added openssl from AOSP sources
This commit is contained in:
parent
586790a2b2
commit
4b16b77623
9
jni/openssl/Android.mk
Normal file
9
jni/openssl/Android.mk
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
LOCAL_PATH := $(call my-dir)
|
||||||
|
|
||||||
|
subdirs := $(addprefix $(LOCAL_PATH)/,$(addsuffix /Android.mk, \
|
||||||
|
crypto \
|
||||||
|
ssl \
|
||||||
|
# apps \
|
||||||
|
))
|
||||||
|
|
||||||
|
include $(subdirs)
|
60
jni/openssl/CleanSpec.mk
Normal file
60
jni/openssl/CleanSpec.mk
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
# Copyright (C) 2007 The Android Open Source Project
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
#
|
||||||
|
|
||||||
|
# If you don't need to do a full clean build but would like to touch
|
||||||
|
# a file or delete some intermediate files, add a clean step to the end
|
||||||
|
# of the list. These steps will only be run once, if they haven't been
|
||||||
|
# run before.
|
||||||
|
#
|
||||||
|
# E.g.:
|
||||||
|
# $(call add-clean-step, touch -c external/sqlite/sqlite3.h)
|
||||||
|
# $(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/STATIC_LIBRARIES/libz_intermediates)
|
||||||
|
#
|
||||||
|
# Always use "touch -c" and "rm -f" or "rm -rf" to gracefully deal with
|
||||||
|
# files that are missing or have been moved.
|
||||||
|
#
|
||||||
|
# Use $(PRODUCT_OUT) to get to the "out/target/product/blah/" directory.
|
||||||
|
# Use $(OUT_DIR) to refer to the "out" directory.
|
||||||
|
#
|
||||||
|
# If you need to re-do something that's already mentioned, just copy
|
||||||
|
# the command and add it to the bottom of the list. E.g., if a change
|
||||||
|
# that you made last week required touching a file and a change you
|
||||||
|
# made today requires touching the same file, just copy the old
|
||||||
|
# touch step and add it to the end of the list.
|
||||||
|
#
|
||||||
|
# ************************************************
|
||||||
|
# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
|
||||||
|
# ************************************************
|
||||||
|
|
||||||
|
# For example:
|
||||||
|
#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/APPS/AndroidTests_intermediates)
|
||||||
|
#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/JAVA_LIBRARIES/core_intermediates)
|
||||||
|
#$(call add-clean-step, find $(OUT_DIR) -type f -name "IGTalkSession*" -print0 | xargs -0 rm -f)
|
||||||
|
#$(call add-clean-step, rm -rf $(PRODUCT_OUT)/data/*)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/EXECUTABLES/openssl_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/EXECUTABLES/openssl_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libcrypto_intermediates $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/openssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/ssltest_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libcrypto_intermediates $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/openssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/ssltest_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libcrypto_intermediates $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/openssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/ssltest_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libcrypto_intermediates $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/openssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/ssltest_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libcrypto_intermediates $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/openssl_intermediates $(PRODUCT_OUT)/obj/EXECUTABLES/ssltest_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libssl_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libcrypto_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/STATIC_LIBRARIES/libssl_static_intermediates)
|
||||||
|
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/STATIC_LIBRARIES/libcrypto_static_intermediates)
|
||||||
|
|
||||||
|
# ************************************************
|
||||||
|
# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
|
||||||
|
# ************************************************
|
0
jni/openssl/MODULE_LICENSE_BSD_LIKE
Normal file
0
jni/openssl/MODULE_LICENSE_BSD_LIKE
Normal file
127
jni/openssl/NOTICE
Normal file
127
jni/openssl/NOTICE
Normal file
@ -0,0 +1,127 @@
|
|||||||
|
|
||||||
|
LICENSE ISSUES
|
||||||
|
==============
|
||||||
|
|
||||||
|
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
|
||||||
|
the OpenSSL License and the original SSLeay license apply to the toolkit.
|
||||||
|
See below for the actual license texts. Actually both licenses are BSD-style
|
||||||
|
Open Source licenses. In case of any license issues related to OpenSSL
|
||||||
|
please contact openssl-core@openssl.org.
|
||||||
|
|
||||||
|
OpenSSL License
|
||||||
|
---------------
|
||||||
|
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
Original SSLeay License
|
||||||
|
-----------------------
|
||||||
|
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
92
jni/openssl/README.android
Normal file
92
jni/openssl/README.android
Normal file
@ -0,0 +1,92 @@
|
|||||||
|
OpenSSL on the Android platform.
|
||||||
|
---
|
||||||
|
|
||||||
|
The code in this directory is based on $OPENSSL_VERSION in the file
|
||||||
|
openssl.version. See patches/README for more information on how the
|
||||||
|
code differs from $OPENSSL_VERSION.
|
||||||
|
|
||||||
|
Porting New Versions of OpenSSL.
|
||||||
|
--
|
||||||
|
|
||||||
|
The following steps are recommended for porting new OpenSSL versions.
|
||||||
|
|
||||||
|
1) Retrieve the appropriate version of the OpenSSL source from
|
||||||
|
www.openssl.org/source (in openssl-*.tar.gz file). Check the PGP
|
||||||
|
signature (found in matching openssl-*.tar.gz.asc file) with:
|
||||||
|
|
||||||
|
gpg openssl-*.tar.gz.asc
|
||||||
|
|
||||||
|
If the public key is not found, import the the one with the
|
||||||
|
matching RSA key ID from http://www.openssl.org/about/, using:
|
||||||
|
|
||||||
|
gpg --import # paste PGP public key block on stdin
|
||||||
|
|
||||||
|
2) Update the variables in openssl.config and openssl.version as appropriate.
|
||||||
|
At the very least you will need to update the openssl.version.
|
||||||
|
Similarly update ThirdPartyProject.prop.
|
||||||
|
|
||||||
|
3) Run:
|
||||||
|
|
||||||
|
./import_openssl.sh import openssl-*.tar.gz
|
||||||
|
|
||||||
|
4) If there are any errors, then modify openssl.config, openssl.version
|
||||||
|
and patches in patches/ as appropriate. You might want to use:
|
||||||
|
|
||||||
|
./import_openssl.sh regenerate patches/*.patch
|
||||||
|
|
||||||
|
Repeat step 3.
|
||||||
|
|
||||||
|
5) Cleanup before building with:
|
||||||
|
|
||||||
|
m -j16 clean-libcrypto clean-libssl clean-openssl clean-ssltest
|
||||||
|
|
||||||
|
6) Build openssl from the external/openssl directory with:
|
||||||
|
|
||||||
|
mm -j16 snod && adb remount && adb sync system
|
||||||
|
|
||||||
|
If there are build errors, then patches/*.mk, openssl.config, or
|
||||||
|
android-config.mk may need updating.
|
||||||
|
|
||||||
|
7) Run tests to make sure things are working:
|
||||||
|
|
||||||
|
# Run local openssl tests
|
||||||
|
(cd android.testssl/ && ./testssl.sh)
|
||||||
|
# Build and sync libcore tests
|
||||||
|
(croot && cd libcore && mm -j16 snod && adb remount && adb sync)
|
||||||
|
# Run tests from libcore
|
||||||
|
(croot && vogar --classpath out/target/common/obj/JAVA_LIBRARIES/core-tests-support_intermediates/classes.jar --classpath out/target/common/obj/JAVA_LIBRARIES/core-tests_intermediates/classes.jar javax.net.ssl tests.api.javax.net)
|
||||||
|
# Run tests from Harmony
|
||||||
|
(croot && vogar --classpath harmony_tests.jar tests.api.java.math.BigIntegerTest org.apache.harmony.tests.java.math)
|
||||||
|
# try an https website
|
||||||
|
adb shell am start https://online.citibank.com # confirm result in browser
|
||||||
|
|
||||||
|
The vogar tool can be found externally at http://code.google.com/p/vogar/
|
||||||
|
Within Google it can be run with ~dalvik-prebuild/vogar/bin/vogar
|
||||||
|
|
||||||
|
harmony_tests.jar is built from Subversion http://harmony.apache.org/
|
||||||
|
Within Google it can be found at ~dalvik-prebuild/bin/harmony_tests.jar
|
||||||
|
|
||||||
|
# You can also run openssl s_server as a test server on the device:
|
||||||
|
adb push ./android.testssl/CAss.cnf /sdcard/CAss.cnf
|
||||||
|
adb shell openssl req -config /sdcard/CAss.cnf -x509 -nodes -days 365 -subj '/C=US/ST=California/L=Mountain View/CN=localhost' -newkey rsa:1024 -keyout /sdcard/server.pem -out /sdcard/server.pem
|
||||||
|
adb shell openssl s_server -cert /sdcard/server.pem -www -verify 1
|
||||||
|
adb shell am start https://localhost:4433 # confirm result in browser
|
||||||
|
|
||||||
|
8) Do a full build before checking in:
|
||||||
|
|
||||||
|
m -j16
|
||||||
|
|
||||||
|
Optionally, check whether build flags (located in android-config.mk
|
||||||
|
need to be updated. Doing this step will help ensure that the
|
||||||
|
compiled library is appropriately optimized for speed and size. To
|
||||||
|
update build flags:
|
||||||
|
|
||||||
|
a) source openssl.config
|
||||||
|
b) tar -zxf openssl-*.tar.gz
|
||||||
|
c) cd openssl-*/
|
||||||
|
d) ./Configure $CONFIGURE_ARGS
|
||||||
|
e) examine Makefile and compare with ../android-config.mk
|
||||||
|
f) modify ../openssl.config as appropriate and go to step 3) above.
|
||||||
|
|
||||||
|
Alternatively, ."/import_openssl.sh import" now prints the
|
||||||
|
post-Configure Makefile for review before deleting in on import.
|
10
jni/openssl/ThirdPartyProject.prop
Normal file
10
jni/openssl/ThirdPartyProject.prop
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# Copyright 2010 Google Inc. All Rights Reserved.
|
||||||
|
#Fri Jul 16 10:03:09 PDT 2010
|
||||||
|
currentVersion=1.0.0e
|
||||||
|
version=1.0.0e
|
||||||
|
isNative=true
|
||||||
|
feedurl=http\://www.openssl.org/
|
||||||
|
name=openssl
|
||||||
|
keywords=openssl
|
||||||
|
onDevice=true
|
||||||
|
homepage=http\://www.openssl.org/
|
17
jni/openssl/android-config.mk
Normal file
17
jni/openssl/android-config.mk
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
#
|
||||||
|
# These flags represent the build-time configuration of openssl for android
|
||||||
|
#
|
||||||
|
# They were pruned from the "Makefile" generated by running ./Configure from import_openssl.sh
|
||||||
|
#
|
||||||
|
|
||||||
|
# From CLFAG=
|
||||||
|
LOCAL_CFLAGS += -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN #-DTERMIO
|
||||||
|
|
||||||
|
# From DEPFLAG=
|
||||||
|
LOCAL_CFLAGS += -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CAST -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_SHA0 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_STORE -DOPENSSL_NO_WHIRLPOOL
|
||||||
|
|
||||||
|
# Extra
|
||||||
|
LOCAL_CFLAGS += -DOPENSSL_NO_HW -DOPENSSL_NO_ENGINE -DZLIB
|
||||||
|
|
||||||
|
# Debug
|
||||||
|
# LOCAL_CFLAGS += -DCIPHER_DEBUG
|
76
jni/openssl/android.testssl/CAss.cnf
Normal file
76
jni/openssl/android.testssl/CAss.cnf
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
#
|
||||||
|
# SSLeay example configuration file.
|
||||||
|
# This is mostly being used for generation of certificate requests.
|
||||||
|
#
|
||||||
|
|
||||||
|
RANDFILE = /sdcard/android.testssl/.rnd
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ req ]
|
||||||
|
default_bits = 512
|
||||||
|
default_keyfile = keySS.pem
|
||||||
|
distinguished_name = req_distinguished_name
|
||||||
|
encrypt_rsa_key = no
|
||||||
|
default_md = sha1
|
||||||
|
|
||||||
|
[ req_distinguished_name ]
|
||||||
|
countryName = Country Name (2 letter code)
|
||||||
|
countryName_default = AU
|
||||||
|
countryName_value = AU
|
||||||
|
|
||||||
|
organizationName = Organization Name (eg, company)
|
||||||
|
organizationName_value = Dodgy Brothers
|
||||||
|
|
||||||
|
commonName = Common Name (eg, YOUR name)
|
||||||
|
commonName_value = Dodgy CA
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ ca ]
|
||||||
|
default_ca = CA_default # The default ca section
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ CA_default ]
|
||||||
|
|
||||||
|
dir = ./demoCA # Where everything is kept
|
||||||
|
certs = $dir/certs # Where the issued certs are kept
|
||||||
|
crl_dir = $dir/crl # Where the issued crl are kept
|
||||||
|
database = $dir/index.txt # database index file.
|
||||||
|
#unique_subject = no # Set to 'no' to allow creation of
|
||||||
|
# several ctificates with same subject.
|
||||||
|
new_certs_dir = $dir/newcerts # default place for new certs.
|
||||||
|
|
||||||
|
certificate = $dir/cacert.pem # The CA certificate
|
||||||
|
serial = $dir/serial # The current serial number
|
||||||
|
crl = $dir/crl.pem # The current CRL
|
||||||
|
private_key = $dir/private/cakey.pem# The private key
|
||||||
|
RANDFILE = $dir/private/.rand # private random number file
|
||||||
|
|
||||||
|
x509_extensions = v3_ca # The extentions to add to the cert
|
||||||
|
|
||||||
|
name_opt = ca_default # Subject Name options
|
||||||
|
cert_opt = ca_default # Certificate field options
|
||||||
|
|
||||||
|
default_days = 365 # how long to certify for
|
||||||
|
default_crl_days= 30 # how long before next CRL
|
||||||
|
default_md = md5 # which md to use.
|
||||||
|
preserve = no # keep passed DN ordering
|
||||||
|
|
||||||
|
policy = policy_anything
|
||||||
|
|
||||||
|
[ policy_anything ]
|
||||||
|
countryName = optional
|
||||||
|
stateOrProvinceName = optional
|
||||||
|
localityName = optional
|
||||||
|
organizationName = optional
|
||||||
|
organizationalUnitName = optional
|
||||||
|
commonName = supplied
|
||||||
|
emailAddress = optional
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
[ v3_ca ]
|
||||||
|
subjectKeyIdentifier=hash
|
||||||
|
authorityKeyIdentifier=keyid:always,issuer:always
|
||||||
|
basicConstraints = CA:true,pathlen:1
|
||||||
|
keyUsage = cRLSign, keyCertSign
|
||||||
|
issuerAltName=issuer:copy
|
36
jni/openssl/android.testssl/Uss.cnf
Normal file
36
jni/openssl/android.testssl/Uss.cnf
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
#
|
||||||
|
# SSLeay example configuration file.
|
||||||
|
# This is mostly being used for generation of certificate requests.
|
||||||
|
#
|
||||||
|
|
||||||
|
RANDFILE = /sdcard/android.testssl/.rnd
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ req ]
|
||||||
|
default_bits = 512
|
||||||
|
default_keyfile = keySS.pem
|
||||||
|
distinguished_name = req_distinguished_name
|
||||||
|
encrypt_rsa_key = no
|
||||||
|
default_md = md2
|
||||||
|
|
||||||
|
[ req_distinguished_name ]
|
||||||
|
countryName = Country Name (2 letter code)
|
||||||
|
countryName_default = AU
|
||||||
|
countryName_value = AU
|
||||||
|
|
||||||
|
organizationName = Organization Name (eg, company)
|
||||||
|
organizationName_value = Dodgy Brothers
|
||||||
|
|
||||||
|
0.commonName = Common Name (eg, YOUR name)
|
||||||
|
0.commonName_value = Brother 1
|
||||||
|
|
||||||
|
1.commonName = Common Name (eg, YOUR name)
|
||||||
|
1.commonName_value = Brother 2
|
||||||
|
|
||||||
|
[ v3_ee ]
|
||||||
|
subjectKeyIdentifier=hash
|
||||||
|
authorityKeyIdentifier=keyid,issuer:always
|
||||||
|
basicConstraints = CA:false
|
||||||
|
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||||
|
issuerAltName=issuer:copy
|
||||||
|
|
376
jni/openssl/android.testssl/server2.pem
Normal file
376
jni/openssl/android.testssl/server2.pem
Normal file
@ -0,0 +1,376 @@
|
|||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
|
||||||
|
VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
|
||||||
|
MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
|
||||||
|
A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
|
||||||
|
cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
|
||||||
|
RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
|
||||||
|
6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
|
||||||
|
JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
|
||||||
|
gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
|
||||||
|
dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
|
||||||
|
8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
|
||||||
|
S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
|
||||||
|
pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
|
||||||
|
AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
|
||||||
|
dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
|
||||||
|
bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
|
||||||
|
Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
|
||||||
|
zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
|
||||||
|
6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
|
||||||
|
QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
|
||||||
|
dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
|
||||||
|
0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
|
||||||
|
nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
|
||||||
|
issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
|
||||||
|
notBefore=950413210656Z
|
||||||
|
notAfter =970412210656Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
|
||||||
|
BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
|
||||||
|
ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
|
||||||
|
BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
|
||||||
|
VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
|
||||||
|
MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
|
||||||
|
3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
|
||||||
|
YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
|
||||||
|
hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
|
||||||
|
dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
|
||||||
|
zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
|
||||||
|
VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
|
||||||
|
OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
|
||||||
|
BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
|
||||||
|
IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
|
||||||
|
DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
|
||||||
|
1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
|
||||||
|
mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
|
||||||
|
hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
|
||||||
|
YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
|
||||||
|
q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
|
||||||
|
gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
|
||||||
|
2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
|
||||||
|
AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
|
||||||
|
hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
|
||||||
|
J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
|
||||||
|
HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
|
||||||
|
21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
|
||||||
|
nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
|
||||||
|
MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
|
||||||
|
pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
|
||||||
|
KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
|
||||||
|
XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
|
||||||
|
LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
|
||||||
|
MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
|
||||||
|
b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
|
||||||
|
EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
|
||||||
|
bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
|
||||||
|
ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
|
||||||
|
hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
|
||||||
|
ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
|
||||||
|
bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
|
||||||
|
fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
|
||||||
|
R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
|
||||||
|
Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
|
||||||
|
Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
|
||||||
|
GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
|
||||||
|
bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
|
||||||
|
BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
|
||||||
|
BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
|
||||||
|
ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
|
||||||
|
ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
|
||||||
|
H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
|
||||||
|
WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
|
||||||
|
MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
|
||||||
|
LC7obsrHD8XAHG+ZRG==
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
|
||||||
|
MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
|
||||||
|
DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
|
||||||
|
CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
|
||||||
|
amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
|
||||||
|
iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
|
||||||
|
U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
|
||||||
|
zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
|
||||||
|
BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
|
||||||
|
A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
|
||||||
|
/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
|
||||||
|
lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
|
||||||
|
S7ELuYGtmYgYm9NZOIr7yU0=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
|
||||||
|
A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
|
||||||
|
aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
|
||||||
|
LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
|
||||||
|
gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
|
||||||
|
ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
|
||||||
|
dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
|
||||||
|
SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
|
||||||
|
bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
|
||||||
|
OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
|
||||||
|
GJNMJ4L0AJ/ac+SmHZc=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
|
||||||
|
BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
|
||||||
|
HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
|
||||||
|
IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
|
||||||
|
MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
|
||||||
|
aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
|
||||||
|
GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
|
||||||
|
ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
|
||||||
|
zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
|
||||||
|
YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
|
||||||
|
hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
|
||||||
|
cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
|
||||||
|
YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
|
||||||
|
VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
|
||||||
|
OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
|
||||||
|
BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
|
||||||
|
NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
|
||||||
|
40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
|
||||||
|
22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
|
||||||
|
BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
|
||||||
|
Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
|
||||||
|
xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
|
||||||
|
cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
|
||||||
|
wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
|
||||||
|
vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
|
||||||
|
AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
|
||||||
|
z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
|
||||||
|
xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
|
||||||
|
HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
|
||||||
|
yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
|
||||||
|
xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
|
||||||
|
7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
|
||||||
|
h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
|
||||||
|
QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
|
||||||
|
hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
|
||||||
|
issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
|
||||||
|
notBefore=941104185834Z
|
||||||
|
notAfter =991103185834Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
|
||||||
|
HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
|
||||||
|
Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
|
||||||
|
OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
|
||||||
|
ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
|
||||||
|
IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
|
||||||
|
975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
|
||||||
|
touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
|
||||||
|
7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
|
||||||
|
9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
|
||||||
|
0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
|
||||||
|
MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
|
||||||
|
issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
|
||||||
|
notBefore=941109235417Z
|
||||||
|
notAfter =991231235417Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
|
||||||
|
HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
|
||||||
|
IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
|
||||||
|
Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
|
||||||
|
YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
|
||||||
|
roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
|
||||||
|
aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
|
||||||
|
HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
|
||||||
|
iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
|
||||||
|
suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
|
||||||
|
cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
|
||||||
|
/OU=Certification Services Division/CN=Thawte Server CA
|
||||||
|
/Email=server-certs@thawte.com
|
||||||
|
issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
|
||||||
|
/OU=Certification Services Division/CN=Thawte Server CA
|
||||||
|
/Email=server-certs@thawte.com
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
|
||||||
|
VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
|
||||||
|
VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
|
||||||
|
dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
|
||||||
|
hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
|
||||||
|
N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
|
||||||
|
ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
|
||||||
|
bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
|
||||||
|
aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
|
||||||
|
F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
|
||||||
|
iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
|
||||||
|
Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
|
||||||
|
KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
|
||||||
|
SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
|
||||||
|
7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
|
||||||
|
qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
|
||||||
|
VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
|
||||||
|
VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
|
||||||
|
dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
|
||||||
|
QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
|
||||||
|
NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
|
||||||
|
A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
|
||||||
|
FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
|
||||||
|
cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
|
||||||
|
Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
|
||||||
|
DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
|
||||||
|
G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
|
||||||
|
c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
|
||||||
|
jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
|
||||||
|
w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
|
||||||
|
GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
|
||||||
|
3VZdLbCVIhNoEsysrxCpxcI=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
Tims test GCI CA
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
|
||||||
|
VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
|
||||||
|
cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
|
||||||
|
cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
|
||||||
|
gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
|
||||||
|
cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
|
||||||
|
dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
|
||||||
|
AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
|
||||||
|
OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
|
||||||
|
AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
|
||||||
|
TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
|
||||||
|
VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
|
||||||
|
cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
|
||||||
|
IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
|
||||||
|
VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
|
||||||
|
NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
|
||||||
|
EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
|
||||||
|
I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
|
||||||
|
RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
|
||||||
|
KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
|
||||||
|
Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
|
||||||
|
9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
|
||||||
|
WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
|
||||||
|
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
|
||||||
|
c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
|
||||||
|
Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
|
||||||
|
ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
|
||||||
|
ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
|
||||||
|
FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
|
||||||
|
W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
|
||||||
|
QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
|
||||||
|
9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
|
||||||
|
TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
|
||||||
|
8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
|
||||||
|
issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
|
||||||
|
YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
|
||||||
|
MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
|
||||||
|
YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
|
||||||
|
SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
|
||||||
|
U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
|
||||||
|
SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
|
||||||
|
RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
|
||||||
|
3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
|
||||||
|
z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
|
||||||
|
hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
|
||||||
|
YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
|
||||||
|
LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
|
||||||
|
KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
|
||||||
|
Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
|
||||||
|
ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
|
||||||
|
dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
|
||||||
|
IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
|
||||||
|
ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
|
||||||
|
TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
|
||||||
|
LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
|
||||||
|
BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
|
||||||
|
53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
|
||||||
|
2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
|
||||||
|
p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||||
|
issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
|
||||||
|
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
|
||||||
|
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
|
||||||
|
Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
|
||||||
|
biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
|
||||||
|
nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
|
||||||
|
AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
|
||||||
|
IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
|
||||||
|
AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
|
||||||
|
Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
|
||||||
|
NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
|
||||||
|
issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
|
||||||
|
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
|
||||||
|
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
|
||||||
|
Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
|
||||||
|
biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
|
||||||
|
9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
|
||||||
|
IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
|
||||||
|
O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
|
||||||
|
AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
|
||||||
|
g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
|
||||||
|
yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
|
||||||
|
-----END CERTIFICATE-----
|
163
jni/openssl/android.testssl/testssl
Executable file
163
jni/openssl/android.testssl/testssl
Executable file
@ -0,0 +1,163 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ "$1" = "" ]; then
|
||||||
|
key=../apps/server.pem
|
||||||
|
else
|
||||||
|
key="$1"
|
||||||
|
fi
|
||||||
|
if [ "$2" = "" ]; then
|
||||||
|
cert=../apps/server.pem
|
||||||
|
else
|
||||||
|
cert="$2"
|
||||||
|
fi
|
||||||
|
ssltest="adb shell /system/bin/ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
|
||||||
|
|
||||||
|
if adb shell /system/bin/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
|
||||||
|
dsa_cert=YES
|
||||||
|
else
|
||||||
|
dsa_cert=NO
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$3" = "" ]; then
|
||||||
|
CA="-CApath ../certs"
|
||||||
|
else
|
||||||
|
CA="-CAfile $3"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$4" = "" ]; then
|
||||||
|
extra=""
|
||||||
|
else
|
||||||
|
extra="$4"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#############################################################################
|
||||||
|
|
||||||
|
echo test sslv2
|
||||||
|
$ssltest -ssl2 $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2 with server authentication
|
||||||
|
$ssltest -ssl2 -server_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
if [ $dsa_cert = NO ]; then
|
||||||
|
echo test sslv2 with client authentication
|
||||||
|
$ssltest -ssl2 -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2 with both client and server authentication
|
||||||
|
$ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo test sslv3
|
||||||
|
$ssltest -ssl3 $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv3 with server authentication
|
||||||
|
$ssltest -ssl3 -server_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv3 with client authentication
|
||||||
|
$ssltest -ssl3 -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv3 with both client and server authentication
|
||||||
|
$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3
|
||||||
|
$ssltest $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with server authentication
|
||||||
|
$ssltest -server_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with client authentication
|
||||||
|
$ssltest -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with both client and server authentication
|
||||||
|
$ssltest -server_auth -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with both client and server authentication and small client buffers
|
||||||
|
$ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with both client and server authentication and small server buffers
|
||||||
|
$ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with both client and server authentication and small client and server buffers
|
||||||
|
$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough
|
||||||
|
$ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2 via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl2 $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2 with server authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
if [ $dsa_cert = NO ]; then
|
||||||
|
echo test sslv2 with client authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2 with both client and server authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo test sslv3 via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl3 $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv3 with server authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv3 with client authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv3 with both client and server authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 via BIO pair
|
||||||
|
$ssltest $extra || exit 1
|
||||||
|
|
||||||
|
if [ $dsa_cert = NO ]; then
|
||||||
|
echo test sslv2/sslv3 w/o DHE via BIO pair
|
||||||
|
$ssltest -bio_pair -no_dhe $extra || exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with 1024bit DHE via BIO pair
|
||||||
|
$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with server authentication
|
||||||
|
$ssltest -bio_pair -server_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with client authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with both client and server authentication via BIO pair
|
||||||
|
$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
|
||||||
|
|
||||||
|
echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
|
||||||
|
$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
|
||||||
|
|
||||||
|
#############################################################################
|
||||||
|
|
||||||
|
if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then
|
||||||
|
echo skipping anonymous DH tests
|
||||||
|
else
|
||||||
|
echo test tls1 with 1024bit anonymous DH, multiple handshakes
|
||||||
|
$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ `adb shell /system/bin/openssl no-rsa` = no-dh ]; then
|
||||||
|
echo skipping RSA tests
|
||||||
|
else
|
||||||
|
echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
|
||||||
|
adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
|
||||||
|
|
||||||
|
if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then
|
||||||
|
echo skipping RSA+DHE tests
|
||||||
|
else
|
||||||
|
echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
|
||||||
|
adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo test tls1 with PSK
|
||||||
|
$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
|
||||||
|
|
||||||
|
echo test tls1 with PSK via BIO pair
|
||||||
|
$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
|
||||||
|
|
||||||
|
exit 0
|
77
jni/openssl/android.testssl/testssl.sh
Executable file
77
jni/openssl/android.testssl/testssl.sh
Executable file
@ -0,0 +1,77 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Copyright (C) 2010 The Android Open Source Project
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
#
|
||||||
|
|
||||||
|
#
|
||||||
|
# Android testssl.sh driver script for openssl's testssl
|
||||||
|
#
|
||||||
|
# based on openssl's test/testss script and test/Makefile's test_ssl target
|
||||||
|
#
|
||||||
|
|
||||||
|
set -e
|
||||||
|
trap "echo Exiting on unexpected error." ERR
|
||||||
|
|
||||||
|
device=/sdcard/android.testssl
|
||||||
|
|
||||||
|
digest='-sha1'
|
||||||
|
reqcmd="adb shell /system/bin/openssl req"
|
||||||
|
x509cmd="adb shell /system/bin/openssl x509 $digest"
|
||||||
|
|
||||||
|
CAkey="$device/keyCA.ss"
|
||||||
|
CAcert="$device/certCA.ss"
|
||||||
|
CAreq="$device/reqCA.ss"
|
||||||
|
CAconf="$device/CAss.cnf"
|
||||||
|
|
||||||
|
Uconf="$device/Uss.cnf"
|
||||||
|
Ureq="$device/reqU.ss"
|
||||||
|
Ukey="$device/keyU.ss"
|
||||||
|
Ucert="$device/certU.ss"
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "setting up"
|
||||||
|
adb remount
|
||||||
|
adb shell rm -r $device
|
||||||
|
adb shell mkdir $device
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "pushing test files to device"
|
||||||
|
adb push . $device
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "make a certificate request using 'req'"
|
||||||
|
adb shell "echo \"string to make the random number generator think it has entropy\" >> $device/.rnd"
|
||||||
|
req_new='-new'
|
||||||
|
$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "convert the certificate request into a self signed certificate using 'x509'"
|
||||||
|
$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "make a user certificate request using 'req'"
|
||||||
|
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "sign user certificate request with the just created CA via 'x509'"
|
||||||
|
$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "running testssl"
|
||||||
|
./testssl $Ukey $Ucert $CAcert
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "cleaning up"
|
||||||
|
adb shell rm -r $device
|
87
jni/openssl/apps/Android.mk
Normal file
87
jni/openssl/apps/Android.mk
Normal file
@ -0,0 +1,87 @@
|
|||||||
|
# Copyright 2006 The Android Open Source Project
|
||||||
|
|
||||||
|
LOCAL_PATH:= $(call my-dir)
|
||||||
|
|
||||||
|
local_src_files:= \
|
||||||
|
app_rand.c \
|
||||||
|
apps.c \
|
||||||
|
asn1pars.c \
|
||||||
|
ca.c \
|
||||||
|
ciphers.c \
|
||||||
|
crl.c \
|
||||||
|
crl2p7.c \
|
||||||
|
dgst.c \
|
||||||
|
dh.c \
|
||||||
|
dhparam.c \
|
||||||
|
dsa.c \
|
||||||
|
dsaparam.c \
|
||||||
|
ecparam.c \
|
||||||
|
ec.c \
|
||||||
|
enc.c \
|
||||||
|
engine.c \
|
||||||
|
errstr.c \
|
||||||
|
gendh.c \
|
||||||
|
gendsa.c \
|
||||||
|
genpkey.c \
|
||||||
|
genrsa.c \
|
||||||
|
nseq.c \
|
||||||
|
ocsp.c \
|
||||||
|
openssl.c \
|
||||||
|
passwd.c \
|
||||||
|
pkcs12.c \
|
||||||
|
pkcs7.c \
|
||||||
|
pkcs8.c \
|
||||||
|
pkey.c \
|
||||||
|
pkeyparam.c \
|
||||||
|
pkeyutl.c \
|
||||||
|
prime.c \
|
||||||
|
rand.c \
|
||||||
|
req.c \
|
||||||
|
rsa.c \
|
||||||
|
rsautl.c \
|
||||||
|
s_cb.c \
|
||||||
|
s_client.c \
|
||||||
|
s_server.c \
|
||||||
|
s_socket.c \
|
||||||
|
s_time.c \
|
||||||
|
sess_id.c \
|
||||||
|
smime.c \
|
||||||
|
speed.c \
|
||||||
|
spkac.c \
|
||||||
|
verify.c \
|
||||||
|
version.c \
|
||||||
|
x509.c
|
||||||
|
|
||||||
|
local_shared_libraries := \
|
||||||
|
libssl \
|
||||||
|
libcrypto
|
||||||
|
|
||||||
|
local_c_includes := \
|
||||||
|
external/openssl \
|
||||||
|
external/openssl/include
|
||||||
|
|
||||||
|
local_cflags := -DMONOLITH
|
||||||
|
|
||||||
|
# These flags omit whole features from the commandline "openssl".
|
||||||
|
# However, portions of these features are actually turned on.
|
||||||
|
local_cflags += -DOPENSSL_NO_DTLS1
|
||||||
|
|
||||||
|
include $(CLEAR_VARS)
|
||||||
|
LOCAL_MODULE:= openssl
|
||||||
|
LOCAL_MODULE_TAGS := optional
|
||||||
|
LOCAL_SRC_FILES := $(local_src_files)
|
||||||
|
LOCAL_SHARED_LIBRARIES := $(local_shared_libraries)
|
||||||
|
LOCAL_C_INCLUDES := $(local_c_includes)
|
||||||
|
LOCAL_CFLAGS := $(local_cflags)
|
||||||
|
include $(LOCAL_PATH)/../android-config.mk
|
||||||
|
include $(BUILD_EXECUTABLE)
|
||||||
|
|
||||||
|
include $(CLEAR_VARS)
|
||||||
|
LOCAL_MODULE:= openssl
|
||||||
|
LOCAL_MODULE_TAGS := optional
|
||||||
|
LOCAL_SRC_FILES := $(local_src_files)
|
||||||
|
LOCAL_SHARED_LIBRARIES := $(local_shared_libraries)
|
||||||
|
LOCAL_C_INCLUDES := $(local_c_includes)
|
||||||
|
LOCAL_CFLAGS := $(local_cflags)
|
||||||
|
include $(LOCAL_PATH)/../android-config.mk
|
||||||
|
include $(BUILD_HOST_EXECUTABLE)
|
189
jni/openssl/apps/CA.pl
Normal file
189
jni/openssl/apps/CA.pl
Normal file
@ -0,0 +1,189 @@
|
|||||||
|
#!/usr/bin/perl
|
||||||
|
#
|
||||||
|
# CA - wrapper around ca to make it easier to use ... basically ca requires
|
||||||
|
# some setup stuff to be done before you can use it and this makes
|
||||||
|
# things easier between now and when Eric is convinced to fix it :-)
|
||||||
|
#
|
||||||
|
# CA -newca ... will setup the right stuff
|
||||||
|
# CA -newreq[-nodes] ... will generate a certificate request
|
||||||
|
# CA -sign ... will sign the generated request and output
|
||||||
|
#
|
||||||
|
# At the end of that grab newreq.pem and newcert.pem (one has the key
|
||||||
|
# and the other the certificate) and cat them together and that is what
|
||||||
|
# you want/need ... I'll make even this a little cleaner later.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# 12-Jan-96 tjh Added more things ... including CA -signcert which
|
||||||
|
# converts a certificate to a request and then signs it.
|
||||||
|
# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
|
||||||
|
# environment variable so this can be driven from
|
||||||
|
# a script.
|
||||||
|
# 25-Jul-96 eay Cleaned up filenames some more.
|
||||||
|
# 11-Jun-96 eay Fixed a few filename missmatches.
|
||||||
|
# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
|
||||||
|
# 18-Apr-96 tjh Original hacking
|
||||||
|
#
|
||||||
|
# Tim Hudson
|
||||||
|
# tjh@cryptsoft.com
|
||||||
|
#
|
||||||
|
|
||||||
|
# 27-Apr-98 snh Translation into perl, fix existing CA bug.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Steve Henson
|
||||||
|
# shenson@bigfoot.com
|
||||||
|
|
||||||
|
# default openssl.cnf file has setup as per the following
|
||||||
|
# demoCA ... where everything is stored
|
||||||
|
|
||||||
|
my $openssl;
|
||||||
|
if(defined $ENV{OPENSSL}) {
|
||||||
|
$openssl = $ENV{OPENSSL};
|
||||||
|
} else {
|
||||||
|
$openssl = "openssl";
|
||||||
|
$ENV{OPENSSL} = $openssl;
|
||||||
|
}
|
||||||
|
|
||||||
|
$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
|
||||||
|
$DAYS="-days 365"; # 1 year
|
||||||
|
$CADAYS="-days 1095"; # 3 years
|
||||||
|
$REQ="$openssl req $SSLEAY_CONFIG";
|
||||||
|
$CA="$openssl ca $SSLEAY_CONFIG";
|
||||||
|
$VERIFY="$openssl verify";
|
||||||
|
$X509="$openssl x509";
|
||||||
|
$PKCS12="$openssl pkcs12";
|
||||||
|
|
||||||
|
$CATOP="./demoCA";
|
||||||
|
$CAKEY="cakey.pem";
|
||||||
|
$CAREQ="careq.pem";
|
||||||
|
$CACERT="cacert.pem";
|
||||||
|
|
||||||
|
$DIRMODE = 0777;
|
||||||
|
|
||||||
|
$RET = 0;
|
||||||
|
|
||||||
|
foreach (@ARGV) {
|
||||||
|
if ( /^(-\?|-h|-help)$/ ) {
|
||||||
|
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
|
||||||
|
exit 0;
|
||||||
|
} elsif (/^-newcert$/) {
|
||||||
|
# create a certificate
|
||||||
|
system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
|
||||||
|
$RET=$?;
|
||||||
|
print "Certificate is in newcert.pem, private key is in newkey.pem\n"
|
||||||
|
} elsif (/^-newreq$/) {
|
||||||
|
# create a certificate request
|
||||||
|
system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
|
||||||
|
$RET=$?;
|
||||||
|
print "Request is in newreq.pem, private key is in newkey.pem\n";
|
||||||
|
} elsif (/^-newreq-nodes$/) {
|
||||||
|
# create a certificate request
|
||||||
|
system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
|
||||||
|
$RET=$?;
|
||||||
|
print "Request is in newreq.pem, private key is in newkey.pem\n";
|
||||||
|
} elsif (/^-newca$/) {
|
||||||
|
# if explicitly asked for or it doesn't exist then setup the
|
||||||
|
# directory structure that Eric likes to manage things
|
||||||
|
$NEW="1";
|
||||||
|
if ( "$NEW" || ! -f "${CATOP}/serial" ) {
|
||||||
|
# create the directory hierarchy
|
||||||
|
mkdir $CATOP, $DIRMODE;
|
||||||
|
mkdir "${CATOP}/certs", $DIRMODE;
|
||||||
|
mkdir "${CATOP}/crl", $DIRMODE ;
|
||||||
|
mkdir "${CATOP}/newcerts", $DIRMODE;
|
||||||
|
mkdir "${CATOP}/private", $DIRMODE;
|
||||||
|
open OUT, ">${CATOP}/index.txt";
|
||||||
|
close OUT;
|
||||||
|
open OUT, ">${CATOP}/crlnumber";
|
||||||
|
print OUT "01\n";
|
||||||
|
close OUT;
|
||||||
|
}
|
||||||
|
if ( ! -f "${CATOP}/private/$CAKEY" ) {
|
||||||
|
print "CA certificate filename (or enter to create)\n";
|
||||||
|
$FILE = <STDIN>;
|
||||||
|
|
||||||
|
chop $FILE;
|
||||||
|
|
||||||
|
# ask user for existing CA certificate
|
||||||
|
if ($FILE) {
|
||||||
|
cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
|
||||||
|
cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
|
||||||
|
$RET=$?;
|
||||||
|
} else {
|
||||||
|
print "Making CA certificate ...\n";
|
||||||
|
system ("$REQ -new -keyout " .
|
||||||
|
"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
|
||||||
|
system ("$CA -create_serial " .
|
||||||
|
"-out ${CATOP}/$CACERT $CADAYS -batch " .
|
||||||
|
"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
|
||||||
|
"-extensions v3_ca " .
|
||||||
|
"-infiles ${CATOP}/$CAREQ ");
|
||||||
|
$RET=$?;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} elsif (/^-pkcs12$/) {
|
||||||
|
my $cname = $ARGV[1];
|
||||||
|
$cname = "My Certificate" unless defined $cname;
|
||||||
|
system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
|
||||||
|
"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
|
||||||
|
"-export -name \"$cname\"");
|
||||||
|
$RET=$?;
|
||||||
|
print "PKCS #12 file is in newcert.p12\n";
|
||||||
|
exit $RET;
|
||||||
|
} elsif (/^-xsign$/) {
|
||||||
|
system ("$CA -policy policy_anything -infiles newreq.pem");
|
||||||
|
$RET=$?;
|
||||||
|
} elsif (/^(-sign|-signreq)$/) {
|
||||||
|
system ("$CA -policy policy_anything -out newcert.pem " .
|
||||||
|
"-infiles newreq.pem");
|
||||||
|
$RET=$?;
|
||||||
|
print "Signed certificate is in newcert.pem\n";
|
||||||
|
} elsif (/^(-signCA)$/) {
|
||||||
|
system ("$CA -policy policy_anything -out newcert.pem " .
|
||||||
|
"-extensions v3_ca -infiles newreq.pem");
|
||||||
|
$RET=$?;
|
||||||
|
print "Signed CA certificate is in newcert.pem\n";
|
||||||
|
} elsif (/^-signcert$/) {
|
||||||
|
system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
|
||||||
|
"-out tmp.pem");
|
||||||
|
system ("$CA -policy policy_anything -out newcert.pem " .
|
||||||
|
"-infiles tmp.pem");
|
||||||
|
$RET = $?;
|
||||||
|
print "Signed certificate is in newcert.pem\n";
|
||||||
|
} elsif (/^-verify$/) {
|
||||||
|
if (shift) {
|
||||||
|
foreach $j (@ARGV) {
|
||||||
|
system ("$VERIFY -CAfile $CATOP/$CACERT $j");
|
||||||
|
$RET=$? if ($? != 0);
|
||||||
|
}
|
||||||
|
exit $RET;
|
||||||
|
} else {
|
||||||
|
system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
|
||||||
|
$RET=$?;
|
||||||
|
exit 0;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
print STDERR "Unknown arg $_\n";
|
||||||
|
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
|
||||||
|
exit 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
exit $RET;
|
||||||
|
|
||||||
|
sub cp_pem {
|
||||||
|
my ($infile, $outfile, $bound) = @_;
|
||||||
|
open IN, $infile;
|
||||||
|
open OUT, ">$outfile";
|
||||||
|
my $flag = 0;
|
||||||
|
while (<IN>) {
|
||||||
|
$flag = 1 if (/^-----BEGIN.*$bound/) ;
|
||||||
|
print OUT $_ if ($flag);
|
||||||
|
if (/^-----END.*$bound/) {
|
||||||
|
close IN;
|
||||||
|
close OUT;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
189
jni/openssl/apps/CA.pl.in
Normal file
189
jni/openssl/apps/CA.pl.in
Normal file
@ -0,0 +1,189 @@
|
|||||||
|
#!/usr/local/bin/perl
|
||||||
|
#
|
||||||
|
# CA - wrapper around ca to make it easier to use ... basically ca requires
|
||||||
|
# some setup stuff to be done before you can use it and this makes
|
||||||
|
# things easier between now and when Eric is convinced to fix it :-)
|
||||||
|
#
|
||||||
|
# CA -newca ... will setup the right stuff
|
||||||
|
# CA -newreq[-nodes] ... will generate a certificate request
|
||||||
|
# CA -sign ... will sign the generated request and output
|
||||||
|
#
|
||||||
|
# At the end of that grab newreq.pem and newcert.pem (one has the key
|
||||||
|
# and the other the certificate) and cat them together and that is what
|
||||||
|
# you want/need ... I'll make even this a little cleaner later.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# 12-Jan-96 tjh Added more things ... including CA -signcert which
|
||||||
|
# converts a certificate to a request and then signs it.
|
||||||
|
# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
|
||||||
|
# environment variable so this can be driven from
|
||||||
|
# a script.
|
||||||
|
# 25-Jul-96 eay Cleaned up filenames some more.
|
||||||
|
# 11-Jun-96 eay Fixed a few filename missmatches.
|
||||||
|
# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
|
||||||
|
# 18-Apr-96 tjh Original hacking
|
||||||
|
#
|
||||||
|
# Tim Hudson
|
||||||
|
# tjh@cryptsoft.com
|
||||||
|
#
|
||||||
|
|
||||||
|
# 27-Apr-98 snh Translation into perl, fix existing CA bug.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Steve Henson
|
||||||
|
# shenson@bigfoot.com
|
||||||
|
|
||||||
|
# default openssl.cnf file has setup as per the following
|
||||||
|
# demoCA ... where everything is stored
|
||||||
|
|
||||||
|
my $openssl;
|
||||||
|
if(defined $ENV{OPENSSL}) {
|
||||||
|
$openssl = $ENV{OPENSSL};
|
||||||
|
} else {
|
||||||
|
$openssl = "openssl";
|
||||||
|
$ENV{OPENSSL} = $openssl;
|
||||||
|
}
|
||||||
|
|
||||||
|
$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
|
||||||
|
$DAYS="-days 365"; # 1 year
|
||||||
|
$CADAYS="-days 1095"; # 3 years
|
||||||
|
$REQ="$openssl req $SSLEAY_CONFIG";
|
||||||
|
$CA="$openssl ca $SSLEAY_CONFIG";
|
||||||
|
$VERIFY="$openssl verify";
|
||||||
|
$X509="$openssl x509";
|
||||||
|
$PKCS12="$openssl pkcs12";
|
||||||
|
|
||||||
|
$CATOP="./demoCA";
|
||||||
|
$CAKEY="cakey.pem";
|
||||||
|
$CAREQ="careq.pem";
|
||||||
|
$CACERT="cacert.pem";
|
||||||
|
|
||||||
|
$DIRMODE = 0777;
|
||||||
|
|
||||||
|
$RET = 0;
|
||||||
|
|
||||||
|
foreach (@ARGV) {
|
||||||
|
if ( /^(-\?|-h|-help)$/ ) {
|
||||||
|
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
|
||||||
|
exit 0;
|
||||||
|
} elsif (/^-newcert$/) {
|
||||||
|
# create a certificate
|
||||||
|
system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
|
||||||
|
$RET=$?;
|
||||||
|
print "Certificate is in newcert.pem, private key is in newkey.pem\n"
|
||||||
|
} elsif (/^-newreq$/) {
|
||||||
|
# create a certificate request
|
||||||
|
system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
|
||||||
|
$RET=$?;
|
||||||
|
print "Request is in newreq.pem, private key is in newkey.pem\n";
|
||||||
|
} elsif (/^-newreq-nodes$/) {
|
||||||
|
# create a certificate request
|
||||||
|
system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
|
||||||
|
$RET=$?;
|
||||||
|
print "Request is in newreq.pem, private key is in newkey.pem\n";
|
||||||
|
} elsif (/^-newca$/) {
|
||||||
|
# if explicitly asked for or it doesn't exist then setup the
|
||||||
|
# directory structure that Eric likes to manage things
|
||||||
|
$NEW="1";
|
||||||
|
if ( "$NEW" || ! -f "${CATOP}/serial" ) {
|
||||||
|
# create the directory hierarchy
|
||||||
|
mkdir $CATOP, $DIRMODE;
|
||||||
|
mkdir "${CATOP}/certs", $DIRMODE;
|
||||||
|
mkdir "${CATOP}/crl", $DIRMODE ;
|
||||||
|
mkdir "${CATOP}/newcerts", $DIRMODE;
|
||||||
|
mkdir "${CATOP}/private", $DIRMODE;
|
||||||
|
open OUT, ">${CATOP}/index.txt";
|
||||||
|
close OUT;
|
||||||
|
open OUT, ">${CATOP}/crlnumber";
|
||||||
|
print OUT "01\n";
|
||||||
|
close OUT;
|
||||||
|
}
|
||||||
|
if ( ! -f "${CATOP}/private/$CAKEY" ) {
|
||||||
|
print "CA certificate filename (or enter to create)\n";
|
||||||
|
$FILE = <STDIN>;
|
||||||
|
|
||||||
|
chop $FILE;
|
||||||
|
|
||||||
|
# ask user for existing CA certificate
|
||||||
|
if ($FILE) {
|
||||||
|
cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
|
||||||
|
cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
|
||||||
|
$RET=$?;
|
||||||
|
} else {
|
||||||
|
print "Making CA certificate ...\n";
|
||||||
|
system ("$REQ -new -keyout " .
|
||||||
|
"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
|
||||||
|
system ("$CA -create_serial " .
|
||||||
|
"-out ${CATOP}/$CACERT $CADAYS -batch " .
|
||||||
|
"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
|
||||||
|
"-extensions v3_ca " .
|
||||||
|
"-infiles ${CATOP}/$CAREQ ");
|
||||||
|
$RET=$?;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} elsif (/^-pkcs12$/) {
|
||||||
|
my $cname = $ARGV[1];
|
||||||
|
$cname = "My Certificate" unless defined $cname;
|
||||||
|
system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
|
||||||
|
"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
|
||||||
|
"-export -name \"$cname\"");
|
||||||
|
$RET=$?;
|
||||||
|
print "PKCS #12 file is in newcert.p12\n";
|
||||||
|
exit $RET;
|
||||||
|
} elsif (/^-xsign$/) {
|
||||||
|
system ("$CA -policy policy_anything -infiles newreq.pem");
|
||||||
|
$RET=$?;
|
||||||
|
} elsif (/^(-sign|-signreq)$/) {
|
||||||
|
system ("$CA -policy policy_anything -out newcert.pem " .
|
||||||
|
"-infiles newreq.pem");
|
||||||
|
$RET=$?;
|
||||||
|
print "Signed certificate is in newcert.pem\n";
|
||||||
|
} elsif (/^(-signCA)$/) {
|
||||||
|
system ("$CA -policy policy_anything -out newcert.pem " .
|
||||||
|
"-extensions v3_ca -infiles newreq.pem");
|
||||||
|
$RET=$?;
|
||||||
|
print "Signed CA certificate is in newcert.pem\n";
|
||||||
|
} elsif (/^-signcert$/) {
|
||||||
|
system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
|
||||||
|
"-out tmp.pem");
|
||||||
|
system ("$CA -policy policy_anything -out newcert.pem " .
|
||||||
|
"-infiles tmp.pem");
|
||||||
|
$RET = $?;
|
||||||
|
print "Signed certificate is in newcert.pem\n";
|
||||||
|
} elsif (/^-verify$/) {
|
||||||
|
if (shift) {
|
||||||
|
foreach $j (@ARGV) {
|
||||||
|
system ("$VERIFY -CAfile $CATOP/$CACERT $j");
|
||||||
|
$RET=$? if ($? != 0);
|
||||||
|
}
|
||||||
|
exit $RET;
|
||||||
|
} else {
|
||||||
|
system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
|
||||||
|
$RET=$?;
|
||||||
|
exit 0;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
print STDERR "Unknown arg $_\n";
|
||||||
|
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
|
||||||
|
exit 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
exit $RET;
|
||||||
|
|
||||||
|
sub cp_pem {
|
||||||
|
my ($infile, $outfile, $bound) = @_;
|
||||||
|
open IN, $infile;
|
||||||
|
open OUT, ">$outfile";
|
||||||
|
my $flag = 0;
|
||||||
|
while (<IN>) {
|
||||||
|
$flag = 1 if (/^-----BEGIN.*$bound/) ;
|
||||||
|
print OUT $_ if ($flag);
|
||||||
|
if (/^-----END.*$bound/) {
|
||||||
|
close IN;
|
||||||
|
close OUT;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
198
jni/openssl/apps/CA.sh
Normal file
198
jni/openssl/apps/CA.sh
Normal file
@ -0,0 +1,198 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# CA - wrapper around ca to make it easier to use ... basically ca requires
|
||||||
|
# some setup stuff to be done before you can use it and this makes
|
||||||
|
# things easier between now and when Eric is convinced to fix it :-)
|
||||||
|
#
|
||||||
|
# CA -newca ... will setup the right stuff
|
||||||
|
# CA -newreq ... will generate a certificate request
|
||||||
|
# CA -sign ... will sign the generated request and output
|
||||||
|
#
|
||||||
|
# At the end of that grab newreq.pem and newcert.pem (one has the key
|
||||||
|
# and the other the certificate) and cat them together and that is what
|
||||||
|
# you want/need ... I'll make even this a little cleaner later.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# 12-Jan-96 tjh Added more things ... including CA -signcert which
|
||||||
|
# converts a certificate to a request and then signs it.
|
||||||
|
# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
|
||||||
|
# environment variable so this can be driven from
|
||||||
|
# a script.
|
||||||
|
# 25-Jul-96 eay Cleaned up filenames some more.
|
||||||
|
# 11-Jun-96 eay Fixed a few filename missmatches.
|
||||||
|
# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
|
||||||
|
# 18-Apr-96 tjh Original hacking
|
||||||
|
#
|
||||||
|
# Tim Hudson
|
||||||
|
# tjh@cryptsoft.com
|
||||||
|
#
|
||||||
|
|
||||||
|
# default openssl.cnf file has setup as per the following
|
||||||
|
# demoCA ... where everything is stored
|
||||||
|
cp_pem() {
|
||||||
|
infile=$1
|
||||||
|
outfile=$2
|
||||||
|
bound=$3
|
||||||
|
flag=0
|
||||||
|
exec <$infile;
|
||||||
|
while read line; do
|
||||||
|
if [ $flag -eq 1 ]; then
|
||||||
|
echo $line|grep "^-----END.*$bound" 2>/dev/null 1>/dev/null
|
||||||
|
if [ $? -eq 0 ] ; then
|
||||||
|
echo $line >>$outfile
|
||||||
|
break
|
||||||
|
else
|
||||||
|
echo $line >>$outfile
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo $line|grep "^-----BEGIN.*$bound" 2>/dev/null 1>/dev/null
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
echo $line >$outfile
|
||||||
|
flag=1
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
echo "usage: $0 -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify" >&2
|
||||||
|
}
|
||||||
|
|
||||||
|
if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi
|
||||||
|
|
||||||
|
if [ -z "$DAYS" ] ; then DAYS="-days 365" ; fi # 1 year
|
||||||
|
CADAYS="-days 1095" # 3 years
|
||||||
|
REQ="$OPENSSL req $SSLEAY_CONFIG"
|
||||||
|
CA="$OPENSSL ca $SSLEAY_CONFIG"
|
||||||
|
VERIFY="$OPENSSL verify"
|
||||||
|
X509="$OPENSSL x509"
|
||||||
|
PKCS12="openssl pkcs12"
|
||||||
|
|
||||||
|
if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
|
||||||
|
CAKEY=./cakey.pem
|
||||||
|
CAREQ=./careq.pem
|
||||||
|
CACERT=./cacert.pem
|
||||||
|
|
||||||
|
RET=0
|
||||||
|
|
||||||
|
while [ "$1" != "" ] ; do
|
||||||
|
case $1 in
|
||||||
|
-\?|-h|-help)
|
||||||
|
usage
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
-newcert)
|
||||||
|
# create a certificate
|
||||||
|
$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS
|
||||||
|
RET=$?
|
||||||
|
echo "Certificate is in newcert.pem, private key is in newkey.pem"
|
||||||
|
;;
|
||||||
|
-newreq)
|
||||||
|
# create a certificate request
|
||||||
|
$REQ -new -keyout newkey.pem -out newreq.pem $DAYS
|
||||||
|
RET=$?
|
||||||
|
echo "Request is in newreq.pem, private key is in newkey.pem"
|
||||||
|
;;
|
||||||
|
-newreq-nodes)
|
||||||
|
# create a certificate request
|
||||||
|
$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS
|
||||||
|
RET=$?
|
||||||
|
echo "Request (and private key) is in newreq.pem"
|
||||||
|
;;
|
||||||
|
-newca)
|
||||||
|
# if explicitly asked for or it doesn't exist then setup the directory
|
||||||
|
# structure that Eric likes to manage things
|
||||||
|
NEW="1"
|
||||||
|
if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
|
||||||
|
# create the directory hierarchy
|
||||||
|
mkdir -p ${CATOP}
|
||||||
|
mkdir -p ${CATOP}/certs
|
||||||
|
mkdir -p ${CATOP}/crl
|
||||||
|
mkdir -p ${CATOP}/newcerts
|
||||||
|
mkdir -p ${CATOP}/private
|
||||||
|
touch ${CATOP}/index.txt
|
||||||
|
fi
|
||||||
|
if [ ! -f ${CATOP}/private/$CAKEY ]; then
|
||||||
|
echo "CA certificate filename (or enter to create)"
|
||||||
|
read FILE
|
||||||
|
|
||||||
|
# ask user for existing CA certificate
|
||||||
|
if [ "$FILE" ]; then
|
||||||
|
cp_pem $FILE ${CATOP}/private/$CAKEY PRIVATE
|
||||||
|
cp_pem $FILE ${CATOP}/$CACERT CERTIFICATE
|
||||||
|
RET=$?
|
||||||
|
if [ ! -f "${CATOP}/serial" ]; then
|
||||||
|
$X509 -in ${CATOP}/$CACERT -noout -next_serial \
|
||||||
|
-out ${CATOP}/serial
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "Making CA certificate ..."
|
||||||
|
$REQ -new -keyout ${CATOP}/private/$CAKEY \
|
||||||
|
-out ${CATOP}/$CAREQ
|
||||||
|
$CA -create_serial -out ${CATOP}/$CACERT $CADAYS -batch \
|
||||||
|
-keyfile ${CATOP}/private/$CAKEY -selfsign \
|
||||||
|
-extensions v3_ca \
|
||||||
|
-infiles ${CATOP}/$CAREQ
|
||||||
|
RET=$?
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
-xsign)
|
||||||
|
$CA -policy policy_anything -infiles newreq.pem
|
||||||
|
RET=$?
|
||||||
|
;;
|
||||||
|
-pkcs12)
|
||||||
|
if [ -z "$2" ] ; then
|
||||||
|
CNAME="My Certificate"
|
||||||
|
else
|
||||||
|
CNAME="$2"
|
||||||
|
fi
|
||||||
|
$PKCS12 -in newcert.pem -inkey newreq.pem -certfile ${CATOP}/$CACERT \
|
||||||
|
-out newcert.p12 -export -name "$CNAME"
|
||||||
|
RET=$?
|
||||||
|
exit $RET
|
||||||
|
;;
|
||||||
|
-sign|-signreq)
|
||||||
|
$CA -policy policy_anything -out newcert.pem -infiles newreq.pem
|
||||||
|
RET=$?
|
||||||
|
cat newcert.pem
|
||||||
|
echo "Signed certificate is in newcert.pem"
|
||||||
|
;;
|
||||||
|
-signCA)
|
||||||
|
$CA -policy policy_anything -out newcert.pem -extensions v3_ca -infiles newreq.pem
|
||||||
|
RET=$?
|
||||||
|
echo "Signed CA certificate is in newcert.pem"
|
||||||
|
;;
|
||||||
|
-signcert)
|
||||||
|
echo "Cert passphrase will be requested twice - bug?"
|
||||||
|
$X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
|
||||||
|
$CA -policy policy_anything -out newcert.pem -infiles tmp.pem
|
||||||
|
RET=$?
|
||||||
|
cat newcert.pem
|
||||||
|
echo "Signed certificate is in newcert.pem"
|
||||||
|
;;
|
||||||
|
-verify)
|
||||||
|
shift
|
||||||
|
if [ -z "$1" ]; then
|
||||||
|
$VERIFY -CAfile $CATOP/$CACERT newcert.pem
|
||||||
|
RET=$?
|
||||||
|
else
|
||||||
|
for j
|
||||||
|
do
|
||||||
|
$VERIFY -CAfile $CATOP/$CACERT $j
|
||||||
|
if [ $? != 0 ]; then
|
||||||
|
RET=$?
