSIONS_delete()
==== x509 attribute ================================================
PKCS7
STACK of X509_ATTRIBUTES
ASN1_OBJECT
STACK of ASN1_TYPE
So it is
p7.xa[].obj
p7.xa[].data[]
get_obj_by_nid(STACK , nid)
get_num_by_nid(STACK , nid)
get_data_by_nid(STACK , nid, index)
X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
int nid, STACK *value);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
int nid, STACK *value);
int X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
int X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
ASN1_TYPE *value);
ASN1_OBJECT * X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
int X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
ASN1_TYPE * X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
ASN1_TYPE * X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
ASN1_OBJECT *obj);
X509_ATTRIBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
X509_ATTRIBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
==== x509 v3 ========================================================
The 'new' system.
The X509_EXTENSION_METHOD includes extensions and attributes and/or names.
Basically everthing that can be added to an X509 with an OID identifying it.
It operates via 2 methods per object id.
int a2i_XXX(X509 *x,char *str,int len);
int i2a_XXX(BIO *bp,X509 *x);
The a2i_XXX function will add the object with a value converted from the
string into the X509. Len can be -1 in which case the length is calculated
via strlen(str). Applications can always use direct knowledge to load and
unload the relevent objects themselves.
i2a_XXX will print to the passed BIO, a text representation of the
relevet object. Use a memory BIO if you want it printed to a buffer :-).
X509_add_by_NID(X509 *x,int nid,char *str,int len);
X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
X509_print_by_name(BIO *bp,X509 *x);
X509_print_by_NID(BIO *bp,X509 *x);
X509_print_by_OBJ(BIO *bp,X509 *x);
==== verify ========================================================
X509_verify_cert_chain(
......@@ -1562,6 +1936,10 @@ char *cb_arg
callback(1,round++,cb_arg). Each successful 'round' in BN_is_prime().
callback(2,round,cb_arg). For each successful BN_is_prime() test.
Hints
-----
DSA wants 64*32 to use word mont mul, but RSA wants to use full.
==== callback.doc ========================================================
......@@ -4518,6 +4896,35 @@ int (*cmp)());
normal system bsearch(3) if it is present. This version also
has tolerance of being passed NULL pointers.
==== keys ===========================================================
EVP_PKEY_DSA
EVP_PKEY_DSA2
EVP_PKEY_DSA3
EVP_PKEY_DSA4
EVP_PKEY_RSA
EVP_PKEY_RSA2
valid DSA pkey types
NID_dsa
NID_dsaWithSHA
NID_dsaWithSHA1
NID_dsaWithSHA1_2
valid RSA pkey types
NID_rsaEncryption
NID_rsa
NID_dsaWithSHA NID_dsaWithSHA DSA SHA
NID_dsa NID_dsaWithSHA1 DSA SHA1
NID_md2 NID_md2WithRSAEncryption RSA-pkcs1 MD2
NID_md5 NID_md5WithRSAEncryption RSA-pkcs1 MD5
NID_mdc2 NID_mdc2WithRSA RSA-none MDC2
NID_ripemd160 NID_ripemd160WithRSA RSA-pkcs1 RIPEMD160
NID_sha NID_shaWithRSAEncryption RSA-pkcs1 SHA
NID_sha1 NID_sha1WithRSAEncryption RSA-pkcs1 SHA1
==== rand.doc ========================================================
My Random number library.
......