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
exit $RET
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Unknown arg $i" >&2
|
||||||
|
usage
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
exit $RET
|
218
jni/openssl/apps/app_rand.c
Normal file
218
jni/openssl/apps/app_rand.c
Normal file
@ -0,0 +1,218 @@
|
|||||||
|
/* apps/app_rand.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#define NON_MAIN
|
||||||
|
#include "apps.h"
|
||||||
|
#undef NON_MAIN
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
|
||||||
|
|
||||||
|
static int seeded = 0;
|
||||||
|
static int egdsocket = 0;
|
||||||
|
|
||||||
|
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
|
||||||
|
{
|
||||||
|
int consider_randfile = (file == NULL);
|
||||||
|
char buffer[200];
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYS_WINDOWS
|
||||||
|
BIO_printf(bio_e,"Loading 'screen' into random state -");
|
||||||
|
BIO_flush(bio_e);
|
||||||
|
RAND_screen();
|
||||||
|
BIO_printf(bio_e," done\n");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (file == NULL)
|
||||||
|
file = RAND_file_name(buffer, sizeof buffer);
|
||||||
|
else if (RAND_egd(file) > 0)
|
||||||
|
{
|
||||||
|
/* we try if the given filename is an EGD socket.
|
||||||
|
if it is, we don't write anything back to the file. */
|
||||||
|
egdsocket = 1;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if (file == NULL || !RAND_load_file(file, -1))
|
||||||
|
{
|
||||||
|
if (RAND_status() == 0)
|
||||||
|
{
|
||||||
|
if (!dont_warn)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_e,"unable to load 'random state'\n");
|
||||||
|
BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
|
||||||
|
BIO_printf(bio_e,"with much random data.\n");
|
||||||
|
if (consider_randfile) /* explanation does not apply when a file is explicitly named */
|
||||||
|
{
|
||||||
|
BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
|
||||||
|
BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
seeded = 1;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
long app_RAND_load_files(char *name)
|
||||||
|
{
|
||||||
|
char *p,*n;
|
||||||
|
int last;
|
||||||
|
long tot=0;
|
||||||
|
int egd;
|
||||||
|
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
last=0;
|
||||||
|
for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
|
||||||
|
if (*p == '\0') last=1;
|
||||||
|
*p='\0';
|
||||||
|
n=name;
|
||||||
|
name=p+1;
|
||||||
|
if (*n == '\0') break;
|
||||||
|
|
||||||
|
egd=RAND_egd(n);
|
||||||
|
if (egd > 0)
|
||||||
|
tot+=egd;
|
||||||
|
else
|
||||||
|
tot+=RAND_load_file(n,-1);
|
||||||
|
if (last) break;
|
||||||
|
}
|
||||||
|
if (tot > 512)
|
||||||
|
app_RAND_allow_write_file();
|
||||||
|
return(tot);
|
||||||
|
}
|
||||||
|
|
||||||
|
int app_RAND_write_file(const char *file, BIO *bio_e)
|
||||||
|
{
|
||||||
|
char buffer[200];
|
||||||
|
|
||||||
|
if (egdsocket || !seeded)
|
||||||
|
/* If we did not manage to read the seed file,
|
||||||
|
* we should not write a low-entropy seed file back --
|
||||||
|
* it would suppress a crucial warning the next time
|
||||||
|
* we want to use it. */
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
if (file == NULL)
|
||||||
|
file = RAND_file_name(buffer, sizeof buffer);
|
||||||
|
if (file == NULL || !RAND_write_file(file))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_e,"unable to write 'random state'\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
void app_RAND_allow_write_file(void)
|
||||||
|
{
|
||||||
|
seeded = 1;
|
||||||
|
}
|
3063
jni/openssl/apps/apps.c
Normal file
3063
jni/openssl/apps/apps.c
Normal file
File diff suppressed because it is too large
Load Diff
364
jni/openssl/apps/apps.h
Normal file
364
jni/openssl/apps/apps.h
Normal file
@ -0,0 +1,364 @@
|
|||||||
|
/* apps/apps.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_APPS_H
|
||||||
|
#define HEADER_APPS_H
|
||||||
|
|
||||||
|
#include "e_os.h"
|
||||||
|
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/lhash.h>
|
||||||
|
#include <openssl/conf.h>
|
||||||
|
#include <openssl/txt_db.h>
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
#include <openssl/engine.h>
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_OCSP
|
||||||
|
#include <openssl/ocsp.h>
|
||||||
|
#endif
|
||||||
|
#include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
|
||||||
|
int app_RAND_write_file(const char *file, BIO *bio_e);
|
||||||
|
/* When `file' is NULL, use defaults.
|
||||||
|
* `bio_e' is for error messages. */
|
||||||
|
void app_RAND_allow_write_file(void);
|
||||||
|
long app_RAND_load_files(char *file); /* `file' is a list of files to read,
|
||||||
|
* separated by LIST_SEPARATOR_CHAR
|
||||||
|
* (see e_os.h). The string is
|
||||||
|
* destroyed! */
|
||||||
|
|
||||||
|
#ifndef MONOLITH
|
||||||
|
|
||||||
|
#define MAIN(a,v) main(a,v)
|
||||||
|
|
||||||
|
#ifndef NON_MAIN
|
||||||
|
CONF *config=NULL;
|
||||||
|
BIO *bio_err=NULL;
|
||||||
|
#else
|
||||||
|
extern CONF *config;
|
||||||
|
extern BIO *bio_err;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#else
|
||||||
|
|
||||||
|
#define MAIN(a,v) PROG(a,v)
|
||||||
|
extern CONF *config;
|
||||||
|
extern char *default_config_file;
|
||||||
|
extern BIO *bio_err;
|
||||||
|
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_SYS_NETWARE
|
||||||
|
#include <signal.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef SIGPIPE
|
||||||
|
#define do_pipe_sig() signal(SIGPIPE,SIG_IGN)
|
||||||
|
#else
|
||||||
|
#define do_pipe_sig()
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef OPENSSL_NO_COMP
|
||||||
|
#define zlib_cleanup()
|
||||||
|
#else
|
||||||
|
#define zlib_cleanup() COMP_zlib_cleanup()
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MONOLITH) && !defined(OPENSSL_C)
|
||||||
|
# define apps_startup() \
|
||||||
|
do_pipe_sig()
|
||||||
|
# define apps_shutdown()
|
||||||
|
#else
|
||||||
|
# ifndef OPENSSL_NO_ENGINE
|
||||||
|
# define apps_startup() \
|
||||||
|
do { do_pipe_sig(); CRYPTO_malloc_init(); \
|
||||||
|
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
|
||||||
|
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
|
||||||
|
# define apps_shutdown() \
|
||||||
|
do { CONF_modules_unload(1); destroy_ui_method(); \
|
||||||
|
OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
|
||||||
|
CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
|
||||||
|
ERR_free_strings(); zlib_cleanup();} while(0)
|
||||||
|
# else
|
||||||
|
# define apps_startup() \
|
||||||
|
do { do_pipe_sig(); CRYPTO_malloc_init(); \
|
||||||
|
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
|
||||||
|
setup_ui_method(); } while(0)
|
||||||
|
# define apps_shutdown() \
|
||||||
|
do { CONF_modules_unload(1); destroy_ui_method(); \
|
||||||
|
OBJ_cleanup(); EVP_cleanup(); \
|
||||||
|
CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
|
||||||
|
ERR_free_strings(); zlib_cleanup(); } while(0)
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYSNAME_WIN32
|
||||||
|
# define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
|
||||||
|
#else
|
||||||
|
# define openssl_fdset(a,b) FD_SET(a, b)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
typedef struct args_st
|
||||||
|
{
|
||||||
|
char **data;
|
||||||
|
int count;
|
||||||
|
} ARGS;
|
||||||
|
|
||||||
|
#define PW_MIN_LENGTH 4
|
||||||
|
typedef struct pw_cb_data
|
||||||
|
{
|
||||||
|
const void *password;
|
||||||
|
const char *prompt_info;
|
||||||
|
} PW_CB_DATA;
|
||||||
|
|
||||||
|
int password_callback(char *buf, int bufsiz, int verify,
|
||||||
|
PW_CB_DATA *cb_data);
|
||||||
|
|
||||||
|
int setup_ui_method(void);
|
||||||
|
void destroy_ui_method(void);
|
||||||
|
|
||||||
|
int should_retry(int i);
|
||||||
|
int args_from_file(char *file, int *argc, char **argv[]);
|
||||||
|
int str2fmt(char *s);
|
||||||
|
void program_name(char *in,char *out,int size);
|
||||||
|
int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
|
||||||
|
#ifdef HEADER_X509_H
|
||||||
|
int dump_cert_text(BIO *out, X509 *x);
|
||||||
|
void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags);
|
||||||
|
#endif
|
||||||
|
int set_cert_ex(unsigned long *flags, const char *arg);
|
||||||
|
int set_name_ex(unsigned long *flags, const char *arg);
|
||||||
|
int set_ext_copy(int *copy_type, const char *arg);
|
||||||
|
int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
|
||||||
|
int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
|
||||||
|
int add_oid_section(BIO *err, CONF *conf);
|
||||||
|
X509 *load_cert(BIO *err, const char *file, int format,
|
||||||
|
const char *pass, ENGINE *e, const char *cert_descrip);
|
||||||
|
EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
|
||||||
|
const char *pass, ENGINE *e, const char *key_descrip);
|
||||||
|
EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
|
||||||
|
const char *pass, ENGINE *e, const char *key_descrip);
|
||||||
|
STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
|
||||||
|
const char *pass, ENGINE *e, const char *cert_descrip);
|
||||||
|
STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
|
||||||
|
const char *pass, ENGINE *e, const char *cert_descrip);
|
||||||
|
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_OCSP
|
||||||
|
OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
|
||||||
|
char *host, char *path, char *port, int use_ssl,
|
||||||
|
STACK_OF(CONF_VALUE) *headers,
|
||||||
|
int req_timeout);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
int load_config(BIO *err, CONF *cnf);
|
||||||
|
char *make_config_name(void);
|
||||||
|
|
||||||
|
/* Functions defined in ca.c and also used in ocsp.c */
|
||||||
|
int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
|
||||||
|
ASN1_GENERALIZEDTIME **pinvtm, const char *str);
|
||||||
|
|
||||||
|
#define DB_type 0
|
||||||
|
#define DB_exp_date 1
|
||||||
|
#define DB_rev_date 2
|
||||||
|
#define DB_serial 3 /* index - unique */
|
||||||
|
#define DB_file 4
|
||||||
|
#define DB_name 5 /* index - unique when active and not disabled */
|
||||||
|
#define DB_NUMBER 6
|
||||||
|
|
||||||
|
#define DB_TYPE_REV 'R'
|
||||||
|
#define DB_TYPE_EXP 'E'
|
||||||
|
#define DB_TYPE_VAL 'V'
|
||||||
|
|
||||||
|
typedef struct db_attr_st
|
||||||
|
{
|
||||||
|
int unique_subject;
|
||||||
|
} DB_ATTR;
|
||||||
|
typedef struct ca_db_st
|
||||||
|
{
|
||||||
|
DB_ATTR attributes;
|
||||||
|
TXT_DB *db;
|
||||||
|
} CA_DB;
|
||||||
|
|
||||||
|
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
|
||||||
|
int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
|
||||||
|
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
|
||||||
|
int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
|
||||||
|
CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
|
||||||
|
int index_index(CA_DB *db);
|
||||||
|
int save_index(const char *dbfile, const char *suffix, CA_DB *db);
|
||||||
|
int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix);
|
||||||
|
void free_index(CA_DB *db);
|
||||||
|
#define index_name_cmp_noconst(a, b) \
|
||||||
|
index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
|
||||||
|
(const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
|
||||||
|
int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
|
||||||
|
int parse_yesno(const char *str, int def);
|
||||||
|
|
||||||
|
X509_NAME *parse_name(char *str, long chtype, int multirdn);
|
||||||
|
int args_verify(char ***pargs, int *pargc,
|
||||||
|
int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
|
||||||
|
void policies_print(BIO *out, X509_STORE_CTX *ctx);
|
||||||
|
int bio_to_mem(unsigned char **out, int maxlen, BIO *in);
|
||||||
|
int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
|
||||||
|
int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
|
||||||
|
const char *algname, ENGINE *e, int do_param);
|
||||||
|
#ifndef OPENSSL_NO_PSK
|
||||||
|
extern char *psk_key;
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_JPAKE
|
||||||
|
void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
|
||||||
|
void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define FORMAT_UNDEF 0
|
||||||
|
#define FORMAT_ASN1 1
|
||||||
|
#define FORMAT_TEXT 2
|
||||||
|
#define FORMAT_PEM 3
|
||||||
|
#define FORMAT_NETSCAPE 4
|
||||||
|
#define FORMAT_PKCS12 5
|
||||||
|
#define FORMAT_SMIME 6
|
||||||
|
#define FORMAT_ENGINE 7
|
||||||
|
#define FORMAT_IISSGC 8 /* XXX this stupid macro helps us to avoid
|
||||||
|
* adding yet another param to load_*key() */
|
||||||
|
#define FORMAT_PEMRSA 9 /* PEM RSAPubicKey format */
|
||||||
|
#define FORMAT_ASN1RSA 10 /* DER RSAPubicKey format */
|
||||||
|
#define FORMAT_MSBLOB 11 /* MS Key blob format */
|
||||||
|
#define FORMAT_PVK 12 /* MS PVK file format */
|
||||||
|
|
||||||
|
#define EXT_COPY_NONE 0
|
||||||
|
#define EXT_COPY_ADD 1
|
||||||
|
#define EXT_COPY_ALL 2
|
||||||
|
|
||||||
|
#define NETSCAPE_CERT_HDR "certificate"
|
||||||
|
|
||||||
|
#define APP_PASS_LEN 1024
|
||||||
|
|
||||||
|
#define SERIAL_RAND_BITS 64
|
||||||
|
|
||||||
|
int app_isdir(const char *);
|
||||||
|
int raw_read_stdin(void *,int);
|
||||||
|
int raw_write_stdout(const void *,int);
|
||||||
|
|
||||||
|
#define TM_START 0
|
||||||
|
#define TM_STOP 1
|
||||||
|
double app_tminterval (int stop,int usertime);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
|
||||||
|
#endif
|
445
jni/openssl/apps/asn1pars.c
Normal file
445
jni/openssl/apps/asn1pars.c
Normal file
@ -0,0 +1,445 @@
|
|||||||
|
/* apps/asn1pars.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* A nice addition from Dr Stephen Henson <steve@openssl.org> to
|
||||||
|
* add the -strparse option which parses nested binary structures
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (DER or PEM)
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -i - indent the details by depth
|
||||||
|
* -offset - where in the file to start
|
||||||
|
* -length - how many bytes to use
|
||||||
|
* -oid file - extra oid description file
|
||||||
|
*/
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG asn1parse_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int i,badops=0,offset=0,ret=1,j;
|
||||||
|
unsigned int length=0;
|
||||||
|
long num,tmplen;
|
||||||
|
BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL;
|
||||||
|
int informat,indent=0, noout = 0, dump = 0;
|
||||||
|
char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL;
|
||||||
|
char *genstr=NULL, *genconf=NULL;
|
||||||
|
unsigned char *tmpbuf;
|
||||||
|
const unsigned char *ctmpbuf;
|
||||||
|
BUF_MEM *buf=NULL;
|
||||||
|
STACK_OF(OPENSSL_STRING) *osk=NULL;
|
||||||
|
ASN1_TYPE *at=NULL;
|
||||||
|
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
if ((osk=sk_OPENSSL_STRING_new_null()) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Memory allocation failure\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
derfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-i") == 0)
|
||||||
|
{
|
||||||
|
indent=1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-noout") == 0) noout = 1;
|
||||||
|
else if (strcmp(*argv,"-oid") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
oidfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-offset") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
offset= atoi(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-length") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
length= atoi(*(++argv));
|
||||||
|
if (length == 0) goto bad;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-dump") == 0)
|
||||||
|
{
|
||||||
|
dump= -1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-dlimit") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
dump= atoi(*(++argv));
|
||||||
|
if (dump <= 0) goto bad;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-strparse") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
sk_OPENSSL_STRING_push(osk,*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-genstr") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
genstr= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-genconf") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
genconf= *(++argv);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] <infile\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - one of DER PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file (output format is always DER\n");
|
||||||
|
BIO_printf(bio_err," -noout arg don't produce any output\n");
|
||||||
|
BIO_printf(bio_err," -offset arg offset into file\n");
|
||||||
|
BIO_printf(bio_err," -length arg length of section in file\n");
|
||||||
|
BIO_printf(bio_err," -i indent entries\n");
|
||||||
|
BIO_printf(bio_err," -dump dump unknown data in hex form\n");
|
||||||
|
BIO_printf(bio_err," -dlimit arg dump the first arg bytes of unknown data in hex form\n");
|
||||||
|
BIO_printf(bio_err," -oid file file of extra oid definitions\n");
|
||||||
|
BIO_printf(bio_err," -strparse offset\n");
|
||||||
|
BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n");
|
||||||
|
BIO_printf(bio_err," ASN1 blob wrappings\n");
|
||||||
|
BIO_printf(bio_err," -genstr str string to generate ASN1 structure from\n");
|
||||||
|
BIO_printf(bio_err," -genconf file file to generate ASN1 structure from\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (oidfile != NULL)
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,oidfile) <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"problems opening %s\n",oidfile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
OBJ_create_objects(in);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (derfile) {
|
||||||
|
if(!(derout = BIO_new_file(derfile, "wb"))) {
|
||||||
|
BIO_printf(bio_err,"problems opening %s\n",derfile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((buf=BUF_MEM_new()) == NULL) goto end;
|
||||||
|
if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
|
||||||
|
|
||||||
|
if (genstr || genconf)
|
||||||
|
{
|
||||||
|
num = do_generate(bio_err, genstr, genconf, buf);
|
||||||
|
if (num < 0)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
else
|
||||||
|
{
|
||||||
|
|
||||||
|
if (informat == FORMAT_PEM)
|
||||||
|
{
|
||||||
|
BIO *tmp;
|
||||||
|
|
||||||
|
if ((b64=BIO_new(BIO_f_base64())) == NULL)
|
||||||
|
goto end;
|
||||||
|
BIO_push(b64,in);
|
||||||
|
tmp=in;
|
||||||
|
in=b64;
|
||||||
|
b64=tmp;
|
||||||
|
}
|
||||||
|
|
||||||
|
num=0;
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
|
||||||
|
i=BIO_read(in,&(buf->data[num]),BUFSIZ);
|
||||||
|
if (i <= 0) break;
|
||||||
|
num+=i;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
str=buf->data;
|
||||||
|
|
||||||
|
/* If any structs to parse go through in sequence */
|
||||||
|
|
||||||
|
if (sk_OPENSSL_STRING_num(osk))
|
||||||
|
{
|
||||||
|
tmpbuf=(unsigned char *)str;
|
||||||
|
tmplen=num;
|
||||||
|
for (i=0; i<sk_OPENSSL_STRING_num(osk); i++)
|
||||||
|
{
|
||||||
|
ASN1_TYPE *atmp;
|
||||||
|
int typ;
|
||||||
|
j=atoi(sk_OPENSSL_STRING_value(osk,i));
|
||||||
|
if (j == 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"'%s' is an invalid number\n",sk_OPENSSL_STRING_value(osk,i));
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
tmpbuf+=j;
|
||||||
|
tmplen-=j;
|
||||||
|
atmp = at;
|
||||||
|
ctmpbuf = tmpbuf;
|
||||||
|
at = d2i_ASN1_TYPE(NULL,&ctmpbuf,tmplen);
|
||||||
|
ASN1_TYPE_free(atmp);
|
||||||
|
if(!at)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Error parsing structure\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
typ = ASN1_TYPE_get(at);
|
||||||
|
if ((typ == V_ASN1_OBJECT)
|
||||||
|
|| (typ == V_ASN1_NULL))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Can't parse %s type\n",
|
||||||
|
typ == V_ASN1_NULL ? "NULL" : "OBJECT");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
/* hmm... this is a little evil but it works */
|
||||||
|
tmpbuf=at->value.asn1_string->data;
|
||||||
|
tmplen=at->value.asn1_string->length;
|
||||||
|
}
|
||||||
|
str=(char *)tmpbuf;
|
||||||
|
num=tmplen;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (offset >= num)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error: offset too large\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
num -= offset;
|
||||||
|
|
||||||
|
if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
|
||||||
|
if(derout) {
|
||||||
|
if(BIO_write(derout, str + offset, length) != (int)length) {
|
||||||
|
BIO_printf(bio_err, "Error writing output\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!noout &&
|
||||||
|
!ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length,
|
||||||
|
indent,dump))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
BIO_free(derout);
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (b64 != NULL) BIO_free(b64);
|
||||||
|
if (ret != 0)
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
if (buf != NULL) BUF_MEM_free(buf);
|
||||||
|
if (at != NULL) ASN1_TYPE_free(at);
|
||||||
|
if (osk != NULL) sk_OPENSSL_STRING_free(osk);
|
||||||
|
OBJ_cleanup();
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
|
||||||
|
{
|
||||||
|
CONF *cnf = NULL;
|
||||||
|
int len;
|
||||||
|
long errline;
|
||||||
|
unsigned char *p;
|
||||||
|
ASN1_TYPE *atyp = NULL;
|
||||||
|
|
||||||
|
if (genconf)
|
||||||
|
{
|
||||||
|
cnf = NCONF_new(NULL);
|
||||||
|
if (!NCONF_load(cnf, genconf, &errline))
|
||||||
|
goto conferr;
|
||||||
|
if (!genstr)
|
||||||
|
genstr = NCONF_get_string(cnf, "default", "asn1");
|
||||||
|
if (!genstr)
|
||||||
|
{
|
||||||
|
BIO_printf(bio, "Can't find 'asn1' in '%s'\n", genconf);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
atyp = ASN1_generate_nconf(genstr, cnf);
|
||||||
|
NCONF_free(cnf);
|
||||||
|
cnf = NULL;
|
||||||
|
|
||||||
|
if (!atyp)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
len = i2d_ASN1_TYPE(atyp, NULL);
|
||||||
|
|
||||||
|
if (len <= 0)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
if (!BUF_MEM_grow(buf,len))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
p=(unsigned char *)buf->data;
|
||||||
|
|
||||||
|
i2d_ASN1_TYPE(atyp, &p);
|
||||||
|
|
||||||
|
ASN1_TYPE_free(atyp);
|
||||||
|
return len;
|
||||||
|
|
||||||
|
conferr:
|
||||||
|
|
||||||
|
if (errline > 0)
|
||||||
|
BIO_printf(bio, "Error on line %ld of config file '%s'\n",
|
||||||
|
errline, genconf);
|
||||||
|
else
|
||||||
|
BIO_printf(bio, "Error loading config file '%s'\n", genconf);
|
||||||
|
|
||||||
|
err:
|
||||||
|
NCONF_free(cnf);
|
||||||
|
ASN1_TYPE_free(atyp);
|
||||||
|
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
}
|
1
jni/openssl/apps/ca-cert.srl
Normal file
1
jni/openssl/apps/ca-cert.srl
Normal file
@ -0,0 +1 @@
|
|||||||
|
07
|
15
jni/openssl/apps/ca-key.pem
Normal file
15
jni/openssl/apps/ca-key.pem
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
|
||||||
|
gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
|
||||||
|
2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
|
||||||
|
AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
|
||||||
|
hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
|
||||||
|
J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
|
||||||
|
HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
|
||||||
|
21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
|
||||||
|
nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
|
||||||
|
MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
|
||||||
|
pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
|
||||||
|
KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
|
||||||
|
XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
|
||||||
|
-----END RSA PRIVATE KEY-----
|
11
jni/openssl/apps/ca-req.pem
Normal file
11
jni/openssl/apps/ca-req.pem
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
|
||||||
|
GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
|
||||||
|
MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
|
||||||
|
bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
|
||||||
|
FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
|
||||||
|
cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
|
||||||
|
cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
|
||||||
|
5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
|
||||||
|
kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
2985
jni/openssl/apps/ca.c
Normal file
2985
jni/openssl/apps/ca.c
Normal file
File diff suppressed because it is too large
Load Diff
11
jni/openssl/apps/cert.pem
Normal file
11
jni/openssl/apps/cert.pem
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
|
||||||
|
VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
|
||||||
|
Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
|
||||||
|
YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
|
||||||
|
DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
|
||||||
|
tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
|
||||||
|
sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
|
||||||
|
19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
|
||||||
|
-----END CERTIFICATE-----
|
231
jni/openssl/apps/ciphers.c
Normal file
231
jni/openssl/apps/ciphers.c
Normal file
@ -0,0 +1,231 @@
|
|||||||
|
/* apps/ciphers.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#ifdef OPENSSL_NO_STDIO
|
||||||
|
#define APPS_WIN16
|
||||||
|
#endif
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG ciphers_main
|
||||||
|
|
||||||
|
static const char *ciphers_usage[]={
|
||||||
|
"usage: ciphers args\n",
|
||||||
|
" -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
|
||||||
|
" -V - even more verbose\n",
|
||||||
|
" -ssl2 - SSL2 mode\n",
|
||||||
|
" -ssl3 - SSL3 mode\n",
|
||||||
|
" -tls1 - TLS1 mode\n",
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int ret=1,i;
|
||||||
|
int verbose=0,Verbose=0;
|
||||||
|
const char **pp;
|
||||||
|
const char *p;
|
||||||
|
int badops=0;
|
||||||
|
SSL_CTX *ctx=NULL;
|
||||||
|
SSL *ssl=NULL;
|
||||||
|
char *ciphers=NULL;
|
||||||
|
const SSL_METHOD *meth=NULL;
|
||||||
|
STACK_OF(SSL_CIPHER) *sk;
|
||||||
|
char buf[512];
|
||||||
|
BIO *STDout=NULL;
|
||||||
|
|
||||||
|
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
|
||||||
|
meth=SSLv23_server_method();
|
||||||
|
#elif !defined(OPENSSL_NO_SSL3)
|
||||||
|
meth=SSLv3_server_method();
|
||||||
|
#elif !defined(OPENSSL_NO_SSL2)
|
||||||
|
meth=SSLv2_server_method();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
|
||||||
|
STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
STDout = BIO_push(tmpbio, STDout);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-v") == 0)
|
||||||
|
verbose=1;
|
||||||
|
else if (strcmp(*argv,"-V") == 0)
|
||||||
|
verbose=Verbose=1;
|
||||||
|
#ifndef OPENSSL_NO_SSL2
|
||||||
|
else if (strcmp(*argv,"-ssl2") == 0)
|
||||||
|
meth=SSLv2_client_method();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SSL3
|
||||||
|
else if (strcmp(*argv,"-ssl3") == 0)
|
||||||
|
meth=SSLv3_client_method();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_TLS1
|
||||||
|
else if (strcmp(*argv,"-tls1") == 0)
|
||||||
|
meth=TLSv1_client_method();
|
||||||
|
#endif
|
||||||
|
else if ((strncmp(*argv,"-h",2) == 0) ||
|
||||||
|
(strcmp(*argv,"-?") == 0))
|
||||||
|
{
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ciphers= *argv;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
for (pp=ciphers_usage; (*pp != NULL); pp++)
|
||||||
|
BIO_printf(bio_err,"%s",*pp);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
OpenSSL_add_ssl_algorithms();
|
||||||
|
|
||||||
|
ctx=SSL_CTX_new(meth);
|
||||||
|
if (ctx == NULL) goto err;
|
||||||
|
if (ciphers != NULL) {
|
||||||
|
if(!SSL_CTX_set_cipher_list(ctx,ciphers)) {
|
||||||
|
BIO_printf(bio_err, "Error in cipher list\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ssl=SSL_new(ctx);
|
||||||
|
if (ssl == NULL) goto err;
|
||||||
|
|
||||||
|
|
||||||
|
if (!verbose)
|
||||||
|
{
|
||||||
|
for (i=0; ; i++)
|
||||||
|
{
|
||||||
|
p=SSL_get_cipher_list(ssl,i);
|
||||||
|
if (p == NULL) break;
|
||||||
|
if (i != 0) BIO_printf(STDout,":");
|
||||||
|
BIO_printf(STDout,"%s",p);
|
||||||
|
}
|
||||||
|
BIO_printf(STDout,"\n");
|
||||||
|
}
|
||||||
|
else /* verbose */
|
||||||
|
{
|
||||||
|
sk=SSL_get_ciphers(ssl);
|
||||||
|
|
||||||
|
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
|
||||||
|
{
|
||||||
|
SSL_CIPHER *c;
|
||||||
|
|
||||||
|
c = sk_SSL_CIPHER_value(sk,i);
|
||||||
|
|
||||||
|
if (Verbose)
|
||||||
|
{
|
||||||
|
unsigned long id = c->id;
|
||||||
|
int id0 = (int)(id >> 24);
|
||||||
|
int id1 = (int)((id >> 16) & 0xffL);
|
||||||
|
int id2 = (int)((id >> 8) & 0xffL);
|
||||||
|
int id3 = (int)(id & 0xffL);
|
||||||
|
|
||||||
|
if ((id & 0xff000000L) == 0x02000000L)
|
||||||
|
BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
|
||||||
|
else if ((id & 0xff000000L) == 0x03000000L)
|
||||||
|
BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
|
||||||
|
else
|
||||||
|
BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
|
||||||
|
}
|
||||||
|
|
||||||
|
BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ret=0;
|
||||||
|
if (0)
|
||||||
|
{
|
||||||
|
err:
|
||||||
|
SSL_load_error_strings();
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
end:
|
||||||
|
if (ctx != NULL) SSL_CTX_free(ctx);
|
||||||
|
if (ssl != NULL) SSL_free(ssl);
|
||||||
|
if (STDout != NULL) BIO_free_all(STDout);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
24
jni/openssl/apps/client.pem
Normal file
24
jni/openssl/apps/client.pem
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
|
||||||
|
VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5
|
||||||
|
MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
|
||||||
|
A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl
|
||||||
|
cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw
|
||||||
|
Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt
|
||||||
|
XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5
|
||||||
|
NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3
|
||||||
|
UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE
|
||||||
|
9TKwhS4GlwbtCfxSKQ==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
|
||||||
|
q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
|
||||||
|
/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
|
||||||
|
HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
|
||||||
|
ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
|
||||||
|
nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
|
||||||
|
ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
|
||||||
|
-----END RSA PRIVATE KEY-----
|
1362
jni/openssl/apps/cms.c
Normal file
1362
jni/openssl/apps/cms.c
Normal file
File diff suppressed because it is too large
Load Diff
446
jni/openssl/apps/crl.c
Normal file
446
jni/openssl/apps/crl.c
Normal file
@ -0,0 +1,446 @@
|
|||||||
|
/* apps/crl.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/x509v3.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG crl_main
|
||||||
|
|
||||||
|
#undef POSTFIX
|
||||||
|
#define POSTFIX ".rvk"
|
||||||
|
|
||||||
|
static const char *crl_usage[]={
|
||||||
|
"usage: crl args\n",
|
||||||
|
"\n",
|
||||||
|
" -inform arg - input format - default PEM (DER or PEM)\n",
|
||||||
|
" -outform arg - output format - default PEM\n",
|
||||||
|
" -text - print out a text format version\n",
|
||||||
|
" -in arg - input file - default stdin\n",
|
||||||
|
" -out arg - output file - default stdout\n",
|
||||||
|
" -hash - print hash value\n",
|
||||||
|
" -fingerprint - print the crl fingerprint\n",
|
||||||
|
" -issuer - print issuer DN\n",
|
||||||
|
" -lastupdate - lastUpdate field\n",
|
||||||
|
" -nextupdate - nextUpdate field\n",
|
||||||
|
" -crlnumber - print CRL number\n",
|
||||||
|
" -noout - no CRL output\n",
|
||||||
|
" -CAfile name - verify CRL using certificates in file \"name\"\n",
|
||||||
|
" -CApath dir - verify CRL using certificates in \"dir\"\n",
|
||||||
|
" -nameopt arg - various certificate name options\n",
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
static X509_CRL *load_crl(char *file, int format);
|
||||||
|
static BIO *bio_out=NULL;
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
unsigned long nmflag = 0;
|
||||||
|
X509_CRL *x=NULL;
|
||||||
|
char *CAfile = NULL, *CApath = NULL;
|
||||||
|
int ret=1,i,num,badops=0;
|
||||||
|
BIO *out=NULL;
|
||||||
|
int informat,outformat;
|
||||||
|
char *infile=NULL,*outfile=NULL;
|
||||||
|
int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
|
||||||
|
int fingerprint = 0, crlnumber = 0;
|
||||||
|
const char **pp;
|
||||||
|
X509_STORE *store = NULL;
|
||||||
|
X509_STORE_CTX ctx;
|
||||||
|
X509_LOOKUP *lookup = NULL;
|
||||||
|
X509_OBJECT xobj;
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
int do_ver = 0;
|
||||||
|
const EVP_MD *md_alg,*digest=EVP_sha1();
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (bio_out == NULL)
|
||||||
|
if ((bio_out=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
bio_out = BIO_push(tmpbio, bio_out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
num=0;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
#ifdef undef
|
||||||
|
if (strcmp(*argv,"-p") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-CApath") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
CApath = *(++argv);
|
||||||
|
do_ver = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-CAfile") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
CAfile = *(++argv);
|
||||||
|
do_ver = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-verify") == 0)
|
||||||
|
do_ver = 1;
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text = 1;
|
||||||
|
else if (strcmp(*argv,"-hash") == 0)
|
||||||
|
hash= ++num;
|
||||||
|
else if (strcmp(*argv,"-nameopt") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
if (!set_name_ex(&nmflag, *(++argv))) goto bad;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-issuer") == 0)
|
||||||
|
issuer= ++num;
|
||||||
|
else if (strcmp(*argv,"-lastupdate") == 0)
|
||||||
|
lastupdate= ++num;
|
||||||
|
else if (strcmp(*argv,"-nextupdate") == 0)
|
||||||
|
nextupdate= ++num;
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout= ++num;
|
||||||
|
else if (strcmp(*argv,"-fingerprint") == 0)
|
||||||
|
fingerprint= ++num;
|
||||||
|
else if (strcmp(*argv,"-crlnumber") == 0)
|
||||||
|
crlnumber= ++num;
|
||||||
|
else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
|
||||||
|
{
|
||||||
|
/* ok */
|
||||||
|
digest=md_alg;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
for (pp=crl_usage; (*pp != NULL); pp++)
|
||||||
|
BIO_printf(bio_err,"%s",*pp);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
x=load_crl(infile,informat);
|
||||||
|
if (x == NULL) { goto end; }
|
||||||
|
|
||||||
|
if(do_ver) {
|
||||||
|
store = X509_STORE_new();
|
||||||
|
lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
|
||||||
|
if (lookup == NULL) goto end;
|
||||||
|
if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM))
|
||||||
|
X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
|
||||||
|
|
||||||
|
lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
|
||||||
|
if (lookup == NULL) goto end;
|
||||||
|
if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM))
|
||||||
|
X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
|
||||||
|
ERR_clear_error();
|
||||||
|
|
||||||
|
if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Error initialising X509 store\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
i = X509_STORE_get_by_subject(&ctx, X509_LU_X509,
|
||||||
|
X509_CRL_get_issuer(x), &xobj);
|
||||||
|
if(i <= 0) {
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Error getting CRL issuer certificate\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
pkey = X509_get_pubkey(xobj.data.x509);
|
||||||
|
X509_OBJECT_free_contents(&xobj);
|
||||||
|
if(!pkey) {
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Error getting CRL issuer public key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
i = X509_CRL_verify(x, pkey);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
if(i < 0) goto end;
|
||||||
|
if(i == 0) BIO_printf(bio_err, "verify failure\n");
|
||||||
|
else BIO_printf(bio_err, "verify OK\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (num)
|
||||||
|
{
|
||||||
|
for (i=1; i<=num; i++)
|
||||||
|
{
|
||||||
|
if (issuer == i)
|
||||||
|
{
|
||||||
|
print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
|
||||||
|
}
|
||||||
|
if (crlnumber == i)
|
||||||
|
{
|
||||||
|
ASN1_INTEGER *crlnum;
|
||||||
|
crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number,
|
||||||
|
NULL, NULL);
|
||||||
|
BIO_printf(bio_out,"crlNumber=");
|
||||||
|
if (crlnum)
|
||||||
|
{
|
||||||
|
i2a_ASN1_INTEGER(bio_out, crlnum);
|
||||||
|
ASN1_INTEGER_free(crlnum);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
BIO_puts(bio_out, "<NONE>");
|
||||||
|
BIO_printf(bio_out,"\n");
|
||||||
|
}
|
||||||
|
if (hash == i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out,"%08lx\n",
|
||||||
|
X509_NAME_hash(X509_CRL_get_issuer(x)));
|
||||||
|
}
|
||||||
|
if (lastupdate == i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out,"lastUpdate=");
|
||||||
|
ASN1_TIME_print(bio_out,
|
||||||
|
X509_CRL_get_lastUpdate(x));
|
||||||
|
BIO_printf(bio_out,"\n");
|
||||||
|
}
|
||||||
|
if (nextupdate == i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out,"nextUpdate=");
|
||||||
|
if (X509_CRL_get_nextUpdate(x))
|
||||||
|
ASN1_TIME_print(bio_out,
|
||||||
|
X509_CRL_get_nextUpdate(x));
|
||||||
|
else
|
||||||
|
BIO_printf(bio_out,"NONE");
|
||||||
|
BIO_printf(bio_out,"\n");
|
||||||
|
}
|
||||||
|
if (fingerprint == i)
|
||||||
|
{
|
||||||
|
int j;
|
||||||
|
unsigned int n;
|
||||||
|
unsigned char md[EVP_MAX_MD_SIZE];
|
||||||
|
|
||||||
|
if (!X509_CRL_digest(x,digest,md,&n))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"out of memory\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_printf(bio_out,"%s Fingerprint=",
|
||||||
|
OBJ_nid2sn(EVP_MD_type(digest)));
|
||||||
|
for (j=0; j<(int)n; j++)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out,"%02X%c",md[j],
|
||||||
|
(j+1 == (int)n)
|
||||||
|
?'\n':':');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if (out == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text) X509_CRL_print(out, x);
|
||||||
|
|
||||||
|
if (noout)
|
||||||
|
{
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=(int)i2d_X509_CRL_bio(out,x);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_X509_CRL(out,x);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
BIO_free_all(out);
|
||||||
|
BIO_free_all(bio_out);
|
||||||
|
bio_out=NULL;
|
||||||
|
X509_CRL_free(x);
|
||||||
|
if(store) {
|
||||||
|
X509_STORE_CTX_cleanup(&ctx);
|
||||||
|
X509_STORE_free(store);
|
||||||
|
}
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static X509_CRL *load_crl(char *infile, int format)
|
||||||
|
{
|
||||||
|
X509_CRL *x=NULL;
|
||||||
|
BIO *in=NULL;
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
if (in == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (format == FORMAT_ASN1)
|
||||||
|
x=d2i_X509_CRL_bio(in,NULL);
|
||||||
|
else if (format == FORMAT_PEM)
|
||||||
|
x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad input format specified for input crl\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (x == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load CRL\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
end:
|
||||||
|
BIO_free(in);
|
||||||
|
return(x);
|
||||||
|
}
|
||||||
|
|
337
jni/openssl/apps/crl2p7.c
Normal file
337
jni/openssl/apps/crl2p7.c
Normal file
@ -0,0 +1,337 @@
|
|||||||
|
/* apps/crl2p7.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
|
||||||
|
* and donated 'to the cause' along with lots and lots of other fixes to
|
||||||
|
* the library. */
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pkcs7.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/objects.h>
|
||||||
|
|
||||||
|
static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
|
||||||
|
#undef PROG
|
||||||
|
#define PROG crl2pkcs7_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (DER or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int i,badops=0;
|
||||||
|
BIO *in=NULL,*out=NULL;
|
||||||
|
int informat,outformat;
|
||||||
|
char *infile,*outfile,*prog,*certfile;
|
||||||
|
PKCS7 *p7 = NULL;
|
||||||
|
PKCS7_SIGNED *p7s = NULL;
|
||||||
|
X509_CRL *crl=NULL;
|
||||||
|
STACK_OF(OPENSSL_STRING) *certflst=NULL;
|
||||||
|
STACK_OF(X509_CRL) *crl_stack=NULL;
|
||||||
|
STACK_OF(X509) *cert_stack=NULL;
|
||||||
|
int ret=1,nocrl=0;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
infile=NULL;
|
||||||
|
outfile=NULL;
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-nocrl") == 0)
|
||||||
|
{
|
||||||
|
nocrl=1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-certfile") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
if(!certflst) certflst = sk_OPENSSL_STRING_new_null();
|
||||||
|
sk_OPENSSL_STRING_push(certflst,*(++argv));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n");
|
||||||
|
BIO_printf(bio_err," (can be used more than once)\n");
|
||||||
|
BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n");
|
||||||
|
ret = 1;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!nocrl)
|
||||||
|
{
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (informat == FORMAT_ASN1)
|
||||||
|
crl=d2i_X509_CRL_bio(in,NULL);
|
||||||
|
else if (informat == FORMAT_PEM)
|
||||||
|
crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad input format specified for input crl\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (crl == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load CRL\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((p7=PKCS7_new()) == NULL) goto end;
|
||||||
|
if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
|
||||||
|
p7->type=OBJ_nid2obj(NID_pkcs7_signed);
|
||||||
|
p7->d.sign=p7s;
|
||||||
|
p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
|
||||||
|
|
||||||
|
if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
|
||||||
|
if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end;
|
||||||
|
p7s->crl=crl_stack;
|
||||||
|
if (crl != NULL)
|
||||||
|
{
|
||||||
|
sk_X509_CRL_push(crl_stack,crl);
|
||||||
|
crl=NULL; /* now part of p7 for OPENSSL_freeing */
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((cert_stack=sk_X509_new_null()) == NULL) goto end;
|
||||||
|
p7s->cert=cert_stack;
|
||||||
|
|
||||||
|
if(certflst) for(i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
|
||||||
|
certfile = sk_OPENSSL_STRING_value(certflst, i);
|
||||||
|
if (add_certs_from_file(cert_stack,certfile) < 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "error loading certificates\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
sk_OPENSSL_STRING_free(certflst);
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=i2d_PKCS7_bio(out,p7);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_PKCS7(out,p7);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to write pkcs7 object\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (p7 != NULL) PKCS7_free(p7);
|
||||||
|
if (crl != NULL) X509_CRL_free(crl);
|
||||||
|
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
*----------------------------------------------------------------------
|
||||||
|
* int add_certs_from_file
|
||||||
|
*
|
||||||
|
* Read a list of certificates to be checked from a file.
|
||||||
|
*
|
||||||
|
* Results:
|
||||||
|
* number of certs added if successful, -1 if not.
|
||||||
|
*----------------------------------------------------------------------
|
||||||
|
*/
|
||||||
|
static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
|
||||||
|
{
|
||||||
|
BIO *in=NULL;
|
||||||
|
int count=0;
|
||||||
|
int ret= -1;
|
||||||
|
STACK_OF(X509_INFO) *sk=NULL;
|
||||||
|
X509_INFO *xi;
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"error opening the file, %s\n",certfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This loads from a file, a stack of x509/crl/pkey sets */
|
||||||
|
sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL);
|
||||||
|
if (sk == NULL) {
|
||||||
|
BIO_printf(bio_err,"error reading the file, %s\n",certfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* scan over it and pull out the CRL's */
|
||||||
|
while (sk_X509_INFO_num(sk))
|
||||||
|
{
|
||||||
|
xi=sk_X509_INFO_shift(sk);
|
||||||
|
if (xi->x509 != NULL)
|
||||||
|
{
|
||||||
|
sk_X509_push(stack,xi->x509);
|
||||||
|
xi->x509=NULL;
|
||||||
|
count++;
|
||||||
|
}
|
||||||
|
X509_INFO_free(xi);
|
||||||
|
}
|
||||||
|
|
||||||
|
ret=count;
|
||||||
|
end:
|
||||||
|
/* never need to OPENSSL_free x */
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (sk != NULL) sk_X509_INFO_free(sk);
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
|
632
jni/openssl/apps/dgst.c
Normal file
632
jni/openssl/apps/dgst.c
Normal file
@ -0,0 +1,632 @@
|
|||||||
|
/* apps/dgst.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/objects.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/hmac.h>
|
||||||
|
|
||||||
|
#undef BUFSIZE
|
||||||
|
#define BUFSIZE 1024*8
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG dgst_main
|
||||||
|
|
||||||
|
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||||
|
EVP_PKEY *key, unsigned char *sigin, int siglen,
|
||||||
|
const char *sig_name, const char *md_name,
|
||||||
|
const char *file,BIO *bmd);
|
||||||
|
|
||||||
|
static void list_md_fn(const EVP_MD *m,
|
||||||
|
const char *from, const char *to, void *arg)
|
||||||
|
{
|
||||||
|
const char *mname;
|
||||||
|
/* Skip aliases */
|
||||||
|
if (!m)
|
||||||
|
return;
|
||||||
|
mname = OBJ_nid2ln(EVP_MD_type(m));
|
||||||
|
/* Skip shortnames */
|
||||||
|
if (strcmp(from, mname))
|
||||||
|
return;
|
||||||
|
/* Skip clones */
|
||||||
|
if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST)
|
||||||
|
return;
|
||||||
|
if (strchr(mname, ' '))
|
||||||
|
mname= EVP_MD_name(m);
|
||||||
|
BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n",
|
||||||
|
mname, mname);
|
||||||
|
}
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
unsigned char *buf=NULL;
|
||||||
|
int i,err=1;
|
||||||
|
const EVP_MD *md=NULL,*m;
|
||||||
|
BIO *in=NULL,*inp;
|
||||||
|
BIO *bmd=NULL;
|
||||||
|
BIO *out = NULL;
|
||||||
|
#define PROG_NAME_SIZE 39
|
||||||
|
char pname[PROG_NAME_SIZE+1];
|
||||||
|
int separator=0;
|
||||||
|
int debug=0;
|
||||||
|
int keyform=FORMAT_PEM;
|
||||||
|
const char *outfile = NULL, *keyfile = NULL;
|
||||||
|
const char *sigfile = NULL, *randfile = NULL;
|
||||||
|
int out_bin = -1, want_pub = 0, do_verify = 0;
|
||||||
|
EVP_PKEY *sigkey = NULL;
|
||||||
|
unsigned char *sigbuf = NULL;
|
||||||
|
int siglen = 0;
|
||||||
|
char *passargin = NULL, *passin = NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
char *hmac_key=NULL;
|
||||||
|
char *mac_name=NULL;
|
||||||
|
STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"out of memory\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
/* first check the program name */
|
||||||
|
program_name(argv[0],pname,sizeof pname);
|
||||||
|
|
||||||
|
md=EVP_get_digestbyname(pname);
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc > 0)
|
||||||
|
{
|
||||||
|
if ((*argv)[0] != '-') break;
|
||||||
|
if (strcmp(*argv,"-c") == 0)
|
||||||
|
separator=1;
|
||||||
|
else if (strcmp(*argv,"-r") == 0)
|
||||||
|
separator=2;
|
||||||
|
else if (strcmp(*argv,"-rand") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
randfile=*(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
outfile=*(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-sign") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
keyfile=*(++argv);
|
||||||
|
}
|
||||||
|
else if (!strcmp(*argv,"-passin"))
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
break;
|
||||||
|
passargin=*++argv;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-verify") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
keyfile=*(++argv);
|
||||||
|
want_pub = 1;
|
||||||
|
do_verify = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-prverify") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
keyfile=*(++argv);
|
||||||
|
do_verify = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-signature") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
sigfile=*(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-keyform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
keyform=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) break;
|
||||||
|
engine= *(++argv);
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-hex") == 0)
|
||||||
|
out_bin = 0;
|
||||||
|
else if (strcmp(*argv,"-binary") == 0)
|
||||||
|
out_bin = 1;
|
||||||
|
else if (strcmp(*argv,"-d") == 0)
|
||||||
|
debug=1;
|
||||||
|
else if (!strcmp(*argv,"-hmac"))
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
break;
|
||||||
|
hmac_key=*++argv;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*argv,"-mac"))
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
break;
|
||||||
|
mac_name=*++argv;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-sigopt") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
break;
|
||||||
|
if (!sigopts)
|
||||||
|
sigopts = sk_OPENSSL_STRING_new_null();
|
||||||
|
if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-macopt") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
break;
|
||||||
|
if (!macopts)
|
||||||
|
macopts = sk_OPENSSL_STRING_new_null();
|
||||||
|
if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
|
||||||
|
md=m;
|
||||||
|
else
|
||||||
|
break;
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if(do_verify && !sigfile) {
|
||||||
|
BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option '%s'\n",*argv);
|
||||||
|
BIO_printf(bio_err,"options are\n");
|
||||||
|
BIO_printf(bio_err,"-c to output the digest with separating colons\n");
|
||||||
|
BIO_printf(bio_err,"-r to output the digest in coreutils format\n");
|
||||||
|
BIO_printf(bio_err,"-d to output debug info\n");
|
||||||
|
BIO_printf(bio_err,"-hex output as hex dump\n");
|
||||||
|
BIO_printf(bio_err,"-binary output in binary form\n");
|
||||||
|
BIO_printf(bio_err,"-sign file sign digest using private key in file\n");
|
||||||
|
BIO_printf(bio_err,"-verify file verify a signature using public key in file\n");
|
||||||
|
BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n");
|
||||||
|
BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n");
|
||||||
|
BIO_printf(bio_err,"-out filename output to filename rather than stdout\n");
|
||||||
|
BIO_printf(bio_err,"-signature file signature to verify\n");
|
||||||
|
BIO_printf(bio_err,"-sigopt nm:v signature parameter\n");
|
||||||
|
BIO_printf(bio_err,"-hmac key create hashed MAC with key\n");
|
||||||
|
BIO_printf(bio_err,"-mac algorithm create MAC (not neccessarily HMAC)\n");
|
||||||
|
BIO_printf(bio_err,"-macopt nm:v MAC algorithm parameters or key\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
EVP_MD_do_all_sorted(list_md_fn, bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
bmd=BIO_new(BIO_f_md());
|
||||||
|
if (debug)
|
||||||
|
{
|
||||||
|
BIO_set_callback(in,BIO_debug_callback);
|
||||||
|
/* needed for windows 3.1 */
|
||||||
|
BIO_set_callback_arg(in,(char *)bio_err);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((in == NULL) || (bmd == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(out_bin == -1) {
|
||||||
|
if(keyfile)
|
||||||
|
out_bin = 1;
|
||||||
|
else
|
||||||
|
out_bin = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(randfile)
|
||||||
|
app_RAND_load_file(randfile, bio_err, 0);
|
||||||
|
|
||||||
|
if(outfile) {
|
||||||
|
if(out_bin)
|
||||||
|
out = BIO_new_file(outfile, "wb");
|
||||||
|
else out = BIO_new_file(outfile, "w");
|
||||||
|
} else {
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!out) {
|
||||||
|
BIO_printf(bio_err, "Error opening output file %s\n",
|
||||||
|
outfile ? outfile : "(stdout)");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if ((!!mac_name + !!keyfile + !!hmac_key) > 1)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(keyfile)
|
||||||
|
{
|
||||||
|
if (want_pub)
|
||||||
|
sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
|
||||||
|
e, "key file");
|
||||||
|
else
|
||||||
|
sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
|
||||||
|
e, "key file");
|
||||||
|
if (!sigkey)
|
||||||
|
{
|
||||||
|
/* load_[pub]key() has already printed an appropriate
|
||||||
|
message */
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (mac_name)
|
||||||
|
{
|
||||||
|
EVP_PKEY_CTX *mac_ctx = NULL;
|
||||||
|
int r = 0;
|
||||||
|
if (!init_gen_str(bio_err, &mac_ctx, mac_name,e, 0))
|
||||||
|
goto mac_end;
|
||||||
|
if (macopts)
|
||||||
|
{
|
||||||
|
char *macopt;
|
||||||
|
for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++)
|
||||||
|
{
|
||||||
|
macopt = sk_OPENSSL_STRING_value(macopts, i);
|
||||||
|
if (pkey_ctrl_string(mac_ctx, macopt) <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"MAC parameter error \"%s\"\n",
|
||||||
|
macopt);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto mac_end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Error generating key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto mac_end;
|
||||||
|
}
|
||||||
|
r = 1;
|
||||||
|
mac_end:
|
||||||
|
if (mac_ctx)
|
||||||
|
EVP_PKEY_CTX_free(mac_ctx);
|
||||||
|
if (r == 0)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (hmac_key)
|
||||||
|
{
|
||||||
|
sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, e,
|
||||||
|
(unsigned char *)hmac_key, -1);
|
||||||
|
if (!sigkey)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (sigkey)
|
||||||
|
{
|
||||||
|
EVP_MD_CTX *mctx = NULL;
|
||||||
|
EVP_PKEY_CTX *pctx = NULL;
|
||||||
|
int r;
|
||||||
|
if (!BIO_get_md_ctx(bmd, &mctx))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting context\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (do_verify)
|
||||||
|
r = EVP_DigestVerifyInit(mctx, &pctx, md, e, sigkey);
|
||||||
|
else
|
||||||
|
r = EVP_DigestSignInit(mctx, &pctx, md, e, sigkey);
|
||||||
|
if (!r)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error setting context\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (sigopts)
|
||||||
|
{
|
||||||
|
char *sigopt;
|
||||||
|
for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++)
|
||||||
|
{
|
||||||
|
sigopt = sk_OPENSSL_STRING_value(sigopts, i);
|
||||||
|
if (pkey_ctrl_string(pctx, sigopt) <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"parameter error \"%s\"\n",
|
||||||
|
sigopt);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/* we use md as a filter, reading from 'in' */
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (md == NULL)
|
||||||
|
md = EVP_md5();
|
||||||
|
if (!BIO_set_md(bmd,md))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error setting digest %s\n", pname);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(sigfile && sigkey) {
|
||||||
|
BIO *sigbio;
|
||||||
|
sigbio = BIO_new_file(sigfile, "rb");
|
||||||
|
siglen = EVP_PKEY_size(sigkey);
|
||||||
|
sigbuf = OPENSSL_malloc(siglen);
|
||||||
|
if(!sigbio) {
|
||||||
|
BIO_printf(bio_err, "Error opening signature file %s\n",
|
||||||
|
sigfile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
siglen = BIO_read(sigbio, sigbuf, siglen);
|
||||||
|
BIO_free(sigbio);
|
||||||
|
if(siglen <= 0) {
|
||||||
|
BIO_printf(bio_err, "Error reading signature file %s\n",
|
||||||
|
sigfile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
inp=BIO_push(bmd,in);
|
||||||
|
|
||||||
|
if (md == NULL)
|
||||||
|
{
|
||||||
|
EVP_MD_CTX *tctx;
|
||||||
|
BIO_get_md_ctx(bmd, &tctx);
|
||||||
|
md = EVP_MD_CTX_md(tctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (argc == 0)
|
||||||
|
{
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
|
||||||
|
siglen,NULL,NULL,"stdin",bmd);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
const char *md_name = NULL, *sig_name = NULL;
|
||||||
|
if(!out_bin)
|
||||||
|
{
|
||||||
|
if (sigkey)
|
||||||
|
{
|
||||||
|
const EVP_PKEY_ASN1_METHOD *ameth;
|
||||||
|
ameth = EVP_PKEY_get0_asn1(sigkey);
|
||||||
|
if (ameth)
|
||||||
|
EVP_PKEY_asn1_get0_info(NULL, NULL,
|
||||||
|
NULL, NULL, &sig_name, ameth);
|
||||||
|
}
|
||||||
|
md_name = EVP_MD_name(md);
|
||||||
|
}
|
||||||
|
err = 0;
|
||||||
|
for (i=0; i<argc; i++)
|
||||||
|
{
|
||||||
|
int r;
|
||||||
|
if (BIO_read_filename(in,argv[i]) <= 0)
|
||||||
|
{
|
||||||
|
perror(argv[i]);
|
||||||
|
err++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
|
||||||
|
siglen,sig_name,md_name, argv[i],bmd);
|
||||||
|
if(r)
|
||||||
|
err=r;
|
||||||
|
(void)BIO_reset(bmd);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
end:
|
||||||
|
if (buf != NULL)
|
||||||
|
{
|
||||||
|
OPENSSL_cleanse(buf,BUFSIZE);
|
||||||
|
OPENSSL_free(buf);
|
||||||
|
}
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (passin)
|
||||||
|
OPENSSL_free(passin);
|
||||||
|
BIO_free_all(out);
|
||||||
|
EVP_PKEY_free(sigkey);
|
||||||
|
if (sigopts)
|
||||||
|
sk_OPENSSL_STRING_free(sigopts);
|
||||||
|
if (macopts)
|
||||||
|
sk_OPENSSL_STRING_free(macopts);
|
||||||
|
if(sigbuf) OPENSSL_free(sigbuf);
|
||||||
|
if (bmd != NULL) BIO_free(bmd);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||||
|
EVP_PKEY *key, unsigned char *sigin, int siglen,
|
||||||
|
const char *sig_name, const char *md_name,
|
||||||
|
const char *file,BIO *bmd)
|
||||||
|
{
|
||||||
|
size_t len;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
i=BIO_read(bp,(char *)buf,BUFSIZE);
|
||||||
|
if(i < 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Read Error in %s\n",file);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if (i == 0) break;
|
||||||
|
}
|
||||||
|
if(sigin)
|
||||||
|
{
|
||||||
|
EVP_MD_CTX *ctx;
|
||||||
|
BIO_get_md_ctx(bp, &ctx);
|
||||||
|
i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen);
|
||||||
|
if(i > 0)
|
||||||
|
BIO_printf(out, "Verified OK\n");
|
||||||
|
else if(i == 0)
|
||||||
|
{
|
||||||
|
BIO_printf(out, "Verification Failure\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error Verifying Data\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if(key)
|
||||||
|
{
|
||||||
|
EVP_MD_CTX *ctx;
|
||||||
|
BIO_get_md_ctx(bp, &ctx);
|
||||||
|
len = BUFSIZE;
|
||||||
|
if(!EVP_DigestSignFinal(ctx, buf, &len))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error Signing Data\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
len=BIO_gets(bp,(char *)buf,BUFSIZE);
|
||||||
|
if ((int)len <0)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(binout) BIO_write(out, buf, len);
|
||||||
|
else if (sep == 2)
|
||||||
|
{
|
||||||
|
for (i=0; i<(int)len; i++)
|
||||||
|
BIO_printf(out, "%02x",buf[i]);
|
||||||
|
BIO_printf(out, " *%s\n", file);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (sig_name)
|
||||||
|
BIO_printf(out, "%s-%s(%s)= ", sig_name, md_name, file);
|
||||||
|
else if (md_name)
|
||||||
|
BIO_printf(out, "%s(%s)= ", md_name, file);
|
||||||
|
else
|
||||||
|
BIO_printf(out, "(%s)= ", file);
|
||||||
|
for (i=0; i<(int)len; i++)
|
||||||
|
{
|
||||||
|
if (sep && (i != 0))
|
||||||
|
BIO_printf(out, ":");
|
||||||
|
BIO_printf(out, "%02x",buf[i]);
|
||||||
|
}
|
||||||
|
BIO_printf(out, "\n");
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
355
jni/openssl/apps/dh.c
Normal file
355
jni/openssl/apps/dh.c
Normal file
@ -0,0 +1,355 @@
|
|||||||
|
/* apps/dh.c */
|
||||||
|
/* obsoleted by dhparam.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
|
||||||
|
#ifndef OPENSSL_NO_DH
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/dh.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG dh_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (DER or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -check - check the parameters are ok
|
||||||
|
* -noout
|
||||||
|
* -text
|
||||||
|
* -C
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
DH *dh=NULL;
|
||||||
|
int i,badops=0,text=0;
|
||||||
|
BIO *in=NULL,*out=NULL;
|
||||||
|
int informat,outformat,check=0,noout=0,C=0,ret=1;
|
||||||
|
char *infile,*outfile,*prog;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
engine=NULL;
|
||||||
|
#endif
|
||||||
|
infile=NULL;
|
||||||
|
outfile=NULL;
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-check") == 0)
|
||||||
|
check=1;
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else if (strcmp(*argv,"-C") == 0)
|
||||||
|
C=1;
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - one of DER PEM\n");
|
||||||
|
BIO_printf(bio_err," -outform arg output format - one of DER PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
BIO_printf(bio_err," -check check the DH parameters\n");
|
||||||
|
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
|
||||||
|
BIO_printf(bio_err," -C Output C code\n");
|
||||||
|
BIO_printf(bio_err," -noout no output\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (informat == FORMAT_ASN1)
|
||||||
|
dh=d2i_DHparams_bio(in,NULL);
|
||||||
|
else if (informat == FORMAT_PEM)
|
||||||
|
dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad input format specified\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (dh == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load DH parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
{
|
||||||
|
DHparams_print(out,dh);
|
||||||
|
#ifdef undef
|
||||||
|
printf("p=");
|
||||||
|
BN_print(stdout,dh->p);
|
||||||
|
printf("\ng=");
|
||||||
|
BN_print(stdout,dh->g);
|
||||||
|
printf("\n");
|
||||||
|
if (dh->length != 0)
|
||||||
|
printf("recommended private length=%ld\n",dh->length);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if (check)
|
||||||
|
{
|
||||||
|
if (!DH_check(dh,&i))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (i & DH_CHECK_P_NOT_PRIME)
|
||||||
|
printf("p value is not prime\n");
|
||||||
|
if (i & DH_CHECK_P_NOT_SAFE_PRIME)
|
||||||
|
printf("p value is not a safe prime\n");
|
||||||
|
if (i & DH_UNABLE_TO_CHECK_GENERATOR)
|
||||||
|
printf("unable to check the generator value\n");
|
||||||
|
if (i & DH_NOT_SUITABLE_GENERATOR)
|
||||||
|
printf("the g value is not a generator\n");
|
||||||
|
if (i == 0)
|
||||||
|
printf("DH parameters appear to be ok.\n");
|
||||||
|
}
|
||||||
|
if (C)
|
||||||
|
{
|
||||||
|
unsigned char *data;
|
||||||
|
int len,l,bits;
|
||||||
|
|
||||||
|
len=BN_num_bytes(dh->p);
|
||||||
|
bits=BN_num_bits(dh->p);
|
||||||
|
data=(unsigned char *)OPENSSL_malloc(len);
|
||||||
|
if (data == NULL)
|
||||||
|
{
|
||||||
|
perror("OPENSSL_malloc");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
l=BN_bn2bin(dh->p,data);
|
||||||
|
printf("static unsigned char dh%d_p[]={",bits);
|
||||||
|
for (i=0; i<l; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0) printf("\n\t");
|
||||||
|
printf("0x%02X,",data[i]);
|
||||||
|
}
|
||||||
|
printf("\n\t};\n");
|
||||||
|
|
||||||
|
l=BN_bn2bin(dh->g,data);
|
||||||
|
printf("static unsigned char dh%d_g[]={",bits);
|
||||||
|
for (i=0; i<l; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0) printf("\n\t");
|
||||||
|
printf("0x%02X,",data[i]);
|
||||||
|
}
|
||||||
|
printf("\n\t};\n\n");
|
||||||
|
|
||||||
|
printf("DH *get_dh%d()\n\t{\n",bits);
|
||||||
|
printf("\tDH *dh;\n\n");
|
||||||
|
printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
|
||||||
|
printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
|
||||||
|
bits,bits);
|
||||||
|
printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
|
||||||
|
bits,bits);
|
||||||
|
printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
|
||||||
|
printf("\t\treturn(NULL);\n");
|
||||||
|
printf("\treturn(dh);\n\t}\n");
|
||||||
|
OPENSSL_free(data);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (!noout)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=i2d_DHparams_bio(out,dh);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_DHparams(out,dh);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to write DH parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (dh != NULL) DH_free(dh);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_DH */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
10
jni/openssl/apps/dh1024.pem
Normal file
10
jni/openssl/apps/dh1024.pem
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY
|
||||||
|
jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6
|
||||||
|
ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC
|
||||||
|
-----END DH PARAMETERS-----
|
||||||
|
|
||||||
|
These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols"
|
||||||
|
(http://www.skip-vpn.org/spec/numbers.html).
|
||||||
|
See there for how they were generated.
|
||||||
|
Note that g is not a generator, but this is not a problem since p is a safe prime.
|
12
jni/openssl/apps/dh2048.pem
Normal file
12
jni/openssl/apps/dh2048.pem
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV
|
||||||
|
89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50
|
||||||
|
T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb
|
||||||
|
zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX
|
||||||
|
Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT
|
||||||
|
CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg==
|
||||||
|
-----END DH PARAMETERS-----
|
||||||
|
|
||||||
|
These are the 2048 bit DH parameters from "Assigned Number for SKIP Protocols"
|
||||||
|
(http://www.skip-vpn.org/spec/numbers.html).
|
||||||
|
See there for how they were generated.
|
18
jni/openssl/apps/dh4096.pem
Normal file
18
jni/openssl/apps/dh4096.pem
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ
|
||||||
|
l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt
|
||||||
|
Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS
|
||||||
|
Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98
|
||||||
|
VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc
|
||||||
|
alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM
|
||||||
|
sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9
|
||||||
|
ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte
|
||||||
|
OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH
|
||||||
|
AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL
|
||||||
|
KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=
|
||||||
|
-----END DH PARAMETERS-----
|
||||||
|
|
||||||
|
These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols"
|
||||||
|
(http://www.skip-vpn.org/spec/numbers.html).
|
||||||
|
See there for how they were generated.
|
||||||
|
Note that g is not a generator, but this is not a problem since p is a safe prime.
|
9
jni/openssl/apps/dh512.pem
Normal file
9
jni/openssl/apps/dh512.pem
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak
|
||||||
|
XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC
|
||||||
|
-----END DH PARAMETERS-----
|
||||||
|
|
||||||
|
These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols"
|
||||||
|
(http://www.skip-vpn.org/spec/numbers.html).
|
||||||
|
See there for how they were generated.
|
||||||
|
Note that g is not a generator, but this is not a problem since p is a safe prime.
|
560
jni/openssl/apps/dhparam.c
Normal file
560
jni/openssl/apps/dhparam.c
Normal file
@ -0,0 +1,560 @@
|
|||||||
|
/* apps/dhparam.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
|
||||||
|
#ifndef OPENSSL_NO_DH
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/dh.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
#include <openssl/dsa.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG dhparam_main
|
||||||
|
|
||||||
|
#define DEFBITS 512
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (DER or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -dsaparam - read or generate DSA parameters, convert to DH
|
||||||
|
* -check - check the parameters are ok
|
||||||
|
* -noout
|
||||||
|
* -text
|
||||||
|
* -C
|
||||||
|
*/
|
||||||
|
|
||||||
|
static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
DH *dh=NULL;
|
||||||
|
int i,badops=0,text=0;
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
int dsaparam=0;
|
||||||
|
#endif
|
||||||
|
BIO *in=NULL,*out=NULL;
|
||||||
|
int informat,outformat,check=0,noout=0,C=0,ret=1;
|
||||||
|
char *infile,*outfile,*prog;
|
||||||
|
char *inrand=NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
int num = 0, g = 0;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
infile=NULL;
|
||||||
|
outfile=NULL;
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-check") == 0)
|
||||||
|
check=1;
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
else if (strcmp(*argv,"-dsaparam") == 0)
|
||||||
|
dsaparam=1;
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-C") == 0)
|
||||||
|
C=1;
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else if (strcmp(*argv,"-2") == 0)
|
||||||
|
g=2;
|
||||||
|
else if (strcmp(*argv,"-5") == 0)
|
||||||
|
g=5;
|
||||||
|
else if (strcmp(*argv,"-rand") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
inrand= *(++argv);
|
||||||
|
}
|
||||||
|
else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
|
||||||
|
goto bad;
|
||||||
|
argv++;
|
||||||
|
argc--;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] [numbits]\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - one of DER PEM\n");
|
||||||
|
BIO_printf(bio_err," -outform arg output format - one of DER PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
BIO_printf(bio_err," -dsaparam read or generate DSA parameters, convert to DH\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -check check the DH parameters\n");
|
||||||
|
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
|
||||||
|
BIO_printf(bio_err," -C Output C code\n");
|
||||||
|
BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n");
|
||||||
|
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
|
||||||
|
BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||||
|
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
|
||||||
|
BIO_printf(bio_err," the random number generator\n");
|
||||||
|
BIO_printf(bio_err," -noout no output\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (g && !num)
|
||||||
|
num = DEFBITS;
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
if (dsaparam)
|
||||||
|
{
|
||||||
|
if (g)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
/* DH parameters */
|
||||||
|
if (num && !g)
|
||||||
|
g = 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(num) {
|
||||||
|
|
||||||
|
BN_GENCB cb;
|
||||||
|
BN_GENCB_set(&cb, dh_cb, bio_err);
|
||||||
|
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
|
||||||
|
}
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
if (dsaparam)
|
||||||
|
{
|
||||||
|
DSA *dsa = DSA_new();
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
|
||||||
|
if(!dsa || !DSA_generate_parameters_ex(dsa, num,
|
||||||
|
NULL, 0, NULL, NULL, &cb))
|
||||||
|
{
|
||||||
|
if(dsa) DSA_free(dsa);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
dh = DSA_dup_DH(dsa);
|
||||||
|
DSA_free(dsa);
|
||||||
|
if (dh == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
dh = DH_new();
|
||||||
|
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
|
||||||
|
BIO_printf(bio_err,"This is going to take a long time\n");
|
||||||
|
if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
|
||||||
|
{
|
||||||
|
if(dh) DH_free(dh);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
} else {
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
if (in == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (informat != FORMAT_ASN1 && informat != FORMAT_PEM)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad input format specified\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
if (dsaparam)
|
||||||
|
{
|
||||||
|
DSA *dsa;
|
||||||
|
|
||||||
|
if (informat == FORMAT_ASN1)
|
||||||
|
dsa=d2i_DSAparams_bio(in,NULL);
|
||||||
|
else /* informat == FORMAT_PEM */
|
||||||
|
dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
|
||||||
|
|
||||||
|
if (dsa == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load DSA parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
dh = DSA_dup_DH(dsa);
|
||||||
|
DSA_free(dsa);
|
||||||
|
if (dh == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
if (informat == FORMAT_ASN1)
|
||||||
|
dh=d2i_DHparams_bio(in,NULL);
|
||||||
|
else /* informat == FORMAT_PEM */
|
||||||
|
dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
|
||||||
|
|
||||||
|
if (dh == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load DH parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* dh != NULL */
|
||||||
|
}
|
||||||
|
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if (out == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
{
|
||||||
|
DHparams_print(out,dh);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (check)
|
||||||
|
{
|
||||||
|
if (!DH_check(dh,&i))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (i & DH_CHECK_P_NOT_PRIME)
|
||||||
|
printf("p value is not prime\n");
|
||||||
|
if (i & DH_CHECK_P_NOT_SAFE_PRIME)
|
||||||
|
printf("p value is not a safe prime\n");
|
||||||
|
if (i & DH_UNABLE_TO_CHECK_GENERATOR)
|
||||||
|
printf("unable to check the generator value\n");
|
||||||
|
if (i & DH_NOT_SUITABLE_GENERATOR)
|
||||||
|
printf("the g value is not a generator\n");
|
||||||
|
if (i == 0)
|
||||||
|
printf("DH parameters appear to be ok.\n");
|
||||||
|
}
|
||||||
|
if (C)
|
||||||
|
{
|
||||||
|
unsigned char *data;
|
||||||
|
int len,l,bits;
|
||||||
|
|
||||||
|
len=BN_num_bytes(dh->p);
|
||||||
|
bits=BN_num_bits(dh->p);
|
||||||
|
data=(unsigned char *)OPENSSL_malloc(len);
|
||||||
|
if (data == NULL)
|
||||||
|
{
|
||||||
|
perror("OPENSSL_malloc");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
printf("#ifndef HEADER_DH_H\n"
|
||||||
|
"#include <openssl/dh.h>\n"
|
||||||
|
"#endif\n");
|
||||||
|
printf("DH *get_dh%d()\n\t{\n",bits);
|
||||||
|
|
||||||
|
l=BN_bn2bin(dh->p,data);
|
||||||
|
printf("\tstatic unsigned char dh%d_p[]={",bits);
|
||||||
|
for (i=0; i<l; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0) printf("\n\t\t");
|
||||||
|
printf("0x%02X,",data[i]);
|
||||||
|
}
|
||||||
|
printf("\n\t\t};\n");
|
||||||
|
|
||||||
|
l=BN_bn2bin(dh->g,data);
|
||||||
|
printf("\tstatic unsigned char dh%d_g[]={",bits);
|
||||||
|
for (i=0; i<l; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0) printf("\n\t\t");
|
||||||
|
printf("0x%02X,",data[i]);
|
||||||
|
}
|
||||||
|
printf("\n\t\t};\n");
|
||||||
|
|
||||||
|
printf("\tDH *dh;\n\n");
|
||||||
|
printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
|
||||||
|
printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
|
||||||
|
bits,bits);
|
||||||
|
printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
|
||||||
|
bits,bits);
|
||||||
|
printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
|
||||||
|
printf("\t\t{ DH_free(dh); return(NULL); }\n");
|
||||||
|
if (dh->length)
|
||||||
|
printf("\tdh->length = %ld;\n", dh->length);
|
||||||
|
printf("\treturn(dh);\n\t}\n");
|
||||||
|
OPENSSL_free(data);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (!noout)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=i2d_DHparams_bio(out,dh);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_DHparams(out,dh);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to write DH parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (dh != NULL) DH_free(dh);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
|
||||||
|
static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
|
||||||
|
{
|
||||||
|
char c='*';
|
||||||
|
|
||||||
|
if (p == 0) c='.';
|
||||||
|
if (p == 1) c='+';
|
||||||
|
if (p == 2) c='*';
|
||||||
|
if (p == 3) c='\n';
|
||||||
|
BIO_write(cb->arg,&c,1);
|
||||||
|
(void)BIO_flush(cb->arg);
|
||||||
|
#ifdef LINT
|
||||||
|
p=n;
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#else /* !OPENSSL_NO_DH */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
40
jni/openssl/apps/dsa-ca.pem
Normal file
40
jni/openssl/apps/dsa-ca.pem
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
|
||||||
|
PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
|
||||||
|
u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
|
||||||
|
Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
|
||||||
|
hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
|
||||||
|
SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
|
||||||
|
Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4
|
||||||
|
94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T
|
||||||
|
tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77
|
||||||
|
J6zsFbSEHaQGUmfSeoM=
|
||||||
|
-----END DSA PRIVATE KEY-----
|
||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
|
||||||
|
ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
|
||||||
|
ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
|
||||||
|
sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
|
||||||
|
rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
|
||||||
|
cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
|
||||||
|
bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
|
||||||
|
CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
|
||||||
|
F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
|
||||||
|
vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
|
||||||
|
AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
|
||||||
|
3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
|
||||||
|
AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
|
||||||
|
U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
|
||||||
|
CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
|
||||||
|
CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
|
||||||
|
ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
|
||||||
|
AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
|
||||||
|
ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
|
||||||
|
MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
|
||||||
|
MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
|
||||||
|
C1Q=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
46
jni/openssl/apps/dsa-pca.pem
Normal file
46
jni/openssl/apps/dsa-pca.pem
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
-----BEGIN DSA PRIVATE KEY-----
|
||||||
|
MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
|
||||||
|
PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
|
||||||
|
u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
|
||||||
|
Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
|
||||||
|
hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
|
||||||
|
SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
|
||||||
|
Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
|
||||||
|
umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
|
||||||
|
29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz
|
||||||
|
6TicfImU7UFRn9h00j0lJQ==
|
||||||
|
-----END DSA PRIVATE KEY-----
|
||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
|
||||||
|
ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
|
||||||
|
MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
|
||||||
|
lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
|
||||||
|
Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
|
||||||
|
5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
|
||||||
|
aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
|
||||||
|
kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
|
||||||
|
QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
|
||||||
|
6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
|
||||||
|
yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
|
||||||
|
z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
|
||||||
|
nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
|
||||||
|
U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
|
||||||
|
CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
|
||||||
|
CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
|
||||||
|
ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
|
||||||
|
ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
|
||||||
|
R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
|
||||||
|
JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
|
||||||
|
BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
|
||||||
|
mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
|
||||||
|
VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
|
||||||
|
uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
|
||||||
|
umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
|
||||||
|
29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
|
||||||
|
AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
|
||||||
|
5rKUjNBhSg==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
376
jni/openssl/apps/dsa.c
Normal file
376
jni/openssl/apps/dsa.c
Normal file
@ -0,0 +1,376 @@
|
|||||||
|
/* apps/dsa.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/dsa.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG dsa_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -des - encrypt output if PEM format with DES in cbc mode
|
||||||
|
* -des3 - encrypt output if PEM format
|
||||||
|
* -idea - encrypt output if PEM format
|
||||||
|
* -aes128 - encrypt output if PEM format
|
||||||
|
* -aes192 - encrypt output if PEM format
|
||||||
|
* -aes256 - encrypt output if PEM format
|
||||||
|
* -camellia128 - encrypt output if PEM format
|
||||||
|
* -camellia192 - encrypt output if PEM format
|
||||||
|
* -camellia256 - encrypt output if PEM format
|
||||||
|
* -seed - encrypt output if PEM format
|
||||||
|
* -text - print a text version
|
||||||
|
* -modulus - print the DSA public key
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
int ret=1;
|
||||||
|
DSA *dsa=NULL;
|
||||||
|
int i,badops=0;
|
||||||
|
const EVP_CIPHER *enc=NULL;
|
||||||
|
BIO *in=NULL,*out=NULL;
|
||||||
|
int informat,outformat,text=0,noout=0;
|
||||||
|
int pubin = 0, pubout = 0;
|
||||||
|
char *infile,*outfile,*prog;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine;
|
||||||
|
#endif
|
||||||
|
char *passargin = NULL, *passargout = NULL;
|
||||||
|
char *passin = NULL, *passout = NULL;
|
||||||
|
int modulus=0;
|
||||||
|
|
||||||
|
int pvk_encr = 2;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
engine=NULL;
|
||||||
|
#endif
|
||||||
|
infile=NULL;
|
||||||
|
outfile=NULL;
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passin") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargin= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passout") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargout= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-pvk-strong") == 0)
|
||||||
|
pvk_encr=2;
|
||||||
|
else if (strcmp(*argv,"-pvk-weak") == 0)
|
||||||
|
pvk_encr=1;
|
||||||
|
else if (strcmp(*argv,"-pvk-none") == 0)
|
||||||
|
pvk_encr=0;
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else if (strcmp(*argv,"-modulus") == 0)
|
||||||
|
modulus=1;
|
||||||
|
else if (strcmp(*argv,"-pubin") == 0)
|
||||||
|
pubin=1;
|
||||||
|
else if (strcmp(*argv,"-pubout") == 0)
|
||||||
|
pubout=1;
|
||||||
|
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
|
||||||
|
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -text print the key in text\n");
|
||||||
|
BIO_printf(bio_err," -noout don't print key out\n");
|
||||||
|
BIO_printf(bio_err," -modulus print the DSA public value\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
|
||||||
|
BIO_printf(bio_err, "Error getting passwords\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"read DSA key\n");
|
||||||
|
|
||||||
|
{
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
|
||||||
|
if (pubin)
|
||||||
|
pkey = load_pubkey(bio_err, infile, informat, 1,
|
||||||
|
passin, e, "Public Key");
|
||||||
|
else
|
||||||
|
pkey = load_key(bio_err, infile, informat, 1,
|
||||||
|
passin, e, "Private Key");
|
||||||
|
|
||||||
|
if (pkey)
|
||||||
|
{
|
||||||
|
dsa = EVP_PKEY_get1_DSA(pkey);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (dsa == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load Key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
if (!DSA_print(out,dsa,0))
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (modulus)
|
||||||
|
{
|
||||||
|
fprintf(stdout,"Public Key=");
|
||||||
|
BN_print(out,dsa->pub_key);
|
||||||
|
fprintf(stdout,"\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (noout) goto end;
|
||||||
|
BIO_printf(bio_err,"writing DSA key\n");
|
||||||
|
if (outformat == FORMAT_ASN1) {
|
||||||
|
if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa);
|
||||||
|
else i=i2d_DSAPrivateKey_bio(out,dsa);
|
||||||
|
} else if (outformat == FORMAT_PEM) {
|
||||||
|
if(pubin || pubout)
|
||||||
|
i=PEM_write_bio_DSA_PUBKEY(out,dsa);
|
||||||
|
else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
|
||||||
|
NULL,0,NULL, passout);
|
||||||
|
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
|
||||||
|
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
|
||||||
|
EVP_PKEY *pk;
|
||||||
|
pk = EVP_PKEY_new();
|
||||||
|
EVP_PKEY_set1_DSA(pk, dsa);
|
||||||
|
if (outformat == FORMAT_PVK)
|
||||||
|
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
|
||||||
|
else if (pubin || pubout)
|
||||||
|
i = i2b_PublicKey_bio(out, pk);
|
||||||
|
else
|
||||||
|
i = i2b_PrivateKey_bio(out, pk);
|
||||||
|
EVP_PKEY_free(pk);
|
||||||
|
#endif
|
||||||
|
} else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (i <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to write private key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if(in != NULL) BIO_free(in);
|
||||||
|
if(out != NULL) BIO_free_all(out);
|
||||||
|
if(dsa != NULL) DSA_free(dsa);
|
||||||
|
if(passin) OPENSSL_free(passin);
|
||||||
|
if(passout) OPENSSL_free(passout);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_DSA */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
9
jni/openssl/apps/dsa1024.pem
Normal file
9
jni/openssl/apps/dsa1024.pem
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
-----BEGIN DSA PARAMETERS-----
|
||||||
|
MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx
|
||||||
|
mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us
|
||||||
|
OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36
|
||||||
|
bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8
|
||||||
|
3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH
|
||||||
|
zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O
|
||||||
|
Arg=
|
||||||
|
-----END DSA PARAMETERS-----
|
6
jni/openssl/apps/dsa512.pem
Normal file
6
jni/openssl/apps/dsa512.pem
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
-----BEGIN DSA PARAMETERS-----
|
||||||
|
MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97
|
||||||
|
TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA
|
||||||
|
gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO
|
||||||
|
L8wka5B33qJoplISogOdIA==
|
||||||
|
-----END DSA PARAMETERS-----
|
6
jni/openssl/apps/dsap.pem
Normal file
6
jni/openssl/apps/dsap.pem
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
-----BEGIN DSA PARAMETERS-----
|
||||||
|
MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
|
||||||
|
GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
|
||||||
|
t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
|
||||||
|
ADiRffvSdhrNw5dkqdql
|
||||||
|
-----END DSA PARAMETERS-----
|
479
jni/openssl/apps/dsaparam.c
Normal file
479
jni/openssl/apps/dsaparam.c
Normal file
@ -0,0 +1,479 @@
|
|||||||
|
/* apps/dsaparam.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
|
||||||
|
/* Until the key-gen callbacks are modified to use newer prototypes, we allow
|
||||||
|
* deprecated functions for openssl-internal code */
|
||||||
|
#ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
#undef OPENSSL_NO_DEPRECATED
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
#include <assert.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/dsa.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG dsaparam_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (DER or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -noout
|
||||||
|
* -text
|
||||||
|
* -C
|
||||||
|
* -noout
|
||||||
|
* -genkey
|
||||||
|
* #ifdef GENCB_TEST
|
||||||
|
* -timebomb n - interrupt keygen after <n> seconds
|
||||||
|
* #endif
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifdef GENCB_TEST
|
||||||
|
|
||||||
|
static int stop_keygen_flag = 0;
|
||||||
|
|
||||||
|
static void timebomb_sigalarm(int foo)
|
||||||
|
{
|
||||||
|
stop_keygen_flag = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
DSA *dsa=NULL;
|
||||||
|
int i,badops=0,text=0;
|
||||||
|
BIO *in=NULL,*out=NULL;
|
||||||
|
int informat,outformat,noout=0,C=0,ret=1;
|
||||||
|
char *infile,*outfile,*prog,*inrand=NULL;
|
||||||
|
int numbits= -1,num,genkey=0;
|
||||||
|
int need_rand=0;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
#ifdef GENCB_TEST
|
||||||
|
int timebomb=0;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
infile=NULL;
|
||||||
|
outfile=NULL;
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if(strcmp(*argv, "-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine = *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#ifdef GENCB_TEST
|
||||||
|
else if(strcmp(*argv, "-timebomb") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
timebomb = atoi(*(++argv));
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else if (strcmp(*argv,"-C") == 0)
|
||||||
|
C=1;
|
||||||
|
else if (strcmp(*argv,"-genkey") == 0)
|
||||||
|
{
|
||||||
|
genkey=1;
|
||||||
|
need_rand=1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-rand") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
inrand= *(++argv);
|
||||||
|
need_rand=1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else if (sscanf(*argv,"%d",&num) == 1)
|
||||||
|
{
|
||||||
|
/* generate a key */
|
||||||
|
numbits=num;
|
||||||
|
need_rand=1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
BIO_printf(bio_err," -text print as text\n");
|
||||||
|
BIO_printf(bio_err," -C Output C code\n");
|
||||||
|
BIO_printf(bio_err," -noout no output\n");
|
||||||
|
BIO_printf(bio_err," -genkey generate a DSA key\n");
|
||||||
|
BIO_printf(bio_err," -rand files to use for random number input\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
#ifdef GENCB_TEST
|
||||||
|
BIO_printf(bio_err," -timebomb n interrupt keygen after <n> seconds\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," number number of bits to use for generating private key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (need_rand)
|
||||||
|
{
|
||||||
|
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (numbits > 0)
|
||||||
|
{
|
||||||
|
BN_GENCB cb;
|
||||||
|
BN_GENCB_set(&cb, dsa_cb, bio_err);
|
||||||
|
assert(need_rand);
|
||||||
|
dsa = DSA_new();
|
||||||
|
if(!dsa)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Error allocating DSA object\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
|
||||||
|
BIO_printf(bio_err,"This could take some time\n");
|
||||||
|
#ifdef GENCB_TEST
|
||||||
|
if(timebomb > 0)
|
||||||
|
{
|
||||||
|
struct sigaction act;
|
||||||
|
act.sa_handler = timebomb_sigalarm;
|
||||||
|
act.sa_flags = 0;
|
||||||
|
BIO_printf(bio_err,"(though I'll stop it if not done within %d secs)\n",
|
||||||
|
timebomb);
|
||||||
|
if(sigaction(SIGALRM, &act, NULL) != 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Error, couldn't set SIGALRM handler\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
alarm(timebomb);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb))
|
||||||
|
{
|
||||||
|
#ifdef GENCB_TEST
|
||||||
|
if(stop_keygen_flag)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"DSA key generation time-stopped\n");
|
||||||
|
/* This is an asked-for behaviour! */
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err,"Error, DSA key generation failed\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (informat == FORMAT_ASN1)
|
||||||
|
dsa=d2i_DSAparams_bio(in,NULL);
|
||||||
|
else if (informat == FORMAT_PEM)
|
||||||
|
dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad input format specified\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (dsa == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load DSA parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
{
|
||||||
|
DSAparams_print(out,dsa);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (C)
|
||||||
|
{
|
||||||
|
unsigned char *data;
|
||||||
|
int l,len,bits_p;
|
||||||
|
|
||||||
|
len=BN_num_bytes(dsa->p);
|
||||||
|
bits_p=BN_num_bits(dsa->p);
|
||||||
|
data=(unsigned char *)OPENSSL_malloc(len+20);
|
||||||
|
if (data == NULL)
|
||||||
|
{
|
||||||
|
perror("OPENSSL_malloc");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
l=BN_bn2bin(dsa->p,data);
|
||||||
|
printf("static unsigned char dsa%d_p[]={",bits_p);
|
||||||
|
for (i=0; i<l; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0) printf("\n\t");
|
||||||
|
printf("0x%02X,",data[i]);
|
||||||
|
}
|
||||||
|
printf("\n\t};\n");
|
||||||
|
|
||||||
|
l=BN_bn2bin(dsa->q,data);
|
||||||
|
printf("static unsigned char dsa%d_q[]={",bits_p);
|
||||||
|
for (i=0; i<l; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0) printf("\n\t");
|
||||||
|
printf("0x%02X,",data[i]);
|
||||||
|
}
|
||||||
|
printf("\n\t};\n");
|
||||||
|
|
||||||
|
l=BN_bn2bin(dsa->g,data);
|
||||||
|
printf("static unsigned char dsa%d_g[]={",bits_p);
|
||||||
|
for (i=0; i<l; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0) printf("\n\t");
|
||||||
|
printf("0x%02X,",data[i]);
|
||||||
|
}
|
||||||
|
printf("\n\t};\n\n");
|
||||||
|
|
||||||
|
printf("DSA *get_dsa%d()\n\t{\n",bits_p);
|
||||||
|
printf("\tDSA *dsa;\n\n");
|
||||||
|
printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
|
||||||
|
printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
|
||||||
|
bits_p,bits_p);
|
||||||
|
printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
|
||||||
|
bits_p,bits_p);
|
||||||
|
printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
|
||||||
|
bits_p,bits_p);
|
||||||
|
printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
|
||||||
|
printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
|
||||||
|
printf("\treturn(dsa);\n\t}\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (!noout)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=i2d_DSAparams_bio(out,dsa);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_DSAparams(out,dsa);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to write DSA parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (genkey)
|
||||||
|
{
|
||||||
|
DSA *dsakey;
|
||||||
|
|
||||||
|
assert(need_rand);
|
||||||
|
if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
|
||||||
|
if (!DSA_generate_key(dsakey)) goto end;
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=i2d_DSAPrivateKey_bio(out,dsakey);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
DSA_free(dsakey);
|
||||||
|
}
|
||||||
|
if (need_rand)
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (dsa != NULL) DSA_free(dsa);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb)
|
||||||
|
{
|
||||||
|
char c='*';
|
||||||
|
|
||||||
|
if (p == 0) c='.';
|
||||||
|
if (p == 1) c='+';
|
||||||
|
if (p == 2) c='*';
|
||||||
|
if (p == 3) c='\n';
|
||||||
|
BIO_write(cb->arg,&c,1);
|
||||||
|
(void)BIO_flush(cb->arg);
|
||||||
|
#ifdef LINT
|
||||||
|
p=n;
|
||||||
|
#endif
|
||||||
|
#ifdef GENCB_TEST
|
||||||
|
if(stop_keygen_flag)
|
||||||
|
return 0;
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_DSA */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
406
jni/openssl/apps/ec.c
Normal file
406
jni/openssl/apps/ec.c
Normal file
@ -0,0 +1,406 @@
|
|||||||
|
/* apps/ec.c */
|
||||||
|
/*
|
||||||
|
* Written by Nils Larsch for the OpenSSL project.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
#ifndef OPENSSL_NO_EC
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG ec_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -des - encrypt output if PEM format with DES in cbc mode
|
||||||
|
* -text - print a text version
|
||||||
|
* -param_out - print the elliptic curve parameters
|
||||||
|
* -conv_form arg - specifies the point encoding form
|
||||||
|
* -param_enc arg - specifies the parameter encoding
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int ret = 1;
|
||||||
|
EC_KEY *eckey = NULL;
|
||||||
|
const EC_GROUP *group;
|
||||||
|
int i, badops = 0;
|
||||||
|
const EVP_CIPHER *enc = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
int informat, outformat, text=0, noout=0;
|
||||||
|
int pubin = 0, pubout = 0, param_out = 0;
|
||||||
|
char *infile, *outfile, *prog, *engine;
|
||||||
|
char *passargin = NULL, *passargout = NULL;
|
||||||
|
char *passin = NULL, *passout = NULL;
|
||||||
|
point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
|
||||||
|
int new_form = 0;
|
||||||
|
int asn1_flag = OPENSSL_EC_NAMED_CURVE;
|
||||||
|
int new_asn1_flag = 0;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
engine = NULL;
|
||||||
|
infile = NULL;
|
||||||
|
outfile = NULL;
|
||||||
|
informat = FORMAT_PEM;
|
||||||
|
outformat = FORMAT_PEM;
|
||||||
|
|
||||||
|
prog = argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passin") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargin= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passout") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargout= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-noout") == 0)
|
||||||
|
noout = 1;
|
||||||
|
else if (strcmp(*argv, "-text") == 0)
|
||||||
|
text = 1;
|
||||||
|
else if (strcmp(*argv, "-conv_form") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
goto bad;
|
||||||
|
++argv;
|
||||||
|
new_form = 1;
|
||||||
|
if (strcmp(*argv, "compressed") == 0)
|
||||||
|
form = POINT_CONVERSION_COMPRESSED;
|
||||||
|
else if (strcmp(*argv, "uncompressed") == 0)
|
||||||
|
form = POINT_CONVERSION_UNCOMPRESSED;
|
||||||
|
else if (strcmp(*argv, "hybrid") == 0)
|
||||||
|
form = POINT_CONVERSION_HYBRID;
|
||||||
|
else
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-param_enc") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
goto bad;
|
||||||
|
++argv;
|
||||||
|
new_asn1_flag = 1;
|
||||||
|
if (strcmp(*argv, "named_curve") == 0)
|
||||||
|
asn1_flag = OPENSSL_EC_NAMED_CURVE;
|
||||||
|
else if (strcmp(*argv, "explicit") == 0)
|
||||||
|
asn1_flag = 0;
|
||||||
|
else
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-param_out") == 0)
|
||||||
|
param_out = 1;
|
||||||
|
else if (strcmp(*argv, "-pubin") == 0)
|
||||||
|
pubin=1;
|
||||||
|
else if (strcmp(*argv, "-pubout") == 0)
|
||||||
|
pubout=1;
|
||||||
|
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "unknown option %s\n", *argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
|
||||||
|
BIO_printf(bio_err, "where options are\n");
|
||||||
|
BIO_printf(bio_err, " -inform arg input format - "
|
||||||
|
"DER or PEM\n");
|
||||||
|
BIO_printf(bio_err, " -outform arg output format - "
|
||||||
|
"DER or PEM\n");
|
||||||
|
BIO_printf(bio_err, " -in arg input file\n");
|
||||||
|
BIO_printf(bio_err, " -passin arg input file pass "
|
||||||
|
"phrase source\n");
|
||||||
|
BIO_printf(bio_err, " -out arg output file\n");
|
||||||
|
BIO_printf(bio_err, " -passout arg output file pass "
|
||||||
|
"phrase source\n");
|
||||||
|
BIO_printf(bio_err, " -engine e use engine e, "
|
||||||
|
"possibly a hardware device.\n");
|
||||||
|
BIO_printf(bio_err, " -des encrypt PEM output, "
|
||||||
|
"instead of 'des' every other \n"
|
||||||
|
" cipher "
|
||||||
|
"supported by OpenSSL can be used\n");
|
||||||
|
BIO_printf(bio_err, " -text print the key\n");
|
||||||
|
BIO_printf(bio_err, " -noout don't print key out\n");
|
||||||
|
BIO_printf(bio_err, " -param_out print the elliptic "
|
||||||
|
"curve parameters\n");
|
||||||
|
BIO_printf(bio_err, " -conv_form arg specifies the "
|
||||||
|
"point conversion form \n");
|
||||||
|
BIO_printf(bio_err, " possible values:"
|
||||||
|
" compressed\n");
|
||||||
|
BIO_printf(bio_err, " "
|
||||||
|
" uncompressed (default)\n");
|
||||||
|
BIO_printf(bio_err, " "
|
||||||
|
" hybrid\n");
|
||||||
|
BIO_printf(bio_err, " -param_enc arg specifies the way"
|
||||||
|
" the ec parameters are encoded\n");
|
||||||
|
BIO_printf(bio_err, " in the asn1 der "
|
||||||
|
"encoding\n");
|
||||||
|
BIO_printf(bio_err, " possible values:"
|
||||||
|
" named_curve (default)\n");
|
||||||
|
BIO_printf(bio_err," "
|
||||||
|
"explicit\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting passwords\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
in = BIO_new(BIO_s_file());
|
||||||
|
out = BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in, stdin, BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in, infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
BIO_printf(bio_err, "read EC key\n");
|
||||||
|
if (informat == FORMAT_ASN1)
|
||||||
|
{
|
||||||
|
if (pubin)
|
||||||
|
eckey = d2i_EC_PUBKEY_bio(in, NULL);
|
||||||
|
else
|
||||||
|
eckey = d2i_ECPrivateKey_bio(in, NULL);
|
||||||
|
}
|
||||||
|
else if (informat == FORMAT_PEM)
|
||||||
|
{
|
||||||
|
if (pubin)
|
||||||
|
eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL,
|
||||||
|
NULL);
|
||||||
|
else
|
||||||
|
eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL,
|
||||||
|
passin);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "bad input format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (eckey == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load Key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out, stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out, outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
group = EC_KEY_get0_group(eckey);
|
||||||
|
|
||||||
|
if (new_form)
|
||||||
|
EC_KEY_set_conv_form(eckey, form);
|
||||||
|
|
||||||
|
if (new_asn1_flag)
|
||||||
|
EC_KEY_set_asn1_flag(eckey, asn1_flag);
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
if (!EC_KEY_print(out, eckey, 0))
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (noout)
|
||||||
|
{
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
BIO_printf(bio_err, "writing EC key\n");
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
{
|
||||||
|
if (param_out)
|
||||||
|
i = i2d_ECPKParameters_bio(out, group);
|
||||||
|
else if (pubin || pubout)
|
||||||
|
i = i2d_EC_PUBKEY_bio(out, eckey);
|
||||||
|
else
|
||||||
|
i = i2d_ECPrivateKey_bio(out, eckey);
|
||||||
|
}
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
{
|
||||||
|
if (param_out)
|
||||||
|
i = PEM_write_bio_ECPKParameters(out, group);
|
||||||
|
else if (pubin || pubout)
|
||||||
|
i = PEM_write_bio_EC_PUBKEY(out, eckey);
|
||||||
|
else
|
||||||
|
i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
|
||||||
|
NULL, 0, NULL, passout);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "bad output format specified for "
|
||||||
|
"outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "unable to write private key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (in)
|
||||||
|
BIO_free(in);
|
||||||
|
if (out)
|
||||||
|
BIO_free_all(out);
|
||||||
|
if (eckey)
|
||||||
|
EC_KEY_free(eckey);
|
||||||
|
if (passin)
|
||||||
|
OPENSSL_free(passin);
|
||||||
|
if (passout)
|
||||||
|
OPENSSL_free(passout);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_EC */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
731
jni/openssl/apps/ecparam.c
Normal file
731
jni/openssl/apps/ecparam.c
Normal file
@ -0,0 +1,731 @@
|
|||||||
|
/* apps/ecparam.c */
|
||||||
|
/*
|
||||||
|
* Written by Nils Larsch for the OpenSSL project.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
*
|
||||||
|
* Portions of the attached software ("Contribution") are developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
|
||||||
|
*
|
||||||
|
* The Contribution is licensed pursuant to the OpenSSL open source
|
||||||
|
* license provided above.
|
||||||
|
*
|
||||||
|
* The elliptic curve binary polynomial software is originally written by
|
||||||
|
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
#ifndef OPENSSL_NO_EC
|
||||||
|
#include <assert.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/ec.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG ecparam_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (DER or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -noout - do not print the ec parameter
|
||||||
|
* -text - print the ec parameters in text form
|
||||||
|
* -check - validate the ec parameters
|
||||||
|
* -C - print a 'C' function creating the parameters
|
||||||
|
* -name arg - use the ec parameters with 'short name' name
|
||||||
|
* -list_curves - prints a list of all currently available curve 'short names'
|
||||||
|
* -conv_form arg - specifies the point conversion form
|
||||||
|
* - possible values: compressed
|
||||||
|
* uncompressed (default)
|
||||||
|
* hybrid
|
||||||
|
* -param_enc arg - specifies the way the ec parameters are encoded
|
||||||
|
* in the asn1 der encoding
|
||||||
|
* possible values: named_curve (default)
|
||||||
|
* explicit
|
||||||
|
* -no_seed - if 'explicit' parameters are choosen do not use the seed
|
||||||
|
* -genkey - generate ec key
|
||||||
|
* -rand file - files to use for random number input
|
||||||
|
* -engine e - use engine e, possibly a hardware device
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
static int ecparam_print_var(BIO *,BIGNUM *,const char *,int,unsigned char *);
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
EC_GROUP *group = NULL;
|
||||||
|
point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
|
||||||
|
int new_form = 0;
|
||||||
|
int asn1_flag = OPENSSL_EC_NAMED_CURVE;
|
||||||
|
int new_asn1_flag = 0;
|
||||||
|
char *curve_name = NULL, *inrand = NULL;
|
||||||
|
int list_curves = 0, no_seed = 0, check = 0,
|
||||||
|
badops = 0, text = 0, i, need_rand = 0, genkey = 0;
|
||||||
|
char *infile = NULL, *outfile = NULL, *prog;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
int informat, outformat, noout = 0, C = 0, ret = 1;
|
||||||
|
char *engine = NULL;
|
||||||
|
|
||||||
|
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
|
||||||
|
*ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL;
|
||||||
|
unsigned char *buffer = NULL;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text = 1;
|
||||||
|
else if (strcmp(*argv,"-C") == 0)
|
||||||
|
C = 1;
|
||||||
|
else if (strcmp(*argv,"-check") == 0)
|
||||||
|
check = 1;
|
||||||
|
else if (strcmp (*argv, "-name") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
goto bad;
|
||||||
|
curve_name = *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-list_curves") == 0)
|
||||||
|
list_curves = 1;
|
||||||
|
else if (strcmp(*argv, "-conv_form") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
goto bad;
|
||||||
|
++argv;
|
||||||
|
new_form = 1;
|
||||||
|
if (strcmp(*argv, "compressed") == 0)
|
||||||
|
form = POINT_CONVERSION_COMPRESSED;
|
||||||
|
else if (strcmp(*argv, "uncompressed") == 0)
|
||||||
|
form = POINT_CONVERSION_UNCOMPRESSED;
|
||||||
|
else if (strcmp(*argv, "hybrid") == 0)
|
||||||
|
form = POINT_CONVERSION_HYBRID;
|
||||||
|
else
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-param_enc") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
goto bad;
|
||||||
|
++argv;
|
||||||
|
new_asn1_flag = 1;
|
||||||
|
if (strcmp(*argv, "named_curve") == 0)
|
||||||
|
asn1_flag = OPENSSL_EC_NAMED_CURVE;
|
||||||
|
else if (strcmp(*argv, "explicit") == 0)
|
||||||
|
asn1_flag = 0;
|
||||||
|
else
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-no_seed") == 0)
|
||||||
|
no_seed = 1;
|
||||||
|
else if (strcmp(*argv, "-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else if (strcmp(*argv,"-genkey") == 0)
|
||||||
|
{
|
||||||
|
genkey=1;
|
||||||
|
need_rand=1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv, "-rand") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
inrand= *(++argv);
|
||||||
|
need_rand=1;
|
||||||
|
}
|
||||||
|
else if(strcmp(*argv, "-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine = *(++argv);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog);
|
||||||
|
BIO_printf(bio_err, "where options are\n");
|
||||||
|
BIO_printf(bio_err, " -inform arg input format - "
|
||||||
|
"default PEM (DER or PEM)\n");
|
||||||
|
BIO_printf(bio_err, " -outform arg output format - "
|
||||||
|
"default PEM\n");
|
||||||
|
BIO_printf(bio_err, " -in arg input file - "
|
||||||
|
"default stdin\n");
|
||||||
|
BIO_printf(bio_err, " -out arg output file - "
|
||||||
|
"default stdout\n");
|
||||||
|
BIO_printf(bio_err, " -noout do not print the "
|
||||||
|
"ec parameter\n");
|
||||||
|
BIO_printf(bio_err, " -text print the ec "
|
||||||
|
"parameters in text form\n");
|
||||||
|
BIO_printf(bio_err, " -check validate the ec "
|
||||||
|
"parameters\n");
|
||||||
|
BIO_printf(bio_err, " -C print a 'C' "
|
||||||
|
"function creating the parameters\n");
|
||||||
|
BIO_printf(bio_err, " -name arg use the "
|
||||||
|
"ec parameters with 'short name' name\n");
|
||||||
|
BIO_printf(bio_err, " -list_curves prints a list of "
|
||||||
|
"all currently available curve 'short names'\n");
|
||||||
|
BIO_printf(bio_err, " -conv_form arg specifies the "
|
||||||
|
"point conversion form \n");
|
||||||
|
BIO_printf(bio_err, " possible values:"
|
||||||
|
" compressed\n");
|
||||||
|
BIO_printf(bio_err, " "
|
||||||
|
" uncompressed (default)\n");
|
||||||
|
BIO_printf(bio_err, " "
|
||||||
|
" hybrid\n");
|
||||||
|
BIO_printf(bio_err, " -param_enc arg specifies the way"
|
||||||
|
" the ec parameters are encoded\n");
|
||||||
|
BIO_printf(bio_err, " in the asn1 der "
|
||||||
|
"encoding\n");
|
||||||
|
BIO_printf(bio_err, " possible values:"
|
||||||
|
" named_curve (default)\n");
|
||||||
|
BIO_printf(bio_err, " "
|
||||||
|
" explicit\n");
|
||||||
|
BIO_printf(bio_err, " -no_seed if 'explicit'"
|
||||||
|
" parameters are choosen do not"
|
||||||
|
" use the seed\n");
|
||||||
|
BIO_printf(bio_err, " -genkey generate ec"
|
||||||
|
" key\n");
|
||||||
|
BIO_printf(bio_err, " -rand file files to use for"
|
||||||
|
" random number input\n");
|
||||||
|
BIO_printf(bio_err, " -engine e use engine e, "
|
||||||
|
"possibly a hardware device\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (list_curves)
|
||||||
|
{
|
||||||
|
EC_builtin_curve *curves = NULL;
|
||||||
|
size_t crv_len = 0;
|
||||||
|
size_t n = 0;
|
||||||
|
|
||||||
|
crv_len = EC_get_builtin_curves(NULL, 0);
|
||||||
|
|
||||||
|
curves = OPENSSL_malloc((int)(sizeof(EC_builtin_curve) * crv_len));
|
||||||
|
|
||||||
|
if (curves == NULL)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (!EC_get_builtin_curves(curves, crv_len))
|
||||||
|
{
|
||||||
|
OPENSSL_free(curves);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
for (n = 0; n < crv_len; n++)
|
||||||
|
{
|
||||||
|
const char *comment;
|
||||||
|
const char *sname;
|
||||||
|
comment = curves[n].comment;
|
||||||
|
sname = OBJ_nid2sn(curves[n].nid);
|
||||||
|
if (comment == NULL)
|
||||||
|
comment = "CURVE DESCRIPTION NOT AVAILABLE";
|
||||||
|
if (sname == NULL)
|
||||||
|
sname = "";
|
||||||
|
|
||||||
|
BIO_printf(out, " %-10s: ", sname);
|
||||||
|
BIO_printf(out, "%s\n", comment);
|
||||||
|
}
|
||||||
|
|
||||||
|
OPENSSL_free(curves);
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (curve_name != NULL)
|
||||||
|
{
|
||||||
|
int nid;
|
||||||
|
|
||||||
|
/* workaround for the SECG curve names secp192r1
|
||||||
|
* and secp256r1 (which are the same as the curves
|
||||||
|
* prime192v1 and prime256v1 defined in X9.62)
|
||||||
|
*/
|
||||||
|
if (!strcmp(curve_name, "secp192r1"))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "using curve name prime192v1 "
|
||||||
|
"instead of secp192r1\n");
|
||||||
|
nid = NID_X9_62_prime192v1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(curve_name, "secp256r1"))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "using curve name prime256v1 "
|
||||||
|
"instead of secp256r1\n");
|
||||||
|
nid = NID_X9_62_prime256v1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
nid = OBJ_sn2nid(curve_name);
|
||||||
|
|
||||||
|
if (nid == 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "unknown curve name (%s)\n",
|
||||||
|
curve_name);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
group = EC_GROUP_new_by_curve_name(nid);
|
||||||
|
if (group == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "unable to create curve (%s)\n",
|
||||||
|
curve_name);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
EC_GROUP_set_asn1_flag(group, asn1_flag);
|
||||||
|
EC_GROUP_set_point_conversion_form(group, form);
|
||||||
|
}
|
||||||
|
else if (informat == FORMAT_ASN1)
|
||||||
|
{
|
||||||
|
group = d2i_ECPKParameters_bio(in, NULL);
|
||||||
|
}
|
||||||
|
else if (informat == FORMAT_PEM)
|
||||||
|
{
|
||||||
|
group = PEM_read_bio_ECPKParameters(in,NULL,NULL,NULL);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "bad input format specified\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (group == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"unable to load elliptic curve parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (new_form)
|
||||||
|
EC_GROUP_set_point_conversion_form(group, form);
|
||||||
|
|
||||||
|
if (new_asn1_flag)
|
||||||
|
EC_GROUP_set_asn1_flag(group, asn1_flag);
|
||||||
|
|
||||||
|
if (no_seed)
|
||||||
|
{
|
||||||
|
EC_GROUP_set_seed(group, NULL, 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
{
|
||||||
|
if (!ECPKParameters_print(out, group, 0))
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (check)
|
||||||
|
{
|
||||||
|
if (group == NULL)
|
||||||
|
BIO_printf(bio_err, "no elliptic curve parameters\n");
|
||||||
|
BIO_printf(bio_err, "checking elliptic curve parameters: ");
|
||||||
|
if (!EC_GROUP_check(group, NULL))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "failed\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
BIO_printf(bio_err, "ok\n");
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
if (C)
|
||||||
|
{
|
||||||
|
size_t buf_len = 0, tmp_len = 0;
|
||||||
|
const EC_POINT *point;
|
||||||
|
int is_prime, len = 0;
|
||||||
|
const EC_METHOD *meth = EC_GROUP_method_of(group);
|
||||||
|
|
||||||
|
if ((ec_p = BN_new()) == NULL || (ec_a = BN_new()) == NULL ||
|
||||||
|
(ec_b = BN_new()) == NULL || (ec_gen = BN_new()) == NULL ||
|
||||||
|
(ec_order = BN_new()) == NULL ||
|
||||||
|
(ec_cofactor = BN_new()) == NULL )
|
||||||
|
{
|
||||||
|
perror("OPENSSL_malloc");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
is_prime = (EC_METHOD_get_field_type(meth) ==
|
||||||
|
NID_X9_62_prime_field);
|
||||||
|
|
||||||
|
if (is_prime)
|
||||||
|
{
|
||||||
|
if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a,
|
||||||
|
ec_b, NULL))
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* TODO */
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((point = EC_GROUP_get0_generator(group)) == NULL)
|
||||||
|
goto end;
|
||||||
|
if (!EC_POINT_point2bn(group, point,
|
||||||
|
EC_GROUP_get_point_conversion_form(group), ec_gen,
|
||||||
|
NULL))
|
||||||
|
goto end;
|
||||||
|
if (!EC_GROUP_get_order(group, ec_order, NULL))
|
||||||
|
goto end;
|
||||||
|
if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (!ec_p || !ec_a || !ec_b || !ec_gen ||
|
||||||
|
!ec_order || !ec_cofactor)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
len = BN_num_bits(ec_order);
|
||||||
|
|
||||||
|
if ((tmp_len = (size_t)BN_num_bytes(ec_p)) > buf_len)
|
||||||
|
buf_len = tmp_len;
|
||||||
|
if ((tmp_len = (size_t)BN_num_bytes(ec_a)) > buf_len)
|
||||||
|
buf_len = tmp_len;
|
||||||
|
if ((tmp_len = (size_t)BN_num_bytes(ec_b)) > buf_len)
|
||||||
|
buf_len = tmp_len;
|
||||||
|
if ((tmp_len = (size_t)BN_num_bytes(ec_gen)) > buf_len)
|
||||||
|
buf_len = tmp_len;
|
||||||
|
if ((tmp_len = (size_t)BN_num_bytes(ec_order)) > buf_len)
|
||||||
|
buf_len = tmp_len;
|
||||||
|
if ((tmp_len = (size_t)BN_num_bytes(ec_cofactor)) > buf_len)
|
||||||
|
buf_len = tmp_len;
|
||||||
|
|
||||||
|
buffer = (unsigned char *)OPENSSL_malloc(buf_len);
|
||||||
|
|
||||||
|
if (buffer == NULL)
|
||||||
|
{
|
||||||
|
perror("OPENSSL_malloc");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ecparam_print_var(out, ec_p, "ec_p", len, buffer);
|
||||||
|
ecparam_print_var(out, ec_a, "ec_a", len, buffer);
|
||||||
|
ecparam_print_var(out, ec_b, "ec_b", len, buffer);
|
||||||
|
ecparam_print_var(out, ec_gen, "ec_gen", len, buffer);
|
||||||
|
ecparam_print_var(out, ec_order, "ec_order", len, buffer);
|
||||||
|
ecparam_print_var(out, ec_cofactor, "ec_cofactor", len,
|
||||||
|
buffer);
|
||||||
|
|
||||||
|
BIO_printf(out, "\n\n");
|
||||||
|
|
||||||
|
BIO_printf(out, "EC_GROUP *get_ec_group_%d(void)\n\t{\n", len);
|
||||||
|
BIO_printf(out, "\tint ok=0;\n");
|
||||||
|
BIO_printf(out, "\tEC_GROUP *group = NULL;\n");
|
||||||
|
BIO_printf(out, "\tEC_POINT *point = NULL;\n");
|
||||||
|
BIO_printf(out, "\tBIGNUM *tmp_1 = NULL, *tmp_2 = NULL, "
|
||||||
|
"*tmp_3 = NULL;\n\n");
|
||||||
|
BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_p_%d, "
|
||||||
|
"sizeof(ec_p_%d), NULL)) == NULL)\n\t\t"
|
||||||
|
"goto err;\n", len, len);
|
||||||
|
BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_a_%d, "
|
||||||
|
"sizeof(ec_a_%d), NULL)) == NULL)\n\t\t"
|
||||||
|
"goto err;\n", len, len);
|
||||||
|
BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_b_%d, "
|
||||||
|
"sizeof(ec_b_%d), NULL)) == NULL)\n\t\t"
|
||||||
|
"goto err;\n", len, len);
|
||||||
|
if (is_prime)
|
||||||
|
{
|
||||||
|
BIO_printf(out, "\tif ((group = EC_GROUP_new_curve_"
|
||||||
|
"GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)"
|
||||||
|
"\n\t\tgoto err;\n\n");
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* TODO */
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_printf(out, "\t/* build generator */\n");
|
||||||
|
BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_gen_%d, "
|
||||||
|
"sizeof(ec_gen_%d), tmp_1)) == NULL)"
|
||||||
|
"\n\t\tgoto err;\n", len, len);
|
||||||
|
BIO_printf(out, "\tpoint = EC_POINT_bn2point(group, tmp_1, "
|
||||||
|
"NULL, NULL);\n");
|
||||||
|
BIO_printf(out, "\tif (point == NULL)\n\t\tgoto err;\n");
|
||||||
|
BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_order_%d, "
|
||||||
|
"sizeof(ec_order_%d), tmp_2)) == NULL)"
|
||||||
|
"\n\t\tgoto err;\n", len, len);
|
||||||
|
BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_cofactor_%d, "
|
||||||
|
"sizeof(ec_cofactor_%d), tmp_3)) == NULL)"
|
||||||
|
"\n\t\tgoto err;\n", len, len);
|
||||||
|
BIO_printf(out, "\tif (!EC_GROUP_set_generator(group, point,"
|
||||||
|
" tmp_2, tmp_3))\n\t\tgoto err;\n");
|
||||||
|
BIO_printf(out, "\n\tok=1;\n");
|
||||||
|
BIO_printf(out, "err:\n");
|
||||||
|
BIO_printf(out, "\tif (tmp_1)\n\t\tBN_free(tmp_1);\n");
|
||||||
|
BIO_printf(out, "\tif (tmp_2)\n\t\tBN_free(tmp_2);\n");
|
||||||
|
BIO_printf(out, "\tif (tmp_3)\n\t\tBN_free(tmp_3);\n");
|
||||||
|
BIO_printf(out, "\tif (point)\n\t\tEC_POINT_free(point);\n");
|
||||||
|
BIO_printf(out, "\tif (!ok)\n");
|
||||||
|
BIO_printf(out, "\t\t{\n");
|
||||||
|
BIO_printf(out, "\t\tEC_GROUP_free(group);\n");
|
||||||
|
BIO_printf(out, "\t\tgroup = NULL;\n");
|
||||||
|
BIO_printf(out, "\t\t}\n");
|
||||||
|
BIO_printf(out, "\treturn(group);\n\t}\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!noout)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i = i2d_ECPKParameters_bio(out, group);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i = PEM_write_bio_ECPKParameters(out, group);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad output format specified for"
|
||||||
|
" outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "unable to write elliptic "
|
||||||
|
"curve parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (need_rand)
|
||||||
|
{
|
||||||
|
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (genkey)
|
||||||
|
{
|
||||||
|
EC_KEY *eckey = EC_KEY_new();
|
||||||
|
|
||||||
|
if (eckey == NULL)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
assert(need_rand);
|
||||||
|
|
||||||
|
if (EC_KEY_set_group(eckey, group) == 0)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (!EC_KEY_generate_key(eckey))
|
||||||
|
{
|
||||||
|
EC_KEY_free(eckey);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i = i2d_ECPrivateKey_bio(out, eckey);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
|
||||||
|
NULL, 0, NULL, NULL);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "bad output format specified "
|
||||||
|
"for outfile\n");
|
||||||
|
EC_KEY_free(eckey);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
EC_KEY_free(eckey);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (need_rand)
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (ec_p)
|
||||||
|
BN_free(ec_p);
|
||||||
|
if (ec_a)
|
||||||
|
BN_free(ec_a);
|
||||||
|
if (ec_b)
|
||||||
|
BN_free(ec_b);
|
||||||
|
if (ec_gen)
|
||||||
|
BN_free(ec_gen);
|
||||||
|
if (ec_order)
|
||||||
|
BN_free(ec_order);
|
||||||
|
if (ec_cofactor)
|
||||||
|
BN_free(ec_cofactor);
|
||||||
|
if (buffer)
|
||||||
|
OPENSSL_free(buffer);
|
||||||
|
if (in != NULL)
|
||||||
|
BIO_free(in);
|
||||||
|
if (out != NULL)
|
||||||
|
BIO_free_all(out);
|
||||||
|
if (group != NULL)
|
||||||
|
EC_GROUP_free(group);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
|
||||||
|
int len, unsigned char *buffer)
|
||||||
|
{
|
||||||
|
BIO_printf(out, "static unsigned char %s_%d[] = {", var, len);
|
||||||
|
if (BN_is_zero(in))
|
||||||
|
BIO_printf(out, "\n\t0x00");
|
||||||
|
else
|
||||||
|
{
|
||||||
|
int i, l;
|
||||||
|
|
||||||
|
l = BN_bn2bin(in, buffer);
|
||||||
|
for (i=0; i<l-1; i++)
|
||||||
|
{
|
||||||
|
if ((i%12) == 0)
|
||||||
|
BIO_printf(out, "\n\t");
|
||||||
|
BIO_printf(out, "0x%02X,", buffer[i]);
|
||||||
|
}
|
||||||
|
if ((i%12) == 0)
|
||||||
|
BIO_printf(out, "\n\t");
|
||||||
|
BIO_printf(out, "0x%02X", buffer[i]);
|
||||||
|
}
|
||||||
|
BIO_printf(out, "\n\t};\n\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_EC */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
724
jni/openssl/apps/enc.c
Normal file
724
jni/openssl/apps/enc.c
Normal file
@ -0,0 +1,724 @@
|
|||||||
|
/* apps/enc.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/objects.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/comp.h>
|
||||||
|
#include <ctype.h>
|
||||||
|
|
||||||
|
int set_hex(char *in,unsigned char *out,int size);
|
||||||
|
#undef SIZE
|
||||||
|
#undef BSIZE
|
||||||
|
#undef PROG
|
||||||
|
|
||||||
|
#define SIZE (512)
|
||||||
|
#define BSIZE (8*1024)
|
||||||
|
#define PROG enc_main
|
||||||
|
|
||||||
|
static void show_ciphers(const OBJ_NAME *name,void *bio_)
|
||||||
|
{
|
||||||
|
BIO *bio=bio_;
|
||||||
|
static int n;
|
||||||
|
|
||||||
|
if(!islower((unsigned char)*name->name))
|
||||||
|
return;
|
||||||
|
|
||||||
|
BIO_printf(bio,"-%-25s",name->name);
|
||||||
|
if(++n == 3)
|
||||||
|
{
|
||||||
|
BIO_printf(bio,"\n");
|
||||||
|
n=0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
BIO_printf(bio," ");
|
||||||
|
}
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
static const char magic[]="Salted__";
|
||||||
|
char mbuf[sizeof magic-1];
|
||||||
|
char *strbuf=NULL;
|
||||||
|
unsigned char *buff=NULL,*bufsize=NULL;
|
||||||
|
int bsize=BSIZE,verbose=0;
|
||||||
|
int ret=1,inl;
|
||||||
|
int nopad = 0;
|
||||||
|
unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
|
||||||
|
unsigned char salt[PKCS5_SALT_LEN];
|
||||||
|
char *str=NULL, *passarg = NULL, *pass = NULL;
|
||||||
|
char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
|
||||||
|
char *md=NULL;
|
||||||
|
int enc=1,printkey=0,i,base64=0;
|
||||||
|
#ifdef ZLIB
|
||||||
|
int do_zlib=0;
|
||||||
|
BIO *bzl = NULL;
|
||||||
|
#endif
|
||||||
|
int debug=0,olb64=0,nosalt=0;
|
||||||
|
const EVP_CIPHER *cipher=NULL,*c;
|
||||||
|
EVP_CIPHER_CTX *ctx = NULL;
|
||||||
|
char *inf=NULL,*outf=NULL;
|
||||||
|
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
|
||||||
|
#define PROG_NAME_SIZE 39
|
||||||
|
char pname[PROG_NAME_SIZE+1];
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine = NULL;
|
||||||
|
#endif
|
||||||
|
const EVP_MD *dgst=NULL;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
/* first check the program name */
|
||||||
|
program_name(argv[0],pname,sizeof pname);
|
||||||
|
if (strcmp(pname,"base64") == 0)
|
||||||
|
base64=1;
|
||||||
|
#ifdef ZLIB
|
||||||
|
if (strcmp(pname,"zlib") == 0)
|
||||||
|
do_zlib=1;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
cipher=EVP_get_cipherbyname(pname);
|
||||||
|
#ifdef ZLIB
|
||||||
|
if (!do_zlib && !base64 && (cipher == NULL)
|
||||||
|
&& (strcmp(pname,"enc") != 0))
|
||||||
|
#else
|
||||||
|
if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-e") == 0)
|
||||||
|
enc=1;
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
inf= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outf= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-pass") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passarg= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-d") == 0)
|
||||||
|
enc=0;
|
||||||
|
else if (strcmp(*argv,"-p") == 0)
|
||||||
|
printkey=1;
|
||||||
|
else if (strcmp(*argv,"-v") == 0)
|
||||||
|
verbose=1;
|
||||||
|
else if (strcmp(*argv,"-nopad") == 0)
|
||||||
|
nopad=1;
|
||||||
|
else if (strcmp(*argv,"-salt") == 0)
|
||||||
|
nosalt=0;
|
||||||
|
else if (strcmp(*argv,"-nosalt") == 0)
|
||||||
|
nosalt=1;
|
||||||
|
else if (strcmp(*argv,"-debug") == 0)
|
||||||
|
debug=1;
|
||||||
|
else if (strcmp(*argv,"-P") == 0)
|
||||||
|
printkey=2;
|
||||||
|
else if (strcmp(*argv,"-A") == 0)
|
||||||
|
olb64=1;
|
||||||
|
else if (strcmp(*argv,"-a") == 0)
|
||||||
|
base64=1;
|
||||||
|
else if (strcmp(*argv,"-base64") == 0)
|
||||||
|
base64=1;
|
||||||
|
#ifdef ZLIB
|
||||||
|
else if (strcmp(*argv,"-z") == 0)
|
||||||
|
do_zlib=1;
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-bufsize") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
bufsize=(unsigned char *)*(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-k") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
str= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-kfile") == 0)
|
||||||
|
{
|
||||||
|
static char buf[128];
|
||||||
|
FILE *infile;
|
||||||
|
char *file;
|
||||||
|
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
file= *(++argv);
|
||||||
|
infile=fopen(file,"r");
|
||||||
|
if (infile == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to read key from '%s'\n",
|
||||||
|
file);
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
buf[0]='\0';
|
||||||
|
if (!fgets(buf,sizeof buf,infile))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to read key from '%s'\n",
|
||||||
|
file);
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
fclose(infile);
|
||||||
|
i=strlen(buf);
|
||||||
|
if ((i > 0) &&
|
||||||
|
((buf[i-1] == '\n') || (buf[i-1] == '\r')))
|
||||||
|
buf[--i]='\0';
|
||||||
|
if ((i > 0) &&
|
||||||
|
((buf[i-1] == '\n') || (buf[i-1] == '\r')))
|
||||||
|
buf[--i]='\0';
|
||||||
|
if (i < 1)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"zero length password\n");
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
str=buf;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-K") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
hkey= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-S") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
hsalt= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-iv") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
hiv= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-md") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
md= *(++argv);
|
||||||
|
}
|
||||||
|
else if ((argv[0][0] == '-') &&
|
||||||
|
((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
|
||||||
|
{
|
||||||
|
cipher=c;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-none") == 0)
|
||||||
|
cipher=NULL;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option '%s'\n",*argv);
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"options are\n");
|
||||||
|
BIO_printf(bio_err,"%-14s input file\n","-in <file>");
|
||||||
|
BIO_printf(bio_err,"%-14s output file\n","-out <file>");
|
||||||
|
BIO_printf(bio_err,"%-14s pass phrase source\n","-pass <arg>");
|
||||||
|
BIO_printf(bio_err,"%-14s encrypt\n","-e");
|
||||||
|
BIO_printf(bio_err,"%-14s decrypt\n","-d");
|
||||||
|
BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
|
||||||
|
BIO_printf(bio_err,"%-14s passphrase is the next argument\n","-k");
|
||||||
|
BIO_printf(bio_err,"%-14s passphrase is the first line of the file argument\n","-kfile");
|
||||||
|
BIO_printf(bio_err,"%-14s the next argument is the md to use to create a key\n","-md");
|
||||||
|
BIO_printf(bio_err,"%-14s from a passphrase. One of md2, md5, sha or sha1\n","");
|
||||||
|
BIO_printf(bio_err,"%-14s salt in hex is the next argument\n","-S");
|
||||||
|
BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
|
||||||
|
BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
|
||||||
|
BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
|
||||||
|
BIO_printf(bio_err,"%-14s disable standard block padding\n","-nopad");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"Cipher Types\n");
|
||||||
|
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
|
||||||
|
show_ciphers,
|
||||||
|
bio_err);
|
||||||
|
BIO_printf(bio_err,"\n");
|
||||||
|
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (dgst == NULL)
|
||||||
|
{
|
||||||
|
dgst = EVP_md5();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (bufsize != NULL)
|
||||||
|
{
|
||||||
|
unsigned long n;
|
||||||
|
|
||||||
|
for (n=0; *bufsize; bufsize++)
|
||||||
|
{
|
||||||
|
i= *bufsize;
|
||||||
|
if ((i <= '9') && (i >= '0'))
|
||||||
|
n=n*10+i-'0';
|
||||||
|
else if (i == 'k')
|
||||||
|
{
|
||||||
|
n*=1024;
|
||||||
|
bufsize++;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (*bufsize != '\0')
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* It must be large enough for a base64 encoded line */
|
||||||
|
if (base64 && n < 80) n=80;
|
||||||
|
|
||||||
|
bsize=(int)n;
|
||||||
|
if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
|
||||||
|
}
|
||||||
|
|
||||||
|
strbuf=OPENSSL_malloc(SIZE);
|
||||||
|
buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
|
||||||
|
if ((buff == NULL) || (strbuf == NULL))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"OPENSSL_malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (debug)
|
||||||
|
{
|
||||||
|
BIO_set_callback(in,BIO_debug_callback);
|
||||||
|
BIO_set_callback(out,BIO_debug_callback);
|
||||||
|
BIO_set_callback_arg(in,(char *)bio_err);
|
||||||
|
BIO_set_callback_arg(out,(char *)bio_err);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (inf == NULL)
|
||||||
|
{
|
||||||
|
#ifndef OPENSSL_NO_SETVBUF_IONBF
|
||||||
|
if (bufsize != NULL)
|
||||||
|
setvbuf(stdin, (char *)NULL, _IONBF, 0);
|
||||||
|
#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,inf) <= 0)
|
||||||
|
{
|
||||||
|
perror(inf);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!str && passarg) {
|
||||||
|
if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
str = pass;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
|
||||||
|
{
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
char buf[200];
|
||||||
|
|
||||||
|
BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
|
||||||
|
OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
|
||||||
|
(enc)?"encryption":"decryption");
|
||||||
|
strbuf[0]='\0';
|
||||||
|
i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
|
||||||
|
if (i == 0)
|
||||||
|
{
|
||||||
|
if (strbuf[0] == '\0')
|
||||||
|
{
|
||||||
|
ret=1;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
str=strbuf;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (i < 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad password read\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (outf == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifndef OPENSSL_NO_SETVBUF_IONBF
|
||||||
|
if (bufsize != NULL)
|
||||||
|
setvbuf(stdout, (char *)NULL, _IONBF, 0);
|
||||||
|
#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outf) <= 0)
|
||||||
|
{
|
||||||
|
perror(outf);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
rbio=in;
|
||||||
|
wbio=out;
|
||||||
|
|
||||||
|
#ifdef ZLIB
|
||||||
|
|
||||||
|
if (do_zlib)
|
||||||
|
{
|
||||||
|
if ((bzl=BIO_new(BIO_f_zlib())) == NULL)
|
||||||
|
goto end;
|
||||||
|
if (enc)
|
||||||
|
wbio=BIO_push(bzl,wbio);
|
||||||
|
else
|
||||||
|
rbio=BIO_push(bzl,rbio);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (base64)
|
||||||
|
{
|
||||||
|
if ((b64=BIO_new(BIO_f_base64())) == NULL)
|
||||||
|
goto end;
|
||||||
|
if (debug)
|
||||||
|
{
|
||||||
|
BIO_set_callback(b64,BIO_debug_callback);
|
||||||
|
BIO_set_callback_arg(b64,(char *)bio_err);
|
||||||
|
}
|
||||||
|
if (olb64)
|
||||||
|
BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
|
||||||
|
if (enc)
|
||||||
|
wbio=BIO_push(b64,wbio);
|
||||||
|
else
|
||||||
|
rbio=BIO_push(b64,rbio);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (cipher != NULL)
|
||||||
|
{
|
||||||
|
/* Note that str is NULL if a key was passed on the command
|
||||||
|
* line, so we get no salt in that case. Is this a bug?