ssl/KEYS 已删除 100644 → 0
浏览文件 @ 2c2cba0d
EVP_PKEY_DSA
EVP_PKEY_DSA2
EVP_PKEY_DSA3
EVP_PKEY_DSA4
EVP_PKEY_RSA
EVP_PKEY_RSA2
valid DSA pkey types
NID_dsa
NID_dsaWithSHA
NID_dsaWithSHA1
NID_dsaWithSHA1_2
valid RSA pkey types
NID_rsaEncryption
NID_rsa
NID_dsaWithSHA NID_dsaWithSHA DSA SHA
NID_dsa NID_dsaWithSHA1 DSA SHA1
NID_md2 NID_md2WithRSAEncryption RSA-pkcs1 MD2
NID_md5 NID_md5WithRSAEncryption RSA-pkcs1 MD5
NID_mdc2 NID_mdc2WithRSA RSA-none MDC2
NID_ripemd160 NID_ripemd160WithRSA RSA-pkcs1 RIPEMD160
NID_sha NID_shaWithRSAEncryption RSA-pkcs1 SHA
NID_sha1 NID_sha1WithRSAEncryption RSA-pkcs1 SHA1
:w
ssl/bio_ssl.orig.c 已删除 100644 → 0
浏览文件 @ 2c2cba0d
此差异已折叠。
ssl/build 已删除 100644 → 0
浏览文件 @ 2c2cba0d
#!/bin/sh
for i in BUILD_SSLV23 BUILD_SSLV2 BUILD_SSLV3 BUILD_SSL_COMMON BUILD_SSL_BIO BUILD_SSL_OPTIONAL
do
time gcc -D$i -o $i.o -c -I. -I../include -O3 -fomit-frame-pointer ssl.c
done
ssl/changes.ssl 已删除 100644 → 0
浏览文件 @ 2c2cba0d
Must do a
SSL_init_eay_ciphers();
before calls to SSL_CTX_new()
SSL_CTX *SSL_CTX_new(void ) -> SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
SSL_CTX_set_cert_verify_cb -> the callback is now
int callback(char *arg,SSL *s,X509 *xs,STACK *cert_chain);
where the 'cert_chain' has been added.
ssl/readme 已删除 100644 → 0
浏览文件 @ 2c2cba0d
22 Jun 1996
This file belongs in ../apps, but I'll leave it here because it deals
with SSL :-) It is rather dated but it gives you an idea of how
things work.
===
17 Jul 1995
I have been changing things quite a bit and have not fully updated
this file, so take what you read with a grain of salt
eric
===
The s_client and s_server programs can be used to test SSL capable
IP/port addresses and the verification of the X509 certificates in use
by these services. I strongly advise having a look at the code to get
an idea of how to use the authentication under SSLeay. Any feedback
on changes and improvements would be greatly accepted.
This file will probably be gibberish unless you have read
rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM
authentication.
A Brief outline (and examples) how to use them to do so.
NOTE:
The environment variable SSL_CIPER is used to specify the prefered
cipher to use, play around with setting it's value to combinations of
RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL
in a : separated list.
This directory contains 3 X509 certificates which can be used by these programs.
client.pem: a file containing a certificate and private key to be used
by s_client.
server.pem :a file containing a certificate and private key to be used
by s_server.
eay1024.pem:the certificate used to sign client.pem and server.pem.
This would be your CA's certificate. There is also a link
from the file a8556381.0 to eay1024.PEM. The value a8556381
is returned by 'x509 -hash -noout <eay1024.pem' and is the
value used by X509 verification routines to 'find' this
certificte when search a directory for it.
[the above is not true any more, the CA cert is
../certs/testca.pem which is signed by ../certs/mincomca.pem]
When testing the s_server, you may get
bind: Address already in use
errors. These indicate the port is still being held by the unix
kernel and you are going to have to wait for it to let go of it. If
this is the case, remember to use the port commands on the s_server and
s_client to talk on an alternative port.
=====
s_client.
This program can be used to connect to any IP/hostname:port that is
talking SSL. Once connected, it will attempt to authenticate the
certificate it was passed and if everything works as expected, a 2
directional channel will be open. Any text typed will be sent to the
other end. type Q<cr> to exit. Flags are as follows.
-host arg : Arg is the host or IP address to connect to.
-port arg : Arg is the port to connect to (https is 443).
-verify arg : Turn on authentication of the server certificate.
: Arg specifies the 'depth', this will covered below.
-cert arg : The optional certificate to use. This certificate
: will be returned to the server if the server
: requests it for client authentication.
-key arg : The private key that matches the certificate
: specified by the -cert option. If this is not
: specified (but -cert is), the -cert file will be
: searched for the Private key. Both files are
: assumed to be in PEM format.
-CApath arg : When to look for certificates when 'verifying' the
: certificate from the server.
-CAfile arg : A file containing certificates to be used for
: 'verifying' the server certificate.
-reconnect : Once a connection has been made, drop it and
: reconnect with same session-id. This is for testing :-).
The '-verify n' parameter specifies not only to verify the servers
certificate but to also only take notice of 'n' levels. The best way
to explain is to show via examples.