|
||||||
|
*/
|
||||||
|
if (str != NULL)
|
||||||
|
{
|
||||||
|
/* Salt handling: if encrypting generate a salt and
|
||||||
|
* write to output BIO. If decrypting read salt from
|
||||||
|
* input BIO.
|
||||||
|
*/
|
||||||
|
unsigned char *sptr;
|
||||||
|
if(nosalt) sptr = NULL;
|
||||||
|
else {
|
||||||
|
if(enc) {
|
||||||
|
if(hsalt) {
|
||||||
|
if(!set_hex(hsalt,salt,sizeof salt)) {
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"invalid hex salt value\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
|
||||||
|
goto end;
|
||||||
|
/* If -P option then don't bother writing */
|
||||||
|
if((printkey != 2)
|
||||||
|
&& (BIO_write(wbio,magic,
|
||||||
|
sizeof magic-1) != sizeof magic-1
|
||||||
|
|| BIO_write(wbio,
|
||||||
|
(char *)salt,
|
||||||
|
sizeof salt) != sizeof salt)) {
|
||||||
|
BIO_printf(bio_err,"error writing output file\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf
|
||||||
|
|| BIO_read(rbio,
|
||||||
|
(unsigned char *)salt,
|
||||||
|
sizeof salt) != sizeof salt) {
|
||||||
|
BIO_printf(bio_err,"error reading input file\n");
|
||||||
|
goto end;
|
||||||
|
} else if(memcmp(mbuf,magic,sizeof magic-1)) {
|
||||||
|
BIO_printf(bio_err,"bad magic number\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
sptr = salt;
|
||||||
|
}
|
||||||
|
|
||||||
|
EVP_BytesToKey(cipher,dgst,sptr,
|
||||||
|
(unsigned char *)str,
|
||||||
|
strlen(str),1,key,iv);
|
||||||
|
/* zero the complete buffer or the string
|
||||||
|
* passed from the command line
|
||||||
|
* bug picked up by
|
||||||
|
* Larry J. Hughes Jr. <hughes@indiana.edu> */
|
||||||
|
if (str == strbuf)
|
||||||
|
OPENSSL_cleanse(str,SIZE);
|
||||||
|
else
|
||||||
|
OPENSSL_cleanse(str,strlen(str));
|
||||||
|
}
|
||||||
|
if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"invalid hex iv value\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if ((hiv == NULL) && (str == NULL)
|
||||||
|
&& EVP_CIPHER_iv_length(cipher) != 0)
|
||||||
|
{
|
||||||
|
/* No IV was explicitly set and no IV was generated
|
||||||
|
* during EVP_BytesToKey. Hence the IV is undefined,
|
||||||
|
* making correct decryption impossible. */
|
||||||
|
BIO_printf(bio_err, "iv undefined\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"invalid hex key value\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((benc=BIO_new(BIO_f_cipher())) == NULL)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
/* Since we may be changing parameters work on the encryption
|
||||||
|
* context rather than calling BIO_set_cipher().
|
||||||
|
*/
|
||||||
|
|
||||||
|
BIO_get_cipher_ctx(benc, &ctx);
|
||||||
|
if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error setting cipher %s\n",
|
||||||
|
EVP_CIPHER_name(cipher));
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (nopad)
|
||||||
|
EVP_CIPHER_CTX_set_padding(ctx, 0);
|
||||||
|
|
||||||
|
if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error setting cipher %s\n",
|
||||||
|
EVP_CIPHER_name(cipher));
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (debug)
|
||||||
|
{
|
||||||
|
BIO_set_callback(benc,BIO_debug_callback);
|
||||||
|
BIO_set_callback_arg(benc,(char *)bio_err);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (printkey)
|
||||||
|
{
|
||||||
|
if (!nosalt)
|
||||||
|
{
|
||||||
|
printf("salt=");
|
||||||
|
for (i=0; i<(int)sizeof(salt); i++)
|
||||||
|
printf("%02X",salt[i]);
|
||||||
|
printf("\n");
|
||||||
|
}
|
||||||
|
if (cipher->key_len > 0)
|
||||||
|
{
|
||||||
|
printf("key=");
|
||||||
|
for (i=0; i<cipher->key_len; i++)
|
||||||
|
printf("%02X",key[i]);
|
||||||
|
printf("\n");
|
||||||
|
}
|
||||||
|
if (cipher->iv_len > 0)
|
||||||
|
{
|
||||||
|
printf("iv =");
|
||||||
|
for (i=0; i<cipher->iv_len; i++)
|
||||||
|
printf("%02X",iv[i]);
|
||||||
|
printf("\n");
|
||||||
|
}
|
||||||
|
if (printkey == 2)
|
||||||
|
{
|
||||||
|
ret=0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Only encrypt/decrypt as we write the file */
|
||||||
|
if (benc != NULL)
|
||||||
|
wbio=BIO_push(benc,wbio);
|
||||||
|
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
inl=BIO_read(rbio,(char *)buff,bsize);
|
||||||
|
if (inl <= 0) break;
|
||||||
|
if (BIO_write(wbio,(char *)buff,inl) != inl)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"error writing output file\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!BIO_flush(wbio))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad decrypt\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret=0;
|
||||||
|
if (verbose)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bytes read :%8ld\n",BIO_number_read(in));
|
||||||
|
BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
|
||||||
|
}
|
||||||
|
end:
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
if (strbuf != NULL) OPENSSL_free(strbuf);
|
||||||
|
if (buff != NULL) OPENSSL_free(buff);
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (benc != NULL) BIO_free(benc);
|
||||||
|
if (b64 != NULL) BIO_free(b64);
|
||||||
|
#ifdef ZLIB
|
||||||
|
if (bzl != NULL) BIO_free(bzl);
|
||||||
|
#endif
|
||||||
|
if(pass) OPENSSL_free(pass);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
int set_hex(char *in, unsigned char *out, int size)
|
||||||
|
{
|
||||||
|
int i,n;
|
||||||
|
unsigned char j;
|
||||||
|
|
||||||
|
n=strlen(in);
|
||||||
|
if (n > (size*2))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"hex string is too long\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
memset(out,0,size);
|
||||||
|
for (i=0; i<n; i++)
|
||||||
|
{
|
||||||
|
j=(unsigned char)*in;
|
||||||
|
*(in++)='\0';
|
||||||
|
if (j == 0) break;
|
||||||
|
if ((j >= '0') && (j <= '9'))
|
||||||
|
j-='0';
|
||||||
|
else if ((j >= 'A') && (j <= 'F'))
|
||||||
|
j=j-'A'+10;
|
||||||
|
else if ((j >= 'a') && (j <= 'f'))
|
||||||
|
j=j-'a'+10;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"non-hex digit\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
if (i&1)
|
||||||
|
out[i/2]|=j;
|
||||||
|
else
|
||||||
|
out[i/2]=(j<<4);
|
||||||
|
}
|
||||||
|
return(1);
|
||||||
|
}
|
549
jni/openssl/apps/engine.c
Normal file
549
jni/openssl/apps/engine.c
Normal file
@ -0,0 +1,549 @@
|
|||||||
|
/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
|
||||||
|
/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
|
||||||
|
* project 2000.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#ifdef OPENSSL_NO_STDIO
|
||||||
|
#define APPS_WIN16
|
||||||
|
#endif
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
#include <openssl/engine.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG engine_main
|
||||||
|
|
||||||
|
static const char *engine_usage[]={
|
||||||
|
"usage: engine opts [engine ...]\n",
|
||||||
|
" -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
|
||||||
|
" -vv will additionally display each command's description\n",
|
||||||
|
" -vvv will also add the input flags for each command\n",
|
||||||
|
" -vvvv will also show internal input flags\n",
|
||||||
|
" -c - for each engine, also list the capabilities\n",
|
||||||
|
" -t[t] - for each engine, check that they are really available\n",
|
||||||
|
" -tt will display error trace for unavailable engines\n",
|
||||||
|
" -pre <cmd> - runs command 'cmd' against the ENGINE before any attempts\n",
|
||||||
|
" to load it (if -t is used)\n",
|
||||||
|
" -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
|
||||||
|
" (only used if -t is also provided)\n",
|
||||||
|
" NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
|
||||||
|
" line, or all supported ENGINEs if none are specified.\n",
|
||||||
|
" Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
|
||||||
|
" argument \"/lib/libdriver.so\".\n",
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
static void identity(char *ptr)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int append_buf(char **buf, const char *s, int *size, int step)
|
||||||
|
{
|
||||||
|
int l = strlen(s);
|
||||||
|
|
||||||
|
if (*buf == NULL)
|
||||||
|
{
|
||||||
|
*size = step;
|
||||||
|
*buf = OPENSSL_malloc(*size);
|
||||||
|
if (*buf == NULL)
|
||||||
|
return 0;
|
||||||
|
**buf = '\0';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (**buf != '\0')
|
||||||
|
l += 2; /* ", " */
|
||||||
|
|
||||||
|
if (strlen(*buf) + strlen(s) >= (unsigned int)*size)
|
||||||
|
{
|
||||||
|
*size += step;
|
||||||
|
*buf = OPENSSL_realloc(*buf, *size);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (*buf == NULL)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
if (**buf != '\0')
|
||||||
|
BUF_strlcat(*buf, ", ", *size);
|
||||||
|
BUF_strlcat(*buf, s, *size);
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
|
||||||
|
{
|
||||||
|
int started = 0, err = 0;
|
||||||
|
/* Indent before displaying input flags */
|
||||||
|
BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
|
||||||
|
if(flags == 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "<no flags>\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
/* If the object is internal, mark it in a way that shows instead of
|
||||||
|
* having it part of all the other flags, even if it really is. */
|
||||||
|
if(flags & ENGINE_CMD_FLAG_INTERNAL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "[Internal] ");
|
||||||
|
}
|
||||||
|
|
||||||
|
if(flags & ENGINE_CMD_FLAG_NUMERIC)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "NUMERIC");
|
||||||
|
started = 1;
|
||||||
|
}
|
||||||
|
/* Now we check that no combinations of the mutually exclusive NUMERIC,
|
||||||
|
* STRING, and NO_INPUT flags have been used. Future flags that can be
|
||||||
|
* OR'd together with these would need to added after these to preserve
|
||||||
|
* the testing logic. */
|
||||||
|
if(flags & ENGINE_CMD_FLAG_STRING)
|
||||||
|
{
|
||||||
|
if(started)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "|");
|
||||||
|
err = 1;
|
||||||
|
}
|
||||||
|
BIO_printf(bio_out, "STRING");
|
||||||
|
started = 1;
|
||||||
|
}
|
||||||
|
if(flags & ENGINE_CMD_FLAG_NO_INPUT)
|
||||||
|
{
|
||||||
|
if(started)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "|");
|
||||||
|
err = 1;
|
||||||
|
}
|
||||||
|
BIO_printf(bio_out, "NO_INPUT");
|
||||||
|
started = 1;
|
||||||
|
}
|
||||||
|
/* Check for unknown flags */
|
||||||
|
flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
|
||||||
|
~ENGINE_CMD_FLAG_STRING &
|
||||||
|
~ENGINE_CMD_FLAG_NO_INPUT &
|
||||||
|
~ENGINE_CMD_FLAG_INTERNAL;
|
||||||
|
if(flags)
|
||||||
|
{
|
||||||
|
if(started) BIO_printf(bio_out, "|");
|
||||||
|
BIO_printf(bio_out, "<0x%04X>", flags);
|
||||||
|
}
|
||||||
|
if(err)
|
||||||
|
BIO_printf(bio_out, " <illegal flags!>");
|
||||||
|
BIO_printf(bio_out, "\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent)
|
||||||
|
{
|
||||||
|
static const int line_wrap = 78;
|
||||||
|
int num;
|
||||||
|
int ret = 0;
|
||||||
|
char *name = NULL;
|
||||||
|
char *desc = NULL;
|
||||||
|
int flags;
|
||||||
|
int xpos = 0;
|
||||||
|
STACK_OF(OPENSSL_STRING) *cmds = NULL;
|
||||||
|
if(!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
|
||||||
|
((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
|
||||||
|
0, NULL, NULL)) <= 0))
|
||||||
|
{
|
||||||
|
#if 0
|
||||||
|
BIO_printf(bio_out, "%s<no control commands>\n", indent);
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
cmds = sk_OPENSSL_STRING_new_null();
|
||||||
|
|
||||||
|
if(!cmds)
|
||||||
|
goto err;
|
||||||
|
do {
|
||||||
|
int len;
|
||||||
|
/* Get the command input flags */
|
||||||
|
if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
|
||||||
|
NULL, NULL)) < 0)
|
||||||
|
goto err;
|
||||||
|
if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4)
|
||||||
|
{
|
||||||
|
/* Get the command name */
|
||||||
|
if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
|
||||||
|
NULL, NULL)) <= 0)
|
||||||
|
goto err;
|
||||||
|
if((name = OPENSSL_malloc(len + 1)) == NULL)
|
||||||
|
goto err;
|
||||||
|
if(ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
|
||||||
|
NULL) <= 0)
|
||||||
|
goto err;
|
||||||
|
/* Get the command description */
|
||||||
|
if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
|
||||||
|
NULL, NULL)) < 0)
|
||||||
|
goto err;
|
||||||
|
if(len > 0)
|
||||||
|
{
|
||||||
|
if((desc = OPENSSL_malloc(len + 1)) == NULL)
|
||||||
|
goto err;
|
||||||
|
if(ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
|
||||||
|
NULL) <= 0)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
/* Now decide on the output */
|
||||||
|
if(xpos == 0)
|
||||||
|
/* Do an indent */
|
||||||
|
xpos = BIO_puts(bio_out, indent);
|
||||||
|
else
|
||||||
|
/* Otherwise prepend a ", " */
|
||||||
|
xpos += BIO_printf(bio_out, ", ");
|
||||||
|
if(verbose == 1)
|
||||||
|
{
|
||||||
|
/* We're just listing names, comma-delimited */
|
||||||
|
if((xpos > (int)strlen(indent)) &&
|
||||||
|
(xpos + (int)strlen(name) > line_wrap))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "\n");
|
||||||
|
xpos = BIO_puts(bio_out, indent);
|
||||||
|
}
|
||||||
|
xpos += BIO_printf(bio_out, "%s", name);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* We're listing names plus descriptions */
|
||||||
|
BIO_printf(bio_out, "%s: %s\n", name,
|
||||||
|
(desc == NULL) ? "<no description>" : desc);
|
||||||
|
/* ... and sometimes input flags */
|
||||||
|
if((verbose >= 3) && !util_flags(bio_out, flags,
|
||||||
|
indent))
|
||||||
|
goto err;
|
||||||
|
xpos = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
OPENSSL_free(name); name = NULL;
|
||||||
|
if(desc) { OPENSSL_free(desc); desc = NULL; }
|
||||||
|
/* Move to the next command */
|
||||||
|
num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE,
|
||||||
|
num, NULL, NULL);
|
||||||
|
} while(num > 0);
|
||||||
|
if(xpos > 0)
|
||||||
|
BIO_printf(bio_out, "\n");
|
||||||
|
ret = 1;
|
||||||
|
err:
|
||||||
|
if(cmds) sk_OPENSSL_STRING_pop_free(cmds, identity);
|
||||||
|
if(name) OPENSSL_free(name);
|
||||||
|
if(desc) OPENSSL_free(desc);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
|
||||||
|
BIO *bio_out, const char *indent)
|
||||||
|
{
|
||||||
|
int loop, res, num = sk_OPENSSL_STRING_num(cmds);
|
||||||
|
|
||||||
|
if(num < 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "[Error]: internal stack error\n");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
for(loop = 0; loop < num; loop++)
|
||||||
|
{
|
||||||
|
char buf[256];
|
||||||
|
const char *cmd, *arg;
|
||||||
|
cmd = sk_OPENSSL_STRING_value(cmds, loop);
|
||||||
|
res = 1; /* assume success */
|
||||||
|
/* Check if this command has no ":arg" */
|
||||||
|
if((arg = strstr(cmd, ":")) == NULL)
|
||||||
|
{
|
||||||
|
if(!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
|
||||||
|
res = 0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if((int)(arg - cmd) > 254)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out,"[Error]: command name too long\n");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
memcpy(buf, cmd, (int)(arg - cmd));
|
||||||
|
buf[arg-cmd] = '\0';
|
||||||
|
arg++; /* Move past the ":" */
|
||||||
|
/* Call the command with the argument */
|
||||||
|
if(!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
|
||||||
|
res = 0;
|
||||||
|
}
|
||||||
|
if(res)
|
||||||
|
BIO_printf(bio_out, "[Success]: %s\n", cmd);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "[Failure]: %s\n", cmd);
|
||||||
|
ERR_print_errors(bio_out);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int ret=1,i;
|
||||||
|
const char **pp;
|
||||||
|
int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0;
|
||||||
|
ENGINE *e;
|
||||||
|
STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
|
||||||
|
STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
|
||||||
|
STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
|
||||||
|
int badops=1;
|
||||||
|
BIO *bio_out=NULL;
|
||||||
|
const char *indent = " ";
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
SSL_load_error_strings();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
bio_out = BIO_push(tmpbio, bio_out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strncmp(*argv,"-v",2) == 0)
|
||||||
|
{
|
||||||
|
if(strspn(*argv + 1, "v") < strlen(*argv + 1))
|
||||||
|
goto skip_arg_loop;
|
||||||
|
if((verbose=strlen(*argv + 1)) > 4)
|
||||||
|
goto skip_arg_loop;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-c") == 0)
|
||||||
|
list_cap=1;
|
||||||
|
else if (strncmp(*argv,"-t",2) == 0)
|
||||||
|
{
|
||||||
|
test_avail=1;
|
||||||
|
if(strspn(*argv + 1, "t") < strlen(*argv + 1))
|
||||||
|
goto skip_arg_loop;
|
||||||
|
if((test_avail_noise = strlen(*argv + 1) - 1) > 1)
|
||||||
|
goto skip_arg_loop;
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-pre") == 0)
|
||||||
|
{
|
||||||
|
argc--; argv++;
|
||||||
|
if (argc == 0)
|
||||||
|
goto skip_arg_loop;
|
||||||
|
sk_OPENSSL_STRING_push(pre_cmds,*argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-post") == 0)
|
||||||
|
{
|
||||||
|
argc--; argv++;
|
||||||
|
if (argc == 0)
|
||||||
|
goto skip_arg_loop;
|
||||||
|
sk_OPENSSL_STRING_push(post_cmds,*argv);
|
||||||
|
}
|
||||||
|
else if ((strncmp(*argv,"-h",2) == 0) ||
|
||||||
|
(strcmp(*argv,"-?") == 0))
|
||||||
|
goto skip_arg_loop;
|
||||||
|
else
|
||||||
|
sk_OPENSSL_STRING_push(engines,*argv);
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
/* Looks like everything went OK */
|
||||||
|
badops = 0;
|
||||||
|
skip_arg_loop:
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
for (pp=engine_usage; (*pp != NULL); pp++)
|
||||||
|
BIO_printf(bio_err,"%s",*pp);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (sk_OPENSSL_STRING_num(engines) == 0)
|
||||||
|
{
|
||||||
|
for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
|
||||||
|
{
|
||||||
|
sk_OPENSSL_STRING_push(engines,(char *)ENGINE_get_id(e));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i=0; i<sk_OPENSSL_STRING_num(engines); i++)
|
||||||
|
{
|
||||||
|
const char *id = sk_OPENSSL_STRING_value(engines,i);
|
||||||
|
if ((e = ENGINE_by_id(id)) != NULL)
|
||||||
|
{
|
||||||
|
const char *name = ENGINE_get_name(e);
|
||||||
|
/* Do "id" first, then "name". Easier to auto-parse. */
|
||||||
|
BIO_printf(bio_out, "(%s) %s\n", id, name);
|
||||||
|
util_do_cmds(e, pre_cmds, bio_out, indent);
|
||||||
|
if (strcmp(ENGINE_get_id(e), id) != 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "Loaded: (%s) %s\n",
|
||||||
|
ENGINE_get_id(e), ENGINE_get_name(e));
|
||||||
|
}
|
||||||
|
if (list_cap)
|
||||||
|
{
|
||||||
|
int cap_size = 256;
|
||||||
|
char *cap_buf = NULL;
|
||||||
|
int k,n;
|
||||||
|
const int *nids;
|
||||||
|
ENGINE_CIPHERS_PTR fn_c;
|
||||||
|
ENGINE_DIGESTS_PTR fn_d;
|
||||||
|
ENGINE_PKEY_METHS_PTR fn_pk;
|
||||||
|
|
||||||
|
if (ENGINE_get_RSA(e) != NULL
|
||||||
|
&& !append_buf(&cap_buf, "RSA",
|
||||||
|
&cap_size, 256))
|
||||||
|
goto end;
|
||||||
|
if (ENGINE_get_DSA(e) != NULL
|
||||||
|
&& !append_buf(&cap_buf, "DSA",
|
||||||
|
&cap_size, 256))
|
||||||
|
goto end;
|
||||||
|
if (ENGINE_get_DH(e) != NULL
|
||||||
|
&& !append_buf(&cap_buf, "DH",
|
||||||
|
&cap_size, 256))
|
||||||
|
goto end;
|
||||||
|
if (ENGINE_get_RAND(e) != NULL
|
||||||
|
&& !append_buf(&cap_buf, "RAND",
|
||||||
|
&cap_size, 256))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
fn_c = ENGINE_get_ciphers(e);
|
||||||
|
if(!fn_c) goto skip_ciphers;
|
||||||
|
n = fn_c(e, NULL, &nids, 0);
|
||||||
|
for(k=0 ; k < n ; ++k)
|
||||||
|
if(!append_buf(&cap_buf,
|
||||||
|
OBJ_nid2sn(nids[k]),
|
||||||
|
&cap_size, 256))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
skip_ciphers:
|
||||||
|
fn_d = ENGINE_get_digests(e);
|
||||||
|
if(!fn_d) goto skip_digests;
|
||||||
|
n = fn_d(e, NULL, &nids, 0);
|
||||||
|
for(k=0 ; k < n ; ++k)
|
||||||
|
if(!append_buf(&cap_buf,
|
||||||
|
OBJ_nid2sn(nids[k]),
|
||||||
|
&cap_size, 256))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
skip_digests:
|
||||||
|
fn_pk = ENGINE_get_pkey_meths(e);
|
||||||
|
if(!fn_pk) goto skip_pmeths;
|
||||||
|
n = fn_pk(e, NULL, &nids, 0);
|
||||||
|
for(k=0 ; k < n ; ++k)
|
||||||
|
if(!append_buf(&cap_buf,
|
||||||
|
OBJ_nid2sn(nids[k]),
|
||||||
|
&cap_size, 256))
|
||||||
|
goto end;
|
||||||
|
skip_pmeths:
|
||||||
|
if (cap_buf && (*cap_buf != '\0'))
|
||||||
|
BIO_printf(bio_out, " [%s]\n", cap_buf);
|
||||||
|
|
||||||
|
OPENSSL_free(cap_buf);
|
||||||
|
}
|
||||||
|
if(test_avail)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "%s", indent);
|
||||||
|
if (ENGINE_init(e))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "[ available ]\n");
|
||||||
|
util_do_cmds(e, post_cmds, bio_out, indent);
|
||||||
|
ENGINE_finish(e);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_out, "[ unavailable ]\n");
|
||||||
|
if(test_avail_noise)
|
||||||
|
ERR_print_errors_fp(stdout);
|
||||||
|
ERR_clear_error();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
|
||||||
|
goto end;
|
||||||
|
ENGINE_free(e);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
sk_OPENSSL_STRING_pop_free(engines, identity);
|
||||||
|
sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
|
||||||
|
sk_OPENSSL_STRING_pop_free(post_cmds, identity);
|
||||||
|
if (bio_out != NULL) BIO_free_all(bio_out);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
128
jni/openssl/apps/errstr.c
Normal file
128
jni/openssl/apps/errstr.c
Normal file
@ -0,0 +1,128 @@
|
|||||||
|
/* apps/errstr.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/lhash.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG errstr_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int i,ret=0;
|
||||||
|
char buf[256];
|
||||||
|
unsigned long l;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
SSL_load_error_strings();
|
||||||
|
|
||||||
|
if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
|
||||||
|
{
|
||||||
|
BIO *out=NULL;
|
||||||
|
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
|
||||||
|
{
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
lh_ERR_STRING_DATA_node_stats_bio(
|
||||||
|
ERR_get_string_table(), out);
|
||||||
|
lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(),
|
||||||
|
out);
|
||||||
|
lh_ERR_STRING_DATA_node_usage_stats_bio(
|
||||||
|
ERR_get_string_table(),out);
|
||||||
|
}
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i=1; i<argc; i++)
|
||||||
|
{
|
||||||
|
if (sscanf(argv[i],"%lx",&l))
|
||||||
|
{
|
||||||
|
ERR_error_string_n(l, buf, sizeof buf);
|
||||||
|
printf("%s\n",buf);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
printf("%s: bad error code\n",argv[i]);
|
||||||
|
printf("usage: errstr [-stats] <errno> ...\n");
|
||||||
|
ret++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
241
jni/openssl/apps/gendh.c
Normal file
241
jni/openssl/apps/gendh.c
Normal file
@ -0,0 +1,241 @@
|
|||||||
|
/* apps/gendh.c */
|
||||||
|
/* obsoleted by dhparam.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
/* Until the key-gen callbacks are modified to use newer prototypes, we allow
|
||||||
|
* deprecated functions for openssl-internal code */
|
||||||
|
#ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
#undef OPENSSL_NO_DEPRECATED
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_DH
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/dh.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#define DEFBITS 512
|
||||||
|
#undef PROG
|
||||||
|
#define PROG gendh_main
|
||||||
|
|
||||||
|
static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
BN_GENCB cb;
|
||||||
|
DH *dh=NULL;
|
||||||
|
int ret=1,num=DEFBITS;
|
||||||
|
int g=2;
|
||||||
|
char *outfile=NULL;
|
||||||
|
char *inrand=NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
BIO *out=NULL;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
BN_GENCB_set(&cb, dh_cb, bio_err);
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
argv++;
|
||||||
|
argc--;
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
if (argc <= 0) break;
|
||||||
|
if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-2") == 0)
|
||||||
|
g=2;
|
||||||
|
/* else if (strcmp(*argv,"-3") == 0)
|
||||||
|
g=3; */
|
||||||
|
else if (strcmp(*argv,"-5") == 0)
|
||||||
|
g=5;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-rand") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
inrand= *(++argv);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
break;
|
||||||
|
argv++;
|
||||||
|
argc--;
|
||||||
|
}
|
||||||
|
if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
|
||||||
|
BIO_printf(bio_err," -out file - output the key to 'file\n");
|
||||||
|
BIO_printf(bio_err," -2 - use 2 as the generator value\n");
|
||||||
|
/* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
|
||||||
|
BIO_printf(bio_err," -5 - use 5 as the generator value\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||||
|
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
|
||||||
|
BIO_printf(bio_err," the random number generator\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if (out == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
|
||||||
|
}
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
|
||||||
|
BIO_printf(bio_err,"This is going to take a long time\n");
|
||||||
|
|
||||||
|
if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
|
||||||
|
if (!PEM_write_bio_DHparams(out,dh))
|
||||||
|
goto end;
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (ret != 0)
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (dh != NULL) DH_free(dh);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
|
||||||
|
{
|
||||||
|
char c='*';
|
||||||
|
|
||||||
|
if (p == 0) c='.';
|
||||||
|
if (p == 1) c='+';
|
||||||
|
if (p == 2) c='*';
|
||||||
|
if (p == 3) c='\n';
|
||||||
|
BIO_write(cb->arg,&c,1);
|
||||||
|
(void)BIO_flush(cb->arg);
|
||||||
|
#ifdef LINT
|
||||||
|
p=n;
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_DH */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
285
jni/openssl/apps/gendsa.c
Normal file
285
jni/openssl/apps/gendsa.c
Normal file
@ -0,0 +1,285 @@
|
|||||||
|
/* apps/gendsa.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/dsa.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#define DEFBITS 512
|
||||||
|
#undef PROG
|
||||||
|
#define PROG gendsa_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
DSA *dsa=NULL;
|
||||||
|
int ret=1;
|
||||||
|
char *outfile=NULL;
|
||||||
|
char *inrand=NULL,*dsaparams=NULL;
|
||||||
|
char *passargout = NULL, *passout = NULL;
|
||||||
|
BIO *out=NULL,*in=NULL;
|
||||||
|
const EVP_CIPHER *enc=NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
argv++;
|
||||||
|
argc--;
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
if (argc <= 0) break;
|
||||||
|
if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passout") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargout= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-rand") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
inrand= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-") == 0)
|
||||||
|
goto bad;
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
else if (strcmp(*argv,"-des") == 0)
|
||||||
|
enc=EVP_des_cbc();
|
||||||
|
else if (strcmp(*argv,"-des3") == 0)
|
||||||
|
enc=EVP_des_ede3_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
else if (strcmp(*argv,"-idea") == 0)
|
||||||
|
enc=EVP_idea_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
else if (strcmp(*argv,"-seed") == 0)
|
||||||
|
enc=EVP_seed_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
else if (strcmp(*argv,"-aes128") == 0)
|
||||||
|
enc=EVP_aes_128_cbc();
|
||||||
|
else if (strcmp(*argv,"-aes192") == 0)
|
||||||
|
enc=EVP_aes_192_cbc();
|
||||||
|
else if (strcmp(*argv,"-aes256") == 0)
|
||||||
|
enc=EVP_aes_256_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
else if (strcmp(*argv,"-camellia128") == 0)
|
||||||
|
enc=EVP_camellia_128_cbc();
|
||||||
|
else if (strcmp(*argv,"-camellia192") == 0)
|
||||||
|
enc=EVP_camellia_192_cbc();
|
||||||
|
else if (strcmp(*argv,"-camellia256") == 0)
|
||||||
|
enc=EVP_camellia_256_cbc();
|
||||||
|
#endif
|
||||||
|
else if (**argv != '-' && dsaparams == NULL)
|
||||||
|
{
|
||||||
|
dsaparams = *argv;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
goto bad;
|
||||||
|
argv++;
|
||||||
|
argc--;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (dsaparams == NULL)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
|
||||||
|
BIO_printf(bio_err," -out file - output the key to 'file'\n");
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
|
||||||
|
BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
BIO_printf(bio_err," -seed\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc seed\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||||
|
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
|
||||||
|
BIO_printf(bio_err," the random number generator\n");
|
||||||
|
BIO_printf(bio_err," dsaparam-file\n");
|
||||||
|
BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
if (!(BIO_read_filename(in,dsaparams)))
|
||||||
|
{
|
||||||
|
perror(dsaparams);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load DSA parameter file\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_free(in);
|
||||||
|
in = NULL;
|
||||||
|
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if (out == NULL) goto end;
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
|
||||||
|
}
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"Generating DSA key, %d bits\n",
|
||||||
|
BN_num_bits(dsa->p));
|
||||||
|
if (!DSA_generate_key(dsa)) goto end;
|
||||||
|
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
|
||||||
|
if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
|
||||||
|
goto end;
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (ret != 0)
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (dsa != NULL) DSA_free(dsa);
|
||||||
|
if(passout) OPENSSL_free(passout);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_DSA */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
440
jni/openssl/apps/genpkey.c
Normal file
440
jni/openssl/apps/genpkey.c
Normal file
@ -0,0 +1,440 @@
|
|||||||
|
/* apps/genpkey.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 2006
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
#include <openssl/engine.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
|
||||||
|
const char *file, ENGINE *e);
|
||||||
|
static int genpkey_cb(EVP_PKEY_CTX *ctx);
|
||||||
|
|
||||||
|
#define PROG genpkey_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
char **args, *outfile = NULL;
|
||||||
|
char *passarg = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
const EVP_CIPHER *cipher = NULL;
|
||||||
|
int outformat;
|
||||||
|
int text = 0;
|
||||||
|
EVP_PKEY *pkey=NULL;
|
||||||
|
EVP_PKEY_CTX *ctx = NULL;
|
||||||
|
char *pass = NULL;
|
||||||
|
int badarg = 0;
|
||||||
|
int ret = 1, rv;
|
||||||
|
|
||||||
|
int do_param = 0;
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
OpenSSL_add_all_algorithms();
|
||||||
|
args = argv + 1;
|
||||||
|
while (!badarg && *args && *args[0] == '-')
|
||||||
|
{
|
||||||
|
if (!strcmp(*args,"-outform"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
outformat=str2fmt(*args);
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-pass"))
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
passarg= *(++args);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*args,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto bad;
|
||||||
|
e = setup_engine(bio_err, *(++args), 0);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (!strcmp (*args, "-paramfile"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto bad;
|
||||||
|
args++;
|
||||||
|
if (do_param == 1)
|
||||||
|
goto bad;
|
||||||
|
if (!init_keygen_file(bio_err, &ctx, *args, e))
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-out"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
outfile = *args;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*args,"-algorithm") == 0)
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto bad;
|
||||||
|
if (!init_gen_str(bio_err, &ctx, *(++args),e, do_param))
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else if (strcmp(*args,"-pkeyopt") == 0)
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto bad;
|
||||||
|
if (!ctx)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "No keytype specified\n");
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
else if (pkey_ctrl_string(ctx, *(++args)) <= 0)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "parameter setting error\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (strcmp(*args,"-genparam") == 0)
|
||||||
|
{
|
||||||
|
if (ctx)
|
||||||
|
goto bad;
|
||||||
|
do_param = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*args,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
cipher = EVP_get_cipherbyname(*args + 1);
|
||||||
|
if (!cipher)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Unknown cipher %s\n",
|
||||||
|
*args + 1);
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
if (do_param == 1)
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!ctx)
|
||||||
|
badarg = 1;
|
||||||
|
|
||||||
|
if (badarg)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err, "Usage: genpkey [options]\n");
|
||||||
|
BIO_printf(bio_err, "where options may be\n");
|
||||||
|
BIO_printf(bio_err, "-out file output file\n");
|
||||||
|
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
|
||||||
|
BIO_printf(bio_err, "-pass arg output file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err, "-<cipher> use cipher <cipher> to encrypt the key\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "-paramfile file parameters file\n");
|
||||||
|
BIO_printf(bio_err, "-algorithm alg the public key algorithm\n");
|
||||||
|
BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n"
|
||||||
|
" to value <value>\n");
|
||||||
|
BIO_printf(bio_err, "-genparam generate parameters, not key\n");
|
||||||
|
BIO_printf(bio_err, "-text print the in text\n");
|
||||||
|
BIO_printf(bio_err, "NB: options order may be important! See the manual page.\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile)
|
||||||
|
{
|
||||||
|
if (!(out = BIO_new_file (outfile, "wb")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Can't open output file %s\n", outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
out = BIO_new_fp (stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
EVP_PKEY_CTX_set_cb(ctx, genpkey_cb);
|
||||||
|
EVP_PKEY_CTX_set_app_data(ctx, bio_err);
|
||||||
|
|
||||||
|
if (do_param)
|
||||||
|
{
|
||||||
|
if (EVP_PKEY_paramgen(ctx, &pkey) <= 0)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Error generating parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Error generating key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (do_param)
|
||||||
|
rv = PEM_write_bio_Parameters(out, pkey);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0,
|
||||||
|
NULL, pass);
|
||||||
|
else if (outformat == FORMAT_ASN1)
|
||||||
|
rv = i2d_PrivateKey_bio(out, pkey);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (rv <= 0)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Error writing key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
{
|
||||||
|
if (do_param)
|
||||||
|
rv = EVP_PKEY_print_params(out, pkey, 0, NULL);
|
||||||
|
else
|
||||||
|
rv = EVP_PKEY_print_private(out, pkey, 0, NULL);
|
||||||
|
|
||||||
|
if (rv <= 0)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Error printing key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
end:
|
||||||
|
if (pkey)
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
if (ctx)
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
if (out)
|
||||||
|
BIO_free_all(out);
|
||||||
|
BIO_free(in);
|
||||||
|
if (pass)
|
||||||
|
OPENSSL_free(pass);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
|
||||||
|
const char *file, ENGINE *e)
|
||||||
|
{
|
||||||
|
BIO *pbio;
|
||||||
|
EVP_PKEY *pkey = NULL;
|
||||||
|
EVP_PKEY_CTX *ctx = NULL;
|
||||||
|
if (*pctx)
|
||||||
|
{
|
||||||
|
BIO_puts(err, "Parameters already set!\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
pbio = BIO_new_file(file, "r");
|
||||||
|
if (!pbio)
|
||||||
|
{
|
||||||
|
BIO_printf(err, "Can't open parameter file %s\n", file);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
pkey = PEM_read_bio_Parameters(pbio, NULL);
|
||||||
|
BIO_free(pbio);
|
||||||
|
|
||||||
|
if (!pkey)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error reading parameter file %s\n", file);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx = EVP_PKEY_CTX_new(pkey, e);
|
||||||
|
if (!ctx)
|
||||||
|
goto err;
|
||||||
|
if (EVP_PKEY_keygen_init(ctx) <= 0)
|
||||||
|
goto err;
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
*pctx = ctx;
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
err:
|
||||||
|
BIO_puts(err, "Error initializing context\n");
|
||||||
|
ERR_print_errors(err);
|
||||||
|
if (ctx)
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
if (pkey)
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
|
||||||
|
const char *algname, ENGINE *e, int do_param)
|
||||||
|
{
|
||||||
|
EVP_PKEY_CTX *ctx = NULL;
|
||||||
|
const EVP_PKEY_ASN1_METHOD *ameth;
|
||||||
|
ENGINE *tmpeng = NULL;
|
||||||
|
int pkey_id;
|
||||||
|
|
||||||
|
if (*pctx)
|
||||||
|
{
|
||||||
|
BIO_puts(err, "Algorithm already set!\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
if (!ameth && e)
|
||||||
|
ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!ameth)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Algorithm %s not found\n", algname);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_clear_error();
|
||||||
|
|
||||||
|
EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
if (tmpeng)
|
||||||
|
ENGINE_finish(tmpeng);
|
||||||
|
#endif
|
||||||
|
ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
|
||||||
|
|
||||||
|
if (!ctx)
|
||||||
|
goto err;
|
||||||
|
if (do_param)
|
||||||
|
{
|
||||||
|
if (EVP_PKEY_paramgen_init(ctx) <= 0)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (EVP_PKEY_keygen_init(ctx) <= 0)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
*pctx = ctx;
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
err:
|
||||||
|
BIO_printf(err, "Error initializing %s context\n", algname);
|
||||||
|
ERR_print_errors(err);
|
||||||
|
if (ctx)
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static int genpkey_cb(EVP_PKEY_CTX *ctx)
|
||||||
|
{
|
||||||
|
char c='*';
|
||||||
|
BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
|
||||||
|
int p;
|
||||||
|
p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
|
||||||
|
if (p == 0) c='.';
|
||||||
|
if (p == 1) c='+';
|
||||||
|
if (p == 2) c='*';
|
||||||
|
if (p == 3) c='\n';
|
||||||
|
BIO_write(b,&c,1);
|
||||||
|
(void)BIO_flush(b);
|
||||||
|
#ifdef LINT
|
||||||
|
p=n;
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
335
jni/openssl/apps/genrsa.c
Normal file
335
jni/openssl/apps/genrsa.c
Normal file
@ -0,0 +1,335 @@
|
|||||||
|
/* apps/genrsa.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
/* Until the key-gen callbacks are modified to use newer prototypes, we allow
|
||||||
|
* deprecated functions for openssl-internal code */
|
||||||
|
#ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
#undef OPENSSL_NO_DEPRECATED
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_RSA
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/rsa.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
|
||||||
|
#define DEFBITS 512
|
||||||
|
#undef PROG
|
||||||
|
#define PROG genrsa_main
|
||||||
|
|
||||||
|
static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
BN_GENCB cb;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
#endif
|
||||||
|
int ret=1;
|
||||||
|
int i,num=DEFBITS;
|
||||||
|
long l;
|
||||||
|
const EVP_CIPHER *enc=NULL;
|
||||||
|
unsigned long f4=RSA_F4;
|
||||||
|
char *outfile=NULL;
|
||||||
|
char *passargout = NULL, *passout = NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
char *inrand=NULL;
|
||||||
|
BIO *out=NULL;
|
||||||
|
BIGNUM *bn = BN_new();
|
||||||
|
RSA *rsa = NULL;
|
||||||
|
|
||||||
|
if(!bn) goto err;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
BN_GENCB_set(&cb, genrsa_cb, bio_err);
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto err;
|
||||||
|
if ((out=BIO_new(BIO_s_file())) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to create BIO for output\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
argv++;
|
||||||
|
argc--;
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
if (argc <= 0) break;
|
||||||
|
if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-3") == 0)
|
||||||
|
f4=3;
|
||||||
|
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
|
||||||
|
f4=RSA_F4;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-rand") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
inrand= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
else if (strcmp(*argv,"-des") == 0)
|
||||||
|
enc=EVP_des_cbc();
|
||||||
|
else if (strcmp(*argv,"-des3") == 0)
|
||||||
|
enc=EVP_des_ede3_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
else if (strcmp(*argv,"-idea") == 0)
|
||||||
|
enc=EVP_idea_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
else if (strcmp(*argv,"-seed") == 0)
|
||||||
|
enc=EVP_seed_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
else if (strcmp(*argv,"-aes128") == 0)
|
||||||
|
enc=EVP_aes_128_cbc();
|
||||||
|
else if (strcmp(*argv,"-aes192") == 0)
|
||||||
|
enc=EVP_aes_192_cbc();
|
||||||
|
else if (strcmp(*argv,"-aes256") == 0)
|
||||||
|
enc=EVP_aes_256_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
else if (strcmp(*argv,"-camellia128") == 0)
|
||||||
|
enc=EVP_camellia_128_cbc();
|
||||||
|
else if (strcmp(*argv,"-camellia192") == 0)
|
||||||
|
enc=EVP_camellia_192_cbc();
|
||||||
|
else if (strcmp(*argv,"-camellia256") == 0)
|
||||||
|
enc=EVP_camellia_256_cbc();
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-passout") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargout= *(++argv);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
break;
|
||||||
|
argv++;
|
||||||
|
argc--;
|
||||||
|
}
|
||||||
|
if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
|
||||||
|
BIO_printf(bio_err," -des encrypt the generated key with DES in cbc mode\n");
|
||||||
|
BIO_printf(bio_err," -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
BIO_printf(bio_err," -seed\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc seed\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -out file output the key to 'file\n");
|
||||||
|
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
|
||||||
|
BIO_printf(bio_err," -3 use 3 for the E value\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||||
|
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
|
||||||
|
BIO_printf(bio_err," the random number generator\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
|
||||||
|
&& !RAND_status())
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
|
||||||
|
}
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
|
||||||
|
num);
|
||||||
|
#ifdef OPENSSL_NO_ENGINE
|
||||||
|
rsa = RSA_new();
|
||||||
|
#else
|
||||||
|
rsa = RSA_new_method(e);
|
||||||
|
#endif
|
||||||
|
if (!rsa)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
|
||||||
|
/* We need to do the following for when the base number size is <
|
||||||
|
* long, esp windows 3.1 :-(. */
|
||||||
|
l=0L;
|
||||||
|
for (i=0; i<rsa->e->top; i++)
|
||||||
|
{
|
||||||
|
#ifndef SIXTY_FOUR_BIT
|
||||||
|
l<<=BN_BITS4;
|
||||||
|
l<<=BN_BITS4;
|
||||||
|
#endif
|
||||||
|
l+=rsa->e->d[i];
|
||||||
|
}
|
||||||
|
BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
|
||||||
|
{
|
||||||
|
PW_CB_DATA cb_data;
|
||||||
|
cb_data.password = passout;
|
||||||
|
cb_data.prompt_info = outfile;
|
||||||
|
if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,
|
||||||
|
(pem_password_cb *)password_callback,&cb_data))
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret=0;
|
||||||
|
err:
|
||||||
|
if (bn) BN_free(bn);
|
||||||
|
if (rsa) RSA_free(rsa);
|
||||||
|
if (out) BIO_free_all(out);
|
||||||
|
if(passout) OPENSSL_free(passout);
|
||||||
|
if (ret != 0)
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
|
||||||
|
{
|
||||||
|
char c='*';
|
||||||
|
|
||||||
|
if (p == 0) c='.';
|
||||||
|
if (p == 1) c='+';
|
||||||
|
if (p == 2) c='*';
|
||||||
|
if (p == 3) c='\n';
|
||||||
|
BIO_write(cb->arg,&c,1);
|
||||||
|
(void)BIO_flush(cb->arg);
|
||||||
|
#ifdef LINT
|
||||||
|
p=n;
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_RSA */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
1
jni/openssl/apps/md4.c
Symbolic link
1
jni/openssl/apps/md4.c
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../crypto/md4/md4.c
|
167
jni/openssl/apps/nseq.c
Normal file
167
jni/openssl/apps/nseq.c
Normal file
@ -0,0 +1,167 @@
|
|||||||
|
/* nseq.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 1999.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG nseq_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
char **args, *infile = NULL, *outfile = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
int toseq = 0;
|
||||||
|
X509 *x509 = NULL;
|
||||||
|
NETSCAPE_CERT_SEQUENCE *seq = NULL;
|
||||||
|
int i, ret = 1;
|
||||||
|
int badarg = 0;
|
||||||
|
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
args = argv + 1;
|
||||||
|
while (!badarg && *args && *args[0] == '-') {
|
||||||
|
if (!strcmp (*args, "-toseq")) toseq = 1;
|
||||||
|
else if (!strcmp (*args, "-in")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
infile = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-out")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
outfile = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else badarg = 1;
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badarg) {
|
||||||
|
BIO_printf (bio_err, "Netscape certificate sequence utility\n");
|
||||||
|
BIO_printf (bio_err, "Usage nseq [options]\n");
|
||||||
|
BIO_printf (bio_err, "where options are\n");
|
||||||
|
BIO_printf (bio_err, "-in file input file\n");
|
||||||
|
BIO_printf (bio_err, "-out file output file\n");
|
||||||
|
BIO_printf (bio_err, "-toseq output NS Sequence file\n");
|
||||||
|
OPENSSL_EXIT(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile) {
|
||||||
|
if (!(in = BIO_new_file (infile, "r"))) {
|
||||||
|
BIO_printf (bio_err,
|
||||||
|
"Can't open input file %s\n", infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (outfile) {
|
||||||
|
if (!(out = BIO_new_file (outfile, "w"))) {
|
||||||
|
BIO_printf (bio_err,
|
||||||
|
"Can't open output file %s\n", outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
if (toseq) {
|
||||||
|
seq = NETSCAPE_CERT_SEQUENCE_new();
|
||||||
|
seq->certs = sk_X509_new_null();
|
||||||
|
while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
|
||||||
|
sk_X509_push(seq->certs,x509);
|
||||||
|
|
||||||
|
if(!sk_X509_num(seq->certs))
|
||||||
|
{
|
||||||
|
BIO_printf (bio_err, "Error reading certs file %s\n", infile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq);
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
|
||||||
|
BIO_printf (bio_err, "Error reading sequence file %s\n", infile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
for(i = 0; i < sk_X509_num(seq->certs); i++) {
|
||||||
|
x509 = sk_X509_value(seq->certs, i);
|
||||||
|
dump_cert_text(out, x509);
|
||||||
|
PEM_write_bio_X509(out, x509);
|
||||||
|
}
|
||||||
|
ret = 0;
|
||||||
|
end:
|
||||||
|
BIO_free(in);
|
||||||
|
BIO_free_all(out);
|
||||||
|
NETSCAPE_CERT_SEQUENCE_free(seq);
|
||||||
|
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
1421
jni/openssl/apps/ocsp.c
Normal file
1421
jni/openssl/apps/ocsp.c
Normal file
File diff suppressed because it is too large
Load Diff
6
jni/openssl/apps/oid.cnf
Normal file
6
jni/openssl/apps/oid.cnf
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
2.99999.1 SET.ex1 SET x509v3 extension 1
|
||||||
|
2.99999.2 SET.ex2 SET x509v3 extension 2
|
||||||
|
2.99999.3 SET.ex3 SET x509v3 extension 3
|
||||||
|
2.99999.4 SET.ex4 SET x509v3 extension 4
|
||||||
|
2.99999.5 SET.ex5 SET x509v3 extension 5
|
||||||
|
2.99999.6 SET.ex6 SET x509v3 extension 6
|
714
jni/openssl/apps/openssl.c
Normal file
714
jni/openssl/apps/openssl.c
Normal file
@ -0,0 +1,714 @@
|
|||||||
|
/* apps/openssl.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/crypto.h>
|
||||||
|
#include <openssl/lhash.h>
|
||||||
|
#include <openssl/conf.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
#include <openssl/engine.h>
|
||||||
|
#endif
|
||||||
|
#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
|
||||||
|
#include "progs.h"
|
||||||
|
#include "s_apps.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
|
||||||
|
/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
|
||||||
|
* base prototypes (we cast each variable inside the function to the required
|
||||||
|
* type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
|
||||||
|
* functions. */
|
||||||
|
|
||||||
|
static LHASH_OF(FUNCTION) *prog_init(void );
|
||||||
|
static int do_cmd(LHASH_OF(FUNCTION) *prog,int argc,char *argv[]);
|
||||||
|
static void list_pkey(BIO *out);
|
||||||
|
static void list_cipher(BIO *out);
|
||||||
|
static void list_md(BIO *out);
|
||||||
|
char *default_config_file=NULL;
|
||||||
|
|
||||||
|
/* Make sure there is only one when MONOLITH is defined */
|
||||||
|
#ifdef MONOLITH
|
||||||
|
CONF *config=NULL;
|
||||||
|
BIO *bio_err=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
static void lock_dbg_cb(int mode, int type, const char *file, int line)
|
||||||
|
{
|
||||||
|
static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
|
||||||
|
const char *errstr = NULL;
|
||||||
|
int rw;
|
||||||
|
|
||||||
|
rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
|
||||||
|
if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
|
||||||
|
{
|
||||||
|
errstr = "invalid mode";
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (type < 0 || type >= CRYPTO_NUM_LOCKS)
|
||||||
|
{
|
||||||
|
errstr = "type out of bounds";
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (mode & CRYPTO_LOCK)
|
||||||
|
{
|
||||||
|
if (modes[type])
|
||||||
|
{
|
||||||
|
errstr = "already locked";
|
||||||
|
/* must not happen in a single-threaded program
|
||||||
|
* (would deadlock) */
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
modes[type] = rw;
|
||||||
|
}
|
||||||
|
else if (mode & CRYPTO_UNLOCK)
|
||||||
|
{
|
||||||
|
if (!modes[type])
|
||||||
|
{
|
||||||
|
errstr = "not locked";
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (modes[type] != rw)
|
||||||
|
{
|
||||||
|
errstr = (rw == CRYPTO_READ) ?
|
||||||
|
"CRYPTO_r_unlock on write lock" :
|
||||||
|
"CRYPTO_w_unlock on read lock";
|
||||||
|
}
|
||||||
|
|
||||||
|
modes[type] = 0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
errstr = "invalid mode";
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
err:
|
||||||
|
if (errstr)
|
||||||
|
{
|
||||||
|
/* we cannot use bio_err here */
|
||||||
|
fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
|
||||||
|
errstr, mode, type, file, line);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
|
||||||
|
# define ARGV _Argv
|
||||||
|
#else
|
||||||
|
# define ARGV Argv
|
||||||
|
#endif
|
||||||
|
|
||||||
|
int main(int Argc, char *ARGV[])
|
||||||
|
{
|
||||||
|
ARGS arg;
|
||||||
|
#define PROG_NAME_SIZE 39
|
||||||
|
char pname[PROG_NAME_SIZE+1];
|
||||||
|
FUNCTION f,*fp;
|
||||||
|
MS_STATIC const char *prompt;
|
||||||
|
MS_STATIC char buf[1024];
|
||||||
|
char *to_free=NULL;
|
||||||
|
int n,i,ret=0;
|
||||||
|
int argc;
|
||||||
|
char **argv,*p;
|
||||||
|
LHASH_OF(FUNCTION) *prog=NULL;
|
||||||
|
long errline;
|
||||||
|
|
||||||
|
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
|
||||||
|
/* 2011-03-22 SMS.
|
||||||
|
* If we have 32-bit pointers everywhere, then we're safe, and
|
||||||
|
* we bypass this mess, as on non-VMS systems. (See ARGV,
|
||||||
|
* above.)
|
||||||
|
* Problem 1: Compaq/HP C before V7.3 always used 32-bit
|
||||||
|
* pointers for argv[].
|
||||||
|
* Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
|
||||||
|
* everywhere else, we always allocate and use a 64-bit
|
||||||
|
* duplicate of argv[].
|
||||||
|
* Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
|
||||||
|
* to NULL-terminate a 64-bit argv[]. (As this was written, the
|
||||||
|
* compiler ECO was available only on IA64.)
|
||||||
|
* Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
|
||||||
|
* 64-bit argv[argc] for NULL, and, if necessary, use a
|
||||||
|
* (properly) NULL-terminated (64-bit) duplicate of argv[].
|
||||||
|
* The same code is used in either case to duplicate argv[].
|
||||||
|
* Some of these decisions could be handled in preprocessing,
|
||||||
|
* but the code tends to get even uglier, and the penalty for
|
||||||
|
* deciding at compile- or run-time is tiny.
|
||||||
|
*/
|
||||||
|
char **Argv = NULL;
|
||||||
|
int free_Argv = 0;
|
||||||
|
|
||||||
|
if ((sizeof( _Argv) < 8) /* 32-bit argv[]. */
|
||||||
|
# if !defined( VMS_TRUST_ARGV)
|
||||||
|
|| (_Argv[ Argc] != NULL) /* Untrusted argv[argc] not NULL. */
|
||||||
|
# endif
|
||||||
|
)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
Argv = OPENSSL_malloc( (Argc+ 1)* sizeof( char *));
|
||||||
|
if (Argv == NULL)
|
||||||
|
{ ret = -1; goto end; }
|
||||||
|
for(i = 0; i < Argc; i++)
|
||||||
|
Argv[i] = _Argv[i];
|
||||||
|
Argv[ Argc] = NULL; /* Certain NULL termination. */
|
||||||
|
free_Argv = 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* Use the known-good 32-bit argv[] (which needs the
|
||||||
|
* type cast to satisfy the compiler), or the trusted or
|
||||||
|
* tested-good 64-bit argv[] as-is. */
|
||||||
|
Argv = (char **)_Argv;
|
||||||
|
}
|
||||||
|
#endif /* defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) */
|
||||||
|
|
||||||
|
arg.data=NULL;
|
||||||
|
arg.count=0;
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
|
||||||
|
{
|
||||||
|
if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
|
||||||
|
{
|
||||||
|
CRYPTO_malloc_debug_init();
|
||||||
|
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* OPENSSL_DEBUG_MEMORY=off */
|
||||||
|
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||||
|
|
||||||
|
#if 0
|
||||||
|
if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
CRYPTO_set_locking_callback(lock_dbg_cb);
|
||||||
|
}
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
/* Lets load up our environment a little */
|
||||||
|
p=getenv("OPENSSL_CONF");
|
||||||
|
if (p == NULL)
|
||||||
|
p=getenv("SSLEAY_CONF");
|
||||||
|
if (p == NULL)
|
||||||
|
p=to_free=make_config_name();
|
||||||
|
|
||||||
|
default_config_file=p;
|
||||||
|
|
||||||
|
config=NCONF_new(NULL);
|
||||||
|
i=NCONF_load(config,p,&errline);
|
||||||
|
if (i == 0)
|
||||||
|
{
|
||||||
|
if (ERR_GET_REASON(ERR_peek_last_error())
|
||||||
|
== CONF_R_NO_SUCH_FILE)
|
||||||
|
{
|
||||||
|
#if 0 /* ANDROID */
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"WARNING: can't open config file: %s\n",p);
|
||||||
|
#endif
|
||||||
|
ERR_clear_error();
|
||||||
|
NCONF_free(config);
|
||||||
|
config = NULL;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
NCONF_free(config);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
prog=prog_init();
|
||||||
|
|
||||||
|
/* first check the program name */
|
||||||
|
program_name(Argv[0],pname,sizeof pname);
|
||||||
|
|
||||||
|
f.name=pname;
|
||||||
|
fp=lh_FUNCTION_retrieve(prog,&f);
|
||||||
|
if (fp != NULL)
|
||||||
|
{
|
||||||
|
Argv[0]=pname;
|
||||||
|
ret=fp->func(Argc,Argv);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ok, now check that there are not arguments, if there are,
|
||||||
|
* run with them, shifting the ssleay off the front */
|
||||||
|
if (Argc != 1)
|
||||||
|
{
|
||||||
|
Argc--;
|
||||||
|
Argv++;
|
||||||
|
ret=do_cmd(prog,Argc,Argv);
|
||||||
|
if (ret < 0) ret=0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ok, lets enter the old 'OpenSSL>' mode */
|
||||||
|
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
ret=0;
|
||||||
|
p=buf;
|
||||||
|
n=sizeof buf;
|
||||||
|
i=0;
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
p[0]='\0';
|
||||||
|
if (i++)
|
||||||
|
prompt=">";
|
||||||
|
else prompt="OpenSSL> ";
|
||||||
|
fputs(prompt,stdout);
|
||||||
|
fflush(stdout);
|
||||||
|
if (!fgets(p,n,stdin))
|
||||||
|
goto end;
|
||||||
|
if (p[0] == '\0') goto end;
|
||||||
|
i=strlen(p);
|
||||||
|
if (i <= 1) break;
|
||||||
|
if (p[i-2] != '\\') break;
|
||||||
|
i-=2;
|
||||||
|
p+=i;
|
||||||
|
n-=i;
|
||||||
|
}
|
||||||
|
if (!chopup_args(&arg,buf,&argc,&argv)) break;
|
||||||
|
|
||||||
|
ret=do_cmd(prog,argc,argv);
|
||||||
|
if (ret < 0)
|
||||||
|
{
|
||||||
|
ret=0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (ret != 0)
|
||||||
|
BIO_printf(bio_err,"error in %s\n",argv[0]);
|
||||||
|
(void)BIO_flush(bio_err);
|
||||||
|
}
|
||||||
|
BIO_printf(bio_err,"bad exit\n");
|
||||||
|
ret=1;
|
||||||
|
end:
|
||||||
|
if (to_free)
|
||||||
|
OPENSSL_free(to_free);
|
||||||
|
if (config != NULL)
|
||||||
|
{
|
||||||
|
NCONF_free(config);
|
||||||
|
config=NULL;
|
||||||
|
}
|
||||||
|
if (prog != NULL) lh_FUNCTION_free(prog);
|
||||||
|
if (arg.data != NULL) OPENSSL_free(arg.data);
|
||||||
|
|
||||||
|
apps_shutdown();
|
||||||
|
|
||||||
|
CRYPTO_mem_leaks(bio_err);
|
||||||
|
if (bio_err != NULL)
|
||||||
|
{
|
||||||
|
BIO_free(bio_err);
|
||||||
|
bio_err=NULL;
|
||||||
|
}
|
||||||
|
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
|
||||||
|
/* Free any duplicate Argv[] storage. */
|
||||||
|
if (free_Argv)
|
||||||
|
{
|
||||||
|
OPENSSL_free(Argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
#define LIST_STANDARD_COMMANDS "list-standard-commands"
|
||||||
|
#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
|
||||||
|
#define LIST_MESSAGE_DIGEST_ALGORITHMS "list-message-digest-algorithms"
|
||||||
|
#define LIST_CIPHER_COMMANDS "list-cipher-commands"
|
||||||
|
#define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
|
||||||
|
#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"
|
||||||
|
|
||||||
|
|
||||||
|
static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
|
||||||
|
{
|
||||||
|
FUNCTION f,*fp;
|
||||||
|
int i,ret=1,tp,nl;
|
||||||
|
|
||||||
|
if ((argc <= 0) || (argv[0] == NULL))
|
||||||
|
{ ret=0; goto end; }
|
||||||
|
f.name=argv[0];
|
||||||
|
fp=lh_FUNCTION_retrieve(prog,&f);
|
||||||
|
if (fp == NULL)
|
||||||
|
{
|
||||||
|
if (EVP_get_digestbyname(argv[0]))
|
||||||
|
{
|
||||||
|
f.type = FUNC_TYPE_MD;
|
||||||
|
f.func = dgst_main;
|
||||||
|
fp = &f;
|
||||||
|
}
|
||||||
|
else if (EVP_get_cipherbyname(argv[0]))
|
||||||
|
{
|
||||||
|
f.type = FUNC_TYPE_CIPHER;
|
||||||
|
f.func = enc_main;
|
||||||
|
fp = &f;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (fp != NULL)
|
||||||
|
{
|
||||||
|
ret=fp->func(argc,argv);
|
||||||
|
}
|
||||||
|
else if ((strncmp(argv[0],"no-",3)) == 0)
|
||||||
|
{
|
||||||
|
BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
bio_stdout = BIO_push(tmpbio, bio_stdout);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
f.name=argv[0]+3;
|
||||||
|
ret = (lh_FUNCTION_retrieve(prog,&f) != NULL);
|
||||||
|
if (!ret)
|
||||||
|
BIO_printf(bio_stdout, "%s\n", argv[0]);
|
||||||
|
else
|
||||||
|
BIO_printf(bio_stdout, "%s\n", argv[0]+3);
|
||||||
|
BIO_free_all(bio_stdout);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else if ((strcmp(argv[0],"quit") == 0) ||
|
||||||
|
(strcmp(argv[0],"q") == 0) ||
|
||||||
|
(strcmp(argv[0],"exit") == 0) ||
|
||||||
|
(strcmp(argv[0],"bye") == 0))
|
||||||
|
{
|
||||||
|
ret= -1;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
|
||||||
|
(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
|
||||||
|
(strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
|
||||||
|
(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0) ||
|
||||||
|
(strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0) ||
|
||||||
|
(strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0))
|
||||||
|
{
|
||||||
|
int list_type;
|
||||||
|
BIO *bio_stdout;
|
||||||
|
|
||||||
|
if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0)
|
||||||
|
list_type = FUNC_TYPE_GENERAL;
|
||||||
|
else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
|
||||||
|
list_type = FUNC_TYPE_MD;
|
||||||
|
else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
|
||||||
|
list_type = FUNC_TYPE_MD_ALG;
|
||||||
|
else if (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0)
|
||||||
|
list_type = FUNC_TYPE_PKEY;
|
||||||
|
else if (strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0)
|
||||||
|
list_type = FUNC_TYPE_CIPHER_ALG;
|
||||||
|
else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
|
||||||
|
list_type = FUNC_TYPE_CIPHER;
|
||||||
|
bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
bio_stdout = BIO_push(tmpbio, bio_stdout);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (list_type == FUNC_TYPE_PKEY)
|
||||||
|
list_pkey(bio_stdout);
|
||||||
|
if (list_type == FUNC_TYPE_MD_ALG)
|
||||||
|
list_md(bio_stdout);
|
||||||
|
if (list_type == FUNC_TYPE_CIPHER_ALG)
|
||||||
|
list_cipher(bio_stdout);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
for (fp=functions; fp->name != NULL; fp++)
|
||||||
|
if (fp->type == list_type)
|
||||||
|
BIO_printf(bio_stdout, "%s\n",
|
||||||
|
fp->name);
|
||||||
|
}
|
||||||
|
BIO_free_all(bio_stdout);
|
||||||
|
ret=0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
|
||||||
|
argv[0]);
|
||||||
|
BIO_printf(bio_err, "\nStandard commands");
|
||||||
|
i=0;
|
||||||
|
tp=0;
|
||||||
|
for (fp=functions; fp->name != NULL; fp++)
|
||||||
|
{
|
||||||
|
nl=0;
|
||||||
|
#ifdef OPENSSL_NO_CAMELLIA
|
||||||
|
if (((i++) % 5) == 0)
|
||||||
|
#else
|
||||||
|
if (((i++) % 4) == 0)
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"\n");
|
||||||
|
nl=1;
|
||||||
|
}
|
||||||
|
if (fp->type != tp)
|
||||||
|
{
|
||||||
|
tp=fp->type;
|
||||||
|
if (!nl) BIO_printf(bio_err,"\n");
|
||||||
|
if (tp == FUNC_TYPE_MD)
|
||||||
|
{
|
||||||
|
i=1;
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"\nMessage Digest commands (see the `dgst' command for more details)\n");
|
||||||
|
}
|
||||||
|
else if (tp == FUNC_TYPE_CIPHER)
|
||||||
|
{
|
||||||
|
i=1;
|
||||||
|
BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#ifdef OPENSSL_NO_CAMELLIA
|
||||||
|
BIO_printf(bio_err,"%-15s",fp->name);
|
||||||
|
#else
|
||||||
|
BIO_printf(bio_err,"%-18s",fp->name);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
BIO_printf(bio_err,"\n\n");
|
||||||
|
ret=0;
|
||||||
|
}
|
||||||
|
end:
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int SortFnByName(const void *_f1,const void *_f2)
|
||||||
|
{
|
||||||
|
const FUNCTION *f1=_f1;
|
||||||
|
const FUNCTION *f2=_f2;
|
||||||
|
|
||||||
|
if(f1->type != f2->type)
|
||||||
|
return f1->type-f2->type;
|
||||||
|
return strcmp(f1->name,f2->name);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void list_pkey(BIO *out)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
for (i = 0; i < EVP_PKEY_asn1_get_count(); i++)
|
||||||
|
{
|
||||||
|
const EVP_PKEY_ASN1_METHOD *ameth;
|
||||||
|
int pkey_id, pkey_base_id, pkey_flags;
|
||||||
|
const char *pinfo, *pem_str;
|
||||||
|
ameth = EVP_PKEY_asn1_get0(i);
|
||||||
|
EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
|
||||||
|
&pinfo, &pem_str, ameth);
|
||||||
|
if (pkey_flags & ASN1_PKEY_ALIAS)
|
||||||
|
{
|
||||||
|
BIO_printf(out, "Name: %s\n",
|
||||||
|
OBJ_nid2ln(pkey_id));
|
||||||
|
BIO_printf(out, "\tType: Alias to %s\n",
|
||||||
|
OBJ_nid2ln(pkey_base_id));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(out, "Name: %s\n", pinfo);
|
||||||
|
BIO_printf(out, "\tType: %s Algorithm\n",
|
||||||
|
pkey_flags & ASN1_PKEY_DYNAMIC ?
|
||||||
|
"External" : "Builtin");
|
||||||
|
BIO_printf(out, "\tOID: %s\n", OBJ_nid2ln(pkey_id));
|
||||||
|
if (pem_str == NULL)
|
||||||
|
pem_str = "(none)";
|
||||||
|
BIO_printf(out, "\tPEM string: %s\n", pem_str);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static void list_cipher_fn(const EVP_CIPHER *c,
|
||||||
|
const char *from, const char *to, void *arg)
|
||||||
|
{
|
||||||
|
if (c)
|
||||||
|
BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (!from)
|
||||||
|
from = "<undefined>";
|
||||||
|
if (!to)
|
||||||
|
to = "<undefined>";
|
||||||
|
BIO_printf(arg, "%s => %s\n", from, to);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static void list_cipher(BIO *out)
|
||||||
|
{
|
||||||
|
EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void list_md_fn(const EVP_MD *m,
|
||||||
|
const char *from, const char *to, void *arg)
|
||||||
|
{
|
||||||
|
if (m)
|
||||||
|
BIO_printf(arg, "%s\n", EVP_MD_name(m));
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (!from)
|
||||||
|
from = "<undefined>";
|
||||||
|
if (!to)
|
||||||
|
to = "<undefined>";
|
||||||
|
BIO_printf(arg, "%s => %s\n", from, to);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static void list_md(BIO *out)
|
||||||
|
{
|
||||||
|
EVP_MD_do_all_sorted(list_md_fn, out);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int MS_CALLBACK function_cmp(const FUNCTION *a, const FUNCTION *b)
|
||||||
|
{
|
||||||
|
return strncmp(a->name,b->name,8);
|
||||||
|
}
|
||||||
|
static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
|
||||||
|
|
||||||
|
static unsigned long MS_CALLBACK function_hash(const FUNCTION *a)
|
||||||
|
{
|
||||||
|
return lh_strhash(a->name);
|
||||||
|
}
|
||||||
|
static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)
|
||||||
|
|
||||||
|
static LHASH_OF(FUNCTION) *prog_init(void)
|
||||||
|
{
|
||||||
|
LHASH_OF(FUNCTION) *ret;
|
||||||
|
FUNCTION *f;
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
/* Purely so it looks nice when the user hits ? */
|
||||||
|
for(i=0,f=functions ; f->name != NULL ; ++f,++i)
|
||||||
|
;
|
||||||
|
qsort(functions,i,sizeof *functions,SortFnByName);
|
||||||
|
|
||||||
|
if ((ret=lh_FUNCTION_new()) == NULL)
|
||||||
|
return(NULL);
|
||||||
|
|
||||||
|
for (f=functions; f->name != NULL; f++)
|
||||||
|
(void)lh_FUNCTION_insert(ret,f);
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
|
350
jni/openssl/apps/openssl.cnf
Normal file
350
jni/openssl/apps/openssl.cnf
Normal file
@ -0,0 +1,350 @@
|
|||||||
|
#
|
||||||
|
# OpenSSL example configuration file.
|
||||||
|
# This is mostly being used for generation of certificate requests.
|
||||||
|
#
|
||||||
|
|
||||||
|
# This definition stops the following lines choking if HOME isn't
|
||||||
|
# defined.
|
||||||
|
HOME = .
|
||||||
|
RANDFILE = $ENV::HOME/.rnd
|
||||||
|
|
||||||
|
# Extra OBJECT IDENTIFIER info:
|
||||||
|
#oid_file = $ENV::HOME/.oid
|
||||||
|
oid_section = new_oids
|
||||||
|
|
||||||
|
# To use this configuration file with the "-extfile" option of the
|
||||||
|
# "openssl x509" utility, name here the section containing the
|
||||||
|
# X.509v3 extensions to use:
|
||||||
|
# extensions =
|
||||||
|
# (Alternatively, use a configuration file that has only
|
||||||
|
# X.509v3 extensions in its main [= default] section.)
|
||||||
|
|
||||||
|
[ new_oids ]
|
||||||
|
|
||||||
|
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
|
||||||
|
# Add a simple OID like this:
|
||||||
|
# testoid1=1.2.3.4
|
||||||
|
# Or use config file substitution like this:
|
||||||
|
# testoid2=${testoid1}.5.6
|
||||||
|
|
||||||
|
# Policies used by the TSA examples.
|
||||||
|
tsa_policy1 = 1.2.3.4.1
|
||||||
|
tsa_policy2 = 1.2.3.4.5.6
|
||||||
|
tsa_policy3 = 1.2.3.4.5.7
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ ca ]
|
||||||
|
default_ca = CA_default # The default ca section
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ CA_default ]
|
||||||
|
|
||||||
|
dir = ./demoCA # Where everything is kept
|
||||||
|
certs = $dir/certs # Where the issued certs are kept
|
||||||
|
crl_dir = $dir/crl # Where the issued crl are kept
|
||||||
|
database = $dir/index.txt # database index file.
|
||||||
|
#unique_subject = no # Set to 'no' to allow creation of
|
||||||
|
# several ctificates with same subject.
|
||||||
|
new_certs_dir = $dir/newcerts # default place for new certs.
|
||||||
|
|
||||||
|
certificate = $dir/cacert.pem # The CA certificate
|
||||||
|
serial = $dir/serial # The current serial number
|
||||||
|
crlnumber = $dir/crlnumber # the current crl number
|
||||||
|
# must be commented out to leave a V1 CRL
|
||||||
|
crl = $dir/crl.pem # The current CRL
|
||||||
|
private_key = $dir/private/cakey.pem# The private key
|
||||||
|
RANDFILE = $dir/private/.rand # private random number file
|
||||||
|
|
||||||
|
x509_extensions = usr_cert # The extentions to add to the cert
|
||||||
|
|
||||||
|
# Comment out the following two lines for the "traditional"
|
||||||
|
# (and highly broken) format.
|
||||||
|
name_opt = ca_default # Subject Name options
|
||||||
|
cert_opt = ca_default # Certificate field options
|
||||||
|
|
||||||
|
# Extension copying option: use with caution.
|
||||||
|
# copy_extensions = copy
|
||||||
|
|
||||||
|
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
|
||||||
|
# so this is commented out by default to leave a V1 CRL.
|
||||||
|
# crlnumber must also be commented out to leave a V1 CRL.
|
||||||
|
# crl_extensions = crl_ext
|
||||||
|
|
||||||
|
default_days = 365 # how long to certify for
|
||||||
|
default_crl_days= 30 # how long before next CRL
|
||||||
|
default_md = default # use public key default MD
|
||||||
|
preserve = no # keep passed DN ordering
|
||||||
|
|
||||||
|
# A few difference way of specifying how similar the request should look
|
||||||
|
# For type CA, the listed attributes must be the same, and the optional
|
||||||
|
# and supplied fields are just that :-)
|
||||||
|
policy = policy_match
|
||||||
|
|
||||||
|
# For the CA policy
|
||||||
|
[ policy_match ]
|
||||||
|
countryName = match
|
||||||
|
stateOrProvinceName = match
|
||||||
|
organizationName = match
|
||||||
|
organizationalUnitName = optional
|
||||||
|
commonName = supplied
|
||||||
|
emailAddress = optional
|
||||||
|
|
||||||
|
# For the 'anything' policy
|
||||||
|
# At this point in time, you must list all acceptable 'object'
|
||||||
|
# types.
|
||||||
|
[ policy_anything ]
|
||||||
|
countryName = optional
|
||||||
|
stateOrProvinceName = optional
|
||||||
|
localityName = optional
|
||||||
|
organizationName = optional
|
||||||
|
organizationalUnitName = optional
|
||||||
|
commonName = supplied
|
||||||
|
emailAddress = optional
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ req ]
|
||||||
|
default_bits = 1024
|
||||||
|
default_keyfile = privkey.pem
|
||||||
|
distinguished_name = req_distinguished_name
|
||||||
|
attributes = req_attributes
|
||||||
|
x509_extensions = v3_ca # The extentions to add to the self signed cert
|
||||||
|
|
||||||
|
# Passwords for private keys if not present they will be prompted for
|
||||||
|
# input_password = secret
|
||||||
|
# output_password = secret
|
||||||
|
|
||||||
|
# This sets a mask for permitted string types. There are several options.
|
||||||
|
# default: PrintableString, T61String, BMPString.
|
||||||
|
# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
|
||||||
|
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
|
||||||
|
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
|
||||||
|
# MASK:XXXX a literal mask value.
|
||||||
|
# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
|
||||||
|
string_mask = utf8only
|
||||||
|
|
||||||
|
# req_extensions = v3_req # The extensions to add to a certificate request
|
||||||
|
|
||||||
|
[ req_distinguished_name ]
|
||||||
|
countryName = Country Name (2 letter code)
|
||||||
|
countryName_default = AU
|
||||||
|
countryName_min = 2
|
||||||
|
countryName_max = 2
|
||||||
|
|
||||||
|
stateOrProvinceName = State or Province Name (full name)
|
||||||
|
stateOrProvinceName_default = Some-State
|
||||||
|
|
||||||
|
localityName = Locality Name (eg, city)
|
||||||
|
|
||||||
|
0.organizationName = Organization Name (eg, company)
|
||||||
|
0.organizationName_default = Internet Widgits Pty Ltd
|
||||||
|
|
||||||
|
# we can do this but it is not needed normally :-)
|
||||||
|
#1.organizationName = Second Organization Name (eg, company)
|
||||||
|
#1.organizationName_default = World Wide Web Pty Ltd
|
||||||
|
|
||||||
|
organizationalUnitName = Organizational Unit Name (eg, section)
|
||||||
|
#organizationalUnitName_default =
|
||||||
|
|
||||||
|
commonName = Common Name (eg, YOUR name)
|
||||||
|
commonName_max = 64
|
||||||
|
|
||||||
|
emailAddress = Email Address
|
||||||
|
emailAddress_max = 64
|
||||||
|
|
||||||
|
# SET-ex3 = SET extension number 3
|
||||||
|
|
||||||
|
[ req_attributes ]
|
||||||
|
challengePassword = A challenge password
|
||||||
|
challengePassword_min = 4
|
||||||
|
challengePassword_max = 20
|
||||||
|
|
||||||
|
unstructuredName = An optional company name
|
||||||
|
|
||||||
|
[ usr_cert ]
|
||||||
|
|
||||||
|
# These extensions are added when 'ca' signs a request.
|
||||||
|
|
||||||
|
# This goes against PKIX guidelines but some CAs do it and some software
|
||||||
|
# requires this to avoid interpreting an end user certificate as a CA.
|
||||||
|
|
||||||
|
basicConstraints=CA:FALSE
|
||||||
|
|
||||||
|
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||||
|
# the certificate can be used for anything *except* object signing.
|
||||||
|
|
||||||
|
# This is OK for an SSL server.
|
||||||
|
# nsCertType = server
|
||||||
|
|
||||||
|
# For an object signing certificate this would be used.
|
||||||
|
# nsCertType = objsign
|
||||||
|
|
||||||
|
# For normal client use this is typical
|
||||||
|
# nsCertType = client, email
|
||||||
|
|
||||||
|
# and for everything including object signing:
|
||||||
|
# nsCertType = client, email, objsign
|
||||||
|
|
||||||
|
# This is typical in keyUsage for a client certificate.
|
||||||
|
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||||
|
|
||||||
|
# This will be displayed in Netscape's comment listbox.
|
||||||
|
nsComment = "OpenSSL Generated Certificate"
|
||||||
|
|
||||||
|
# PKIX recommendations harmless if included in all certificates.
|
||||||
|
subjectKeyIdentifier=hash
|
||||||
|
authorityKeyIdentifier=keyid,issuer
|
||||||
|
|
||||||
|
# This stuff is for subjectAltName and issuerAltname.
|
||||||
|
# Import the email address.
|
||||||
|
# subjectAltName=email:copy
|
||||||
|
# An alternative to produce certificates that aren't
|
||||||
|
# deprecated according to PKIX.
|
||||||
|
# subjectAltName=email:move
|
||||||
|
|
||||||
|
# Copy subject details
|
||||||
|
# issuerAltName=issuer:copy
|
||||||
|
|
||||||
|
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||||
|
#nsBaseUrl
|
||||||
|
#nsRevocationUrl
|
||||||
|
#nsRenewalUrl
|
||||||
|
#nsCaPolicyUrl
|
||||||
|
#nsSslServerName
|
||||||
|
|
||||||
|
# This is required for TSA certificates.
|
||||||
|
# extendedKeyUsage = critical,timeStamping
|
||||||
|
|
||||||
|
[ v3_req ]
|
||||||
|
|
||||||
|
# Extensions to add to a certificate request
|
||||||
|
|
||||||
|
basicConstraints = CA:FALSE
|
||||||
|
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||||
|
|
||||||
|
[ v3_ca ]
|
||||||
|
|
||||||
|
|
||||||
|
# Extensions for a typical CA
|
||||||
|
|
||||||
|
|
||||||
|
# PKIX recommendation.
|
||||||
|
|
||||||
|
subjectKeyIdentifier=hash
|
||||||
|
|
||||||
|
authorityKeyIdentifier=keyid:always,issuer
|
||||||
|
|
||||||
|
# This is what PKIX recommends but some broken software chokes on critical
|
||||||
|
# extensions.
|
||||||
|
#basicConstraints = critical,CA:true
|
||||||
|
# So we do this instead.
|
||||||
|
basicConstraints = CA:true
|
||||||
|
|
||||||
|
# Key usage: this is typical for a CA certificate. However since it will
|
||||||
|
# prevent it being used as an test self-signed certificate it is best
|
||||||
|
# left out by default.
|
||||||
|
# keyUsage = cRLSign, keyCertSign
|
||||||
|
|
||||||
|
# Some might want this also
|
||||||
|
# nsCertType = sslCA, emailCA
|
||||||
|
|
||||||
|
# Include email address in subject alt name: another PKIX recommendation
|
||||||
|
# subjectAltName=email:copy
|
||||||
|
# Copy issuer details
|
||||||
|
# issuerAltName=issuer:copy
|
||||||
|
|
||||||
|
# DER hex encoding of an extension: beware experts only!
|
||||||
|
# obj=DER:02:03
|
||||||
|
# Where 'obj' is a standard or added object
|
||||||
|
# You can even override a supported extension:
|
||||||
|
# basicConstraints= critical, DER:30:03:01:01:FF
|
||||||
|
|
||||||
|
[ crl_ext ]
|
||||||
|
|
||||||
|
# CRL extensions.
|
||||||
|
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
|
||||||
|
|
||||||
|
# issuerAltName=issuer:copy
|
||||||
|
authorityKeyIdentifier=keyid:always
|
||||||
|
|
||||||
|
[ proxy_cert_ext ]
|
||||||
|
# These extensions should be added when creating a proxy certificate
|
||||||
|
|
||||||
|
# This goes against PKIX guidelines but some CAs do it and some software
|
||||||
|
# requires this to avoid interpreting an end user certificate as a CA.
|
||||||
|
|
||||||
|
basicConstraints=CA:FALSE
|
||||||
|
|
||||||
|
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||||
|
# the certificate can be used for anything *except* object signing.
|
||||||
|
|
||||||
|
# This is OK for an SSL server.
|
||||||
|
# nsCertType = server
|
||||||
|
|
||||||
|
# For an object signing certificate this would be used.
|
||||||
|
# nsCertType = objsign
|
||||||
|
|
||||||
|
# For normal client use this is typical
|
||||||
|
# nsCertType = client, email
|
||||||
|
|
||||||
|
# and for everything including object signing:
|
||||||
|
# nsCertType = client, email, objsign
|
||||||
|
|
||||||
|
# This is typical in keyUsage for a client certificate.
|
||||||
|
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||||
|
|
||||||
|
# This will be displayed in Netscape's comment listbox.
|
||||||
|
nsComment = "OpenSSL Generated Certificate"
|
||||||
|
|
||||||
|
# PKIX recommendations harmless if included in all certificates.
|
||||||
|
subjectKeyIdentifier=hash
|
||||||
|
authorityKeyIdentifier=keyid,issuer
|
||||||
|
|
||||||
|
# This stuff is for subjectAltName and issuerAltname.
|
||||||
|
# Import the email address.
|
||||||
|
# subjectAltName=email:copy
|
||||||
|
# An alternative to produce certificates that aren't
|
||||||
|
# deprecated according to PKIX.
|
||||||
|
# subjectAltName=email:move
|
||||||
|
|
||||||
|
# Copy subject details
|
||||||
|
# issuerAltName=issuer:copy
|
||||||
|
|
||||||
|
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||||
|
#nsBaseUrl
|
||||||
|
#nsRevocationUrl
|
||||||
|
#nsRenewalUrl
|
||||||
|
#nsCaPolicyUrl
|
||||||
|
#nsSslServerName
|
||||||
|
|
||||||
|
# This really needs to be in place for it to be a proxy certificate.
|
||||||
|
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
||||||
|
|
||||||
|
####################################################################
|
||||||
|
[ tsa ]
|
||||||
|
|
||||||
|
default_tsa = tsa_config1 # the default TSA section
|
||||||
|
|
||||||
|
[ tsa_config1 ]
|
||||||
|
|
||||||
|
# These are used by the TSA reply generation only.
|
||||||
|
dir = ./demoCA # TSA root directory
|
||||||
|
serial = $dir/tsaserial # The current serial number (mandatory)
|
||||||
|
crypto_device = builtin # OpenSSL engine to use for signing
|
||||||
|
signer_cert = $dir/tsacert.pem # The TSA signing certificate
|
||||||
|
# (optional)
|
||||||
|
certs = $dir/cacert.pem # Certificate chain to include in reply
|
||||||
|
# (optional)
|
||||||
|
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
|
||||||
|
|
||||||
|
default_policy = tsa_policy1 # Policy if request did not specify it
|
||||||
|
# (optional)
|
||||||
|
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
|
||||||
|
digests = md5, sha1 # Acceptable message digests (mandatory)
|
||||||
|
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
|
||||||
|
clock_precision_digits = 0 # number of digits after dot. (optional)
|
||||||
|
ordering = yes # Is ordering defined for timestamps?
|
||||||
|
# (optional, default: no)
|
||||||
|
tsa_name = yes # Must the TSA name be included in the reply?
|
||||||
|
# (optional, default: no)
|
||||||
|
ess_cert_id_chain = no # Must the ESS cert id chain be included?
|
||||||
|
# (optional, default: no)
|
512
jni/openssl/apps/passwd.c
Normal file
512
jni/openssl/apps/passwd.c
Normal file
@ -0,0 +1,512 @@
|
|||||||
|
/* apps/passwd.c */
|
||||||
|
|
||||||
|
#if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
|
||||||
|
# define NO_MD5CRYPT_1
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
|
||||||
|
|
||||||
|
#include <assert.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#include "apps.h"
|
||||||
|
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
# include <openssl/des.h>
|
||||||
|
#endif
|
||||||
|
#ifndef NO_MD5CRYPT_1
|
||||||
|
# include <openssl/md5.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG passwd_main
|
||||||
|
|
||||||
|
|
||||||
|
static unsigned const char cov_2char[64]={
|
||||||
|
/* from crypto/des/fcrypt.c */
|
||||||
|
0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
|
||||||
|
0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
|
||||||
|
0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
|
||||||
|
0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
|
||||||
|
0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
|
||||||
|
0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
|
||||||
|
0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
|
||||||
|
0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
|
||||||
|
};
|
||||||
|
|
||||||
|
static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||||
|
char *passwd, BIO *out, int quiet, int table, int reverse,
|
||||||
|
size_t pw_maxlen, int usecrypt, int use1, int useapr1);
|
||||||
|
|
||||||
|
/* -crypt - standard Unix password algorithm (default)
|
||||||
|
* -1 - MD5-based password algorithm
|
||||||
|
* -apr1 - MD5-based password algorithm, Apache variant
|
||||||
|
* -salt string - salt
|
||||||
|
* -in file - read passwords from file
|
||||||
|
* -stdin - read passwords from stdin
|
||||||
|
* -noverify - never verify when reading password from terminal
|
||||||
|
* -quiet - no warnings
|
||||||
|
* -table - format output as table
|
||||||
|
* -reverse - switch table columns
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int ret = 1;
|
||||||
|
char *infile = NULL;
|
||||||
|
int in_stdin = 0;
|
||||||
|
int in_noverify = 0;
|
||||||
|
char *salt = NULL, *passwd = NULL, **passwds = NULL;
|
||||||
|
char *salt_malloc = NULL, *passwd_malloc = NULL;
|
||||||
|
size_t passwd_malloc_size = 0;
|
||||||
|
int pw_source_defined = 0;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
int i, badopt, opt_done;
|
||||||
|
int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
|
||||||
|
int usecrypt = 0, use1 = 0, useapr1 = 0;
|
||||||
|
size_t pw_maxlen = 0;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto err;
|
||||||
|
out = BIO_new(BIO_s_file());
|
||||||
|
if (out == NULL)
|
||||||
|
goto err;
|
||||||
|
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
badopt = 0, opt_done = 0;
|
||||||
|
i = 0;
|
||||||
|
while (!badopt && !opt_done && argv[++i] != NULL)
|
||||||
|
{
|
||||||
|
if (strcmp(argv[i], "-crypt") == 0)
|
||||||
|
usecrypt = 1;
|
||||||
|
else if (strcmp(argv[i], "-1") == 0)
|
||||||
|
use1 = 1;
|
||||||
|
else if (strcmp(argv[i], "-apr1") == 0)
|
||||||
|
useapr1 = 1;
|
||||||
|
else if (strcmp(argv[i], "-salt") == 0)
|
||||||
|
{
|
||||||
|
if ((argv[i+1] != NULL) && (salt == NULL))
|
||||||
|
{
|
||||||
|
passed_salt = 1;
|
||||||
|
salt = argv[++i];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(argv[i], "-in") == 0)
|
||||||
|
{
|
||||||
|
if ((argv[i+1] != NULL) && !pw_source_defined)
|
||||||
|
{
|
||||||
|
pw_source_defined = 1;
|
||||||
|
infile = argv[++i];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(argv[i], "-stdin") == 0)
|
||||||
|
{
|
||||||
|
if (!pw_source_defined)
|
||||||
|
{
|
||||||
|
pw_source_defined = 1;
|
||||||
|
in_stdin = 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(argv[i], "-noverify") == 0)
|
||||||
|
in_noverify = 1;
|
||||||
|
else if (strcmp(argv[i], "-quiet") == 0)
|
||||||
|
quiet = 1;
|
||||||
|
else if (strcmp(argv[i], "-table") == 0)
|
||||||
|
table = 1;
|
||||||
|
else if (strcmp(argv[i], "-reverse") == 0)
|
||||||
|
reverse = 1;
|
||||||
|
else if (argv[i][0] == '-')
|
||||||
|
badopt = 1;
|
||||||
|
else if (!pw_source_defined)
|
||||||
|
/* non-option arguments, use as passwords */
|
||||||
|
{
|
||||||
|
pw_source_defined = 1;
|
||||||
|
passwds = &argv[i];
|
||||||
|
opt_done = 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!usecrypt && !use1 && !useapr1) /* use default */
|
||||||
|
usecrypt = 1;
|
||||||
|
if (usecrypt + use1 + useapr1 > 1) /* conflict */
|
||||||
|
badopt = 1;
|
||||||
|
|
||||||
|
/* reject unsupported algorithms */
|
||||||
|
#ifdef OPENSSL_NO_DES
|
||||||
|
if (usecrypt) badopt = 1;
|
||||||
|
#endif
|
||||||
|
#ifdef NO_MD5CRYPT_1
|
||||||
|
if (use1 || useapr1) badopt = 1;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (badopt)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
|
||||||
|
BIO_printf(bio_err, "where options are\n");
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n");
|
||||||
|
#endif
|
||||||
|
#ifndef NO_MD5CRYPT_1
|
||||||
|
BIO_printf(bio_err, "-1 MD5-based password algorithm\n");
|
||||||
|
BIO_printf(bio_err, "-apr1 MD5-based password algorithm, Apache variant\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "-salt string use provided salt\n");
|
||||||
|
BIO_printf(bio_err, "-in file read passwords from file\n");
|
||||||
|
BIO_printf(bio_err, "-stdin read passwords from stdin\n");
|
||||||
|
BIO_printf(bio_err, "-noverify never verify when reading password from terminal\n");
|
||||||
|
BIO_printf(bio_err, "-quiet no warnings\n");
|
||||||
|
BIO_printf(bio_err, "-table format output as table\n");
|
||||||
|
BIO_printf(bio_err, "-reverse switch table columns\n");
|
||||||
|
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((infile != NULL) || in_stdin)
|
||||||
|
{
|
||||||
|
in = BIO_new(BIO_s_file());
|
||||||
|
if (in == NULL)
|
||||||
|
goto err;
|
||||||
|
if (infile != NULL)
|
||||||
|
{
|
||||||
|
assert(in_stdin == 0);
|
||||||
|
if (BIO_read_filename(in, infile) <= 0)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
assert(in_stdin);
|
||||||
|
BIO_set_fp(in, stdin, BIO_NOCLOSE);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (usecrypt)
|
||||||
|
pw_maxlen = 8;
|
||||||
|
else if (use1 || useapr1)
|
||||||
|
pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */
|
||||||
|
|
||||||
|
if (passwds == NULL)
|
||||||
|
{
|
||||||
|
/* no passwords on the command line */
|
||||||
|
|
||||||
|
passwd_malloc_size = pw_maxlen + 2;
|
||||||
|
/* longer than necessary so that we can warn about truncation */
|
||||||
|
passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
|
||||||
|
if (passwd_malloc == NULL)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((in == NULL) && (passwds == NULL))
|
||||||
|
{
|
||||||
|
/* build a null-terminated list */
|
||||||
|
static char *passwds_static[2] = {NULL, NULL};
|
||||||
|
|
||||||
|
passwds = passwds_static;
|
||||||
|
if (in == NULL)
|
||||||
|
if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0)
|
||||||
|
goto err;
|
||||||
|
passwds[0] = passwd_malloc;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (in == NULL)
|
||||||
|
{
|
||||||
|
assert(passwds != NULL);
|
||||||
|
assert(*passwds != NULL);
|
||||||
|
|
||||||
|
do /* loop over list of passwords */
|
||||||
|
{
|
||||||
|
passwd = *passwds++;
|
||||||
|
if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
|
||||||
|
quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
while (*passwds != NULL);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
/* in != NULL */
|
||||||
|
{
|
||||||
|
int done;
|
||||||
|
|
||||||
|
assert (passwd != NULL);
|
||||||
|
do
|
||||||
|
{
|
||||||
|
int r = BIO_gets(in, passwd, pw_maxlen + 1);
|
||||||
|
if (r > 0)
|
||||||
|
{
|
||||||
|
char *c = (strchr(passwd, '\n')) ;
|
||||||
|
if (c != NULL)
|
||||||
|
*c = 0; /* truncate at newline */
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* ignore rest of line */
|
||||||
|
char trash[BUFSIZ];
|
||||||
|
do
|
||||||
|
r = BIO_gets(in, trash, sizeof trash);
|
||||||
|
while ((r > 0) && (!strchr(trash, '\n')));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
|
||||||
|
quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
done = (r <= 0);
|
||||||
|
}
|
||||||
|
while (!done);
|
||||||
|
}
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
err:
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
if (salt_malloc)
|
||||||
|
OPENSSL_free(salt_malloc);
|
||||||
|
if (passwd_malloc)
|
||||||
|
OPENSSL_free(passwd_malloc);
|
||||||
|
if (in)
|
||||||
|
BIO_free(in);
|
||||||
|
if (out)
|
||||||
|
BIO_free_all(out);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef NO_MD5CRYPT_1
|
||||||
|
/* MD5-based password algorithm (should probably be available as a library
|
||||||
|
* function; then the static buffer would not be acceptable).
|
||||||
|
* For magic string "1", this should be compatible to the MD5-based BSD
|
||||||
|
* password algorithm.
|
||||||
|
* For 'magic' string "apr1", this is compatible to the MD5-based Apache
|
||||||
|
* password algorithm.
|
||||||
|
* (Apparently, the Apache password algorithm is identical except that the
|
||||||
|
* 'magic' string was changed -- the laziest application of the NIH principle
|
||||||
|
* I've ever encountered.)
|
||||||
|
*/
|
||||||
|
static char *md5crypt(const char *passwd, const char *magic, const char *salt)
|
||||||
|
{
|
||||||
|
static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
|
||||||
|
unsigned char buf[MD5_DIGEST_LENGTH];
|
||||||
|
char *salt_out;
|
||||||
|
int n;
|
||||||
|
unsigned int i;
|
||||||
|
EVP_MD_CTX md,md2;
|
||||||
|
size_t passwd_len, salt_len;
|
||||||
|
|
||||||
|
passwd_len = strlen(passwd);
|
||||||
|
out_buf[0] = '$';
|
||||||
|
out_buf[1] = 0;
|
||||||
|
assert(strlen(magic) <= 4); /* "1" or "apr1" */
|
||||||
|
strncat(out_buf, magic, 4);
|
||||||
|
strncat(out_buf, "$", 1);
|
||||||
|
strncat(out_buf, salt, 8);
|
||||||
|
assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
|
||||||
|
salt_out = out_buf + 2 + strlen(magic);
|
||||||
|
salt_len = strlen(salt_out);
|
||||||
|
assert(salt_len <= 8);
|
||||||
|
|
||||||
|
EVP_MD_CTX_init(&md);
|
||||||
|
EVP_DigestInit_ex(&md,EVP_md5(), NULL);
|
||||||
|
EVP_DigestUpdate(&md, passwd, passwd_len);
|
||||||
|
EVP_DigestUpdate(&md, "$", 1);
|
||||||
|
EVP_DigestUpdate(&md, magic, strlen(magic));
|
||||||
|
EVP_DigestUpdate(&md, "$", 1);
|
||||||
|
EVP_DigestUpdate(&md, salt_out, salt_len);
|
||||||
|
|
||||||
|
EVP_MD_CTX_init(&md2);
|
||||||
|
EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
|
||||||
|
EVP_DigestUpdate(&md2, passwd, passwd_len);
|
||||||
|
EVP_DigestUpdate(&md2, salt_out, salt_len);
|
||||||
|
EVP_DigestUpdate(&md2, passwd, passwd_len);
|
||||||
|
EVP_DigestFinal_ex(&md2, buf, NULL);
|
||||||
|
|
||||||
|
for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
|
||||||
|
EVP_DigestUpdate(&md, buf, sizeof buf);
|
||||||
|
EVP_DigestUpdate(&md, buf, i);
|
||||||
|
|
||||||
|
n = passwd_len;
|
||||||
|
while (n)
|
||||||
|
{
|
||||||
|
EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
|
||||||
|
n >>= 1;
|
||||||
|
}
|
||||||
|
EVP_DigestFinal_ex(&md, buf, NULL);
|
||||||
|
|
||||||
|
for (i = 0; i < 1000; i++)
|
||||||
|
{
|
||||||
|
EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
|
||||||
|
EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,
|
||||||
|
(i & 1) ? passwd_len : sizeof buf);
|
||||||
|
if (i % 3)
|
||||||
|
EVP_DigestUpdate(&md2, salt_out, salt_len);
|
||||||
|
if (i % 7)
|
||||||
|
EVP_DigestUpdate(&md2, passwd, passwd_len);
|
||||||
|
EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,
|
||||||
|
(i & 1) ? sizeof buf : passwd_len);
|
||||||
|
EVP_DigestFinal_ex(&md2, buf, NULL);
|
||||||
|
}
|
||||||
|
EVP_MD_CTX_cleanup(&md2);
|
||||||
|
|
||||||
|
{
|
||||||
|
/* transform buf into output string */
|
||||||
|
|
||||||
|
unsigned char buf_perm[sizeof buf];
|
||||||
|
int dest, source;
|
||||||
|
char *output;
|
||||||
|
|
||||||
|
/* silly output permutation */
|
||||||
|
for (dest = 0, source = 0; dest < 14; dest++, source = (source + 6) % 17)
|
||||||
|
buf_perm[dest] = buf[source];
|
||||||
|
buf_perm[14] = buf[5];
|
||||||
|
buf_perm[15] = buf[11];
|
||||||
|
#ifndef PEDANTIC /* Unfortunately, this generates a "no effect" warning */
|
||||||
|
assert(16 == sizeof buf_perm);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
output = salt_out + salt_len;
|
||||||
|
assert(output == out_buf + strlen(out_buf));
|
||||||
|
|
||||||
|
*output++ = '$';
|
||||||
|
|
||||||
|
for (i = 0; i < 15; i += 3)
|
||||||
|
{
|
||||||
|
*output++ = cov_2char[buf_perm[i+2] & 0x3f];
|
||||||
|
*output++ = cov_2char[((buf_perm[i+1] & 0xf) << 2) |
|
||||||
|
(buf_perm[i+2] >> 6)];
|
||||||
|
*output++ = cov_2char[((buf_perm[i] & 3) << 4) |
|
||||||
|
(buf_perm[i+1] >> 4)];
|
||||||
|
*output++ = cov_2char[buf_perm[i] >> 2];
|
||||||
|
}
|
||||||
|
assert(i == 15);
|
||||||
|
*output++ = cov_2char[buf_perm[i] & 0x3f];
|
||||||
|
*output++ = cov_2char[buf_perm[i] >> 6];
|
||||||
|
*output = 0;
|
||||||
|
assert(strlen(out_buf) < sizeof(out_buf));
|
||||||
|
}
|
||||||
|
EVP_MD_CTX_cleanup(&md);
|
||||||
|
|
||||||
|
return out_buf;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||||
|
char *passwd, BIO *out, int quiet, int table, int reverse,
|
||||||
|
size_t pw_maxlen, int usecrypt, int use1, int useapr1)
|
||||||
|
{
|
||||||
|
char *hash = NULL;
|
||||||
|
|
||||||
|
assert(salt_p != NULL);
|
||||||
|
assert(salt_malloc_p != NULL);
|
||||||
|
|
||||||
|
/* first make sure we have a salt */
|
||||||
|
if (!passed_salt)
|
||||||
|
{
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
if (usecrypt)
|
||||||
|
{
|
||||||
|
if (*salt_malloc_p == NULL)
|
||||||
|
{
|
||||||
|
*salt_p = *salt_malloc_p = OPENSSL_malloc(3);
|
||||||
|
if (*salt_malloc_p == NULL)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0)
|
||||||
|
goto err;
|
||||||
|
(*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
|
||||||
|
(*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
|
||||||
|
(*salt_p)[2] = 0;
|
||||||
|
#ifdef CHARSET_EBCDIC
|
||||||
|
ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert
|
||||||
|
* back to ASCII */
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
#endif /* !OPENSSL_NO_DES */
|
||||||
|
|
||||||
|
#ifndef NO_MD5CRYPT_1
|
||||||
|
if (use1 || useapr1)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (*salt_malloc_p == NULL)
|
||||||
|
{
|
||||||
|
*salt_p = *salt_malloc_p = OPENSSL_malloc(9);
|
||||||
|
if (*salt_malloc_p == NULL)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
for (i = 0; i < 8; i++)
|
||||||
|
(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
|
||||||
|
(*salt_p)[8] = 0;
|
||||||
|
}
|
||||||
|
#endif /* !NO_MD5CRYPT_1 */
|
||||||
|
}
|
||||||
|
|
||||||
|
assert(*salt_p != NULL);
|
||||||
|
|
||||||
|
/* truncate password if necessary */
|
||||||
|
if ((strlen(passwd) > pw_maxlen))
|
||||||
|
{
|
||||||
|
if (!quiet)
|
||||||
|
/* XXX: really we should know how to print a size_t, not cast it */
|
||||||
|
BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen);
|
||||||
|
passwd[pw_maxlen] = 0;
|
||||||
|
}
|
||||||
|
assert(strlen(passwd) <= pw_maxlen);
|
||||||
|
|
||||||
|
/* now compute password hash */
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
if (usecrypt)
|
||||||
|
hash = DES_crypt(passwd, *salt_p);
|
||||||
|
#endif
|
||||||
|
#ifndef NO_MD5CRYPT_1
|
||||||
|
if (use1 || useapr1)
|
||||||
|
hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
|
||||||
|
#endif
|
||||||
|
assert(hash != NULL);
|
||||||
|
|
||||||
|
if (table && !reverse)
|
||||||
|
BIO_printf(out, "%s\t%s\n", passwd, hash);
|
||||||
|
else if (table && reverse)
|
||||||
|
BIO_printf(out, "%s\t%s\n", hash, passwd);
|
||||||
|
else
|
||||||
|
BIO_printf(out, "%s\n", hash);
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
err:
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
fputs("Program not available.\n", stderr)
|
||||||
|
OPENSSL_EXIT(1);
|
||||||
|
}
|
||||||
|
#endif
|
1
jni/openssl/apps/pca-cert.srl
Normal file
1
jni/openssl/apps/pca-cert.srl
Normal file
@ -0,0 +1 @@
|
|||||||
|
07
|
15
jni/openssl/apps/pca-key.pem
Normal file
15
jni/openssl/apps/pca-key.pem
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
|
||||||
|
wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
|
||||||
|
vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
|
||||||
|
AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
|
||||||
|
z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
|
||||||
|
xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
|
||||||
|
HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
|
||||||
|
yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
|
||||||
|
xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
|
||||||
|
7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
|
||||||
|
h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
|
||||||
|
QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
|
||||||
|
hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
11
jni/openssl/apps/pca-req.pem
Normal file
11
jni/openssl/apps/pca-req.pem
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
|
||||||
|
GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo
|
||||||
|
MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj
|
||||||
|
Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX
|
||||||
|
MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3
|
||||||
|
vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz
|
||||||
|
IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv
|
||||||
|
wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L
|
||||||
|
Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
977
jni/openssl/apps/pkcs12.c
Normal file
977
jni/openssl/apps/pkcs12.c
Normal file
@ -0,0 +1,977 @@
|
|||||||
|
/* pkcs12.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/crypto.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/pkcs12.h>
|
||||||
|
|
||||||
|
#define PROG pkcs12_main
|
||||||
|
|
||||||
|
const EVP_CIPHER *enc;
|
||||||
|
|
||||||
|
|
||||||
|
#define NOKEYS 0x1
|
||||||
|
#define NOCERTS 0x2
|
||||||
|
#define INFO 0x4
|
||||||
|
#define CLCERTS 0x8
|
||||||
|
#define CACERTS 0x10
|
||||||
|
|
||||||
|
int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain);
|
||||||
|
int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass);
|
||||||
|
int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass,
|
||||||
|
int passlen, int options, char *pempass);
|
||||||
|
int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass);
|
||||||
|
int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name);
|
||||||
|
void hex_prin(BIO *out, unsigned char *buf, int len);
|
||||||
|
int alg_print(BIO *x, X509_ALGOR *alg);
|
||||||
|
int cert_load(BIO *in, STACK_OF(X509) *sk);
|
||||||
|
static int set_pbe(BIO *err, int *ppbe, const char *str);
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
char *infile=NULL, *outfile=NULL, *keyname = NULL;
|
||||||
|
char *certfile=NULL;
|
||||||
|
BIO *in=NULL, *out = NULL;
|
||||||
|
char **args;
|
||||||
|
char *name = NULL;
|
||||||
|
char *csp_name = NULL;
|
||||||
|
int add_lmk = 0;
|
||||||
|
PKCS12 *p12 = NULL;
|
||||||
|
char pass[50], macpass[50];
|
||||||
|
int export_cert = 0;
|
||||||
|
int options = 0;
|
||||||
|
int chain = 0;
|
||||||
|
int badarg = 0;
|
||||||
|
int iter = PKCS12_DEFAULT_ITER;
|
||||||
|
int maciter = PKCS12_DEFAULT_ITER;
|
||||||
|
int twopass = 0;
|
||||||
|
int keytype = 0;
|
||||||
|
int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
|
||||||
|
int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||||
|
int ret = 1;
|
||||||
|
int macver = 1;
|
||||||
|
int noprompt = 0;
|
||||||
|
STACK_OF(OPENSSL_STRING) *canames = NULL;
|
||||||
|
char *cpass = NULL, *mpass = NULL;
|
||||||
|
char *passargin = NULL, *passargout = NULL, *passarg = NULL;
|
||||||
|
char *passin = NULL, *passout = NULL;
|
||||||
|
char *inrand = NULL;
|
||||||
|
char *macalg = NULL;
|
||||||
|
char *CApath = NULL, *CAfile = NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
enc = EVP_des_ede3_cbc();
|
||||||
|
if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
args = argv + 1;
|
||||||
|
|
||||||
|
|
||||||
|
while (*args) {
|
||||||
|
if (*args[0] == '-') {
|
||||||
|
if (!strcmp (*args, "-nokeys")) options |= NOKEYS;
|
||||||
|
else if (!strcmp (*args, "-keyex")) keytype = KEY_EX;
|
||||||
|
else if (!strcmp (*args, "-keysig")) keytype = KEY_SIG;
|
||||||
|
else if (!strcmp (*args, "-nocerts")) options |= NOCERTS;
|
||||||
|
else if (!strcmp (*args, "-clcerts")) options |= CLCERTS;
|
||||||
|
else if (!strcmp (*args, "-cacerts")) options |= CACERTS;
|
||||||
|
else if (!strcmp (*args, "-noout")) options |= (NOKEYS|NOCERTS);
|
||||||
|
else if (!strcmp (*args, "-info")) options |= INFO;
|
||||||
|
else if (!strcmp (*args, "-chain")) chain = 1;
|
||||||
|
else if (!strcmp (*args, "-twopass")) twopass = 1;
|
||||||
|
else if (!strcmp (*args, "-nomacver")) macver = 0;
|
||||||
|
else if (!strcmp (*args, "-descert"))
|
||||||
|
cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||||
|
else if (!strcmp (*args, "-export")) export_cert = 1;
|
||||||
|
else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();
|
||||||
|
else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
else if (!strcmp(*args, "-seed")) enc=EVP_seed_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
|
||||||
|
else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
|
||||||
|
else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
else if (!strcmp(*args,"-camellia128")) enc=EVP_camellia_128_cbc();
|
||||||
|
else if (!strcmp(*args,"-camellia192")) enc=EVP_camellia_192_cbc();
|
||||||
|
else if (!strcmp(*args,"-camellia256")) enc=EVP_camellia_256_cbc();
|
||||||
|
#endif
|
||||||
|
else if (!strcmp (*args, "-noiter")) iter = 1;
|
||||||
|
else if (!strcmp (*args, "-maciter"))
|
||||||
|
maciter = PKCS12_DEFAULT_ITER;
|
||||||
|
else if (!strcmp (*args, "-nomaciter"))
|
||||||
|
maciter = 1;
|
||||||
|
else if (!strcmp (*args, "-nomac"))
|
||||||
|
maciter = -1;
|
||||||
|
else if (!strcmp (*args, "-macalg"))
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
macalg = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
else if (!strcmp (*args, "-nodes")) enc=NULL;
|
||||||
|
else if (!strcmp (*args, "-certpbe")) {
|
||||||
|
if (!set_pbe(bio_err, &cert_pbe, *++args))
|
||||||
|
badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-keypbe")) {
|
||||||
|
if (!set_pbe(bio_err, &key_pbe, *++args))
|
||||||
|
badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-rand")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
inrand = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-inkey")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
keyname = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-certfile")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
certfile = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-name")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
name = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-LMK"))
|
||||||
|
add_lmk = 1;
|
||||||
|
else if (!strcmp (*args, "-CSP")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
csp_name = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-caname")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
if (!canames) canames = sk_OPENSSL_STRING_new_null();
|
||||||
|
sk_OPENSSL_STRING_push(canames, *args);
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-in")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
infile = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-out")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
outfile = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp(*args,"-passin")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
passargin = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp(*args,"-passout")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
passargout = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp (*args, "-password")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
passarg = *args;
|
||||||
|
noprompt = 1;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp(*args,"-CApath")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
CApath = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
} else if (!strcmp(*args,"-CAfile")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
CAfile = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
} else if (!strcmp(*args,"-engine")) {
|
||||||
|
if (args[1]) {
|
||||||
|
args++;
|
||||||
|
engine = *args;
|
||||||
|
} else badarg = 1;
|
||||||
|
#endif
|
||||||
|
} else badarg = 1;
|
||||||
|
|
||||||
|
} else badarg = 1;
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badarg) {
|
||||||
|
BIO_printf (bio_err, "Usage: pkcs12 [options]\n");
|
||||||
|
BIO_printf (bio_err, "where options are\n");
|
||||||
|
BIO_printf (bio_err, "-export output PKCS12 file\n");
|
||||||
|
BIO_printf (bio_err, "-chain add certificate chain\n");
|
||||||
|
BIO_printf (bio_err, "-inkey file private key if not infile\n");
|
||||||
|
BIO_printf (bio_err, "-certfile f add all certs in f\n");
|
||||||
|
BIO_printf (bio_err, "-CApath arg - PEM format directory of CA's\n");
|
||||||
|
BIO_printf (bio_err, "-CAfile arg - PEM format file of CA's\n");
|
||||||
|
BIO_printf (bio_err, "-name \"name\" use name as friendly name\n");
|
||||||
|
BIO_printf (bio_err, "-caname \"nm\" use nm as CA friendly name (can be used more than once).\n");
|
||||||
|
BIO_printf (bio_err, "-in infile input filename\n");
|
||||||
|
BIO_printf (bio_err, "-out outfile output filename\n");
|
||||||
|
BIO_printf (bio_err, "-noout don't output anything, just verify.\n");
|
||||||
|
BIO_printf (bio_err, "-nomacver don't verify MAC.\n");
|
||||||
|
BIO_printf (bio_err, "-nocerts don't output certificates.\n");
|
||||||
|
BIO_printf (bio_err, "-clcerts only output client certificates.\n");
|
||||||
|
BIO_printf (bio_err, "-cacerts only output CA certificates.\n");
|
||||||
|
BIO_printf (bio_err, "-nokeys don't output private keys.\n");
|
||||||
|
BIO_printf (bio_err, "-info give info about PKCS#12 structure.\n");
|
||||||
|
BIO_printf (bio_err, "-des encrypt private keys with DES\n");
|
||||||
|
BIO_printf (bio_err, "-des3 encrypt private keys with triple DES (default)\n");
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
BIO_printf (bio_err, "-idea encrypt private keys with idea\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
BIO_printf (bio_err, "-seed encrypt private keys with seed\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
|
||||||
|
BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
|
||||||
|
BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf (bio_err, "-nodes don't encrypt private keys\n");
|
||||||
|
BIO_printf (bio_err, "-noiter don't use encryption iteration\n");
|
||||||
|
BIO_printf (bio_err, "-nomaciter don't use MAC iteration\n");
|
||||||
|
BIO_printf (bio_err, "-maciter use MAC iteration\n");
|
||||||
|
BIO_printf (bio_err, "-nomac don't generate MAC\n");
|
||||||
|
BIO_printf (bio_err, "-twopass separate MAC, encryption passwords\n");
|
||||||
|
BIO_printf (bio_err, "-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
|
||||||
|
BIO_printf (bio_err, "-certpbe alg specify certificate PBE algorithm (default RC2-40)\n");
|
||||||
|
BIO_printf (bio_err, "-keypbe alg specify private key PBE algorithm (default 3DES)\n");
|
||||||
|
BIO_printf (bio_err, "-macalg alg digest algorithm used in MAC (default SHA1)\n");
|
||||||
|
BIO_printf (bio_err, "-keyex set MS key exchange type\n");
|
||||||
|
BIO_printf (bio_err, "-keysig set MS key signature type\n");
|
||||||
|
BIO_printf (bio_err, "-password p set import/export password source\n");
|
||||||
|
BIO_printf (bio_err, "-passin p input file pass phrase source\n");
|
||||||
|
BIO_printf (bio_err, "-passout p output file pass phrase source\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||||
|
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
|
||||||
|
BIO_printf(bio_err, " the random number generator\n");
|
||||||
|
BIO_printf(bio_err, "-CSP name Microsoft CSP name\n");
|
||||||
|
BIO_printf(bio_err, "-LMK Add local machine keyset attribute to private key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if(passarg) {
|
||||||
|
if(export_cert) passargout = passarg;
|
||||||
|
else passargin = passarg;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
|
||||||
|
BIO_printf(bio_err, "Error getting passwords\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!cpass) {
|
||||||
|
if(export_cert) cpass = passout;
|
||||||
|
else cpass = passin;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(cpass) {
|
||||||
|
mpass = cpass;
|
||||||
|
noprompt = 1;
|
||||||
|
} else {
|
||||||
|
cpass = pass;
|
||||||
|
mpass = macpass;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(export_cert || inrand) {
|
||||||
|
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
}
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("read files");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE);
|
||||||
|
else in = BIO_new_file(infile, "rb");
|
||||||
|
if (!in) {
|
||||||
|
BIO_printf(bio_err, "Error opening input file %s\n",
|
||||||
|
infile ? infile : "<stdin>");
|
||||||
|
perror (infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("write files");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!outfile) {
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
} else out = BIO_new_file(outfile, "wb");
|
||||||
|
if (!out) {
|
||||||
|
BIO_printf(bio_err, "Error opening output file %s\n",
|
||||||
|
outfile ? outfile : "<stdout>");
|
||||||
|
perror (outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (twopass) {
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("read MAC password");
|
||||||
|
#endif
|
||||||
|
if(EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert))
|
||||||
|
{
|
||||||
|
BIO_printf (bio_err, "Can't read Password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if (export_cert) {
|
||||||
|
EVP_PKEY *key = NULL;
|
||||||
|
X509 *ucert = NULL, *x = NULL;
|
||||||
|
STACK_OF(X509) *certs=NULL;
|
||||||
|
const EVP_MD *macmd = NULL;
|
||||||
|
unsigned char *catmp = NULL;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if ((options & (NOCERTS|NOKEYS)) == (NOCERTS|NOKEYS))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Nothing to do!\n");
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (options & NOCERTS)
|
||||||
|
chain = 0;
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("process -export_cert");
|
||||||
|
CRYPTO_push_info("reading private key");
|
||||||
|
#endif
|
||||||
|
if (!(options & NOKEYS))
|
||||||
|
{
|
||||||
|
key = load_key(bio_err, keyname ? keyname : infile,
|
||||||
|
FORMAT_PEM, 1, passin, e, "private key");
|
||||||
|
if (!key)
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("reading certs from input");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Load in all certs in input file */
|
||||||
|
if(!(options & NOCERTS))
|
||||||
|
{
|
||||||
|
certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e,
|
||||||
|
"certificates");
|
||||||
|
if (!certs)
|
||||||
|
goto export_end;
|
||||||
|
|
||||||
|
if (key)
|
||||||
|
{
|
||||||
|
/* Look for matching private key */
|
||||||
|
for(i = 0; i < sk_X509_num(certs); i++)
|
||||||
|
{
|
||||||
|
x = sk_X509_value(certs, i);
|
||||||
|
if(X509_check_private_key(x, key))
|
||||||
|
{
|
||||||
|
ucert = x;
|
||||||
|
/* Zero keyid and alias */
|
||||||
|
X509_keyid_set1(ucert, NULL, 0);
|
||||||
|
X509_alias_set1(ucert, NULL, 0);
|
||||||
|
/* Remove from list */
|
||||||
|
(void)sk_X509_delete(certs, i);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!ucert)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "No certificate matches private key\n");
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("reading certs from input 2");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Add any more certificates asked for */
|
||||||
|
if(certfile)
|
||||||
|
{
|
||||||
|
STACK_OF(X509) *morecerts=NULL;
|
||||||
|
if(!(morecerts = load_certs(bio_err, certfile, FORMAT_PEM,
|
||||||
|
NULL, e,
|
||||||
|
"certificates from certfile")))
|
||||||
|
goto export_end;
|
||||||
|
while(sk_X509_num(morecerts) > 0)
|
||||||
|
sk_X509_push(certs, sk_X509_shift(morecerts));
|
||||||
|
sk_X509_free(morecerts);
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("reading certs from certfile");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("building chain");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* If chaining get chain from user cert */
|
||||||
|
if (chain) {
|
||||||
|
int vret;
|
||||||
|
STACK_OF(X509) *chain2;
|
||||||
|
X509_STORE *store = X509_STORE_new();
|
||||||
|
if (!store)
|
||||||
|
{
|
||||||
|
BIO_printf (bio_err, "Memory allocation error\n");
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
if (!X509_STORE_load_locations(store, CAfile, CApath))
|
||||||
|
X509_STORE_set_default_paths (store);
|
||||||
|
|
||||||
|
vret = get_cert_chain (ucert, store, &chain2);
|
||||||
|
X509_STORE_free(store);
|
||||||
|
|
||||||
|
if (!vret) {
|
||||||
|
/* Exclude verified certificate */
|
||||||
|
for (i = 1; i < sk_X509_num (chain2) ; i++)
|
||||||
|
sk_X509_push(certs, sk_X509_value (chain2, i));
|
||||||
|
/* Free first certificate */
|
||||||
|
X509_free(sk_X509_value(chain2, 0));
|
||||||
|
sk_X509_free(chain2);
|
||||||
|
} else {
|
||||||
|
if (vret >= 0)
|
||||||
|
BIO_printf (bio_err, "Error %s getting chain.\n",
|
||||||
|
X509_verify_cert_error_string(vret));
|
||||||
|
else
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Add any CA names */
|
||||||
|
|
||||||
|
for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++)
|
||||||
|
{
|
||||||
|
catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
|
||||||
|
X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (csp_name && key)
|
||||||
|
EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
|
||||||
|
MBSTRING_ASC, (unsigned char *)csp_name, -1);
|
||||||
|
|
||||||
|
if (add_lmk && key)
|
||||||
|
EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("reading password");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if(!noprompt &&
|
||||||
|
EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1))
|
||||||
|
{
|
||||||
|
BIO_printf (bio_err, "Can't read Password\n");
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("creating PKCS#12 structure");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
p12 = PKCS12_create(cpass, name, key, ucert, certs,
|
||||||
|
key_pbe, cert_pbe, iter, -1, keytype);
|
||||||
|
|
||||||
|
if (!p12)
|
||||||
|
{
|
||||||
|
ERR_print_errors (bio_err);
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (macalg)
|
||||||
|
{
|
||||||
|
macmd = EVP_get_digestbyname(macalg);
|
||||||
|
if (!macmd)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Unknown digest algorithm %s\n",
|
||||||
|
macalg);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (maciter != -1)
|
||||||
|
PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("writing pkcs12");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
i2d_PKCS12_bio(out, p12);
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
export_end:
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
CRYPTO_push_info("process -export_cert: freeing");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (key) EVP_PKEY_free(key);
|
||||||
|
if (certs) sk_X509_pop_free(certs, X509_free);
|
||||||
|
if (ucert) X509_free(ucert);
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
#endif
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(p12 = d2i_PKCS12_bio (in, NULL))) {
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("read import password");
|
||||||
|
#endif
|
||||||
|
if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) {
|
||||||
|
BIO_printf (bio_err, "Can't read Password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
|
||||||
|
|
||||||
|
if ((options & INFO) && p12->mac) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
|
||||||
|
if(macver) {
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("verify MAC");
|
||||||
|
#endif
|
||||||
|
/* If we enter empty password try no password first */
|
||||||
|
if(!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
|
||||||
|
/* If mac and crypto pass the same set it to NULL too */
|
||||||
|
if(!twopass) cpass = NULL;
|
||||||
|
} else if (!PKCS12_verify_mac(p12, mpass, -1)) {
|
||||||
|
BIO_printf (bio_err, "Mac verify error: invalid password?\n");
|
||||||
|
ERR_print_errors (bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_printf (bio_err, "MAC verified OK\n");
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("output keys and certificates");
|
||||||
|
#endif
|
||||||
|
if (!dump_certs_keys_p12 (out, p12, cpass, -1, options, passout)) {
|
||||||
|
BIO_printf(bio_err, "Error outputting keys and certificates\n");
|
||||||
|
ERR_print_errors (bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
#endif
|
||||||
|
ret = 0;
|
||||||
|
end:
|
||||||
|
if (p12) PKCS12_free(p12);
|
||||||
|
if(export_cert || inrand) app_RAND_write_file(NULL, bio_err);
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_remove_all_info();
|
||||||
|
#endif
|
||||||
|
BIO_free(in);
|
||||||
|
BIO_free_all(out);
|
||||||
|
if (canames) sk_OPENSSL_STRING_free(canames);
|
||||||
|
if(passin) OPENSSL_free(passin);
|
||||||
|
if(passout) OPENSSL_free(passout);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
|
||||||
|
int passlen, int options, char *pempass)
|
||||||
|
{
|
||||||
|
STACK_OF(PKCS7) *asafes = NULL;
|
||||||
|
STACK_OF(PKCS12_SAFEBAG) *bags;
|
||||||
|
int i, bagnid;
|
||||||
|
int ret = 0;
|
||||||
|
PKCS7 *p7;
|
||||||
|
|
||||||
|
if (!( asafes = PKCS12_unpack_authsafes(p12))) return 0;
|
||||||
|
for (i = 0; i < sk_PKCS7_num (asafes); i++) {
|
||||||
|
p7 = sk_PKCS7_value (asafes, i);