Given
s_server -cert server.PEM is running.
s_client
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:1
CIPHER is CBC-DES-MD5
What has happened is that the 'SSLeay demo server' certificate's
issuer ('CA') could not be found but because verify is not on, we
don't care and the connection has been made anyway. It is now 'up'
using CBC-DES-MD5 mode. This is an unauthenticate secure channel.
You may not be talking to the right person but the data going to them
is encrypted.
s_client -verify 0
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:1
CIPHER is CBC-DES-MD5
We are 'verifying' but only to depth 0, so since the 'SSLeay demo server'
certificate passed the date and checksum, we are happy to proceed.
s_client -verify 1
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:0
ERROR
verify error:unable to get issuer certificate
In this case we failed to make the connection because we could not
authenticate the certificate because we could not find the
'CA' certificate.
s_client -verify 1 -CAfile eay1024.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
We loaded the certificates from the file eay1024.PEM. Everything
checked out and so we made the connection.
s_client -verify 1 -CApath .
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
We looked in out local directory for issuer certificates and 'found'
a8556381.0 and so everything is ok.
It is worth noting that 'CA' is a self certified certificate. If you
are passed one of these, it will fail to 'verify' at depth 0 because
we need to lookup the certifier of a certificate from some information
that we trust and keep locally.
SSL_CIPHER=CBC3-DES-MD5:RC4-MD5
export SSL_CIPHER
s_client -verify 10 -CApath . -reconnect
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
drop the connection and reconnect with the same session id
CIPHER is CBC3-DES-MD5
This has done a full connection and then re-estabished it with the
same session id but a new socket. No RSA stuff occures on the second
connection. Note that we said we would prefer to use CBC3-DES-MD5
encryption and so, since the server supports it, we are.
=====
s_server
This program accepts SSL connections on a specified port
Once connected, it will estabish an SSL connection and optionaly
attempt to authenticate the client. A 2 directional channel will be
open. Any text typed will be sent to the other end. Type Q<cr> to exit.
Flags are as follows.
-port arg : Arg is the port to listen on.
-verify arg : Turn on authentication of the client if they have a
: certificate. Arg specifies the 'depth'.
-Verify arg : Turn on authentication of the client. If they don't
: have a valid certificate, drop the connection.
-cert arg : The certificate to use. This certificate
: will be passed to the client. If it is not
: specified, it will default to server.PEM
-key arg : The private key that matches the certificate
: specified by the -cert option. If this is not
: specified (but -cert is), the -cert file will be
: searched for the Private key. Both files are
: assumed to be in PEM format. Default is server.PEM
-CApath arg : When to look for certificates when 'verifying' the
: certificate from the client.
-CAfile arg : A file containing certificates to be used for
: 'verifying' the client certificate.
For the following 'demo' I will specify the s_server command and
the s_client command and then list the output from the s_server.
s_server
s_client
CONNECTED
CIPHER is CBC-DES-MD5
Everything up and running
s_server -verify 0
s_client
CONNECTED
CIPHER is CBC-DES-MD5
Ok since no certificate was returned and we don't care.
s_server -verify 0
./s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:1
CIPHER is CBC-DES-MD5
Ok since we were only verifying to level 0
s_server -verify 4
s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify error:num=1:unable to get issuer certificate
verify return:0
ERROR
verify error:unable to get issuer certificate
Bad because we could not authenticate the returned certificate.
s_server -verify 4 -CApath .
s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
Ok because we could authenticate the returned certificate :-).
s_server -Verify 0 -CApath .
s_client
CONNECTED
ERROR
SSL error:function is:REQUEST_CERTIFICATE
:error is :client end did not return a certificate
Error because no certificate returned.
s_server -Verify 4 -CApath .
s_client -cert client.PEM
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
Full authentication of the client.
So in summary to do full authentication of both ends
s_server -Verify 9 -CApath .
s_client -cert client.PEM -CApath . -verify 9
From the server side
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
From the client side
CONNECTED
depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
verify return:1
depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
verify return:1
CIPHER is CBC-DES-MD5
For general probing of the 'internet https' servers for the
distribution area, run
s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash
Then enter
GET /
and you should be talking to the https server on that host.
www.rsa.com was refusing to respond to connections on 443 when I was
testing.
have fun :-).
eric
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册