|
||||||
|
bagnid = OBJ_obj2nid (p7->type);
|
||||||
|
if (bagnid == NID_pkcs7_data) {
|
||||||
|
bags = PKCS12_unpack_p7data(p7);
|
||||||
|
if (options & INFO) BIO_printf (bio_err, "PKCS7 Data\n");
|
||||||
|
} else if (bagnid == NID_pkcs7_encrypted) {
|
||||||
|
if (options & INFO) {
|
||||||
|
BIO_printf(bio_err, "PKCS7 Encrypted data: ");
|
||||||
|
alg_print(bio_err,
|
||||||
|
p7->d.encrypted->enc_data->algorithm);
|
||||||
|
}
|
||||||
|
bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
|
||||||
|
} else continue;
|
||||||
|
if (!bags) goto err;
|
||||||
|
if (!dump_certs_pkeys_bags (out, bags, pass, passlen,
|
||||||
|
options, pempass)) {
|
||||||
|
sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
|
||||||
|
bags = NULL;
|
||||||
|
}
|
||||||
|
ret = 1;
|
||||||
|
|
||||||
|
err:
|
||||||
|
|
||||||
|
if (asafes)
|
||||||
|
sk_PKCS7_pop_free (asafes, PKCS7_free);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
int dump_certs_pkeys_bags (BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
|
||||||
|
char *pass, int passlen, int options, char *pempass)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
for (i = 0; i < sk_PKCS12_SAFEBAG_num (bags); i++) {
|
||||||
|
if (!dump_certs_pkeys_bag (out,
|
||||||
|
sk_PKCS12_SAFEBAG_value (bags, i),
|
||||||
|
pass, passlen,
|
||||||
|
options, pempass))
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass,
|
||||||
|
int passlen, int options, char *pempass)
|
||||||
|
{
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
PKCS8_PRIV_KEY_INFO *p8;
|
||||||
|
X509 *x509;
|
||||||
|
|
||||||
|
switch (M_PKCS12_bag_type(bag))
|
||||||
|
{
|
||||||
|
case NID_keyBag:
|
||||||
|
if (options & INFO) BIO_printf (bio_err, "Key bag\n");
|
||||||
|
if (options & NOKEYS) return 1;
|
||||||
|
print_attribs (out, bag->attrib, "Bag Attributes");
|
||||||
|
p8 = bag->value.keybag;
|
||||||
|
if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
|
||||||
|
print_attribs (out, p8->attributes, "Key Attributes");
|
||||||
|
PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case NID_pkcs8ShroudedKeyBag:
|
||||||
|
if (options & INFO) {
|
||||||
|
BIO_printf (bio_err, "Shrouded Keybag: ");
|
||||||
|
alg_print (bio_err, bag->value.shkeybag->algor);
|
||||||
|
}
|
||||||
|
if (options & NOKEYS) return 1;
|
||||||
|
print_attribs (out, bag->attrib, "Bag Attributes");
|
||||||
|
if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
|
||||||
|
return 0;
|
||||||
|
if (!(pkey = EVP_PKCS82PKEY (p8))) {
|
||||||
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
print_attribs (out, p8->attributes, "Key Attributes");
|
||||||
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
|
PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case NID_certBag:
|
||||||
|
if (options & INFO) BIO_printf (bio_err, "Certificate bag\n");
|
||||||
|
if (options & NOCERTS) return 1;
|
||||||
|
if (PKCS12_get_attr(bag, NID_localKeyID)) {
|
||||||
|
if (options & CACERTS) return 1;
|
||||||
|
} else if (options & CLCERTS) return 1;
|
||||||
|
print_attribs (out, bag->attrib, "Bag Attributes");
|
||||||
|
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
|
||||||
|
return 1;
|
||||||
|
if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
|
||||||
|
dump_cert_text (out, x509);
|
||||||
|
PEM_write_bio_X509 (out, x509);
|
||||||
|
X509_free(x509);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case NID_safeContentsBag:
|
||||||
|
if (options & INFO) BIO_printf (bio_err, "Safe Contents bag\n");
|
||||||
|
print_attribs (out, bag->attrib, "Bag Attributes");
|
||||||
|
return dump_certs_pkeys_bags (out, bag->value.safes, pass,
|
||||||
|
passlen, options, pempass);
|
||||||
|
|
||||||
|
default:
|
||||||
|
BIO_printf (bio_err, "Warning unsupported bag type: ");
|
||||||
|
i2a_ASN1_OBJECT (bio_err, bag->type);
|
||||||
|
BIO_printf (bio_err, "\n");
|
||||||
|
return 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Given a single certificate return a verified chain or NULL if error */
|
||||||
|
|
||||||
|
/* Hope this is OK .... */
|
||||||
|
|
||||||
|
int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
|
||||||
|
{
|
||||||
|
X509_STORE_CTX store_ctx;
|
||||||
|
STACK_OF(X509) *chn;
|
||||||
|
int i = 0;
|
||||||
|
|
||||||
|
/* FIXME: Should really check the return status of X509_STORE_CTX_init
|
||||||
|
* for an error, but how that fits into the return value of this
|
||||||
|
* function is less obvious. */
|
||||||
|
X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
|
||||||
|
if (X509_verify_cert(&store_ctx) <= 0) {
|
||||||
|
i = X509_STORE_CTX_get_error (&store_ctx);
|
||||||
|
if (i == 0)
|
||||||
|
/* avoid returning 0 if X509_verify_cert() did not
|
||||||
|
* set an appropriate error value in the context */
|
||||||
|
i = -1;
|
||||||
|
chn = NULL;
|
||||||
|
goto err;
|
||||||
|
} else
|
||||||
|
chn = X509_STORE_CTX_get1_chain(&store_ctx);
|
||||||
|
err:
|
||||||
|
X509_STORE_CTX_cleanup(&store_ctx);
|
||||||
|
*chain = chn;
|
||||||
|
|
||||||
|
return i;
|
||||||
|
}
|
||||||
|
|
||||||
|
int alg_print (BIO *x, X509_ALGOR *alg)
|
||||||
|
{
|
||||||
|
PBEPARAM *pbe;
|
||||||
|
const unsigned char *p;
|
||||||
|
p = alg->parameter->value.sequence->data;
|
||||||
|
pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
|
||||||
|
if (!pbe)
|
||||||
|
return 1;
|
||||||
|
BIO_printf (bio_err, "%s, Iteration %ld\n",
|
||||||
|
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
|
||||||
|
ASN1_INTEGER_get(pbe->iter));
|
||||||
|
PBEPARAM_free (pbe);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Load all certificates from a given file */
|
||||||
|
|
||||||
|
int cert_load(BIO *in, STACK_OF(X509) *sk)
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
X509 *cert;
|
||||||
|
ret = 0;
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("cert_load(): reading one cert");
|
||||||
|
#endif
|
||||||
|
while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
#endif
|
||||||
|
ret = 1;
|
||||||
|
sk_X509_push(sk, cert);
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_push_info("cert_load(): reading one cert");
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
#ifdef CRYPTO_MDEBUG
|
||||||
|
CRYPTO_pop_info();
|
||||||
|
#endif
|
||||||
|
if(ret) ERR_clear_error();
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Generalised attribute print: handle PKCS#8 and bag attributes */
|
||||||
|
|
||||||
|
int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name)
|
||||||
|
{
|
||||||
|
X509_ATTRIBUTE *attr;
|
||||||
|
ASN1_TYPE *av;
|
||||||
|
char *value;
|
||||||
|
int i, attr_nid;
|
||||||
|
if(!attrlst) {
|
||||||
|
BIO_printf(out, "%s: <No Attributes>\n", name);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if(!sk_X509_ATTRIBUTE_num(attrlst)) {
|
||||||
|
BIO_printf(out, "%s: <Empty Attributes>\n", name);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
BIO_printf(out, "%s\n", name);
|
||||||
|
for(i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
|
||||||
|
attr = sk_X509_ATTRIBUTE_value(attrlst, i);
|
||||||
|
attr_nid = OBJ_obj2nid(attr->object);
|
||||||
|
BIO_printf(out, " ");
|
||||||
|
if(attr_nid == NID_undef) {
|
||||||
|
i2a_ASN1_OBJECT (out, attr->object);
|
||||||
|
BIO_printf(out, ": ");
|
||||||
|
} else BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
|
||||||
|
|
||||||
|
if(sk_ASN1_TYPE_num(attr->value.set)) {
|
||||||
|
av = sk_ASN1_TYPE_value(attr->value.set, 0);
|
||||||
|
switch(av->type) {
|
||||||
|
case V_ASN1_BMPSTRING:
|
||||||
|
value = OPENSSL_uni2asc(av->value.bmpstring->data,
|
||||||
|
av->value.bmpstring->length);
|
||||||
|
BIO_printf(out, "%s\n", value);
|
||||||
|
OPENSSL_free(value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case V_ASN1_OCTET_STRING:
|
||||||
|
hex_prin(out, av->value.octet_string->data,
|
||||||
|
av->value.octet_string->length);
|
||||||
|
BIO_printf(out, "\n");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case V_ASN1_BIT_STRING:
|
||||||
|
hex_prin(out, av->value.bit_string->data,
|
||||||
|
av->value.bit_string->length);
|
||||||
|
BIO_printf(out, "\n");
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
BIO_printf(out, "<Unsupported tag %d>\n", av->type);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
} else BIO_printf(out, "<No Values>\n");
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
void hex_prin(BIO *out, unsigned char *buf, int len)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int set_pbe(BIO *err, int *ppbe, const char *str)
|
||||||
|
{
|
||||||
|
if (!str)
|
||||||
|
return 0;
|
||||||
|
if (!strcmp(str, "NONE"))
|
||||||
|
{
|
||||||
|
*ppbe = -1;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
*ppbe=OBJ_txt2nid(str);
|
||||||
|
if (*ppbe == NID_undef)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif
|
320
jni/openssl/apps/pkcs7.c
Normal file
320
jni/openssl/apps/pkcs7.c
Normal file
@ -0,0 +1,320 @@
|
|||||||
|
/* apps/pkcs7.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/objects.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pkcs7.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG pkcs7_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (DER or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -print_certs
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
PKCS7 *p7=NULL;
|
||||||
|
int i,badops=0;
|
||||||
|
BIO *in=NULL,*out=NULL;
|
||||||
|
int informat,outformat;
|
||||||
|
char *infile,*outfile,*prog;
|
||||||
|
int print_certs=0,text=0,noout=0,p7_print=0;
|
||||||
|
int ret=1;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
infile=NULL;
|
||||||
|
outfile=NULL;
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else if (strcmp(*argv,"-print") == 0)
|
||||||
|
p7_print=1;
|
||||||
|
else if (strcmp(*argv,"-print_certs") == 0)
|
||||||
|
print_certs=1;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
|
||||||
|
BIO_printf(bio_err," -text print full details of certificates\n");
|
||||||
|
BIO_printf(bio_err," -noout don't output encoded data\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
ret = 1;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if ((in == NULL) || (out == NULL))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
if (in == NULL)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (informat == FORMAT_ASN1)
|
||||||
|
p7=d2i_PKCS7_bio(in,NULL);
|
||||||
|
else if (informat == FORMAT_PEM)
|
||||||
|
p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (p7 == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load PKCS7 object\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (p7_print)
|
||||||
|
PKCS7_print_ctx(out, p7, 0, NULL);
|
||||||
|
|
||||||
|
if (print_certs)
|
||||||
|
{
|
||||||
|
STACK_OF(X509) *certs=NULL;
|
||||||
|
STACK_OF(X509_CRL) *crls=NULL;
|
||||||
|
|
||||||
|
i=OBJ_obj2nid(p7->type);
|
||||||
|
switch (i)
|
||||||
|
{
|
||||||
|
case NID_pkcs7_signed:
|
||||||
|
certs=p7->d.sign->cert;
|
||||||
|
crls=p7->d.sign->crl;
|
||||||
|
break;
|
||||||
|
case NID_pkcs7_signedAndEnveloped:
|
||||||
|
certs=p7->d.signed_and_enveloped->cert;
|
||||||
|
crls=p7->d.signed_and_enveloped->crl;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (certs != NULL)
|
||||||
|
{
|
||||||
|
X509 *x;
|
||||||
|
|
||||||
|
for (i=0; i<sk_X509_num(certs); i++)
|
||||||
|
{
|
||||||
|
x=sk_X509_value(certs,i);
|
||||||
|
if(text) X509_print(out, x);
|
||||||
|
else dump_cert_text(out, x);
|
||||||
|
|
||||||
|
if(!noout) PEM_write_bio_X509(out,x);
|
||||||
|
BIO_puts(out,"\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (crls != NULL)
|
||||||
|
{
|
||||||
|
X509_CRL *crl;
|
||||||
|
|
||||||
|
for (i=0; i<sk_X509_CRL_num(crls); i++)
|
||||||
|
{
|
||||||
|
crl=sk_X509_CRL_value(crls,i);
|
||||||
|
|
||||||
|
X509_CRL_print(out, crl);
|
||||||
|
|
||||||
|
if(!noout)PEM_write_bio_X509_CRL(out,crl);
|
||||||
|
BIO_puts(out,"\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ret=0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!noout) {
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=i2d_PKCS7_bio(out,p7);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_PKCS7(out,p7);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!i)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to write pkcs7 object\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (p7 != NULL) PKCS7_free(p7);
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
439
jni/openssl/apps/pkcs8.c
Normal file
439
jni/openssl/apps/pkcs8.c
Normal file
@ -0,0 +1,439 @@
|
|||||||
|
/* pkcs8.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 1999-2004.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/pkcs12.h>
|
||||||
|
|
||||||
|
#define PROG pkcs8_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
char **args, *infile = NULL, *outfile = NULL;
|
||||||
|
char *passargin = NULL, *passargout = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
int topk8 = 0;
|
||||||
|
int pbe_nid = -1;
|
||||||
|
const EVP_CIPHER *cipher = NULL;
|
||||||
|
int iter = PKCS12_DEFAULT_ITER;
|
||||||
|
int informat, outformat;
|
||||||
|
int p8_broken = PKCS8_OK;
|
||||||
|
int nocrypt = 0;
|
||||||
|
X509_SIG *p8 = NULL;
|
||||||
|
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
|
||||||
|
EVP_PKEY *pkey=NULL;
|
||||||
|
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
|
||||||
|
int badarg = 0;
|
||||||
|
int ret = 1;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
OpenSSL_add_all_algorithms();
|
||||||
|
args = argv + 1;
|
||||||
|
while (!badarg && *args && *args[0] == '-')
|
||||||
|
{
|
||||||
|
if (!strcmp(*args,"-v2"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
cipher=EVP_get_cipherbyname(*args);
|
||||||
|
if (!cipher)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Unknown cipher %s\n", *args);
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-v1"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
pbe_nid=OBJ_txt2nid(*args);
|
||||||
|
if (pbe_nid == NID_undef)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Unknown PBE algorithm %s\n", *args);
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-inform"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
informat=str2fmt(*args);
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-outform"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
outformat=str2fmt(*args);
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-topk8"))
|
||||||
|
topk8 = 1;
|
||||||
|
else if (!strcmp (*args, "-noiter"))
|
||||||
|
iter = 1;
|
||||||
|
else if (!strcmp (*args, "-nocrypt"))
|
||||||
|
nocrypt = 1;
|
||||||
|
else if (!strcmp (*args, "-nooct"))
|
||||||
|
p8_broken = PKCS8_NO_OCTET;
|
||||||
|
else if (!strcmp (*args, "-nsdb"))
|
||||||
|
p8_broken = PKCS8_NS_DB;
|
||||||
|
else if (!strcmp (*args, "-embed"))
|
||||||
|
p8_broken = PKCS8_EMBEDDED_PARAM;
|
||||||
|
else if (!strcmp(*args,"-passin"))
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
passargin= *(++args);
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-passout"))
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
passargout= *(++args);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*args,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
engine= *(++args);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (!strcmp (*args, "-in"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
infile = *args;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-out"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
outfile = *args;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badarg)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err, "Usage pkcs8 [options]\n");
|
||||||
|
BIO_printf(bio_err, "where options are\n");
|
||||||
|
BIO_printf(bio_err, "-in file input file\n");
|
||||||
|
BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
|
||||||
|
BIO_printf(bio_err, "-passin arg input file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
|
||||||
|
BIO_printf(bio_err, "-out file output file\n");
|
||||||
|
BIO_printf(bio_err, "-passout arg output file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err, "-topk8 output PKCS8 file\n");
|
||||||
|
BIO_printf(bio_err, "-nooct use (nonstandard) no octet format\n");
|
||||||
|
BIO_printf(bio_err, "-embed use (nonstandard) embedded DSA parameters format\n");
|
||||||
|
BIO_printf(bio_err, "-nsdb use (nonstandard) DSA Netscape DB format\n");
|
||||||
|
BIO_printf(bio_err, "-noiter use 1 as iteration count\n");
|
||||||
|
BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n");
|
||||||
|
BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n");
|
||||||
|
BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting passwords\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((pbe_nid == -1) && !cipher)
|
||||||
|
pbe_nid = NID_pbeWithMD5AndDES_CBC;
|
||||||
|
|
||||||
|
if (infile)
|
||||||
|
{
|
||||||
|
if (!(in = BIO_new_file(infile, "rb")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Can't open input file %s\n", infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
in = BIO_new_fp (stdin, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (outfile)
|
||||||
|
{
|
||||||
|
if (!(out = BIO_new_file (outfile, "wb")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Can't open output file %s\n", outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
out = BIO_new_fp (stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
if (topk8)
|
||||||
|
{
|
||||||
|
pkey = load_key(bio_err, infile, informat, 1,
|
||||||
|
passin, e, "key");
|
||||||
|
if (!pkey)
|
||||||
|
goto end;
|
||||||
|
if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken)))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error converting key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (nocrypt)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_PEM)
|
||||||
|
PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
|
||||||
|
else if (outformat == FORMAT_ASN1)
|
||||||
|
i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (passout)
|
||||||
|
p8pass = passout;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
p8pass = pass;
|
||||||
|
if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
app_RAND_load_file(NULL, bio_err, 0);
|
||||||
|
if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
|
||||||
|
p8pass, strlen(p8pass),
|
||||||
|
NULL, 0, iter, p8inf)))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error encrypting key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
if (outformat == FORMAT_PEM)
|
||||||
|
PEM_write_bio_PKCS8(out, p8);
|
||||||
|
else if (outformat == FORMAT_ASN1)
|
||||||
|
i2d_PKCS8_bio(out, p8);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (nocrypt)
|
||||||
|
{
|
||||||
|
if (informat == FORMAT_PEM)
|
||||||
|
p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
|
||||||
|
else if (informat == FORMAT_ASN1)
|
||||||
|
p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (informat == FORMAT_PEM)
|
||||||
|
p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
|
||||||
|
else if (informat == FORMAT_ASN1)
|
||||||
|
p8 = d2i_PKCS8_bio(in, NULL);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!p8)
|
||||||
|
{
|
||||||
|
BIO_printf (bio_err, "Error reading key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (passin)
|
||||||
|
p8pass = passin;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
p8pass = pass;
|
||||||
|
EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
|
||||||
|
}
|
||||||
|
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!p8inf)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error decrypting key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(pkey = EVP_PKCS82PKEY(p8inf)))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error converting key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (p8inf->broken)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Warning: broken key encoding: ");
|
||||||
|
switch (p8inf->broken)
|
||||||
|
{
|
||||||
|
case PKCS8_NO_OCTET:
|
||||||
|
BIO_printf(bio_err, "No Octet String in PrivateKey\n");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case PKCS8_EMBEDDED_PARAM:
|
||||||
|
BIO_printf(bio_err, "DSA parameters included in PrivateKey\n");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case PKCS8_NS_DB:
|
||||||
|
BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case PKCS8_NEG_PRIVKEY:
|
||||||
|
BIO_printf(bio_err, "DSA private key value is negative\n");
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
BIO_printf(bio_err, "Unknown broken type\n");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outformat == FORMAT_PEM)
|
||||||
|
PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
|
||||||
|
else if (outformat == FORMAT_ASN1)
|
||||||
|
i2d_PrivateKey_bio(out, pkey);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
end:
|
||||||
|
X509_SIG_free(p8);
|
||||||
|
PKCS8_PRIV_KEY_INFO_free(p8inf);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
BIO_free_all(out);
|
||||||
|
BIO_free(in);
|
||||||
|
if (passin)
|
||||||
|
OPENSSL_free(passin);
|
||||||
|
if (passout)
|
||||||
|
OPENSSL_free(passout);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
284
jni/openssl/apps/pkey.c
Normal file
284
jni/openssl/apps/pkey.c
Normal file
@ -0,0 +1,284 @@
|
|||||||
|
/* apps/pkey.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 2006
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
|
#define PROG pkey_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
char **args, *infile = NULL, *outfile = NULL;
|
||||||
|
char *passargin = NULL, *passargout = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
const EVP_CIPHER *cipher = NULL;
|
||||||
|
int informat, outformat;
|
||||||
|
int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
|
||||||
|
EVP_PKEY *pkey=NULL;
|
||||||
|
char *passin = NULL, *passout = NULL;
|
||||||
|
int badarg = 0;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
int ret = 1;
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
OpenSSL_add_all_algorithms();
|
||||||
|
args = argv + 1;
|
||||||
|
while (!badarg && *args && *args[0] == '-')
|
||||||
|
{
|
||||||
|
if (!strcmp(*args,"-inform"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
informat=str2fmt(*args);
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-outform"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
outformat=str2fmt(*args);
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-passin"))
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
passargin= *(++args);
|
||||||
|
}
|
||||||
|
else if (!strcmp(*args,"-passout"))
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
passargout= *(++args);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*args,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
engine= *(++args);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (!strcmp (*args, "-in"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
infile = *args;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-out"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
outfile = *args;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*args,"-pubin") == 0)
|
||||||
|
{
|
||||||
|
pubin=1;
|
||||||
|
pubout=1;
|
||||||
|
pubtext=1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*args,"-pubout") == 0)
|
||||||
|
pubout=1;
|
||||||
|
else if (strcmp(*args,"-text_pub") == 0)
|
||||||
|
{
|
||||||
|
pubtext=1;
|
||||||
|
text=1;
|
||||||
|
}
|
||||||
|
else if (strcmp(*args,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else if (strcmp(*args,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
cipher = EVP_get_cipherbyname(*args + 1);
|
||||||
|
if (!cipher)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Unknown cipher %s\n",
|
||||||
|
*args + 1);
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badarg)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err, "Usage pkey [options]\n");
|
||||||
|
BIO_printf(bio_err, "where options are\n");
|
||||||
|
BIO_printf(bio_err, "-in file input file\n");
|
||||||
|
BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
|
||||||
|
BIO_printf(bio_err, "-passin arg input file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
|
||||||
|
BIO_printf(bio_err, "-out file output file\n");
|
||||||
|
BIO_printf(bio_err, "-passout arg output file pass phrase source\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting passwords\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile)
|
||||||
|
{
|
||||||
|
if (!(out = BIO_new_file (outfile, "wb")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Can't open output file %s\n", outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
out = BIO_new_fp (stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if (pubin)
|
||||||
|
pkey = load_pubkey(bio_err, infile, informat, 1,
|
||||||
|
passin, e, "Public Key");
|
||||||
|
else
|
||||||
|
pkey = load_key(bio_err, infile, informat, 1,
|
||||||
|
passin, e, "key");
|
||||||
|
if (!pkey)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (!noout)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_PEM)
|
||||||
|
{
|
||||||
|
if (pubout)
|
||||||
|
PEM_write_bio_PUBKEY(out,pkey);
|
||||||
|
else
|
||||||
|
PEM_write_bio_PrivateKey(out, pkey, cipher,
|
||||||
|
NULL, 0, NULL, passout);
|
||||||
|
}
|
||||||
|
else if (outformat == FORMAT_ASN1)
|
||||||
|
{
|
||||||
|
if (pubout)
|
||||||
|
i2d_PUBKEY_bio(out, pkey);
|
||||||
|
else
|
||||||
|
i2d_PrivateKey_bio(out, pkey);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad format specified for key\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
{
|
||||||
|
if (pubtext)
|
||||||
|
EVP_PKEY_print_public(out, pkey, 0, NULL);
|
||||||
|
else
|
||||||
|
EVP_PKEY_print_private(out, pkey, 0, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
end:
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
BIO_free_all(out);
|
||||||
|
BIO_free(in);
|
||||||
|
if (passin)
|
||||||
|
OPENSSL_free(passin);
|
||||||
|
if (passout)
|
||||||
|
OPENSSL_free(passout);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
200
jni/openssl/apps/pkeyparam.c
Normal file
200
jni/openssl/apps/pkeyparam.c
Normal file
@ -0,0 +1,200 @@
|
|||||||
|
/* apps/pkeyparam.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 2006
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
|
#define PROG pkeyparam_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
char **args, *infile = NULL, *outfile = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
int text = 0, noout = 0;
|
||||||
|
EVP_PKEY *pkey=NULL;
|
||||||
|
int badarg = 0;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
int ret = 1;
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
OpenSSL_add_all_algorithms();
|
||||||
|
args = argv + 1;
|
||||||
|
while (!badarg && *args && *args[0] == '-')
|
||||||
|
{
|
||||||
|
if (!strcmp (*args, "-in"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
infile = *args;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-out"))
|
||||||
|
{
|
||||||
|
if (args[1])
|
||||||
|
{
|
||||||
|
args++;
|
||||||
|
outfile = *args;
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*args,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (!args[1]) goto bad;
|
||||||
|
engine= *(++args);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
else if (strcmp(*args,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else if (strcmp(*args,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badarg)
|
||||||
|
{
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
bad:
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "Usage pkeyparam [options]\n");
|
||||||
|
BIO_printf(bio_err, "where options are\n");
|
||||||
|
BIO_printf(bio_err, "-in file input file\n");
|
||||||
|
BIO_printf(bio_err, "-out file output file\n");
|
||||||
|
BIO_printf(bio_err, "-text print parameters as text\n");
|
||||||
|
BIO_printf(bio_err, "-noout don't output encoded parameters\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (infile)
|
||||||
|
{
|
||||||
|
if (!(in = BIO_new_file (infile, "r")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Can't open input file %s\n", infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
in = BIO_new_fp (stdin, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (outfile)
|
||||||
|
{
|
||||||
|
if (!(out = BIO_new_file (outfile, "w")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,
|
||||||
|
"Can't open output file %s\n", outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
out = BIO_new_fp (stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
pkey = PEM_read_bio_Parameters(in, NULL);
|
||||||
|
if (!pkey)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error reading parameters\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!noout)
|
||||||
|
PEM_write_bio_Parameters(out,pkey);
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
EVP_PKEY_print_params(out, pkey, 0, NULL);
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
end:
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
BIO_free_all(out);
|
||||||
|
BIO_free(in);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
570
jni/openssl/apps/pkeyutl.c
Normal file
570
jni/openssl/apps/pkeyutl.c
Normal file
@ -0,0 +1,570 @@
|
|||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 2006.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include "apps.h"
|
||||||
|
#include <string.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
|
#define KEY_PRIVKEY 1
|
||||||
|
#define KEY_PUBKEY 2
|
||||||
|
#define KEY_CERT 3
|
||||||
|
|
||||||
|
static void usage(void);
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
|
||||||
|
#define PROG pkeyutl_main
|
||||||
|
|
||||||
|
static EVP_PKEY_CTX *init_ctx(int *pkeysize,
|
||||||
|
char *keyfile, int keyform, int key_type,
|
||||||
|
char *passargin, int pkey_op, ENGINE *e);
|
||||||
|
|
||||||
|
static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
|
||||||
|
const char *file);
|
||||||
|
|
||||||
|
static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
|
||||||
|
unsigned char *out, size_t *poutlen,
|
||||||
|
unsigned char *in, size_t inlen);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
char *infile = NULL, *outfile = NULL, *sigfile = NULL;
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
|
||||||
|
int keyform = FORMAT_PEM, peerform = FORMAT_PEM;
|
||||||
|
char badarg = 0, rev = 0;
|
||||||
|
char hexdump = 0, asn1parse = 0;
|
||||||
|
EVP_PKEY_CTX *ctx = NULL;
|
||||||
|
char *passargin = NULL;
|
||||||
|
int keysize = -1;
|
||||||
|
|
||||||
|
unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
|
||||||
|
size_t buf_outlen;
|
||||||
|
int buf_inlen = 0, siglen = -1;
|
||||||
|
|
||||||
|
int ret = 1, rv = -1;
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
|
||||||
|
if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
OpenSSL_add_all_algorithms();
|
||||||
|
|
||||||
|
while(argc >= 1)
|
||||||
|
{
|
||||||
|
if (!strcmp(*argv,"-in"))
|
||||||
|
{
|
||||||
|
if (--argc < 1) badarg = 1;
|
||||||
|
else infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (!strcmp(*argv,"-out"))
|
||||||
|
{
|
||||||
|
if (--argc < 1) badarg = 1;
|
||||||
|
else outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (!strcmp(*argv,"-sigfile"))
|
||||||
|
{
|
||||||
|
if (--argc < 1) badarg = 1;
|
||||||
|
else sigfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if(!strcmp(*argv, "-inkey"))
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ctx = init_ctx(&keysize,
|
||||||
|
*(++argv), keyform, key_type,
|
||||||
|
passargin, pkey_op, e);
|
||||||
|
if (!ctx)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err,
|
||||||
|
"Error initializing context\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (!strcmp(*argv,"-peerkey"))
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
else if (!strcmp(*argv,"-passin"))
|
||||||
|
{
|
||||||
|
if (--argc < 1) badarg = 1;
|
||||||
|
else passargin= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-peerform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) badarg = 1;
|
||||||
|
else peerform=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-keyform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) badarg = 1;
|
||||||
|
else keyform=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if(!strcmp(*argv, "-engine"))
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
e = setup_engine(bio_err, *(++argv), 0);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if(!strcmp(*argv, "-pubin"))
|
||||||
|
key_type = KEY_PUBKEY;
|
||||||
|
else if(!strcmp(*argv, "-certin"))
|
||||||
|
key_type = KEY_CERT;
|
||||||
|
else if(!strcmp(*argv, "-asn1parse"))
|
||||||
|
asn1parse = 1;
|
||||||
|
else if(!strcmp(*argv, "-hexdump"))
|
||||||
|
hexdump = 1;
|
||||||
|
else if(!strcmp(*argv, "-sign"))
|
||||||
|
pkey_op = EVP_PKEY_OP_SIGN;
|
||||||
|
else if(!strcmp(*argv, "-verify"))
|
||||||
|
pkey_op = EVP_PKEY_OP_VERIFY;
|
||||||
|
else if(!strcmp(*argv, "-verifyrecover"))
|
||||||
|
pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
|
||||||
|
else if(!strcmp(*argv, "-rev"))
|
||||||
|
rev = 1;
|
||||||
|
else if(!strcmp(*argv, "-encrypt"))
|
||||||
|
pkey_op = EVP_PKEY_OP_ENCRYPT;
|
||||||
|
else if(!strcmp(*argv, "-decrypt"))
|
||||||
|
pkey_op = EVP_PKEY_OP_DECRYPT;
|
||||||
|
else if(!strcmp(*argv, "-derive"))
|
||||||
|
pkey_op = EVP_PKEY_OP_DERIVE;
|
||||||
|
else if (strcmp(*argv,"-pkeyopt") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else if (!ctx)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err,
|
||||||
|
"-pkeyopt command before -inkey\n");
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
else if (pkey_ctrl_string(ctx, *(++argv)) <= 0)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "parameter setting error\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else badarg = 1;
|
||||||
|
if(badarg)
|
||||||
|
{
|
||||||
|
usage();
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!ctx)
|
||||||
|
{
|
||||||
|
usage();
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY))
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Signature file specified for non verify\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY))
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "No signature file specified for verify\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* FIXME: seed PRNG only if needed */
|
||||||
|
app_RAND_load_file(NULL, bio_err, 0);
|
||||||
|
|
||||||
|
if (pkey_op != EVP_PKEY_OP_DERIVE)
|
||||||
|
{
|
||||||
|
if(infile)
|
||||||
|
{
|
||||||
|
if(!(in = BIO_new_file(infile, "rb")))
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err,
|
||||||
|
"Error Opening Input File\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
in = BIO_new_fp(stdin, BIO_NOCLOSE);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(outfile)
|
||||||
|
{
|
||||||
|
if(!(out = BIO_new_file(outfile, "wb")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error Creating Output File\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if (sigfile)
|
||||||
|
{
|
||||||
|
BIO *sigbio = BIO_new_file(sigfile, "rb");
|
||||||
|
if (!sigbio)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Can't open signature file %s\n",
|
||||||
|
sigfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
siglen = bio_to_mem(&sig, keysize * 10, sigbio);
|
||||||
|
BIO_free(sigbio);
|
||||||
|
if (siglen <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error reading signature data\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (in)
|
||||||
|
{
|
||||||
|
/* Read the input data */
|
||||||
|
buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
|
||||||
|
if(buf_inlen <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error reading input Data\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
if(rev)
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
unsigned char ctmp;
|
||||||
|
size_t l = (size_t)buf_inlen;
|
||||||
|
for(i = 0; i < l/2; i++)
|
||||||
|
{
|
||||||
|
ctmp = buf_in[i];
|
||||||
|
buf_in[i] = buf_in[l - 1 - i];
|
||||||
|
buf_in[l - 1 - i] = ctmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(pkey_op == EVP_PKEY_OP_VERIFY)
|
||||||
|
{
|
||||||
|
rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
|
||||||
|
buf_in, (size_t)buf_inlen);
|
||||||
|
if (rv == 0)
|
||||||
|
BIO_puts(out, "Signature Verification Failure\n");
|
||||||
|
else if (rv == 1)
|
||||||
|
BIO_puts(out, "Signature Verified Successfully\n");
|
||||||
|
if (rv >= 0)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
|
||||||
|
buf_in, (size_t)buf_inlen);
|
||||||
|
if (rv > 0)
|
||||||
|
{
|
||||||
|
buf_out = OPENSSL_malloc(buf_outlen);
|
||||||
|
if (!buf_out)
|
||||||
|
rv = -1;
|
||||||
|
else
|
||||||
|
rv = do_keyop(ctx, pkey_op,
|
||||||
|
buf_out, (size_t *)&buf_outlen,
|
||||||
|
buf_in, (size_t)buf_inlen);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(rv <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Public Key operation error\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
ret = 0;
|
||||||
|
if(asn1parse)
|
||||||
|
{
|
||||||
|
if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
else if(hexdump)
|
||||||
|
BIO_dump(out, (char *)buf_out, buf_outlen);
|
||||||
|
else
|
||||||
|
BIO_write(out, buf_out, buf_outlen);
|
||||||
|
|
||||||
|
end:
|
||||||
|
if (ctx)
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
BIO_free(in);
|
||||||
|
BIO_free_all(out);
|
||||||
|
if (buf_in)
|
||||||
|
OPENSSL_free(buf_in);
|
||||||
|
if (buf_out)
|
||||||
|
OPENSSL_free(buf_out);
|
||||||
|
if (sig)
|
||||||
|
OPENSSL_free(sig);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void usage()
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
|
||||||
|
BIO_printf(bio_err, "-in file input file\n");
|
||||||
|
BIO_printf(bio_err, "-out file output file\n");
|
||||||
|
BIO_printf(bio_err, "-sigfile file signature file (verify operation only)\n");
|
||||||
|
BIO_printf(bio_err, "-inkey file input key\n");
|
||||||
|
BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
|
||||||
|
BIO_printf(bio_err, "-pubin input is a public key\n");
|
||||||
|
BIO_printf(bio_err, "-certin input is a certificate carrying a public key\n");
|
||||||
|
BIO_printf(bio_err, "-pkeyopt X:Y public key options\n");
|
||||||
|
BIO_printf(bio_err, "-sign sign with private key\n");
|
||||||
|
BIO_printf(bio_err, "-verify verify with public key\n");
|
||||||
|
BIO_printf(bio_err, "-verifyrecover verify with public key, recover original data\n");
|
||||||
|
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
|
||||||
|
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
|
||||||
|
BIO_printf(bio_err, "-derive derive shared secret\n");
|
||||||
|
BIO_printf(bio_err, "-hexdump hex dump output\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "-passin arg pass phrase source\n");
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static EVP_PKEY_CTX *init_ctx(int *pkeysize,
|
||||||
|
char *keyfile, int keyform, int key_type,
|
||||||
|
char *passargin, int pkey_op, ENGINE *e)
|
||||||
|
{
|
||||||
|
EVP_PKEY *pkey = NULL;
|
||||||
|
EVP_PKEY_CTX *ctx = NULL;
|
||||||
|
char *passin = NULL;
|
||||||
|
int rv = -1;
|
||||||
|
X509 *x;
|
||||||
|
if(((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
|
||||||
|
|| (pkey_op == EVP_PKEY_OP_DERIVE))
|
||||||
|
&& (key_type != KEY_PRIVKEY))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "A private key is needed for this operation\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
switch(key_type)
|
||||||
|
{
|
||||||
|
case KEY_PRIVKEY:
|
||||||
|
pkey = load_key(bio_err, keyfile, keyform, 0,
|
||||||
|
passin, e, "Private Key");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case KEY_PUBKEY:
|
||||||
|
pkey = load_pubkey(bio_err, keyfile, keyform, 0,
|
||||||
|
NULL, e, "Public Key");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case KEY_CERT:
|
||||||
|
x = load_cert(bio_err, keyfile, keyform,
|
||||||
|
NULL, e, "Certificate");
|
||||||
|
if(x)
|
||||||
|
{
|
||||||
|
pkey = X509_get_pubkey(x);
|
||||||
|
X509_free(x);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
*pkeysize = EVP_PKEY_size(pkey);
|
||||||
|
|
||||||
|
if (!pkey)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
ctx = EVP_PKEY_CTX_new(pkey, e);
|
||||||
|
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
|
||||||
|
if (!ctx)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
switch(pkey_op)
|
||||||
|
{
|
||||||
|
case EVP_PKEY_OP_SIGN:
|
||||||
|
rv = EVP_PKEY_sign_init(ctx);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_VERIFY:
|
||||||
|
rv = EVP_PKEY_verify_init(ctx);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_VERIFYRECOVER:
|
||||||
|
rv = EVP_PKEY_verify_recover_init(ctx);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_ENCRYPT:
|
||||||
|
rv = EVP_PKEY_encrypt_init(ctx);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_DECRYPT:
|
||||||
|
rv = EVP_PKEY_decrypt_init(ctx);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_DERIVE:
|
||||||
|
rv = EVP_PKEY_derive_init(ctx);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (rv <= 0)
|
||||||
|
{
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
ctx = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
end:
|
||||||
|
|
||||||
|
if (passin)
|
||||||
|
OPENSSL_free(passin);
|
||||||
|
|
||||||
|
return ctx;
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
|
||||||
|
const char *file)
|
||||||
|
{
|
||||||
|
EVP_PKEY *peer = NULL;
|
||||||
|
int ret;
|
||||||
|
if (!ctx)
|
||||||
|
{
|
||||||
|
BIO_puts(err, "-peerkey command before -inkey\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");
|
||||||
|
|
||||||
|
if (!peer)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error reading peer key %s\n", file);
|
||||||
|
ERR_print_errors(err);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = EVP_PKEY_derive_set_peer(ctx, peer);
|
||||||
|
|
||||||
|
EVP_PKEY_free(peer);
|
||||||
|
if (ret <= 0)
|
||||||
|
ERR_print_errors(err);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
|
||||||
|
unsigned char *out, size_t *poutlen,
|
||||||
|
unsigned char *in, size_t inlen)
|
||||||
|
{
|
||||||
|
int rv = 0;
|
||||||
|
switch(pkey_op)
|
||||||
|
{
|
||||||
|
case EVP_PKEY_OP_VERIFYRECOVER:
|
||||||
|
rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_SIGN:
|
||||||
|
rv = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_ENCRYPT:
|
||||||
|
rv = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_DECRYPT:
|
||||||
|
rv = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EVP_PKEY_OP_DERIVE:
|
||||||
|
rv = EVP_PKEY_derive(ctx, out, poutlen);
|
||||||
|
break;
|
||||||
|
|
||||||
|
}
|
||||||
|
return rv;
|
||||||
|
}
|
160
jni/openssl/apps/prime.c
Normal file
160
jni/openssl/apps/prime.c
Normal file
@ -0,0 +1,160 @@
|
|||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG prime_main
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int hex=0;
|
||||||
|
int checks=20;
|
||||||
|
int generate=0;
|
||||||
|
int bits=0;
|
||||||
|
int safe=0;
|
||||||
|
BIGNUM *bn=NULL;
|
||||||
|
BIO *bio_out;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
--argc;
|
||||||
|
++argv;
|
||||||
|
while (argc >= 1 && **argv == '-')
|
||||||
|
{
|
||||||
|
if(!strcmp(*argv,"-hex"))
|
||||||
|
hex=1;
|
||||||
|
else if(!strcmp(*argv,"-generate"))
|
||||||
|
generate=1;
|
||||||
|
else if(!strcmp(*argv,"-bits"))
|
||||||
|
if(--argc < 1)
|
||||||
|
goto bad;
|
||||||
|
else
|
||||||
|
bits=atoi(*++argv);
|
||||||
|
else if(!strcmp(*argv,"-safe"))
|
||||||
|
safe=1;
|
||||||
|
else if(!strcmp(*argv,"-checks"))
|
||||||
|
if(--argc < 1)
|
||||||
|
goto bad;
|
||||||
|
else
|
||||||
|
checks=atoi(*++argv);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Unknown option '%s'\n",*argv);
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
--argc;
|
||||||
|
++argv;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (argv[0] == NULL && !generate)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"No prime specified\n");
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((bio_out=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
bio_out = BIO_push(tmpbio, bio_out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if(generate)
|
||||||
|
{
|
||||||
|
char *s;
|
||||||
|
|
||||||
|
if(!bits)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Specifiy the number of bits.\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
bn=BN_new();
|
||||||
|
BN_generate_prime_ex(bn,bits,safe,NULL,NULL,NULL);
|
||||||
|
s=hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
|
||||||
|
BIO_printf(bio_out,"%s\n",s);
|
||||||
|
OPENSSL_free(s);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if(hex)
|
||||||
|
BN_hex2bn(&bn,argv[0]);
|
||||||
|
else
|
||||||
|
BN_dec2bn(&bn,argv[0]);
|
||||||
|
|
||||||
|
BN_print(bio_out,bn);
|
||||||
|
BIO_printf(bio_out," is %sprime\n",
|
||||||
|
BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not ");
|
||||||
|
}
|
||||||
|
|
||||||
|
BN_free(bn);
|
||||||
|
BIO_free_all(bio_out);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"options are\n");
|
||||||
|
BIO_printf(bio_err,"%-14s hex\n","-hex");
|
||||||
|
BIO_printf(bio_err,"%-14s number of checks\n","-checks <n>");
|
||||||
|
return 1;
|
||||||
|
}
|
18
jni/openssl/apps/privkey.pem
Normal file
18
jni/openssl/apps/privkey.pem
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
Proc-Type: 4,ENCRYPTED
|
||||||
|
DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
|
||||||
|
|
||||||
|
6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
|
||||||
|
Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
|
||||||
|
F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
|
||||||
|
XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
|
||||||
|
jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
|
||||||
|
vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
|
||||||
|
JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
|
||||||
|
PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
|
||||||
|
POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
|
||||||
|
gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
|
||||||
|
8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
|
||||||
|
Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
|
||||||
|
dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
|
||||||
|
-----END RSA PRIVATE KEY-----
|
364
jni/openssl/apps/progs.h
Normal file
364
jni/openssl/apps/progs.h
Normal file
@ -0,0 +1,364 @@
|
|||||||
|
/* apps/progs.h */
|
||||||
|
/* automatically generated by progs.pl for openssl.c */
|
||||||
|
|
||||||
|
extern int verify_main(int argc,char *argv[]);
|
||||||
|
extern int asn1parse_main(int argc,char *argv[]);
|
||||||
|
extern int req_main(int argc,char *argv[]);
|
||||||
|
extern int dgst_main(int argc,char *argv[]);
|
||||||
|
extern int dh_main(int argc,char *argv[]);
|
||||||
|
extern int dhparam_main(int argc,char *argv[]);
|
||||||
|
extern int enc_main(int argc,char *argv[]);
|
||||||
|
extern int passwd_main(int argc,char *argv[]);
|
||||||
|
extern int gendh_main(int argc,char *argv[]);
|
||||||
|
extern int errstr_main(int argc,char *argv[]);
|
||||||
|
extern int ca_main(int argc,char *argv[]);
|
||||||
|
extern int crl_main(int argc,char *argv[]);
|
||||||
|
extern int rsa_main(int argc,char *argv[]);
|
||||||
|
extern int rsautl_main(int argc,char *argv[]);
|
||||||
|
extern int dsa_main(int argc,char *argv[]);
|
||||||
|
extern int dsaparam_main(int argc,char *argv[]);
|
||||||
|
extern int ec_main(int argc,char *argv[]);
|
||||||
|
extern int ecparam_main(int argc,char *argv[]);
|
||||||
|
extern int x509_main(int argc,char *argv[]);
|
||||||
|
extern int genrsa_main(int argc,char *argv[]);
|
||||||
|
extern int gendsa_main(int argc,char *argv[]);
|
||||||
|
extern int genpkey_main(int argc,char *argv[]);
|
||||||
|
extern int s_server_main(int argc,char *argv[]);
|
||||||
|
extern int s_client_main(int argc,char *argv[]);
|
||||||
|
extern int speed_main(int argc,char *argv[]);
|
||||||
|
extern int s_time_main(int argc,char *argv[]);
|
||||||
|
extern int version_main(int argc,char *argv[]);
|
||||||
|
extern int pkcs7_main(int argc,char *argv[]);
|
||||||
|
extern int cms_main(int argc,char *argv[]);
|
||||||
|
extern int crl2pkcs7_main(int argc,char *argv[]);
|
||||||
|
extern int sess_id_main(int argc,char *argv[]);
|
||||||
|
extern int ciphers_main(int argc,char *argv[]);
|
||||||
|
extern int nseq_main(int argc,char *argv[]);
|
||||||
|
extern int pkcs12_main(int argc,char *argv[]);
|
||||||
|
extern int pkcs8_main(int argc,char *argv[]);
|
||||||
|
extern int pkey_main(int argc,char *argv[]);
|
||||||
|
extern int pkeyparam_main(int argc,char *argv[]);
|
||||||
|
extern int pkeyutl_main(int argc,char *argv[]);
|
||||||
|
extern int spkac_main(int argc,char *argv[]);
|
||||||
|
extern int smime_main(int argc,char *argv[]);
|
||||||
|
extern int rand_main(int argc,char *argv[]);
|
||||||
|
extern int engine_main(int argc,char *argv[]);
|
||||||
|
extern int ocsp_main(int argc,char *argv[]);
|
||||||
|
extern int prime_main(int argc,char *argv[]);
|
||||||
|
extern int ts_main(int argc,char *argv[]);
|
||||||
|
|
||||||
|
#define FUNC_TYPE_GENERAL 1
|
||||||
|
#define FUNC_TYPE_MD 2
|
||||||
|
#define FUNC_TYPE_CIPHER 3
|
||||||
|
#define FUNC_TYPE_PKEY 4
|
||||||
|
#define FUNC_TYPE_MD_ALG 5
|
||||||
|
#define FUNC_TYPE_CIPHER_ALG 6
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
int type;
|
||||||
|
const char *name;
|
||||||
|
int (*func)(int argc,char *argv[]);
|
||||||
|
} FUNCTION;
|
||||||
|
DECLARE_LHASH_OF(FUNCTION);
|
||||||
|
|
||||||
|
FUNCTION functions[] = {
|
||||||
|
{FUNC_TYPE_GENERAL,"verify",verify_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"req",req_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"dgst",dgst_main},
|
||||||
|
#ifndef OPENSSL_NO_DH
|
||||||
|
{FUNC_TYPE_GENERAL,"dh",dh_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DH
|
||||||
|
{FUNC_TYPE_GENERAL,"dhparam",dhparam_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"enc",enc_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"passwd",passwd_main},
|
||||||
|
#ifndef OPENSSL_NO_DH
|
||||||
|
{FUNC_TYPE_GENERAL,"gendh",gendh_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"errstr",errstr_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"ca",ca_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"crl",crl_main},
|
||||||
|
#ifndef OPENSSL_NO_RSA
|
||||||
|
{FUNC_TYPE_GENERAL,"rsa",rsa_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RSA
|
||||||
|
{FUNC_TYPE_GENERAL,"rsautl",rsautl_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
{FUNC_TYPE_GENERAL,"dsa",dsa_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_EC
|
||||||
|
{FUNC_TYPE_GENERAL,"ec",ec_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_EC
|
||||||
|
{FUNC_TYPE_GENERAL,"ecparam",ecparam_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"x509",x509_main},
|
||||||
|
#ifndef OPENSSL_NO_RSA
|
||||||
|
{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DSA
|
||||||
|
{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
|
||||||
|
#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
|
||||||
|
{FUNC_TYPE_GENERAL,"s_server",s_server_main},
|
||||||
|
#endif
|
||||||
|
#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
|
||||||
|
{FUNC_TYPE_GENERAL,"s_client",s_client_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SPEED
|
||||||
|
{FUNC_TYPE_GENERAL,"speed",speed_main},
|
||||||
|
#endif
|
||||||
|
#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
|
||||||
|
{FUNC_TYPE_GENERAL,"s_time",s_time_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"version",version_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
|
||||||
|
#ifndef OPENSSL_NO_CMS
|
||||||
|
{FUNC_TYPE_GENERAL,"cms",cms_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
|
||||||
|
#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
|
||||||
|
{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"nseq",nseq_main},
|
||||||
|
#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
|
||||||
|
{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"pkey",pkey_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"spkac",spkac_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"smime",smime_main},
|
||||||
|
{FUNC_TYPE_GENERAL,"rand",rand_main},
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
{FUNC_TYPE_GENERAL,"engine",engine_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_OCSP
|
||||||
|
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_GENERAL,"prime",prime_main},
|
||||||
|
#if 0 /* ANDROID */
|
||||||
|
{FUNC_TYPE_GENERAL,"ts",ts_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_MD2
|
||||||
|
{FUNC_TYPE_MD,"md2",dgst_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_MD4
|
||||||
|
{FUNC_TYPE_MD,"md4",dgst_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_MD5
|
||||||
|
{FUNC_TYPE_MD,"md5",dgst_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SHA
|
||||||
|
{FUNC_TYPE_MD,"sha",dgst_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SHA1
|
||||||
|
{FUNC_TYPE_MD,"sha1",dgst_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_MDC2
|
||||||
|
{FUNC_TYPE_MD,"mdc2",dgst_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RMD160
|
||||||
|
{FUNC_TYPE_MD,"rmd160",dgst_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
{FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
{FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
{FUNC_TYPE_CIPHER,"aes-192-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
{FUNC_TYPE_CIPHER,"aes-192-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
{FUNC_TYPE_CIPHER,"aes-256-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
{FUNC_TYPE_CIPHER,"base64",enc_main},
|
||||||
|
#ifdef ZLIB
|
||||||
|
{FUNC_TYPE_CIPHER,"zlib",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des3",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"desx",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
{FUNC_TYPE_CIPHER,"idea",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
{FUNC_TYPE_CIPHER,"seed",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC4
|
||||||
|
{FUNC_TYPE_CIPHER,"rc4",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC4
|
||||||
|
{FUNC_TYPE_CIPHER,"rc4-40",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
{FUNC_TYPE_CIPHER,"rc2",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_BF
|
||||||
|
{FUNC_TYPE_CIPHER,"bf",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAST
|
||||||
|
{FUNC_TYPE_CIPHER,"cast",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC5
|
||||||
|
{FUNC_TYPE_CIPHER,"rc5",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
{FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
{FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
{FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
{FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
{FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
{FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_BF
|
||||||
|
{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_BF
|
||||||
|
{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_BF
|
||||||
|
{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_BF
|
||||||
|
{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAST
|
||||||
|
{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAST
|
||||||
|
{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAST
|
||||||
|
{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAST
|
||||||
|
{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAST
|
||||||
|
{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC5
|
||||||
|
{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC5
|
||||||
|
{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC5
|
||||||
|
{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC5
|
||||||
|
{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
|
||||||
|
#endif
|
||||||
|
{0,NULL,NULL}
|
||||||
|
};
|
102
jni/openssl/apps/progs.pl
Normal file
102
jni/openssl/apps/progs.pl
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
#!/usr/local/bin/perl
|
||||||
|
|
||||||
|
print "/* apps/progs.h */\n";
|
||||||
|
print "/* automatically generated by progs.pl for openssl.c */\n\n";
|
||||||
|
|
||||||
|
grep(s/^asn1pars$/asn1parse/,@ARGV);
|
||||||
|
|
||||||
|
foreach (@ARGV)
|
||||||
|
{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
|
||||||
|
|
||||||
|
print <<'EOF';
|
||||||
|
|
||||||
|
#define FUNC_TYPE_GENERAL 1
|
||||||
|
#define FUNC_TYPE_MD 2
|
||||||
|
#define FUNC_TYPE_CIPHER 3
|
||||||
|
#define FUNC_TYPE_PKEY 4
|
||||||
|
#define FUNC_TYPE_MD_ALG 5
|
||||||
|
#define FUNC_TYPE_CIPHER_ALG 6
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
int type;
|
||||||
|
const char *name;
|
||||||
|
int (*func)(int argc,char *argv[]);
|
||||||
|
} FUNCTION;
|
||||||
|
DECLARE_LHASH_OF(FUNCTION);
|
||||||
|
|
||||||
|
FUNCTION functions[] = {
|
||||||
|
EOF
|
||||||
|
|
||||||
|
foreach (@ARGV)
|
||||||
|
{
|
||||||
|
push(@files,$_);
|
||||||
|
$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
|
||||||
|
if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
|
||||||
|
{ print "#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^speed$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^engine$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_ENGINE\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^ec$/) || ($_ =~ /^ecparam$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_EC\n${str}#endif\n";}
|
||||||
|
elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^pkcs12$/))
|
||||||
|
{ print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^cms$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; }
|
||||||
|
elsif ( ($_ =~ /^ocsp$/))
|
||||||
|
{ print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; }
|
||||||
|
else
|
||||||
|
{ print $str; }
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160")
|
||||||
|
{
|
||||||
|
push(@files,$_);
|
||||||
|
printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach (
|
||||||
|
"aes-128-cbc", "aes-128-ecb",
|
||||||
|
"aes-192-cbc", "aes-192-ecb",
|
||||||
|
"aes-256-cbc", "aes-256-ecb",
|
||||||
|
"camellia-128-cbc", "camellia-128-ecb",
|
||||||
|
"camellia-192-cbc", "camellia-192-ecb",
|
||||||
|
"camellia-256-cbc", "camellia-256-ecb",
|
||||||
|
"base64", "zlib",
|
||||||
|
"des", "des3", "desx", "idea", "seed", "rc4", "rc4-40",
|
||||||
|
"rc2", "bf", "cast", "rc5",
|
||||||
|
"des-ecb", "des-ede", "des-ede3",
|
||||||
|
"des-cbc", "des-ede-cbc","des-ede3-cbc",
|
||||||
|
"des-cfb", "des-ede-cfb","des-ede3-cfb",
|
||||||
|
"des-ofb", "des-ede-ofb","des-ede3-ofb",
|
||||||
|
"idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
|
||||||
|
"seed-cbc","seed-ecb", "seed-cfb", "seed-ofb",
|
||||||
|
"rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc",
|
||||||
|
"bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb",
|
||||||
|
"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
|
||||||
|
"cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb")
|
||||||
|
{
|
||||||
|
push(@files,$_);
|
||||||
|
|
||||||
|
$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
|
||||||
|
if ($_ =~ /des/) { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /rc4/) { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /rc2/) { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /bf/) { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /cast/) { $t="#ifndef OPENSSL_NO_CAST\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /rc5/) { $t="#ifndef OPENSSL_NO_RC5\n${t}#endif\n"; }
|
||||||
|
elsif ($_ =~ /zlib/) { $t="#ifdef ZLIB\n${t}#endif\n"; }
|
||||||
|
print $t;
|
||||||
|
}
|
||||||
|
|
||||||
|
print "\t{0,NULL,NULL}\n\t};\n";
|
245
jni/openssl/apps/rand.c
Normal file
245
jni/openssl/apps/rand.c
Normal file
@ -0,0 +1,245 @@
|
|||||||
|
/* apps/rand.c */
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "apps.h"
|
||||||
|
|
||||||
|
#include <ctype.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG rand_main
|
||||||
|
|
||||||
|
/* -out file - write to file
|
||||||
|
* -rand file:file - PRNG seed files
|
||||||
|
* -base64 - base64 encode output
|
||||||
|
* -hex - hex encode output
|
||||||
|
* num - write 'num' bytes
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int i, r, ret = 1;
|
||||||
|
int badopt;
|
||||||
|
char *outfile = NULL;
|
||||||
|
char *inrand = NULL;
|
||||||
|
int base64 = 0;
|
||||||
|
int hex = 0;
|
||||||
|
BIO *out = NULL;
|
||||||
|
int num = -1;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
badopt = 0;
|
||||||
|
i = 0;
|
||||||
|
while (!badopt && argv[++i] != NULL)
|
||||||
|
{
|
||||||
|
if (strcmp(argv[i], "-out") == 0)
|
||||||
|
{
|
||||||
|
if ((argv[i+1] != NULL) && (outfile == NULL))
|
||||||
|
outfile = argv[++i];
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(argv[i], "-engine") == 0)
|
||||||
|
{
|
||||||
|
if ((argv[i+1] != NULL) && (engine == NULL))
|
||||||
|
engine = argv[++i];
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(argv[i], "-rand") == 0)
|
||||||
|
{
|
||||||
|
if ((argv[i+1] != NULL) && (inrand == NULL))
|
||||||
|
inrand = argv[++i];
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(argv[i], "-base64") == 0)
|
||||||
|
{
|
||||||
|
if (!base64)
|
||||||
|
base64 = 1;
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else if (strcmp(argv[i], "-hex") == 0)
|
||||||
|
{
|
||||||
|
if (!hex)
|
||||||
|
hex = 1;
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else if (isdigit((unsigned char)argv[i][0]))
|
||||||
|
{
|
||||||
|
if (num < 0)
|
||||||
|
{
|
||||||
|
r = sscanf(argv[i], "%d", &num);
|
||||||
|
if (r == 0 || num < 0)
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
badopt = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (hex && base64)
|
||||||
|
badopt = 1;
|
||||||
|
|
||||||
|
if (num < 0)
|
||||||
|
badopt = 1;
|
||||||
|
|
||||||
|
if (badopt)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Usage: rand [options] num\n");
|
||||||
|
BIO_printf(bio_err, "where options are\n");
|
||||||
|
BIO_printf(bio_err, "-out file - write to file\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||||
|
BIO_printf(bio_err, "-base64 - base64 encode output\n");
|
||||||
|
BIO_printf(bio_err, "-hex - hex encode output\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
|
||||||
|
out = BIO_new(BIO_s_file());
|
||||||
|
if (out == NULL)
|
||||||
|
goto err;
|
||||||
|
if (outfile != NULL)
|
||||||
|
r = BIO_write_filename(out, outfile);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
if (r <= 0)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
if (base64)
|
||||||
|
{
|
||||||
|
BIO *b64 = BIO_new(BIO_f_base64());
|
||||||
|
if (b64 == NULL)
|
||||||
|
goto err;
|
||||||
|
out = BIO_push(b64, out);
|
||||||
|
}
|
||||||
|
|
||||||
|
while (num > 0)
|
||||||
|
{
|
||||||
|
unsigned char buf[4096];
|
||||||
|
int chunk;
|
||||||
|
|
||||||
|
chunk = num;
|
||||||
|
if (chunk > (int)sizeof(buf))
|
||||||
|
chunk = sizeof buf;
|
||||||
|
r = RAND_bytes(buf, chunk);
|
||||||
|
if (r <= 0)
|
||||||
|
goto err;
|
||||||
|
if (!hex)
|
||||||
|
BIO_write(out, buf, chunk);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
for (i = 0; i < chunk; i++)
|
||||||
|
BIO_printf(out, "%02x", buf[i]);
|
||||||
|
}
|
||||||
|
num -= chunk;
|
||||||
|
}
|
||||||
|
if (hex)
|
||||||
|
BIO_puts(out, "\n");
|
||||||
|
(void)BIO_flush(out);
|
||||||
|
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
err:
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
if (out)
|
||||||
|
BIO_free_all(out);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
1758
jni/openssl/apps/req.c
Normal file
1758
jni/openssl/apps/req.c
Normal file
File diff suppressed because it is too large
Load Diff
11
jni/openssl/apps/req.pem
Normal file
11
jni/openssl/apps/req.pem
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
|
||||||
|
ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
|
||||||
|
YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
|
||||||
|
S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
|
||||||
|
AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
|
||||||
|
tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
|
||||||
|
84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
|
||||||
|
CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
|
||||||
|
Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
450
jni/openssl/apps/rsa.c
Normal file
450
jni/openssl/apps/rsa.c
Normal file
@ -0,0 +1,450 @@
|
|||||||
|
/* apps/rsa.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
#ifndef OPENSSL_NO_RSA
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/rsa.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG rsa_main
|
||||||
|
|
||||||
|
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||||
|
* -outform arg - output format - default PEM
|
||||||
|
* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
* -des - encrypt output if PEM format with DES in cbc mode
|
||||||
|
* -des3 - encrypt output if PEM format
|
||||||
|
* -idea - encrypt output if PEM format
|
||||||
|
* -seed - encrypt output if PEM format
|
||||||
|
* -aes128 - encrypt output if PEM format
|
||||||
|
* -aes192 - encrypt output if PEM format
|
||||||
|
* -aes256 - encrypt output if PEM format
|
||||||
|
* -camellia128 - encrypt output if PEM format
|
||||||
|
* -camellia192 - encrypt output if PEM format
|
||||||
|
* -camellia256 - encrypt output if PEM format
|
||||||
|
* -text - print a text version
|
||||||
|
* -modulus - print the RSA key modulus
|
||||||
|
* -check - verify key consistency
|
||||||
|
* -pubin - Expect a public key in input file.
|
||||||
|
* -pubout - Output a public key.
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
int ret=1;
|
||||||
|
RSA *rsa=NULL;
|
||||||
|
int i,badops=0, sgckey=0;
|
||||||
|
const EVP_CIPHER *enc=NULL;
|
||||||
|
BIO *out=NULL;
|
||||||
|
int informat,outformat,text=0,check=0,noout=0;
|
||||||
|
int pubin = 0, pubout = 0;
|
||||||
|
char *infile,*outfile,*prog;
|
||||||
|
char *passargin = NULL, *passargout = NULL;
|
||||||
|
char *passin = NULL, *passout = NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
int modulus=0;
|
||||||
|
|
||||||
|
int pvk_encr = 2;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
infile=NULL;
|
||||||
|
outfile=NULL;
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passin") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargin= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passout") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargout= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-sgckey") == 0)
|
||||||
|
sgckey=1;
|
||||||
|
else if (strcmp(*argv,"-pubin") == 0)
|
||||||
|
pubin=1;
|
||||||
|
else if (strcmp(*argv,"-pubout") == 0)
|
||||||
|
pubout=1;
|
||||||
|
else if (strcmp(*argv,"-RSAPublicKey_in") == 0)
|
||||||
|
pubin = 2;
|
||||||
|
else if (strcmp(*argv,"-RSAPublicKey_out") == 0)
|
||||||
|
pubout = 2;
|
||||||
|
else if (strcmp(*argv,"-pvk-strong") == 0)
|
||||||
|
pvk_encr=2;
|
||||||
|
else if (strcmp(*argv,"-pvk-weak") == 0)
|
||||||
|
pvk_encr=1;
|
||||||
|
else if (strcmp(*argv,"-pvk-none") == 0)
|
||||||
|
pvk_encr=0;
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text=1;
|
||||||
|
else if (strcmp(*argv,"-modulus") == 0)
|
||||||
|
modulus=1;
|
||||||
|
else if (strcmp(*argv,"-check") == 0)
|
||||||
|
check=1;
|
||||||
|
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n");
|
||||||
|
BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -sgckey Use IIS SGC key format\n");
|
||||||
|
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
|
||||||
|
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
|
||||||
|
#ifndef OPENSSL_NO_IDEA
|
||||||
|
BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
|
||||||
|
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err," -text print the key in text\n");
|
||||||
|
BIO_printf(bio_err," -noout don't print key out\n");
|
||||||
|
BIO_printf(bio_err," -modulus print the RSA key modulus\n");
|
||||||
|
BIO_printf(bio_err," -check verify key consistency\n");
|
||||||
|
BIO_printf(bio_err," -pubin expect a public key in input file\n");
|
||||||
|
BIO_printf(bio_err," -pubout output a public key\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
|
||||||
|
BIO_printf(bio_err, "Error getting passwords\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(check && pubin) {
|
||||||
|
BIO_printf(bio_err, "Only private keys can be checked\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
|
||||||
|
{
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
|
||||||
|
if (pubin)
|
||||||
|
{
|
||||||
|
int tmpformat=-1;
|
||||||
|
if (pubin == 2)
|
||||||
|
{
|
||||||
|
if (informat == FORMAT_PEM)
|
||||||
|
tmpformat = FORMAT_PEMRSA;
|
||||||
|
else if (informat == FORMAT_ASN1)
|
||||||
|
tmpformat = FORMAT_ASN1RSA;
|
||||||
|
}
|
||||||
|
else if (informat == FORMAT_NETSCAPE && sgckey)
|
||||||
|
tmpformat = FORMAT_IISSGC;
|
||||||
|
else
|
||||||
|
tmpformat = informat;
|
||||||
|
|
||||||
|
pkey = load_pubkey(bio_err, infile, tmpformat, 1,
|
||||||
|
passin, e, "Public Key");
|
||||||
|
}
|
||||||
|
else
|
||||||
|
pkey = load_key(bio_err, infile,
|
||||||
|
(informat == FORMAT_NETSCAPE && sgckey ?
|
||||||
|
FORMAT_IISSGC : informat), 1,
|
||||||
|
passin, e, "Private Key");
|
||||||
|
|
||||||
|
if (pkey != NULL)
|
||||||
|
rsa = EVP_PKEY_get1_RSA(pkey);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (rsa == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
if (!RSA_print(out,rsa,0))
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (modulus)
|
||||||
|
{
|
||||||
|
BIO_printf(out,"Modulus=");
|
||||||
|
BN_print(out,rsa->n);
|
||||||
|
BIO_printf(out,"\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (check)
|
||||||
|
{
|
||||||
|
int r = RSA_check_key(rsa);
|
||||||
|
|
||||||
|
if (r == 1)
|
||||||
|
BIO_printf(out,"RSA key ok\n");
|
||||||
|
else if (r == 0)
|
||||||
|
{
|
||||||
|
unsigned long err;
|
||||||
|
|
||||||
|
while ((err = ERR_peek_error()) != 0 &&
|
||||||
|
ERR_GET_LIB(err) == ERR_LIB_RSA &&
|
||||||
|
ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
|
||||||
|
ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE)
|
||||||
|
{
|
||||||
|
BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err));
|
||||||
|
ERR_get_error(); /* remove e from error stack */
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (noout)
|
||||||
|
{
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_printf(bio_err,"writing RSA key\n");
|
||||||
|
if (outformat == FORMAT_ASN1) {
|
||||||
|
if(pubout || pubin)
|
||||||
|
{
|
||||||
|
if (pubout == 2)
|
||||||
|
i=i2d_RSAPublicKey_bio(out,rsa);
|
||||||
|
else
|
||||||
|
i=i2d_RSA_PUBKEY_bio(out,rsa);
|
||||||
|
}
|
||||||
|
else i=i2d_RSAPrivateKey_bio(out,rsa);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_RC4
|
||||||
|
else if (outformat == FORMAT_NETSCAPE)
|
||||||
|
{
|
||||||
|
unsigned char *p,*pp;
|
||||||
|
int size;
|
||||||
|
|
||||||
|
i=1;
|
||||||
|
size=i2d_RSA_NET(rsa,NULL,NULL, sgckey);
|
||||||
|
if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Memory allocation failure\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
pp=p;
|
||||||
|
i2d_RSA_NET(rsa,&p,NULL, sgckey);
|
||||||
|
BIO_write(out,(char *)pp,size);
|
||||||
|
OPENSSL_free(pp);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (outformat == FORMAT_PEM) {
|
||||||
|
if(pubout || pubin)
|
||||||
|
{
|
||||||
|
if (pubout == 2)
|
||||||
|
i=PEM_write_bio_RSAPublicKey(out,rsa);
|
||||||
|
else
|
||||||
|
i=PEM_write_bio_RSA_PUBKEY(out,rsa);
|
||||||
|
}
|
||||||
|
else i=PEM_write_bio_RSAPrivateKey(out,rsa,
|
||||||
|
enc,NULL,0,NULL,passout);
|
||||||
|
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
|
||||||
|
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
|
||||||
|
EVP_PKEY *pk;
|
||||||
|
pk = EVP_PKEY_new();
|
||||||
|
EVP_PKEY_set1_RSA(pk, rsa);
|
||||||
|
if (outformat == FORMAT_PVK)
|
||||||
|
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
|
||||||
|
else if (pubin || pubout)
|
||||||
|
i = i2b_PublicKey_bio(out, pk);
|
||||||
|
else
|
||||||
|
i = i2b_PrivateKey_bio(out, pk);
|
||||||
|
EVP_PKEY_free(pk);
|
||||||
|
#endif
|
||||||
|
} else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (i <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to write key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if(out != NULL) BIO_free_all(out);
|
||||||
|
if(rsa != NULL) RSA_free(rsa);
|
||||||
|
if(passin) OPENSSL_free(passin);
|
||||||
|
if(passout) OPENSSL_free(passout);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
#else /* !OPENSSL_NO_RSA */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
101
jni/openssl/apps/rsa8192.pem
Normal file
101
jni/openssl/apps/rsa8192.pem
Normal file
@ -0,0 +1,101 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
|
||||||
|
MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
|
||||||
|
ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
|
||||||
|
MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
|
||||||
|
55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm
|
||||||
|
yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3
|
||||||
|
tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA
|
||||||
|
LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE
|
||||||
|
aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d
|
||||||
|
PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59
|
||||||
|
mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi
|
||||||
|
71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z
|
||||||
|
d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2
|
||||||
|
wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0
|
||||||
|
bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE
|
||||||
|
Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa
|
||||||
|
Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd
|
||||||
|
pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS
|
||||||
|
os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah
|
||||||
|
mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx
|
||||||
|
cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K
|
||||||
|
LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ
|
||||||
|
tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS
|
||||||
|
PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9
|
||||||
|
psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0
|
||||||
|
9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6
|
||||||
|
xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c
|
||||||
|
ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW
|
||||||
|
RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf
|
||||||
|
1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI
|
||||||
|
P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH
|
||||||
|
77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4
|
||||||
|
4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I
|
||||||
|
/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg
|
||||||
|
GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq
|
||||||
|
HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB
|
||||||
|
ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy
|
||||||
|
AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT
|
||||||
|
52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p
|
||||||
|
5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr
|
||||||
|
7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5
|
||||||
|
KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h
|
||||||
|
cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1
|
||||||
|
dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/
|
||||||
|
DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw
|
||||||
|
Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr
|
||||||
|
f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ
|
||||||
|
J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+
|
||||||
|
TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY
|
||||||
|
fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c
|
||||||
|
Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5
|
||||||
|
mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC
|
||||||
|
YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd
|
||||||
|
mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ
|
||||||
|
Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw
|
||||||
|
c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w
|
||||||
|
Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR
|
||||||
|
WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh
|
||||||
|
KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi
|
||||||
|
JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
|
||||||
|
yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
|
||||||
|
kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
|
||||||
|
DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
|
||||||
|
22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
|
||||||
|
ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
|
||||||
|
D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
|
||||||
|
PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
|
||||||
|
dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ
|
||||||
|
FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg
|
||||||
|
6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz
|
||||||
|
eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG
|
||||||
|
bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz
|
||||||
|
XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf
|
||||||
|
7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w
|
||||||
|
82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly
|
||||||
|
beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr
|
||||||
|
pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9
|
||||||
|
70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM
|
||||||
|
YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin
|
||||||
|
ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy
|
||||||
|
lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe
|
||||||
|
4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P
|
||||||
|
lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG
|
||||||
|
LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3
|
||||||
|
x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w
|
||||||
|
O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD
|
||||||
|
6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80
|
||||||
|
Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz
|
||||||
|
DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn
|
||||||
|
Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R
|
||||||
|
oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q
|
||||||
|
nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H
|
||||||
|
X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV
|
||||||
|
QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg
|
||||||
|
TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
|
||||||
|
46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE
|
||||||
|
rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
|
||||||
|
I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
|
351
jni/openssl/apps/rsautl.c
Normal file
351
jni/openssl/apps/rsautl.c
Normal file
@ -0,0 +1,351 @@
|
|||||||
|
/* rsautl.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 2000.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
#ifndef OPENSSL_NO_RSA
|
||||||
|
|
||||||
|
#include "apps.h"
|
||||||
|
#include <string.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/rsa.h>
|
||||||
|
|
||||||
|
#define RSA_SIGN 1
|
||||||
|
#define RSA_VERIFY 2
|
||||||
|
#define RSA_ENCRYPT 3
|
||||||
|
#define RSA_DECRYPT 4
|
||||||
|
|
||||||
|
#define KEY_PRIVKEY 1
|
||||||
|
#define KEY_PUBKEY 2
|
||||||
|
#define KEY_CERT 3
|
||||||
|
|
||||||
|
static void usage(void);
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
|
||||||
|
#define PROG rsautl_main
|
||||||
|
|
||||||
|
int MAIN(int argc, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL;
|
||||||
|
char *infile = NULL, *outfile = NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine = NULL;
|
||||||
|
#endif
|
||||||
|
char *keyfile = NULL;
|
||||||
|
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
|
||||||
|
int keyform = FORMAT_PEM;
|
||||||
|
char need_priv = 0, badarg = 0, rev = 0;
|
||||||
|
char hexdump = 0, asn1parse = 0;
|
||||||
|
X509 *x;
|
||||||
|
EVP_PKEY *pkey = NULL;
|
||||||
|
RSA *rsa = NULL;
|
||||||
|
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
|
||||||
|
char *passargin = NULL, *passin = NULL;
|
||||||
|
int rsa_inlen, rsa_outlen = 0;
|
||||||
|
int keysize;
|
||||||
|
|
||||||
|
int ret = 1;
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
|
||||||
|
if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
OpenSSL_add_all_algorithms();
|
||||||
|
pad = RSA_PKCS1_PADDING;
|
||||||
|
|
||||||
|
while(argc >= 1)
|
||||||
|
{
|
||||||
|
if (!strcmp(*argv,"-in")) {
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
infile= *(++argv);
|
||||||
|
} else if (!strcmp(*argv,"-out")) {
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
outfile= *(++argv);
|
||||||
|
} else if(!strcmp(*argv, "-inkey")) {
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
keyfile = *(++argv);
|
||||||
|
} else if (!strcmp(*argv,"-passin")) {
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
passargin= *(++argv);
|
||||||
|
} else if (strcmp(*argv,"-keyform") == 0) {
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
keyform=str2fmt(*(++argv));
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
} else if(!strcmp(*argv, "-engine")) {
|
||||||
|
if (--argc < 1)
|
||||||
|
badarg = 1;
|
||||||
|
else
|
||||||
|
engine = *(++argv);
|
||||||
|
#endif
|
||||||
|
} else if(!strcmp(*argv, "-pubin")) {
|
||||||
|
key_type = KEY_PUBKEY;
|
||||||
|
} else if(!strcmp(*argv, "-certin")) {
|
||||||
|
key_type = KEY_CERT;
|
||||||
|
}
|
||||||
|
else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
|
||||||
|
else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
|
||||||
|
else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
|
||||||
|
else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
|
||||||
|
else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
|
||||||
|
else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
|
||||||
|
else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
|
||||||
|
else if(!strcmp(*argv, "-sign")) {
|
||||||
|
rsa_mode = RSA_SIGN;
|
||||||
|
need_priv = 1;
|
||||||
|
} else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY;
|
||||||
|
else if(!strcmp(*argv, "-rev")) rev = 1;
|
||||||
|
else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT;
|
||||||
|
else if(!strcmp(*argv, "-decrypt")) {
|
||||||
|
rsa_mode = RSA_DECRYPT;
|
||||||
|
need_priv = 1;
|
||||||
|
} else badarg = 1;
|
||||||
|
if(badarg) {
|
||||||
|
usage();
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(need_priv && (key_type != KEY_PRIVKEY)) {
|
||||||
|
BIO_printf(bio_err, "A private key is needed for this operation\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* FIXME: seed PRNG only if needed */
|
||||||
|
app_RAND_load_file(NULL, bio_err, 0);
|
||||||
|
|
||||||
|
switch(key_type) {
|
||||||
|
case KEY_PRIVKEY:
|
||||||
|
pkey = load_key(bio_err, keyfile, keyform, 0,
|
||||||
|
passin, e, "Private Key");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case KEY_PUBKEY:
|
||||||
|
pkey = load_pubkey(bio_err, keyfile, keyform, 0,
|
||||||
|
NULL, e, "Public Key");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case KEY_CERT:
|
||||||
|
x = load_cert(bio_err, keyfile, keyform,
|
||||||
|
NULL, e, "Certificate");
|
||||||
|
if(x) {
|
||||||
|
pkey = X509_get_pubkey(x);
|
||||||
|
X509_free(x);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!pkey) {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
rsa = EVP_PKEY_get1_RSA(pkey);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
|
||||||
|
if(!rsa) {
|
||||||
|
BIO_printf(bio_err, "Error getting RSA key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if(infile) {
|
||||||
|
if(!(in = BIO_new_file(infile, "rb"))) {
|
||||||
|
BIO_printf(bio_err, "Error Reading Input File\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if(outfile) {
|
||||||
|
if(!(out = BIO_new_file(outfile, "wb"))) {
|
||||||
|
BIO_printf(bio_err, "Error Reading Output File\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
keysize = RSA_size(rsa);
|
||||||
|
|
||||||
|
rsa_in = OPENSSL_malloc(keysize * 2);
|
||||||
|
rsa_out = OPENSSL_malloc(keysize);
|
||||||
|
|
||||||
|
/* Read the input data */
|
||||||
|
rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
|
||||||
|
if(rsa_inlen <= 0) {
|
||||||
|
BIO_printf(bio_err, "Error reading input Data\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
if(rev) {
|
||||||
|
int i;
|
||||||
|
unsigned char ctmp;
|
||||||
|
for(i = 0; i < rsa_inlen/2; i++) {
|
||||||
|
ctmp = rsa_in[i];
|
||||||
|
rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
|
||||||
|
rsa_in[rsa_inlen - 1 - i] = ctmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
switch(rsa_mode) {
|
||||||
|
|
||||||
|
case RSA_VERIFY:
|
||||||
|
rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case RSA_SIGN:
|
||||||
|
rsa_outlen = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case RSA_ENCRYPT:
|
||||||
|
rsa_outlen = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case RSA_DECRYPT:
|
||||||
|
rsa_outlen = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
|
||||||
|
break;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
if(rsa_outlen <= 0) {
|
||||||
|
BIO_printf(bio_err, "RSA operation error\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
ret = 0;
|
||||||
|
if(asn1parse) {
|
||||||
|
if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
}
|
||||||
|
} else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen);
|
||||||
|
else BIO_write(out, rsa_out, rsa_outlen);
|
||||||
|
end:
|
||||||
|
RSA_free(rsa);
|
||||||
|
BIO_free(in);
|
||||||
|
BIO_free_all(out);
|
||||||
|
if(rsa_in) OPENSSL_free(rsa_in);
|
||||||
|
if(rsa_out) OPENSSL_free(rsa_out);
|
||||||
|
if(passin) OPENSSL_free(passin);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void usage()
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Usage: rsautl [options]\n");
|
||||||
|
BIO_printf(bio_err, "-in file input file\n");
|
||||||
|
BIO_printf(bio_err, "-out file output file\n");
|
||||||
|
BIO_printf(bio_err, "-inkey file input key\n");
|
||||||
|
BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
|
||||||
|
BIO_printf(bio_err, "-pubin input is an RSA public\n");
|
||||||
|
BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n");
|
||||||
|
BIO_printf(bio_err, "-ssl use SSL v2 padding\n");
|
||||||
|
BIO_printf(bio_err, "-raw use no padding\n");
|
||||||
|
BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n");
|
||||||
|
BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n");
|
||||||
|
BIO_printf(bio_err, "-sign sign with private key\n");
|
||||||
|
BIO_printf(bio_err, "-verify verify with public key\n");
|
||||||
|
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
|
||||||
|
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
|
||||||
|
BIO_printf(bio_err, "-hexdump hex dump output\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
BIO_printf (bio_err, "-passin arg pass phrase source\n");
|
||||||
|
#endif
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#else /* !OPENSSL_NO_RSA */
|
||||||
|
|
||||||
|
# if PEDANTIC
|
||||||
|
static void *dummy=&dummy;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif
|
15
jni/openssl/apps/s1024key.pem
Normal file
15
jni/openssl/apps/s1024key.pem
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
|
||||||
|
S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
|
||||||
|
pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
|
||||||
|
AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
|
||||||
|
dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
|
||||||
|
bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
|
||||||
|
Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
|
||||||
|
zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
|
||||||
|
6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
|
||||||
|
QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
|
||||||
|
dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
|
||||||
|
0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
|
||||||
|
nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
|
||||||
|
-----END RSA PRIVATE KEY-----
|
11
jni/openssl/apps/s1024req.pem
Normal file
11
jni/openssl/apps/s1024req.pem
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
|
||||||
|
GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz
|
||||||
|
dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR
|
||||||
|
9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo
|
||||||
|
KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2
|
||||||
|
RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE
|
||||||
|
BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq
|
||||||
|
nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil
|
||||||
|
frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M=
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
9
jni/openssl/apps/s512-key.pem
Normal file
9
jni/openssl/apps/s512-key.pem
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
|
||||||
|
TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
|
||||||
|
OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
|
||||||
|
gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
|
||||||
|
rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
|
||||||
|
PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
|
||||||
|
vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
8
jni/openssl/apps/s512-req.pem
Normal file
8
jni/openssl/apps/s512-req.pem
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
|
||||||
|
MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0
|
||||||
|
IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S
|
||||||
|
MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E
|
||||||
|
y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm
|
||||||
|
5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8=
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
176
jni/openssl/apps/s_apps.h
Normal file
176
jni/openssl/apps/s_apps.h
Normal file
@ -0,0 +1,176 @@
|
|||||||
|
/* apps/s_apps.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */
|
||||||
|
#include <sys/types.h>
|
||||||
|
#endif
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
|
||||||
|
#include <conio.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
|
||||||
|
#define _kbhit kbhit
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(OPENSSL_SYS_VMS) && !defined(FD_SET)
|
||||||
|
/* VAX C does not defined fd_set and friends, but it's actually quite simple */
|
||||||
|
/* These definitions are borrowed from SOCKETSHR. /Richard Levitte */
|
||||||
|
#define MAX_NOFILE 32
|
||||||
|
#define NBBY 8 /* number of bits in a byte */
|
||||||
|
|
||||||
|
#ifndef FD_SETSIZE
|
||||||
|
#define FD_SETSIZE MAX_NOFILE
|
||||||
|
#endif /* FD_SETSIZE */
|
||||||
|
|
||||||
|
/* How many things we'll allow select to use. 0 if unlimited */
|
||||||
|
#define MAXSELFD MAX_NOFILE
|
||||||
|
typedef int fd_mask; /* int here! VMS prototypes int, not long */
|
||||||
|
#define NFDBITS (sizeof(fd_mask) * NBBY) /* bits per mask (power of 2!)*/
|
||||||
|
#define NFDSHIFT 5 /* Shift based on above */
|
||||||
|
|
||||||
|
typedef fd_mask fd_set;
|
||||||
|
#define FD_SET(n, p) (*(p) |= (1 << ((n) % NFDBITS)))
|
||||||
|
#define FD_CLR(n, p) (*(p) &= ~(1 << ((n) % NFDBITS)))
|
||||||
|
#define FD_ISSET(n, p) (*(p) & (1 << ((n) % NFDBITS)))
|
||||||
|
#define FD_ZERO(p) memset((char *)(p), 0, sizeof(*(p)))
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define PORT 4433
|
||||||
|
#define PORT_STR "4433"
|
||||||
|
#define PROTOCOL "tcp"
|
||||||
|
|
||||||
|
int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
|
||||||
|
#ifdef HEADER_X509_H
|
||||||
|
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
|
||||||
|
#endif
|
||||||
|
#ifdef HEADER_SSL_H
|
||||||
|
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
|
||||||
|
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
|
||||||
|
#endif
|
||||||
|
int init_client(int *sock, char *server, int port, int type);
|
||||||
|
int should_retry(int i);
|
||||||
|
int extract_port(char *str, short *port_ptr);
|
||||||
|
int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
|
||||||
|
|
||||||
|
long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
|
||||||
|
int argi, long argl, long ret);
|
||||||
|
|
||||||
|
#ifdef HEADER_SSL_H
|
||||||
|
void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret);
|
||||||
|
void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
|
||||||
|
void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
|
||||||
|
unsigned char *data, int len,
|
||||||
|
void *arg);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len);
|
||||||
|
int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len);
|
862
jni/openssl/apps/s_cb.c
Normal file
862
jni/openssl/apps/s_cb.c
Normal file
@ -0,0 +1,862 @@
|
|||||||
|
/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#define USE_SOCKETS
|
||||||
|
#define NON_MAIN
|
||||||
|
#include "apps.h"
|
||||||
|
#undef NON_MAIN
|
||||||
|
#undef USE_SOCKETS
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
#include "s_apps.h"
|
||||||
|
|
||||||
|
#define COOKIE_SECRET_LENGTH 16
|
||||||
|
|
||||||
|
int verify_depth=0;
|
||||||
|
int verify_error=X509_V_OK;
|
||||||
|
int verify_return_error=0;
|
||||||
|
unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
|
||||||
|
int cookie_initialized=0;
|
||||||
|
|
||||||
|
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
|
||||||
|
{
|
||||||
|
X509 *err_cert;
|
||||||
|
int err,depth;
|
||||||
|
|
||||||
|
err_cert=X509_STORE_CTX_get_current_cert(ctx);
|
||||||
|
err= X509_STORE_CTX_get_error(ctx);
|
||||||
|
depth= X509_STORE_CTX_get_error_depth(ctx);
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"depth=%d ",depth);
|
||||||
|
if (err_cert)
|
||||||
|
{
|
||||||
|
X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
|
||||||
|
0, XN_FLAG_ONELINE);
|
||||||
|
BIO_puts(bio_err, "\n");
|
||||||
|
}
|
||||||
|
else
|
||||||
|
BIO_puts(bio_err, "<no cert>\n");
|
||||||
|
if (!ok)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
|
||||||
|
X509_verify_cert_error_string(err));
|
||||||
|
if (verify_depth >= depth)
|
||||||
|
{
|
||||||
|
if (!verify_return_error)
|
||||||
|
ok=1;
|
||||||
|
verify_error=X509_V_OK;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ok=0;
|
||||||
|
verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
switch (err)
|
||||||
|
{
|
||||||
|
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
|
||||||
|
BIO_puts(bio_err,"issuer= ");
|
||||||
|
X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
|
||||||
|
0, XN_FLAG_ONELINE);
|
||||||
|
BIO_puts(bio_err, "\n");
|
||||||
|
break;
|
||||||
|
case X509_V_ERR_CERT_NOT_YET_VALID:
|
||||||
|
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
|
||||||
|
BIO_printf(bio_err,"notBefore=");
|
||||||
|
ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
|
||||||
|
BIO_printf(bio_err,"\n");
|
||||||
|
break;
|
||||||
|
case X509_V_ERR_CERT_HAS_EXPIRED:
|
||||||
|
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
|
||||||
|
BIO_printf(bio_err,"notAfter=");
|
||||||
|
ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
|
||||||
|
BIO_printf(bio_err,"\n");
|
||||||
|
break;
|
||||||
|
case X509_V_ERR_NO_EXPLICIT_POLICY:
|
||||||
|
policies_print(bio_err, ctx);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (err == X509_V_OK && ok == 2)
|
||||||
|
policies_print(bio_err, ctx);
|
||||||
|
|
||||||
|
BIO_printf(bio_err,"verify return:%d\n",ok);
|
||||||
|
return(ok);
|
||||||
|
}
|
||||||
|
|
||||||
|
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
|
||||||
|
{
|
||||||
|
if (cert_file != NULL)
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
SSL *ssl;
|
||||||
|
X509 *x509;
|
||||||
|
*/
|
||||||
|
|
||||||
|
if (SSL_CTX_use_certificate_file(ctx,cert_file,
|
||||||
|
SSL_FILETYPE_PEM) <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
if (key_file == NULL) key_file=cert_file;
|
||||||
|
if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
|
||||||
|
SSL_FILETYPE_PEM) <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
In theory this is no longer needed
|
||||||
|
ssl=SSL_new(ctx);
|
||||||
|
x509=SSL_get_certificate(ssl);
|
||||||
|
|
||||||
|
if (x509 != NULL) {
|
||||||
|
EVP_PKEY *pktmp;
|
||||||
|
pktmp = X509_get_pubkey(x509);
|
||||||
|
EVP_PKEY_copy_parameters(pktmp,
|
||||||
|
SSL_get_privatekey(ssl));
|
||||||
|
EVP_PKEY_free(pktmp);
|
||||||
|
}
|
||||||
|
SSL_free(ssl);
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* If we are using DSA, we can copy the parameters from
|
||||||
|
* the private key */
|
||||||
|
|
||||||
|
|
||||||
|
/* Now we know that a key and cert have been set against
|
||||||
|
* the SSL context */
|
||||||
|
if (!SSL_CTX_check_private_key(ctx))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Private key does not match the certificate public key\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
|
||||||
|
{
|
||||||
|
if (cert == NULL)
|
||||||
|
return 1;
|
||||||
|
if (SSL_CTX_use_certificate(ctx,cert) <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"error setting certificate\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"error setting private key\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Now we know that a key and cert have been set against
|
||||||
|
* the SSL context */
|
||||||
|
if (!SSL_CTX_check_private_key(ctx))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Private key does not match the certificate public key\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
|
||||||
|
int argi, long argl, long ret)
|
||||||
|
{
|
||||||
|
BIO *out;
|
||||||
|
|
||||||
|
out=(BIO *)BIO_get_callback_arg(bio);
|
||||||
|
if (out == NULL) return(ret);
|
||||||
|
|
||||||
|
if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
|
||||||
|
{
|
||||||
|
BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
|
||||||
|
(void *)bio,argp,(unsigned long)argi,ret,ret);
|
||||||
|
BIO_dump(out,argp,(int)ret);
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
|
||||||
|
{
|
||||||
|
BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
|
||||||
|
(void *)bio,argp,(unsigned long)argi,ret,ret);
|
||||||
|
BIO_dump(out,argp,(int)ret);
|
||||||
|
}
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
|
||||||
|
{
|
||||||
|
const char *str;
|
||||||
|
int w;
|
||||||
|
|
||||||
|
w=where& ~SSL_ST_MASK;
|
||||||
|
|
||||||
|
if (w & SSL_ST_CONNECT) str="SSL_connect";
|
||||||
|
else if (w & SSL_ST_ACCEPT) str="SSL_accept";
|
||||||
|
else str="undefined";
|
||||||
|
|
||||||
|
if (where & SSL_CB_LOOP)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
|
||||||
|
}
|
||||||
|
else if (where & SSL_CB_ALERT)
|
||||||
|
{
|
||||||
|
str=(where & SSL_CB_READ)?"read":"write";
|
||||||
|
BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
|
||||||
|
str,
|
||||||
|
SSL_alert_type_string_long(ret),
|
||||||
|
SSL_alert_desc_string_long(ret));
|
||||||
|
}
|
||||||
|
else if (where & SSL_CB_EXIT)
|
||||||
|
{
|
||||||
|
if (ret == 0)
|
||||||
|
BIO_printf(bio_err,"%s:failed in %s\n",
|
||||||
|
str,SSL_state_string_long(s));
|
||||||
|
else if (ret < 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"%s:error in %s\n",
|
||||||
|
str,SSL_state_string_long(s));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
|
||||||
|
{
|
||||||
|
BIO *bio = arg;
|
||||||
|
const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2= "";
|
||||||
|
|
||||||
|
str_write_p = write_p ? ">>>" : "<<<";
|
||||||
|
|
||||||
|
switch (version)
|
||||||
|
{
|
||||||
|
case SSL2_VERSION:
|
||||||
|
str_version = "SSL 2.0";
|
||||||
|
break;
|
||||||
|
case SSL3_VERSION:
|
||||||
|
str_version = "SSL 3.0 ";
|
||||||
|
break;
|
||||||
|
case TLS1_VERSION:
|
||||||
|
str_version = "TLS 1.0 ";
|
||||||
|
break;
|
||||||
|
case DTLS1_VERSION:
|
||||||
|
str_version = "DTLS 1.0 ";
|
||||||
|
break;
|
||||||
|
case DTLS1_BAD_VER:
|
||||||
|
str_version = "DTLS 1.0 (bad) ";
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
str_version = "???";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (version == SSL2_VERSION)
|
||||||
|
{
|
||||||
|
str_details1 = "???";
|
||||||
|
|
||||||
|
if (len > 0)
|
||||||
|
{
|
||||||
|
switch (((const unsigned char*)buf)[0])
|
||||||
|
{
|
||||||
|
case 0:
|
||||||
|
str_details1 = ", ERROR:";
|
||||||
|
str_details2 = " ???";
|
||||||
|
if (len >= 3)
|
||||||
|
{
|
||||||
|
unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
|
||||||
|
|
||||||
|
switch (err)
|
||||||
|
{
|
||||||
|
case 0x0001:
|
||||||
|
str_details2 = " NO-CIPHER-ERROR";
|
||||||
|
break;
|
||||||
|
case 0x0002:
|
||||||
|
str_details2 = " NO-CERTIFICATE-ERROR";
|
||||||
|
break;
|
||||||
|
case 0x0004:
|
||||||
|
str_details2 = " BAD-CERTIFICATE-ERROR";
|
||||||
|
break;
|
||||||
|
case 0x0006:
|
||||||
|
str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
break;
|
||||||
|
case 1:
|
||||||
|
str_details1 = ", CLIENT-HELLO";
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
|
str_details1 = ", CLIENT-MASTER-KEY";
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
|
str_details1 = ", CLIENT-FINISHED";
|
||||||
|
break;
|
||||||
|
case 4:
|
||||||
|
str_details1 = ", SERVER-HELLO";
|
||||||
|
break;
|
||||||
|
case 5:
|
||||||
|
str_details1 = ", SERVER-VERIFY";
|
||||||
|
break;
|
||||||
|
case 6:
|
||||||
|
str_details1 = ", SERVER-FINISHED";
|
||||||
|
break;
|
||||||
|
case 7:
|
||||||
|
str_details1 = ", REQUEST-CERTIFICATE";
|
||||||
|
break;
|
||||||
|
case 8:
|
||||||
|
str_details1 = ", CLIENT-CERTIFICATE";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (version == SSL3_VERSION ||
|
||||||
|
version == TLS1_VERSION ||
|
||||||
|
version == DTLS1_VERSION ||
|
||||||
|
version == DTLS1_BAD_VER)
|
||||||
|
{
|
||||||
|
switch (content_type)
|
||||||
|
{
|
||||||
|
case 20:
|
||||||
|
str_content_type = "ChangeCipherSpec";
|
||||||
|
break;
|
||||||
|
case 21:
|
||||||
|
str_content_type = "Alert";
|
||||||
|
break;
|
||||||
|
case 22:
|
||||||
|
str_content_type = "Handshake";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (content_type == 21) /* Alert */
|
||||||
|
{
|
||||||
|
str_details1 = ", ???";
|
||||||
|
|
||||||
|
if (len == 2)
|
||||||
|
{
|
||||||
|
switch (((const unsigned char*)buf)[0])
|
||||||
|
{
|
||||||
|
case 1:
|
||||||
|
str_details1 = ", warning";
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
|
str_details1 = ", fatal";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
str_details2 = " ???";
|
||||||
|
switch (((const unsigned char*)buf)[1])
|
||||||
|
{
|
||||||
|
case 0:
|
||||||
|
str_details2 = " close_notify";
|
||||||
|
break;
|
||||||
|
case 10:
|
||||||
|
str_details2 = " unexpected_message";
|
||||||
|
break;
|
||||||
|
case 20:
|
||||||
|
str_details2 = " bad_record_mac";
|
||||||
|
break;
|
||||||
|
case 21:
|
||||||
|
str_details2 = " decryption_failed";
|
||||||
|
break;
|
||||||
|
case 22:
|
||||||
|
str_details2 = " record_overflow";
|
||||||
|
break;
|
||||||
|
case 30:
|
||||||
|
str_details2 = " decompression_failure";
|
||||||
|
break;
|
||||||
|
case 40:
|
||||||
|
str_details2 = " handshake_failure";
|
||||||
|
break;
|
||||||
|
case 42:
|
||||||
|
str_details2 = " bad_certificate";
|
||||||
|
break;
|
||||||
|
case 43:
|
||||||
|
str_details2 = " unsupported_certificate";
|
||||||
|
break;
|
||||||
|
case 44:
|
||||||
|
str_details2 = " certificate_revoked";
|
||||||
|
break;
|
||||||
|
case 45:
|
||||||
|
str_details2 = " certificate_expired";
|
||||||
|
break;
|
||||||
|
case 46:
|
||||||
|
str_details2 = " certificate_unknown";
|
||||||
|
break;
|
||||||
|
case 47:
|
||||||
|
str_details2 = " illegal_parameter";
|
||||||
|
break;
|
||||||
|
case 48:
|
||||||
|
str_details2 = " unknown_ca";
|
||||||
|
break;
|
||||||
|
case 49:
|
||||||
|
str_details2 = " access_denied";
|
||||||
|
break;
|
||||||
|
case 50:
|
||||||
|
str_details2 = " decode_error";
|
||||||
|
break;
|
||||||
|
case 51:
|
||||||
|
str_details2 = " decrypt_error";
|
||||||
|
break;
|
||||||
|
case 60:
|
||||||
|
str_details2 = " export_restriction";
|
||||||
|
break;
|
||||||
|
case 70:
|
||||||
|
str_details2 = " protocol_version";
|
||||||
|
break;
|
||||||
|
case 71:
|
||||||
|
str_details2 = " insufficient_security";
|
||||||
|
break;
|
||||||
|
case 80:
|
||||||
|
str_details2 = " internal_error";
|
||||||
|
break;
|
||||||
|
case 90:
|
||||||
|
str_details2 = " user_canceled";
|
||||||
|
break;
|
||||||
|
case 100:
|
||||||
|
str_details2 = " no_renegotiation";
|
||||||
|
break;
|
||||||
|
case 110:
|
||||||
|
str_details2 = " unsupported_extension";
|
||||||
|
break;
|
||||||
|
case 111:
|
||||||
|
str_details2 = " certificate_unobtainable";
|
||||||
|
break;
|
||||||
|
case 112:
|
||||||
|
str_details2 = " unrecognized_name";
|
||||||
|
break;
|
||||||
|
case 113:
|
||||||
|
str_details2 = " bad_certificate_status_response";
|
||||||
|
break;
|
||||||
|
case 114:
|
||||||
|
str_details2 = " bad_certificate_hash_value";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (content_type == 22) /* Handshake */
|
||||||
|
{
|
||||||
|
str_details1 = "???";
|
||||||
|
|
||||||
|
if (len > 0)
|
||||||
|
{
|
||||||
|
switch (((const unsigned char*)buf)[0])
|
||||||
|
{
|
||||||
|
case 0:
|
||||||
|
str_details1 = ", HelloRequest";
|
||||||
|
break;
|
||||||
|
case 1:
|
||||||
|
str_details1 = ", ClientHello";
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
|
str_details1 = ", ServerHello";
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
|
str_details1 = ", HelloVerifyRequest";
|
||||||
|
break;
|
||||||
|
case 11:
|
||||||
|
str_details1 = ", Certificate";
|
||||||
|
break;
|
||||||
|
case 12:
|
||||||
|
str_details1 = ", ServerKeyExchange";
|
||||||
|
break;
|
||||||
|
case 13:
|
||||||
|
str_details1 = ", CertificateRequest";
|
||||||
|
break;
|
||||||
|
case 14:
|
||||||
|
str_details1 = ", ServerHelloDone";
|
||||||
|
break;
|
||||||
|
case 15:
|
||||||
|
str_details1 = ", CertificateVerify";
|
||||||
|
break;
|
||||||
|
case 16:
|
||||||
|
str_details1 = ", ClientKeyExchange";
|
||||||
|
break;
|
||||||
|
case 20:
|
||||||
|
str_details1 = ", Finished";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
|
||||||
|
|
||||||
|
if (len > 0)
|
||||||
|
{
|
||||||
|
size_t num, i;
|
||||||
|
|
||||||
|
BIO_printf(bio, " ");
|
||||||
|
num = len;
|
||||||
|
#if 0
|
||||||
|
if (num > 16)
|
||||||
|
num = 16;
|
||||||
|
#endif
|
||||||
|
for (i = 0; i < num; i++)
|
||||||
|
{
|
||||||
|
if (i % 16 == 0 && i > 0)
|
||||||
|
BIO_printf(bio, "\n ");
|
||||||
|
BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
|
||||||
|
}
|
||||||
|
if (i < len)
|
||||||
|
BIO_printf(bio, " ...");
|
||||||
|
BIO_printf(bio, "\n");
|
||||||
|
}
|
||||||
|
(void)BIO_flush(bio);
|
||||||
|
}
|
||||||
|
|
||||||
|
void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
|
||||||
|
unsigned char *data, int len,
|
||||||
|
void *arg)
|
||||||
|
{
|
||||||
|
BIO *bio = arg;
|
||||||
|
char *extname;
|
||||||
|
|
||||||
|
switch(type)
|
||||||
|
{
|
||||||
|
case TLSEXT_TYPE_server_name:
|
||||||
|
extname = "server name";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_max_fragment_length:
|
||||||
|
extname = "max fragment length";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_client_certificate_url:
|
||||||
|
extname = "client certificate URL";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_trusted_ca_keys:
|
||||||
|
extname = "trusted CA keys";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_truncated_hmac:
|
||||||
|
extname = "truncated HMAC";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_status_request:
|
||||||
|
extname = "status request";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_elliptic_curves:
|
||||||
|
extname = "elliptic curves";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_ec_point_formats:
|
||||||
|
extname = "EC point formats";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_session_ticket:
|
||||||
|
extname = "server ticket";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSEXT_TYPE_renegotiate:
|
||||||
|
extname = "renegotiate";
|
||||||
|
break;
|
||||||
|
|
||||||
|
#ifdef TLSEXT_TYPE_opaque_prf_input
|
||||||
|
case TLSEXT_TYPE_opaque_prf_input:
|
||||||
|
extname = "opaque PRF input";
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
default:
|
||||||
|
extname = "unknown";
|
||||||
|
break;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
|
||||||
|
client_server ? "server": "client",
|
||||||
|
extname, type, len);
|
||||||
|
BIO_dump(bio, (char *)data, len);
|
||||||
|
(void)BIO_flush(bio);
|
||||||
|
}
|
||||||
|
|
||||||
|
int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)
|
||||||
|
{
|
||||||
|
unsigned char *buffer, result[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned int length, resultlength;
|
||||||
|
union {
|
||||||
|
struct sockaddr sa;
|
||||||
|
struct sockaddr_in s4;
|
||||||
|
#if OPENSSL_USE_IPV6
|
||||||
|
struct sockaddr_in6 s6;
|
||||||
|
#endif
|
||||||
|
} peer;
|
||||||
|
|
||||||
|
/* Initialize a random secret */
|
||||||
|
if (!cookie_initialized)
|
||||||
|
{
|
||||||
|
if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"error setting random cookie secret\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
cookie_initialized = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Read peer information */
|
||||||
|
(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
|
||||||
|
|
||||||
|
/* Create buffer with peer's address and port */
|
||||||
|
length = 0;
|
||||||
|
switch (peer.sa.sa_family)
|
||||||
|
{
|
||||||
|
case AF_INET:
|
||||||
|
length += sizeof(struct in_addr);
|
||||||
|
length += sizeof(peer.s4.sin_port);
|
||||||
|
break;
|
||||||
|
#if OPENSSL_USE_IPV6
|
||||||
|
case AF_INET6:
|
||||||
|
length += sizeof(struct in6_addr);
|
||||||
|
length += sizeof(peer.s6.sin6_port);
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
default:
|
||||||
|
OPENSSL_assert(0);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
buffer = OPENSSL_malloc(length);
|
||||||
|
|
||||||
|
if (buffer == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"out of memory\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
switch (peer.sa.sa_family)
|
||||||
|
{
|
||||||
|
case AF_INET:
|
||||||
|
memcpy(buffer,
|
||||||
|
&peer.s4.sin_port,
|
||||||
|
sizeof(peer.s4.sin_port));
|
||||||
|
memcpy(buffer + sizeof(peer.s4.sin_port),
|
||||||
|
&peer.s4.sin_addr,
|
||||||
|
sizeof(struct in_addr));
|
||||||
|
break;
|
||||||
|
#if OPENSSL_USE_IPV6
|
||||||
|
case AF_INET6:
|
||||||
|
memcpy(buffer,
|
||||||
|
&peer.s6.sin6_port,
|
||||||
|
sizeof(peer.s6.sin6_port));
|
||||||
|
memcpy(buffer + sizeof(peer.s6.sin6_port),
|
||||||
|
&peer.s6.sin6_addr,
|
||||||
|
sizeof(struct in6_addr));
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
default:
|
||||||
|
OPENSSL_assert(0);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Calculate HMAC of buffer using the secret */
|
||||||
|
HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
|
||||||
|
buffer, length, result, &resultlength);
|
||||||
|
OPENSSL_free(buffer);
|
||||||
|
|
||||||
|
memcpy(cookie, result, resultlength);
|
||||||
|
*cookie_len = resultlength;
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)
|
||||||
|
{
|
||||||
|
unsigned char *buffer, result[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned int length, resultlength;
|
||||||
|
union {
|
||||||
|
struct sockaddr sa;
|
||||||
|
struct sockaddr_in s4;
|
||||||
|
#if OPENSSL_USE_IPV6
|
||||||
|
struct sockaddr_in6 s6;
|
||||||
|
#endif
|
||||||
|
} peer;
|
||||||
|
|
||||||
|
/* If secret isn't initialized yet, the cookie can't be valid */
|
||||||
|
if (!cookie_initialized)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
/* Read peer information */
|
||||||
|
(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
|
||||||
|
|
||||||
|
/* Create buffer with peer's address and port */
|
||||||
|
length = 0;
|
||||||
|
switch (peer.sa.sa_family)
|
||||||
|
{
|
||||||
|
case AF_INET:
|
||||||
|
length += sizeof(struct in_addr);
|
||||||
|
length += sizeof(peer.s4.sin_port);
|
||||||
|
break;
|
||||||
|
#if OPENSSL_USE_IPV6
|
||||||
|
case AF_INET6:
|
||||||
|
length += sizeof(struct in6_addr);
|
||||||
|
length += sizeof(peer.s6.sin6_port);
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
default:
|
||||||
|
OPENSSL_assert(0);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
buffer = OPENSSL_malloc(length);
|
||||||
|
|
||||||
|
if (buffer == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"out of memory\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
switch (peer.sa.sa_family)
|
||||||
|
{
|
||||||
|
case AF_INET:
|
||||||
|
memcpy(buffer,
|
||||||
|
&peer.s4.sin_port,
|
||||||
|
sizeof(peer.s4.sin_port));
|
||||||
|
memcpy(buffer + sizeof(peer.s4.sin_port),
|
||||||
|
&peer.s4.sin_addr,
|
||||||
|
sizeof(struct in_addr));
|
||||||
|
break;
|
||||||
|
#if OPENSSL_USE_IPV6
|
||||||
|
case AF_INET6:
|
||||||
|
memcpy(buffer,
|
||||||
|
&peer.s6.sin6_port,
|
||||||
|
sizeof(peer.s6.sin6_port));
|
||||||
|
memcpy(buffer + sizeof(peer.s6.sin6_port),
|
||||||
|
&peer.s6.sin6_addr,
|
||||||
|
sizeof(struct in6_addr));
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
default:
|
||||||
|
OPENSSL_assert(0);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Calculate HMAC of buffer using the secret */
|
||||||
|
HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
|
||||||
|
buffer, length, result, &resultlength);
|
||||||
|
OPENSSL_free(buffer);
|
||||||
|
|
||||||
|
if (cookie_len == resultlength && memcmp(result, cookie, resultlength) == 0)
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
1873
jni/openssl/apps/s_client.c
Normal file
1873
jni/openssl/apps/s_client.c
Normal file
File diff suppressed because it is too large
Load Diff
2752
jni/openssl/apps/s_server.c
Normal file
2752
jni/openssl/apps/s_server.c
Normal file
File diff suppressed because it is too large
Load Diff
620
jni/openssl/apps/s_socket.c
Normal file
620
jni/openssl/apps/s_socket.c
Normal file
@ -0,0 +1,620 @@
|
|||||||
|
/* apps/s_socket.c - socket-related functions used by s_client and s_server */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <signal.h>
|
||||||
|
|
||||||
|
#ifdef FLAT_INC
|
||||||
|
#include "e_os2.h"
|
||||||
|
#else
|
||||||
|
#include "../e_os2.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* With IPv6, it looks like Digital has mixed up the proper order of
|
||||||
|
recursive header file inclusion, resulting in the compiler complaining
|
||||||
|
that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
|
||||||
|
is needed to have fileno() declared correctly... So let's define u_int */
|
||||||
|
#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
|
||||||
|
#define __U_INT
|
||||||
|
typedef unsigned int u_int;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define USE_SOCKETS
|
||||||
|
#define NON_MAIN
|
||||||
|
#include "apps.h"
|
||||||
|
#undef USE_SOCKETS
|
||||||
|
#undef NON_MAIN
|
||||||
|
#include "s_apps.h"
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#ifdef FLAT_INC
|
||||||
|
#include "e_os.h"
|
||||||
|
#else
|
||||||
|
#include "../e_os.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_SOCK
|
||||||
|
|
||||||
|
#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
|
||||||
|
#include "netdb.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static struct hostent *GetHostByName(char *name);
|
||||||
|
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
|
||||||
|
static void ssl_sock_cleanup(void);
|
||||||
|
#endif
|
||||||
|
static int ssl_sock_init(void);
|
||||||
|
static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
|
||||||
|
static int init_server(int *sock, int port, int type);
|
||||||
|
static int init_server_long(int *sock, int port,char *ip, int type);
|
||||||
|
static int do_accept(int acc_sock, int *sock, char **host);
|
||||||
|
static int host_ip(char *str, unsigned char ip[4]);
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYS_WIN16
|
||||||
|
#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
|
||||||
|
#else
|
||||||
|
#define SOCKET_PROTOCOL IPPROTO_TCP
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
|
||||||
|
static int wsa_init_done=0;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYS_WINDOWS
|
||||||
|
static struct WSAData wsa_state;
|
||||||
|
static int wsa_init_done=0;
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYS_WIN16
|
||||||
|
static HWND topWnd=0;
|
||||||
|
static FARPROC lpTopWndProc=NULL;
|
||||||
|
static FARPROC lpTopHookProc=NULL;
|
||||||
|
extern HINSTANCE _hInstance; /* nice global CRT provides */
|
||||||
|
|
||||||
|
static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
|
||||||
|
LPARAM lParam)
|
||||||
|
{
|
||||||
|
if (hwnd == topWnd)
|
||||||
|
{
|
||||||
|
switch(message)
|
||||||
|
{
|
||||||
|
case WM_DESTROY:
|
||||||
|
case WM_CLOSE:
|
||||||
|
SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
|
||||||
|
ssl_sock_cleanup();
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
|
||||||
|
}
|
||||||
|
|
||||||
|
static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
|
||||||
|
{
|
||||||
|
topWnd=hwnd;
|
||||||
|
return(FALSE);
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif /* OPENSSL_SYS_WIN32 */
|
||||||
|
#endif /* OPENSSL_SYS_WINDOWS */
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYS_WINDOWS
|
||||||
|
static void ssl_sock_cleanup(void)
|
||||||
|
{
|
||||||
|
if (wsa_init_done)
|
||||||
|
{
|
||||||
|
wsa_init_done=0;
|
||||||
|
#ifndef OPENSSL_SYS_WINCE
|
||||||
|
WSACancelBlockingCall();
|
||||||
|
#endif
|
||||||
|
WSACleanup();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
|
||||||
|
static void sock_cleanup(void)
|
||||||
|
{
|
||||||
|
if (wsa_init_done)
|
||||||
|
{
|
||||||
|
wsa_init_done=0;
|
||||||
|
WSACleanup();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static int ssl_sock_init(void)
|
||||||
|
{
|
||||||
|
#ifdef WATT32
|
||||||
|
extern int _watt_do_exit;
|
||||||
|
_watt_do_exit = 0;
|
||||||
|
if (sock_init())
|
||||||
|
return (0);
|
||||||
|
#elif defined(OPENSSL_SYS_WINDOWS)
|
||||||
|
if (!wsa_init_done)
|
||||||
|
{
|
||||||
|
int err;
|
||||||
|
|
||||||
|
#ifdef SIGINT
|
||||||
|
signal(SIGINT,(void (*)(int))ssl_sock_cleanup);
|
||||||
|
#endif
|
||||||
|
wsa_init_done=1;
|
||||||
|
memset(&wsa_state,0,sizeof(wsa_state));
|
||||||
|
if (WSAStartup(0x0101,&wsa_state)!=0)
|
||||||
|
{
|
||||||
|
err=WSAGetLastError();
|
||||||
|
BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYS_WIN16
|
||||||
|
EnumTaskWindows(GetCurrentTask(),enumproc,0L);
|
||||||
|
lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
|
||||||
|
lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
|
||||||
|
|
||||||
|
SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
|
||||||
|
#endif /* OPENSSL_SYS_WIN16 */
|
||||||
|
}
|
||||||
|
#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
|
||||||
|
WORD wVerReq;
|
||||||
|
WSADATA wsaData;
|
||||||
|
int err;
|
||||||
|
|
||||||
|
if (!wsa_init_done)
|
||||||
|
{
|
||||||
|
|
||||||
|
# ifdef SIGINT
|
||||||
|
signal(SIGINT,(void (*)(int))sock_cleanup);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
wsa_init_done=1;
|
||||||
|
wVerReq = MAKEWORD( 2, 0 );
|
||||||
|
err = WSAStartup(wVerReq,&wsaData);
|
||||||
|
if (err != 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to start WINSOCK2, error code=%d\n",err);
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif /* OPENSSL_SYS_WINDOWS */
|
||||||
|
return(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
int init_client(int *sock, char *host, int port, int type)
|
||||||
|
{
|
||||||
|
unsigned char ip[4];
|
||||||
|
|
||||||
|
if (!host_ip(host,&(ip[0])))
|
||||||
|
{
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
return(init_client_ip(sock,ip,port,type));
|
||||||
|
}
|
||||||
|
|
||||||
|
static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
|
||||||
|
{
|
||||||
|
unsigned long addr;
|
||||||
|
struct sockaddr_in them;
|
||||||
|
int s,i;
|
||||||
|
|
||||||
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
|
memset((char *)&them,0,sizeof(them));
|
||||||
|
them.sin_family=AF_INET;
|
||||||
|
them.sin_port=htons((unsigned short)port);
|
||||||
|
addr=(unsigned long)
|
||||||
|
((unsigned long)ip[0]<<24L)|
|
||||||
|
((unsigned long)ip[1]<<16L)|
|
||||||
|
((unsigned long)ip[2]<< 8L)|
|
||||||
|
((unsigned long)ip[3]);
|
||||||
|
them.sin_addr.s_addr=htonl(addr);
|
||||||
|
|
||||||
|
if (type == SOCK_STREAM)
|
||||||
|
s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||||
|
else /* ( type == SOCK_DGRAM) */
|
||||||
|
s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
|
||||||
|
|
||||||
|
if (s == INVALID_SOCKET) { perror("socket"); return(0); }
|
||||||
|
|
||||||
|
#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
|
||||||
|
if (type == SOCK_STREAM)
|
||||||
|
{
|
||||||
|
i=0;
|
||||||
|
i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
|
||||||
|
if (i < 0) { perror("keepalive"); return(0); }
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
|
||||||
|
{ closesocket(s); perror("connect"); return(0); }
|
||||||
|
*sock=s;
|
||||||
|
return(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
|
||||||
|
{
|
||||||
|
int sock;
|
||||||
|
char *name = NULL;
|
||||||
|
int accept_socket = 0;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (!init_server(&accept_socket,port,type)) return(0);
|
||||||
|
|
||||||
|
if (ret != NULL)
|
||||||
|
{
|
||||||
|
*ret=accept_socket;
|
||||||
|
/* return(1);*/
|
||||||
|
}
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
if (type==SOCK_STREAM)
|
||||||
|
{
|
||||||
|
if (do_accept(accept_socket,&sock,&name) == 0)
|
||||||
|
{
|
||||||
|
SHUTDOWN(accept_socket);
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
sock = accept_socket;
|
||||||
|
i=(*cb)(name,sock, context);
|
||||||
|
if (name != NULL) OPENSSL_free(name);
|
||||||
|
if (type==SOCK_STREAM)
|
||||||
|
SHUTDOWN2(sock);
|
||||||
|
if (i < 0)
|
||||||
|
{
|
||||||
|
SHUTDOWN2(accept_socket);
|
||||||
|
return(i);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static int init_server_long(int *sock, int port, char *ip, int type)
|
||||||
|
{
|
||||||
|
int ret=0;
|
||||||
|
struct sockaddr_in server;
|
||||||
|
int s= -1;
|
||||||
|
|
||||||
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
|
memset((char *)&server,0,sizeof(server));
|
||||||
|
server.sin_family=AF_INET;
|
||||||
|
server.sin_port=htons((unsigned short)port);
|
||||||
|
if (ip == NULL)
|
||||||
|
server.sin_addr.s_addr=INADDR_ANY;
|
||||||
|
else
|
||||||
|
/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
|
||||||
|
#ifndef BIT_FIELD_LIMITS
|
||||||
|
memcpy(&server.sin_addr.s_addr,ip,4);
|
||||||
|
#else
|
||||||
|
memcpy(&server.sin_addr,ip,4);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (type == SOCK_STREAM)
|
||||||
|
s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||||
|
else /* type == SOCK_DGRAM */
|
||||||
|
s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
|
||||||
|
|
||||||
|
if (s == INVALID_SOCKET) goto err;
|
||||||
|
#if defined SOL_SOCKET && defined SO_REUSEADDR
|
||||||
|
{
|
||||||
|
int j = 1;
|
||||||
|
setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
|
||||||
|
(void *) &j, sizeof j);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
|
||||||
|
{
|
||||||
|
#ifndef OPENSSL_SYS_WINDOWS
|
||||||
|
perror("bind");
|
||||||
|
#endif
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
/* Make it 128 for linux */
|
||||||
|
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
|
||||||
|
*sock=s;
|
||||||
|
ret=1;
|
||||||
|
err:
|
||||||
|
if ((ret == 0) && (s != -1))
|
||||||
|
{
|
||||||
|
SHUTDOWN(s);
|
||||||
|
}
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int init_server(int *sock, int port, int type)
|
||||||
|
{
|
||||||
|
return(init_server_long(sock, port, NULL, type));
|
||||||
|
}
|
||||||
|
|
||||||
|
static int do_accept(int acc_sock, int *sock, char **host)
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
struct hostent *h1,*h2;
|
||||||
|
static struct sockaddr_in from;
|
||||||
|
int len;
|
||||||
|
/* struct linger ling; */
|
||||||
|
|
||||||
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
|
#ifndef OPENSSL_SYS_WINDOWS
|
||||||
|
redoit:
|
||||||
|
#endif
|
||||||
|
|
||||||
|
memset((char *)&from,0,sizeof(from));
|
||||||
|
len=sizeof(from);
|
||||||
|
/* Note: under VMS with SOCKETSHR the fourth parameter is currently
|
||||||
|
* of type (int *) whereas under other systems it is (void *) if
|
||||||
|
* you don't have a cast it will choke the compiler: if you do
|
||||||
|
* have a cast then you can either go for (int *) or (void *).
|
||||||
|
*/
|
||||||
|
ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len);
|
||||||
|
if (ret == INVALID_SOCKET)
|
||||||
|
{
|
||||||
|
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
|
||||||
|
int i;
|
||||||
|
i=WSAGetLastError();
|
||||||
|
BIO_printf(bio_err,"accept error %d\n",i);
|
||||||
|
#else
|
||||||
|
if (errno == EINTR)
|
||||||
|
{
|
||||||
|
/*check_timeout(); */
|
||||||
|
goto redoit;
|
||||||
|
}
|
||||||
|
fprintf(stderr,"errno=%d ",errno);
|
||||||
|
perror("accept");
|
||||||
|
#endif
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
ling.l_onoff=1;
|
||||||
|
ling.l_linger=0;
|
||||||
|
i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
|
||||||
|
if (i < 0) { perror("linger"); return(0); }
|
||||||
|
i=0;
|
||||||
|
i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
|
||||||
|
if (i < 0) { perror("keepalive"); return(0); }
|
||||||
|
*/
|
||||||
|
|
||||||
|
if (host == NULL) goto end;
|
||||||
|
#ifndef BIT_FIELD_LIMITS
|
||||||
|
/* I should use WSAAsyncGetHostByName() under windows */
|
||||||
|
h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
|
||||||
|
sizeof(from.sin_addr.s_addr),AF_INET);
|
||||||
|
#else
|
||||||
|
h1=gethostbyaddr((char *)&from.sin_addr,
|
||||||
|
sizeof(struct in_addr),AF_INET);
|
||||||
|
#endif
|
||||||
|
if (h1 == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"bad gethostbyaddr\n");
|
||||||
|
*host=NULL;
|
||||||
|
/* return(0); */
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
|
||||||
|
{
|
||||||
|
perror("OPENSSL_malloc");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
|
||||||
|
|
||||||
|
h2=GetHostByName(*host);
|
||||||
|
if (h2 == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"gethostbyname failure\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
if (h2->h_addrtype != AF_INET)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
end:
|
||||||
|
*sock=ret;
|
||||||
|
return(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
|
||||||
|
short *port_ptr)
|
||||||
|
{
|
||||||
|
char *h,*p;
|
||||||
|
|
||||||
|
h=str;
|
||||||
|
p=strchr(str,':');
|
||||||
|
if (p == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"no port defined\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
*(p++)='\0';
|
||||||
|
|
||||||
|
if ((ip != NULL) && !host_ip(str,ip))
|
||||||
|
goto err;
|
||||||
|
if (host_ptr != NULL) *host_ptr=h;
|
||||||
|
|
||||||
|
if (!extract_port(p,port_ptr))
|
||||||
|
goto err;
|
||||||
|
return(1);
|
||||||
|
err:
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int host_ip(char *str, unsigned char ip[4])
|
||||||
|
{
|
||||||
|
unsigned int in[4];
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
|
||||||
|
{
|
||||||
|
for (i=0; i<4; i++)
|
||||||
|
if (in[i] > 255)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"invalid IP address\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
ip[0]=in[0];
|
||||||
|
ip[1]=in[1];
|
||||||
|
ip[2]=in[2];
|
||||||
|
ip[3]=in[3];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{ /* do a gethostbyname */
|
||||||
|
struct hostent *he;
|
||||||
|
|
||||||
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
|
he=GetHostByName(str);
|
||||||
|
if (he == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"gethostbyname failure\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
/* cast to short because of win16 winsock definition */
|
||||||
|
if ((short)he->h_addrtype != AF_INET)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
ip[0]=he->h_addr_list[0][0];
|
||||||
|
ip[1]=he->h_addr_list[0][1];
|
||||||
|
ip[2]=he->h_addr_list[0][2];
|
||||||
|
ip[3]=he->h_addr_list[0][3];
|
||||||
|
}
|
||||||
|
return(1);
|
||||||
|
err:
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
int extract_port(char *str, short *port_ptr)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
struct servent *s;
|
||||||
|
|
||||||
|
i=atoi(str);
|
||||||
|
if (i != 0)
|
||||||
|
*port_ptr=(unsigned short)i;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
s=getservbyname(str,"tcp");
|
||||||
|
if (s == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"getservbyname failure for %s\n",str);
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
*port_ptr=ntohs((unsigned short)s->s_port);
|
||||||
|
}
|
||||||
|
return(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
#define GHBN_NUM 4
|
||||||
|
static struct ghbn_cache_st
|
||||||
|
{
|
||||||
|
char name[128];
|
||||||
|
struct hostent ent;
|
||||||
|
unsigned long order;
|
||||||
|
} ghbn_cache[GHBN_NUM];
|
||||||
|
|
||||||
|
static unsigned long ghbn_hits=0L;
|
||||||
|
static unsigned long ghbn_miss=0L;
|
||||||
|
|
||||||
|
static struct hostent *GetHostByName(char *name)
|
||||||
|
{
|
||||||
|
struct hostent *ret;
|
||||||
|
int i,lowi=0;
|
||||||
|
unsigned long low= (unsigned long)-1;
|
||||||
|
|
||||||
|
for (i=0; i<GHBN_NUM; i++)
|
||||||
|
{
|
||||||
|
if (low > ghbn_cache[i].order)
|
||||||
|
{
|
||||||
|
low=ghbn_cache[i].order;
|
||||||
|
lowi=i;
|
||||||
|
}
|
||||||
|
if (ghbn_cache[i].order > 0)
|
||||||
|
{
|
||||||
|
if (strncmp(name,ghbn_cache[i].name,128) == 0)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (i == GHBN_NUM) /* no hit*/
|
||||||
|
{
|
||||||
|
ghbn_miss++;
|
||||||
|
ret=gethostbyname(name);
|
||||||
|
if (ret == NULL) return(NULL);
|
||||||
|
/* else add to cache */
|
||||||
|
if(strlen(name) < sizeof ghbn_cache[0].name)
|
||||||
|
{
|
||||||
|
strcpy(ghbn_cache[lowi].name,name);
|
||||||
|
memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
|
||||||
|
ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
|
||||||
|
}
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ghbn_hits++;
|
||||||
|
ret= &(ghbn_cache[i].ent);
|
||||||
|
ghbn_cache[i].order=ghbn_miss+ghbn_hits;
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif
|
632
jni/openssl/apps/s_time.c
Normal file
632
jni/openssl/apps/s_time.c
Normal file
@ -0,0 +1,632 @@
|
|||||||
|
/* apps/s_time.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#define NO_SHUTDOWN
|
||||||
|
|
||||||
|
/*-----------------------------------------
|
||||||
|
s_time - SSL client connection timer program
|
||||||
|
Written and donated by Larry Streepy <streepy@healthcare.com>
|
||||||
|
-----------------------------------------*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#define USE_SOCKETS
|
||||||
|
#include "apps.h"
|
||||||
|
#ifdef OPENSSL_NO_STDIO
|
||||||
|
#define APPS_WIN16
|
||||||
|
#endif
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include "s_apps.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#ifdef WIN32_STUFF
|
||||||
|
#include "winmain.h"
|
||||||
|
#include "wintext.h"
|
||||||
|
#endif
|
||||||
|
#if !defined(OPENSSL_SYS_MSDOS)
|
||||||
|
#include OPENSSL_UNISTD
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG s_time_main
|
||||||
|
|
||||||
|
#undef ioctl
|
||||||
|
#define ioctl ioctlsocket
|
||||||
|
|
||||||
|
#define SSL_CONNECT_NAME "localhost:4433"
|
||||||
|
|
||||||
|
/*#define TEST_CERT "client.pem" */ /* no default cert. */
|
||||||
|
|
||||||
|
#undef BUFSIZZ
|
||||||
|
#define BUFSIZZ 1024*10
|
||||||
|
|
||||||
|
#define MYBUFSIZ 1024*8
|
||||||
|
|
||||||
|
#undef min
|
||||||
|
#undef max
|
||||||
|
#define min(a,b) (((a) < (b)) ? (a) : (b))
|
||||||
|
#define max(a,b) (((a) > (b)) ? (a) : (b))
|
||||||
|
|
||||||
|
#undef SECONDS
|
||||||
|
#define SECONDS 30
|
||||||
|
extern int verify_depth;
|
||||||
|
extern int verify_error;
|
||||||
|
|
||||||
|
static void s_time_usage(void);
|
||||||
|
static int parseArgs( int argc, char **argv );
|
||||||
|
static SSL *doConnection( SSL *scon );
|
||||||
|
static void s_time_init(void);
|
||||||
|
|
||||||
|
/***********************************************************************
|
||||||
|
* Static data declarations
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* static char *port=PORT_STR;*/
|
||||||
|
static char *host=SSL_CONNECT_NAME;
|
||||||
|
static char *t_cert_file=NULL;
|
||||||
|
static char *t_key_file=NULL;
|
||||||
|
static char *CApath=NULL;
|
||||||
|
static char *CAfile=NULL;
|
||||||
|
static char *tm_cipher=NULL;
|
||||||
|
static int tm_verify = SSL_VERIFY_NONE;
|
||||||
|
static int maxTime = SECONDS;
|
||||||
|
static SSL_CTX *tm_ctx=NULL;
|
||||||
|
static const SSL_METHOD *s_time_meth=NULL;
|
||||||
|
static char *s_www_path=NULL;
|
||||||
|
static long bytes_read=0;
|
||||||
|
static int st_bugs=0;
|
||||||
|
static int perform=0;
|
||||||
|
#ifdef FIONBIO
|
||||||
|
static int t_nbio=0;
|
||||||
|
#endif
|
||||||
|
#ifdef OPENSSL_SYS_WIN32
|
||||||
|
static int exitNow = 0; /* Set when it's time to exit main */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static void s_time_init(void)
|
||||||
|
{
|
||||||
|
host=SSL_CONNECT_NAME;
|
||||||
|
t_cert_file=NULL;
|
||||||
|
t_key_file=NULL;
|
||||||
|
CApath=NULL;
|
||||||
|
CAfile=NULL;
|
||||||
|
tm_cipher=NULL;
|
||||||
|
tm_verify = SSL_VERIFY_NONE;
|
||||||
|
maxTime = SECONDS;
|
||||||
|
tm_ctx=NULL;
|
||||||
|
s_time_meth=NULL;
|
||||||
|
s_www_path=NULL;
|
||||||
|
bytes_read=0;
|
||||||
|
st_bugs=0;
|
||||||
|
perform=0;
|
||||||
|
|
||||||
|
#ifdef FIONBIO
|
||||||
|
t_nbio=0;
|
||||||
|
#endif
|
||||||
|
#ifdef OPENSSL_SYS_WIN32
|
||||||
|
exitNow = 0; /* Set when it's time to exit main */
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
/***********************************************************************
|
||||||
|
* usage - display usage message
|
||||||
|
*/
|
||||||
|
static void s_time_usage(void)
|
||||||
|
{
|
||||||
|
static char umsg[] = "\
|
||||||
|
-time arg - max number of seconds to collect data, default %d\n\
|
||||||
|
-verify arg - turn on peer certificate verification, arg == depth\n\
|
||||||
|
-cert arg - certificate file to use, PEM format assumed\n\
|
||||||
|
-key arg - RSA file to use, PEM format assumed, key is in cert file\n\
|
||||||
|
file if not specified by this option\n\
|
||||||
|
-CApath arg - PEM format directory of CA's\n\
|
||||||
|
-CAfile arg - PEM format file of CA's\n\
|
||||||
|
-cipher - preferred cipher to use, play with 'openssl ciphers'\n\n";
|
||||||
|
|
||||||
|
printf( "usage: s_time <args>\n\n" );
|
||||||
|
|
||||||
|
printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
|
||||||
|
#ifdef FIONBIO
|
||||||
|
printf("-nbio - Run with non-blocking IO\n");
|
||||||
|
printf("-ssl2 - Just use SSLv2\n");
|
||||||
|
printf("-ssl3 - Just use SSLv3\n");
|
||||||
|
printf("-bugs - Turn on SSL bug compatibility\n");
|
||||||
|
printf("-new - Just time new connections\n");
|
||||||
|
printf("-reuse - Just time connection reuse\n");
|
||||||
|
printf("-www page - Retrieve 'page' from the site\n");
|
||||||
|
#endif
|
||||||
|
printf( umsg,SECONDS );
|
||||||
|
}
|
||||||
|
|
||||||
|
/***********************************************************************
|
||||||
|
* parseArgs - Parse command line arguments and initialize data
|
||||||
|
*
|
||||||
|
* Returns 0 if ok, -1 on bad args
|
||||||
|
*/
|
||||||
|
static int parseArgs(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int badop = 0;
|
||||||
|
|
||||||
|
verify_depth=0;
|
||||||
|
verify_error=X509_V_OK;
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
|
||||||
|
while (argc >= 1) {
|
||||||
|
if (strcmp(*argv,"-connect") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
host= *(++argv);
|
||||||
|
}
|
||||||
|
#if 0
|
||||||
|
else if( strcmp(*argv,"-host") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
host= *(++argv);
|
||||||
|
}
|
||||||
|
else if( strcmp(*argv,"-port") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
port= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-reuse") == 0)
|
||||||
|
perform=2;
|
||||||
|
else if (strcmp(*argv,"-new") == 0)
|
||||||
|
perform=1;
|
||||||
|
else if( strcmp(*argv,"-verify") == 0) {
|
||||||
|
|
||||||
|
tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
verify_depth=atoi(*(++argv));
|
||||||
|
BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
|
||||||
|
|
||||||
|
} else if( strcmp(*argv,"-cert") == 0) {
|
||||||
|
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
t_cert_file= *(++argv);
|
||||||
|
|
||||||
|
} else if( strcmp(*argv,"-key") == 0) {
|
||||||
|
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
t_key_file= *(++argv);
|
||||||
|
|
||||||
|
} else if( strcmp(*argv,"-CApath") == 0) {
|
||||||
|
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
CApath= *(++argv);
|
||||||
|
|
||||||
|
} else if( strcmp(*argv,"-CAfile") == 0) {
|
||||||
|
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
CAfile= *(++argv);
|
||||||
|
|
||||||
|
} else if( strcmp(*argv,"-cipher") == 0) {
|
||||||
|
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
tm_cipher= *(++argv);
|
||||||
|
}
|
||||||
|
#ifdef FIONBIO
|
||||||
|
else if(strcmp(*argv,"-nbio") == 0) {
|
||||||
|
t_nbio=1;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if(strcmp(*argv,"-www") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
s_www_path= *(++argv);
|
||||||
|
if(strlen(s_www_path) > MYBUFSIZ-100)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"-www option too long\n");
|
||||||
|
badop=1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if(strcmp(*argv,"-bugs") == 0)
|
||||||
|
st_bugs=1;
|
||||||
|
#ifndef OPENSSL_NO_SSL2
|
||||||
|
else if(strcmp(*argv,"-ssl2") == 0)
|
||||||
|
s_time_meth=SSLv2_client_method();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SSL3
|
||||||
|
else if(strcmp(*argv,"-ssl3") == 0)
|
||||||
|
s_time_meth=SSLv3_client_method();
|
||||||
|
#endif
|
||||||
|
else if( strcmp(*argv,"-time") == 0) {
|
||||||
|
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
maxTime= atoi(*(++argv));
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badop=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (perform == 0) perform=3;
|
||||||
|
|
||||||
|
if(badop) {
|
||||||
|
bad:
|
||||||
|
s_time_usage();
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0; /* Valid args */
|
||||||
|
}
|
||||||
|
|
||||||
|
/***********************************************************************
|
||||||
|
* TIME - time functions
|
||||||
|
*/
|
||||||
|
#define START 0
|
||||||
|
#define STOP 1
|
||||||
|
|
||||||
|
static double tm_Time_F(int s)
|
||||||
|
{
|
||||||
|
return app_tminterval(s,1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/***********************************************************************
|
||||||
|
* MAIN - main processing area for client
|
||||||
|
* real name depends on MONOLITH
|
||||||
|
*/
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
double totalTime = 0.0;
|
||||||
|
int nConn = 0;
|
||||||
|
SSL *scon=NULL;
|
||||||
|
long finishtime=0;
|
||||||
|
int ret=1,i;
|
||||||
|
MS_STATIC char buf[1024*8];
|
||||||
|
int ver;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
s_time_init();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
|
||||||
|
|
||||||
|
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
|
||||||
|
s_time_meth=SSLv23_client_method();
|
||||||
|
#elif !defined(OPENSSL_NO_SSL3)
|
||||||
|
s_time_meth=SSLv3_client_method();
|
||||||
|
#elif !defined(OPENSSL_NO_SSL2)
|
||||||
|
s_time_meth=SSLv2_client_method();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* parse the command line arguments */
|
||||||
|
if( parseArgs( argc, argv ) < 0 )
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
OpenSSL_add_ssl_algorithms();
|
||||||
|
if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
|
||||||
|
|
||||||
|
SSL_CTX_set_quiet_shutdown(tm_ctx,1);
|
||||||
|
|
||||||
|
if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
|
||||||
|
SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
|
||||||
|
if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
SSL_load_error_strings();
|
||||||
|
|
||||||
|
if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
|
||||||
|
(!SSL_CTX_set_default_verify_paths(tm_ctx)))
|
||||||
|
{
|
||||||
|
/* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
/* goto end; */
|
||||||
|
}
|
||||||
|
|
||||||
|
if (tm_cipher == NULL)
|
||||||
|
tm_cipher = getenv("SSL_CIPHER");
|
||||||
|
|
||||||
|
if (tm_cipher == NULL ) {
|
||||||
|
fprintf( stderr, "No CIPHER specified\n" );
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(perform & 1)) goto next;
|
||||||
|
printf( "Collecting connection statistics for %d seconds\n", maxTime );
|
||||||
|
|
||||||
|
/* Loop and time how long it takes to make connections */
|
||||||
|
|
||||||
|
bytes_read=0;
|
||||||
|
finishtime=(long)time(NULL)+maxTime;
|
||||||
|
tm_Time_F(START);
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
if (finishtime < (long)time(NULL)) break;
|
||||||
|
#ifdef WIN32_STUFF
|
||||||
|
|
||||||
|
if( flushWinMsgs(0) == -1 )
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if( waitingToDie || exitNow ) /* we're dead */
|
||||||
|
goto end;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if( (scon = doConnection( NULL )) == NULL )
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (s_www_path != NULL)
|
||||||
|
{
|
||||||
|
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
|
||||||
|
SSL_write(scon,buf,strlen(buf));
|
||||||
|
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
|
||||||
|
bytes_read+=i;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef NO_SHUTDOWN
|
||||||
|
SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
|
||||||
|
#else
|
||||||
|
SSL_shutdown(scon);
|
||||||
|
#endif
|
||||||
|
SHUTDOWN2(SSL_get_fd(scon));
|
||||||
|
|
||||||
|
nConn += 1;
|
||||||
|
if (SSL_session_reused(scon))
|
||||||
|
ver='r';
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ver=SSL_version(scon);
|
||||||
|
if (ver == TLS1_VERSION)
|
||||||
|
ver='t';
|
||||||
|
else if (ver == SSL3_VERSION)
|
||||||
|
ver='3';
|
||||||
|
else if (ver == SSL2_VERSION)
|
||||||
|
ver='2';
|
||||||
|
else
|
||||||
|
ver='*';
|
||||||
|
}
|
||||||
|
fputc(ver,stdout);
|
||||||
|
fflush(stdout);
|
||||||
|
|
||||||
|
SSL_free( scon );
|
||||||
|
scon=NULL;
|
||||||
|
}
|
||||||
|
totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
|
||||||
|
|
||||||
|
i=(int)((long)time(NULL)-finishtime+maxTime);
|
||||||
|
printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
|
||||||
|
printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
|
||||||
|
|
||||||
|
/* Now loop and time connections using the same session id over and over */
|
||||||
|
|
||||||
|
next:
|
||||||
|
if (!(perform & 2)) goto end;
|
||||||
|
printf( "\n\nNow timing with session id reuse.\n" );
|
||||||
|
|
||||||
|
/* Get an SSL object so we can reuse the session id */
|
||||||
|
if( (scon = doConnection( NULL )) == NULL )
|
||||||
|
{
|
||||||
|
fprintf( stderr, "Unable to get connection\n" );
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (s_www_path != NULL)
|
||||||
|
{
|
||||||
|
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
|
||||||
|
SSL_write(scon,buf,strlen(buf));
|
||||||
|
while (SSL_read(scon,buf,sizeof(buf)) > 0)
|
||||||
|
;
|
||||||
|
}
|
||||||
|
#ifdef NO_SHUTDOWN
|
||||||
|
SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
|
||||||
|
#else
|
||||||
|
SSL_shutdown(scon);
|
||||||
|
#endif
|
||||||
|
SHUTDOWN2(SSL_get_fd(scon));
|
||||||
|
|
||||||
|
nConn = 0;
|
||||||
|
totalTime = 0.0;
|
||||||
|
|
||||||
|
finishtime=(long)time(NULL)+maxTime;
|
||||||
|
|
||||||
|
printf( "starting\n" );
|
||||||
|
bytes_read=0;
|
||||||
|
tm_Time_F(START);
|
||||||
|
|
||||||
|
for (;;)
|
||||||
|
{
|
||||||
|
if (finishtime < (long)time(NULL)) break;
|
||||||
|
|
||||||
|
#ifdef WIN32_STUFF
|
||||||
|
if( flushWinMsgs(0) == -1 )
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if( waitingToDie || exitNow ) /* we're dead */
|
||||||
|
goto end;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if( (doConnection( scon )) == NULL )
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (s_www_path)
|
||||||
|
{
|
||||||
|
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
|
||||||
|
SSL_write(scon,buf,strlen(buf));
|
||||||
|
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
|
||||||
|
bytes_read+=i;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef NO_SHUTDOWN
|
||||||
|
SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
|
||||||
|
#else
|
||||||
|
SSL_shutdown(scon);
|
||||||
|
#endif
|
||||||
|
SHUTDOWN2(SSL_get_fd(scon));
|
||||||
|
|
||||||
|
nConn += 1;
|
||||||
|
if (SSL_session_reused(scon))
|
||||||
|
ver='r';
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ver=SSL_version(scon);
|
||||||
|
if (ver == TLS1_VERSION)
|
||||||
|
ver='t';
|
||||||
|
else if (ver == SSL3_VERSION)
|
||||||
|
ver='3';
|
||||||
|
else if (ver == SSL2_VERSION)
|
||||||
|
ver='2';
|
||||||
|
else
|
||||||
|
ver='*';
|
||||||
|
}
|
||||||
|
fputc(ver,stdout);
|
||||||
|
fflush(stdout);
|
||||||
|
}
|
||||||
|
totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
|
||||||
|
|
||||||
|
|
||||||
|
printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
|
||||||
|
printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
|
||||||
|
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (scon != NULL) SSL_free(scon);
|
||||||
|
|
||||||
|
if (tm_ctx != NULL)
|
||||||
|
{
|
||||||
|
SSL_CTX_free(tm_ctx);
|
||||||
|
tm_ctx=NULL;
|
||||||
|
}
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
/***********************************************************************
|
||||||
|
* doConnection - make a connection
|
||||||
|
* Args:
|
||||||
|
* scon = earlier ssl connection for session id, or NULL
|
||||||
|
* Returns:
|
||||||
|
* SSL * = the connection pointer.
|
||||||
|
*/
|
||||||
|
static SSL *doConnection(SSL *scon)
|
||||||
|
{
|
||||||
|
BIO *conn;
|
||||||
|
SSL *serverCon;
|
||||||
|
int width, i;
|
||||||
|
fd_set readfds;
|
||||||
|
|
||||||
|
if ((conn=BIO_new(BIO_s_connect())) == NULL)
|
||||||
|
return(NULL);
|
||||||
|
|
||||||
|
/* BIO_set_conn_port(conn,port);*/
|
||||||
|
BIO_set_conn_hostname(conn,host);
|
||||||
|
|
||||||
|
if (scon == NULL)
|
||||||
|
serverCon=SSL_new(tm_ctx);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
serverCon=scon;
|
||||||
|
SSL_set_connect_state(serverCon);
|
||||||
|
}
|
||||||
|
|
||||||
|
SSL_set_bio(serverCon,conn,conn);
|
||||||
|
|
||||||
|
#if 0
|
||||||
|
if( scon != NULL )
|
||||||
|
SSL_set_session(serverCon,SSL_get_session(scon));
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* ok, lets connect */
|
||||||
|
for(;;) {
|
||||||
|
i=SSL_connect(serverCon);
|
||||||
|
if (BIO_sock_should_retry(i))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"DELAY\n");
|
||||||
|
|
||||||
|
i=SSL_get_fd(serverCon);
|
||||||
|
width=i+1;
|
||||||
|
FD_ZERO(&readfds);
|
||||||
|
openssl_fdset(i,&readfds);
|
||||||
|
/* Note: under VMS with SOCKETSHR the 2nd parameter
|
||||||
|
* is currently of type (int *) whereas under other
|
||||||
|
* systems it is (void *) if you don't have a cast it
|
||||||
|
* will choke the compiler: if you do have a cast then
|
||||||
|
* you can either go for (int *) or (void *).
|
||||||
|
*/
|
||||||
|
select(width,(void *)&readfds,NULL,NULL,NULL);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if(i <= 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"ERROR\n");
|
||||||
|
if (verify_error != X509_V_OK)
|
||||||
|
BIO_printf(bio_err,"verify error:%s\n",
|
||||||
|
X509_verify_cert_error_string(verify_error));
|
||||||
|
else
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
if (scon == NULL)
|
||||||
|
SSL_free(serverCon);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
return serverCon;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
369
jni/openssl/apps/server.pem
Normal file
369
jni/openssl/apps/server.pem
Normal file
@ -0,0 +1,369 @@
|
|||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||||
|
subject= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
|
||||||
|
VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0
|
||||||
|
MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
|
||||||
|
A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
|
||||||
|
cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
|
||||||
|
Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
|
||||||
|
Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4
|
||||||
|
GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM
|
||||||
|
k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz
|
||||||
|
itAE+OjGF+PFKbwX8Q==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
|
||||||
|
TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
|
||||||
|
OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
|
||||||
|
gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
|
||||||
|
rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
|
||||||
|
PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
|
||||||
|
vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
|
||||||
|
issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
|
||||||
|
notBefore=950413210656Z
|
||||||
|
notAfter =970412210656Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
|
||||||
|
BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
|
||||||
|
ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
|
||||||
|
BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
|
||||||
|
VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
|
||||||
|
MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
|
||||||
|
3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
|
||||||
|
YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
|
||||||
|
hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
|
||||||
|
dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
|
||||||
|
zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
|
||||||
|
VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
|
||||||
|
OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
|
||||||
|
BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
|
||||||
|
IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
|
||||||
|
DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
|
||||||
|
1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
|
||||||
|
mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
|
||||||
|
hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
|
||||||
|
YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
|
||||||
|
q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
|
||||||
|
gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
|
||||||
|
2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
|
||||||
|
AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
|
||||||
|
hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
|
||||||
|
J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
|
||||||
|
HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
|
||||||
|
21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
|
||||||
|
nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
|
||||||
|
MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
|
||||||
|
pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
|
||||||
|
KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
|
||||||
|
XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
|
||||||
|
LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
|
||||||
|
MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
|
||||||
|
b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
|
||||||
|
EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
|
||||||
|
bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
|
||||||
|
ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
|
||||||
|
hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
|
||||||
|
ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
|
||||||
|
bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
|
||||||
|
fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
|
||||||
|
R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
|
||||||
|
Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
|
||||||
|
Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
|
||||||
|
GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
|
||||||
|
bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
|
||||||
|
BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
|
||||||
|
BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
|
||||||
|
ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
|
||||||
|
ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
|
||||||
|
H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
|
||||||
|
WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
|
||||||
|
MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
|
||||||
|
LC7obsrHD8XAHG+ZRG==
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
|
||||||
|
MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
|
||||||
|
DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
|
||||||
|
CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
|
||||||
|
amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
|
||||||
|
iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
|
||||||
|
U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
|
||||||
|
zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
|
||||||
|
BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
|
||||||
|
A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
|
||||||
|
/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
|
||||||
|
lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
|
||||||
|
S7ELuYGtmYgYm9NZOIr7yU0=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
|
||||||
|
A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
|
||||||
|
aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
|
||||||
|
LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
|
||||||
|
gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
|
||||||
|
ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
|
||||||
|
dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
|
||||||
|
SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
|
||||||
|
bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
|
||||||
|
OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
|
||||||
|
GJNMJ4L0AJ/ac+SmHZc=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
|
||||||
|
BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
|
||||||
|
HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
|
||||||
|
IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
|
||||||
|
MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
|
||||||
|
aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
|
||||||
|
GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
|
||||||
|
ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
|
||||||
|
zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
|
||||||
|
YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
|
||||||
|
hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
|
||||||
|
cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
|
||||||
|
YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
|
||||||
|
VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
|
||||||
|
OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
|
||||||
|
BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
|
||||||
|
NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
|
||||||
|
40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
|
||||||
|
22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
|
||||||
|
BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
|
||||||
|
Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
|
||||||
|
xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
|
||||||
|
cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
|
||||||
|
wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
|
||||||
|
vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
|
||||||
|
AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
|
||||||
|
z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
|
||||||
|
xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
|
||||||
|
HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
|
||||||
|
yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
|
||||||
|
xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
|
||||||
|
7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
|
||||||
|
h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
|
||||||
|
QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
|
||||||
|
hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
|
||||||
|
issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
|
||||||
|
notBefore=941104185834Z
|
||||||
|
notAfter =991103185834Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
|
||||||
|
HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
|
||||||
|
Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
|
||||||
|
OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
|
||||||
|
ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
|
||||||
|
IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
|
||||||
|
975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
|
||||||
|
touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
|
||||||
|
7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
|
||||||
|
9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
|
||||||
|
0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
|
||||||
|
MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
|
||||||
|
issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
|
||||||
|
notBefore=941109235417Z
|
||||||
|
notAfter =991231235417Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
|
||||||
|
HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
|
||||||
|
IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
|
||||||
|
Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
|
||||||
|
YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
|
||||||
|
roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
|
||||||
|
aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
|
||||||
|
HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
|
||||||
|
iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
|
||||||
|
suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
|
||||||
|
cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
|
||||||
|
/OU=Certification Services Division/CN=Thawte Server CA
|
||||||
|
/Email=server-certs@thawte.com
|
||||||
|
issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
|
||||||
|
/OU=Certification Services Division/CN=Thawte Server CA
|
||||||
|
/Email=server-certs@thawte.com
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
|
||||||
|
VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
|
||||||
|
VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
|
||||||
|
dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
|
||||||
|
hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
|
||||||
|
N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
|
||||||
|
ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
|
||||||
|
bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
|
||||||
|
aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
|
||||||
|
F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
|
||||||
|
iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
|
||||||
|
Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
|
||||||
|
KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
|
||||||
|
SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
|
||||||
|
7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
|
||||||
|
qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
|
||||||
|
VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
|
||||||
|
VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
|
||||||
|
dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
|
||||||
|
QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
|
||||||
|
NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
|
||||||
|
A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
|
||||||
|
FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
|
||||||
|
cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
|
||||||
|
Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
|
||||||
|
DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
|
||||||
|
G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
|
||||||
|
c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
|
||||||
|
jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
|
||||||
|
w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
|
||||||
|
GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
|
||||||
|
3VZdLbCVIhNoEsysrxCpxcI=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
Tims test GCI CA
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
|
||||||
|
VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
|
||||||
|
cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
|
||||||
|
cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
|
||||||
|
gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
|
||||||
|
cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
|
||||||
|
dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
|
||||||
|
AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
|
||||||
|
OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
|
||||||
|
AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
|
||||||
|
TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
|
||||||
|
VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
|
||||||
|
cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
|
||||||
|
IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
|
||||||
|
VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
|
||||||
|
NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
|
||||||
|
EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
|
||||||
|
I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
|
||||||
|
RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
|
||||||
|
KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
|
||||||
|
Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
|
||||||
|
9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
|
||||||
|
WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
|
||||||
|
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
|
||||||
|
c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
|
||||||
|
Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
|
||||||
|
ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
|
||||||
|
ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
|
||||||
|
FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
|
||||||
|
W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
|
||||||
|
QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
|
||||||
|
9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
|
||||||
|
TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
|
||||||
|
8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
|
||||||
|
issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
|
||||||
|
YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
|
||||||
|
MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
|
||||||
|
YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
|
||||||
|
SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
|
||||||
|
U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
|
||||||
|
SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
|
||||||
|
RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
|
||||||
|
3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
|
||||||
|
z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
|
||||||
|
hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
|
||||||
|
YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
|
||||||
|
LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
|
||||||
|
KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
|
||||||
|
Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
|
||||||
|
ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
|
||||||
|
dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
|
||||||
|
IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
|
||||||
|
ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
|
||||||
|
TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
|
||||||
|
LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
|
||||||
|
BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
|
||||||
|
53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
|
||||||
|
2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
|
||||||
|
p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||||
|
issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
|
||||||
|
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
|
||||||
|
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
|
||||||
|
Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
|
||||||
|
biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
|
||||||
|
nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
|
||||||
|
AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
|
||||||
|
IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
|
||||||
|
AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
|
||||||
|
Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
|
||||||
|
NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
|
||||||
|
issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
|
||||||
|
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
|
||||||
|
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
|
||||||
|
Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
|
||||||
|
biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
|
||||||
|
9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
|
||||||
|
IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
|
||||||
|
O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
|
||||||
|
AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
|
||||||
|
g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
|
||||||
|
yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
|
||||||
|
-----END CERTIFICATE-----
|
1
jni/openssl/apps/server.srl
Normal file
1
jni/openssl/apps/server.srl
Normal file
@ -0,0 +1 @@
|
|||||||
|
01
|
376
jni/openssl/apps/server2.pem
Normal file
376
jni/openssl/apps/server2.pem
Normal file
@ -0,0 +1,376 @@
|
|||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
|
||||||
|
VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
|
||||||
|
MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
|
||||||
|
A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
|
||||||
|
cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
|
||||||
|
RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
|
||||||
|
6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
|
||||||
|
JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
|
||||||
|
gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
|
||||||
|
dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
|
||||||
|
8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
|
||||||
|
S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
|
||||||
|
pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
|
||||||
|
AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
|
||||||
|
dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
|
||||||
|
bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
|
||||||
|
Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
|
||||||
|
zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
|
||||||
|
6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
|
||||||
|
QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
|
||||||
|
dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
|
||||||
|
0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
|
||||||
|
nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
|
||||||
|
issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
|
||||||
|
notBefore=950413210656Z
|
||||||
|
notAfter =970412210656Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
|
||||||
|
BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
|
||||||
|
ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
|
||||||
|
BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
|
||||||
|
VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
|
||||||
|
MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
|
||||||
|
3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
|
||||||
|
YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
|
||||||
|
hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
|
||||||
|
dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
|
||||||
|
zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
|
||||||
|
VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
|
||||||
|
OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
|
||||||
|
BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
|
||||||
|
IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
|
||||||
|
DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
|
||||||
|
1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
|
||||||
|
mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
|
||||||
|
hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
|
||||||
|
YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
|
||||||
|
q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
|
||||||
|
gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
|
||||||
|
2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
|
||||||
|
AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
|
||||||
|
hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
|
||||||
|
J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
|
||||||
|
HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
|
||||||
|
21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
|
||||||
|
nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
|
||||||
|
MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
|
||||||
|
pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
|
||||||
|
KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
|
||||||
|
XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
|
||||||
|
LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
|
||||||
|
MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
|
||||||
|
b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
|
||||||
|
EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
|
||||||
|
bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
|
||||||
|
ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
|
||||||
|
hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
|
||||||
|
ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
|
||||||
|
bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
|
||||||
|
fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
|
||||||
|
R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
|
||||||
|
Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
|
||||||
|
Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
|
||||||
|
GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
|
||||||
|
bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
|
||||||
|
BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
|
||||||
|
BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
|
||||||
|
ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
|
||||||
|
ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
|
||||||
|
H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
|
||||||
|
WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
|
||||||
|
MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
|
||||||
|
LC7obsrHD8XAHG+ZRG==
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
|
||||||
|
MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
|
||||||
|
DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
|
||||||
|
CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
|
||||||
|
amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
|
||||||
|
iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
|
||||||
|
U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
|
||||||
|
zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
|
||||||
|
BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
|
||||||
|
A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
|
||||||
|
/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
|
||||||
|
lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
|
||||||
|
S7ELuYGtmYgYm9NZOIr7yU0=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
|
||||||
|
A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
|
||||||
|
aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
|
||||||
|
LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
|
||||||
|
gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
|
||||||
|
ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
|
||||||
|
dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
|
||||||
|
SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
|
||||||
|
bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
|
||||||
|
OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
|
||||||
|
GJNMJ4L0AJ/ac+SmHZc=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
|
||||||
|
BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
|
||||||
|
HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
|
||||||
|
IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
|
||||||
|
MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
|
||||||
|
aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
|
||||||
|
GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
|
||||||
|
ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
|
||||||
|
zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
|
||||||
|
YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
|
||||||
|
hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
|
||||||
|
cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
|
||||||
|
YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
|
||||||
|
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
|
||||||
|
VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
|
||||||
|
OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
|
||||||
|
BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
|
||||||
|
NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
|
||||||
|
40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
|
||||||
|
22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
|
||||||
|
BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
|
||||||
|
Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
|
||||||
|
xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
|
||||||
|
cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
|
||||||
|
wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
|
||||||
|
vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
|
||||||
|
AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
|
||||||
|
z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
|
||||||
|
xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
|
||||||
|
HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
|
||||||
|
yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
|
||||||
|
xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
|
||||||
|
7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
|
||||||
|
h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
|
||||||
|
QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
|
||||||
|
hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
|
||||||
|
issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
|
||||||
|
notBefore=941104185834Z
|
||||||
|
notAfter =991103185834Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
|
||||||
|
HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
|
||||||
|
Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
|
||||||
|
OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
|
||||||
|
ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
|
||||||
|
IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
|
||||||
|
975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
|
||||||
|
touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
|
||||||
|
7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
|
||||||
|
9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
|
||||||
|
0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
|
||||||
|
MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
|
||||||
|
issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
|
||||||
|
notBefore=941109235417Z
|
||||||
|
notAfter =991231235417Z
|
||||||
|
-----BEGIN X509 CERTIFICATE-----
|
||||||
|
|
||||||
|
MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
|
||||||
|
HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
|
||||||
|
IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
|
||||||
|
Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
|
||||||
|
YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
|
||||||
|
roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
|
||||||
|
aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
|
||||||
|
HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
|
||||||
|
iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
|
||||||
|
suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
|
||||||
|
cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
|
||||||
|
-----END X509 CERTIFICATE-----
|
||||||
|
subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
|
||||||
|
/OU=Certification Services Division/CN=Thawte Server CA
|
||||||
|
/Email=server-certs@thawte.com
|
||||||
|
issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
|
||||||
|
/OU=Certification Services Division/CN=Thawte Server CA
|
||||||
|
/Email=server-certs@thawte.com
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
|
||||||
|
VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
|
||||||
|
VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
|
||||||
|
dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
|
||||||
|
hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
|
||||||
|
N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
|
||||||
|
ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
|
||||||
|
bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
|
||||||
|
aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
|
||||||
|
F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
|
||||||
|
iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
|
||||||
|
Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
|
||||||
|
KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
|
||||||
|
SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
|
||||||
|
7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
|
||||||
|
qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
|
||||||
|
VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
|
||||||
|
VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
|
||||||
|
dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
|
||||||
|
QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
|
||||||
|
NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
|
||||||
|
A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
|
||||||
|
FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
|
||||||
|
cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
|
||||||
|
Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
|
||||||
|
DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
|
||||||
|
G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
|
||||||
|
c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
|
||||||
|
jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
|
||||||
|
w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
|
||||||
|
GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
|
||||||
|
3VZdLbCVIhNoEsysrxCpxcI=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
Tims test GCI CA
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
|
||||||
|
VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
|
||||||
|
cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
|
||||||
|
cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
|
||||||
|
gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
|
||||||
|
cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
|
||||||
|
dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
|
||||||
|
AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
|
||||||
|
OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
|
||||||
|
AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
|
||||||
|
TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
|
||||||
|
VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
|
||||||
|
cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
|
||||||
|
IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
|
||||||
|
VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
|
||||||
|
NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
|
||||||
|
EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
|
||||||
|
I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
|
||||||
|
RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
|
||||||
|
KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
|
||||||
|
Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
|
||||||
|
9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
|
||||||
|
WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
|
||||||
|
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
|
||||||
|
c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
|
||||||
|
Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
|
||||||
|
ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
|
||||||
|
ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
|
||||||
|
FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
|
||||||
|
W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
|
||||||
|
QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
|
||||||
|
9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
|
||||||
|
TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
|
||||||
|
8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
|
||||||
|
issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
|
||||||
|
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
|
||||||
|
YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
|
||||||
|
MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
|
||||||
|
YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
|
||||||
|
SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
|
||||||
|
U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
|
||||||
|
SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
|
||||||
|
RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
|
||||||
|
3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
|
||||||
|
z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
|
||||||
|
hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
|
||||||
|
YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
|
||||||
|
LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
|
||||||
|
KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
|
||||||
|
Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
|
||||||
|
ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
|
||||||
|
dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
|
||||||
|
IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
|
||||||
|
ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
|
||||||
|
TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
|
||||||
|
LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
|
||||||
|
BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
|
||||||
|
53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
|
||||||
|
2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
|
||||||
|
p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
||||||
|
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||||
|
issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
|
||||||
|
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
|
||||||
|
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
|
||||||
|
Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
|
||||||
|
biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
|
||||||
|
nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
|
||||||
|
AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
|
||||||
|
IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
|
||||||
|
AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
|
||||||
|
Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
|
||||||
|
NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
|
||||||
|
issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
|
||||||
|
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
|
||||||
|
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
|
||||||
|
Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
|
||||||
|
biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
|
||||||
|
Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
|
||||||
|
9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
|
||||||
|
IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
|
||||||
|
O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
|
||||||
|
AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
|
||||||
|
g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
|
||||||
|
yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
|
||||||
|
-----END CERTIFICATE-----
|
320
jni/openssl/apps/sess_id.c
Normal file
320
jni/openssl/apps/sess_id.c
Normal file
@ -0,0 +1,320 @@
|
|||||||
|
/* apps/sess_id.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG sess_id_main
|
||||||
|
|
||||||
|
static const char *sess_id_usage[]={
|
||||||
|
"usage: sess_id args\n",
|
||||||
|
"\n",
|
||||||
|
" -inform arg - input format - default PEM (DER or PEM)\n",
|
||||||
|
" -outform arg - output format - default PEM\n",
|
||||||
|
" -in arg - input file - default stdin\n",
|
||||||
|
" -out arg - output file - default stdout\n",
|
||||||
|
" -text - print ssl session id details\n",
|
||||||
|
" -cert - output certificate \n",
|
||||||
|
" -noout - no CRL output\n",
|
||||||
|
" -context arg - set the session ID context\n",
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
static SSL_SESSION *load_sess_id(char *file, int format);
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
SSL_SESSION *x=NULL;
|
||||||
|
int ret=1,i,num,badops=0;
|
||||||
|
BIO *out=NULL;
|
||||||
|
int informat,outformat;
|
||||||
|
char *infile=NULL,*outfile=NULL,*context=NULL;
|
||||||
|
int cert=0,noout=0,text=0;
|
||||||
|
const char **pp;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
|
||||||
|
informat=FORMAT_PEM;
|
||||||
|
outformat=FORMAT_PEM;
|
||||||
|
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
num=0;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-inform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
informat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-outform") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outformat=str2fmt(*(++argv));
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-text") == 0)
|
||||||
|
text= ++num;
|
||||||
|
else if (strcmp(*argv,"-cert") == 0)
|
||||||
|
cert= ++num;
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout= ++num;
|
||||||
|
else if (strcmp(*argv,"-context") == 0)
|
||||||
|
{
|
||||||
|
if(--argc < 1) goto bad;
|
||||||
|
context=*++argv;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||||
|
badops=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
for (pp=sess_id_usage; (*pp != NULL); pp++)
|
||||||
|
BIO_printf(bio_err,"%s",*pp);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
x=load_sess_id(infile,informat);
|
||||||
|
if (x == NULL) { goto end; }
|
||||||
|
|
||||||
|
if(context)
|
||||||
|
{
|
||||||
|
x->sid_ctx_length=strlen(context);
|
||||||
|
if(x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Context too long\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
memcpy(x->sid_ctx,context,x->sid_ctx_length);
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef undef
|
||||||
|
/* just testing for memory leaks :-) */
|
||||||
|
{
|
||||||
|
SSL_SESSION *s;
|
||||||
|
char buf[1024*10],*p;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
s=SSL_SESSION_new();
|
||||||
|
|
||||||
|
p= &buf;
|
||||||
|
i=i2d_SSL_SESSION(x,&p);
|
||||||
|
p= &buf;
|
||||||
|
d2i_SSL_SESSION(&s,&p,(long)i);
|
||||||
|
p= &buf;
|
||||||
|
d2i_SSL_SESSION(&s,&p,(long)i);
|
||||||
|
p= &buf;
|
||||||
|
d2i_SSL_SESSION(&s,&p,(long)i);
|
||||||
|
SSL_SESSION_free(s);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!noout || text)
|
||||||
|
{
|
||||||
|
out=BIO_new(BIO_s_file());
|
||||||
|
if (out == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile == NULL)
|
||||||
|
{
|
||||||
|
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_write_filename(out,outfile) <= 0)
|
||||||
|
{
|
||||||
|
perror(outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (text)
|
||||||
|
{
|
||||||
|
SSL_SESSION_print(out,x);
|
||||||
|
|
||||||
|
if (cert)
|
||||||
|
{
|
||||||
|
if (x->peer == NULL)
|
||||||
|
BIO_puts(out,"No certificate present\n");
|
||||||
|
else
|
||||||
|
X509_print(out,x->peer);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!noout && !cert)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=i2d_SSL_SESSION_bio(out,x);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_SSL_SESSION(out,x);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i) {
|
||||||
|
BIO_printf(bio_err,"unable to write SSL_SESSION\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (!noout && (x->peer != NULL)) /* just print the certificate */
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
i=(int)i2d_X509_bio(out,x->peer);
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
i=PEM_write_bio_X509(out,x->peer);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad output format specified for outfile\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (!i) {
|
||||||
|
BIO_printf(bio_err,"unable to write X509\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
if (out != NULL) BIO_free_all(out);
|
||||||
|
if (x != NULL) SSL_SESSION_free(x);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static SSL_SESSION *load_sess_id(char *infile, int format)
|
||||||
|
{
|
||||||
|
SSL_SESSION *x=NULL;
|
||||||
|
BIO *in=NULL;
|
||||||
|
|
||||||
|
in=BIO_new(BIO_s_file());
|
||||||
|
if (in == NULL)
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile == NULL)
|
||||||
|
BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (BIO_read_filename(in,infile) <= 0)
|
||||||
|
{
|
||||||
|
perror(infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (format == FORMAT_ASN1)
|
||||||
|
x=d2i_SSL_SESSION_bio(in,NULL);
|
||||||
|
else if (format == FORMAT_PEM)
|
||||||
|
x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL);
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err,"bad input format specified for input crl\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (x == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"unable to load SSL_SESSION\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
end:
|
||||||
|
if (in != NULL) BIO_free(in);
|
||||||
|
return(x);
|
||||||
|
}
|
||||||
|
|
857
jni/openssl/apps/smime.c
Normal file
857
jni/openssl/apps/smime.c
Normal file
@ -0,0 +1,857 @@
|
|||||||
|
/* smime.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* S/MIME utility function */
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/crypto.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/x509_vfy.h>
|
||||||
|
#include <openssl/x509v3.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG smime_main
|
||||||
|
static int save_certs(char *signerfile, STACK_OF(X509) *signers);
|
||||||
|
static int smime_cb(int ok, X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
|
#define SMIME_OP 0x10
|
||||||
|
#define SMIME_IP 0x20
|
||||||
|
#define SMIME_SIGNERS 0x40
|
||||||
|
#define SMIME_ENCRYPT (1 | SMIME_OP)
|
||||||
|
#define SMIME_DECRYPT (2 | SMIME_IP)
|
||||||
|
#define SMIME_SIGN (3 | SMIME_OP | SMIME_SIGNERS)
|
||||||
|
#define SMIME_VERIFY (4 | SMIME_IP)
|
||||||
|
#define SMIME_PK7OUT (5 | SMIME_IP | SMIME_OP)
|
||||||
|
#define SMIME_RESIGN (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
int operation = 0;
|
||||||
|
int ret = 0;
|
||||||
|
char **args;
|
||||||
|
const char *inmode = "r", *outmode = "w";
|
||||||
|
char *infile = NULL, *outfile = NULL;
|
||||||
|
char *signerfile = NULL, *recipfile = NULL;
|
||||||
|
STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
|
||||||
|
char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
|
||||||
|
const EVP_CIPHER *cipher = NULL;
|
||||||
|
PKCS7 *p7 = NULL;
|
||||||
|
X509_STORE *store = NULL;
|
||||||
|
X509 *cert = NULL, *recip = NULL, *signer = NULL;
|
||||||
|
EVP_PKEY *key = NULL;
|
||||||
|
STACK_OF(X509) *encerts = NULL, *other = NULL;
|
||||||
|
BIO *in = NULL, *out = NULL, *indata = NULL;
|
||||||
|
int badarg = 0;
|
||||||
|
int flags = PKCS7_DETACHED;
|
||||||
|
char *to = NULL, *from = NULL, *subject = NULL;
|
||||||
|
char *CAfile = NULL, *CApath = NULL;
|
||||||
|
char *passargin = NULL, *passin = NULL;
|
||||||
|
char *inrand = NULL;
|
||||||
|
int need_rand = 0;
|
||||||
|
int indef = 0;
|
||||||
|
const EVP_MD *sign_md = NULL;
|
||||||
|
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
|
||||||
|
int keyform = FORMAT_PEM;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
X509_VERIFY_PARAM *vpm = NULL;
|
||||||
|
|
||||||
|
args = argv + 1;
|
||||||
|
ret = 1;
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (bio_err == NULL)
|
||||||
|
{
|
||||||
|
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
|
||||||
|
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
while (!badarg && *args && *args[0] == '-')
|
||||||
|
{
|
||||||
|
if (!strcmp (*args, "-encrypt"))
|
||||||
|
operation = SMIME_ENCRYPT;
|
||||||
|
else if (!strcmp (*args, "-decrypt"))
|
||||||
|
operation = SMIME_DECRYPT;
|
||||||
|
else if (!strcmp (*args, "-sign"))
|
||||||
|
operation = SMIME_SIGN;
|
||||||
|
else if (!strcmp (*args, "-resign"))
|
||||||
|
operation = SMIME_RESIGN;
|
||||||
|
else if (!strcmp (*args, "-verify"))
|
||||||
|
operation = SMIME_VERIFY;
|
||||||
|
else if (!strcmp (*args, "-pk7out"))
|
||||||
|
operation = SMIME_PK7OUT;
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
else if (!strcmp (*args, "-des3"))
|
||||||
|
cipher = EVP_des_ede3_cbc();
|
||||||
|
else if (!strcmp (*args, "-des"))
|
||||||
|
cipher = EVP_des_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
else if (!strcmp (*args, "-seed"))
|
||||||
|
cipher = EVP_seed_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
else if (!strcmp (*args, "-rc2-40"))
|
||||||
|
cipher = EVP_rc2_40_cbc();
|
||||||
|
else if (!strcmp (*args, "-rc2-128"))
|
||||||
|
cipher = EVP_rc2_cbc();
|
||||||
|
else if (!strcmp (*args, "-rc2-64"))
|
||||||
|
cipher = EVP_rc2_64_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
else if (!strcmp(*args,"-aes128"))
|
||||||
|
cipher = EVP_aes_128_cbc();
|
||||||
|
else if (!strcmp(*args,"-aes192"))
|
||||||
|
cipher = EVP_aes_192_cbc();
|
||||||
|
else if (!strcmp(*args,"-aes256"))
|
||||||
|
cipher = EVP_aes_256_cbc();
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
else if (!strcmp(*args,"-camellia128"))
|
||||||
|
cipher = EVP_camellia_128_cbc();
|
||||||
|
else if (!strcmp(*args,"-camellia192"))
|
||||||
|
cipher = EVP_camellia_192_cbc();
|
||||||
|
else if (!strcmp(*args,"-camellia256"))
|
||||||
|
cipher = EVP_camellia_256_cbc();
|
||||||
|
#endif
|
||||||
|
else if (!strcmp (*args, "-text"))
|
||||||
|
flags |= PKCS7_TEXT;
|
||||||
|
else if (!strcmp (*args, "-nointern"))
|
||||||
|
flags |= PKCS7_NOINTERN;
|
||||||
|
else if (!strcmp (*args, "-noverify"))
|
||||||
|
flags |= PKCS7_NOVERIFY;
|
||||||
|
else if (!strcmp (*args, "-nochain"))
|
||||||
|
flags |= PKCS7_NOCHAIN;
|
||||||
|
else if (!strcmp (*args, "-nocerts"))
|
||||||
|
flags |= PKCS7_NOCERTS;
|
||||||
|
else if (!strcmp (*args, "-noattr"))
|
||||||
|
flags |= PKCS7_NOATTR;
|
||||||
|
else if (!strcmp (*args, "-nodetach"))
|
||||||
|
flags &= ~PKCS7_DETACHED;
|
||||||
|
else if (!strcmp (*args, "-nosmimecap"))
|
||||||
|
flags |= PKCS7_NOSMIMECAP;
|
||||||
|
else if (!strcmp (*args, "-binary"))
|
||||||
|
flags |= PKCS7_BINARY;
|
||||||
|
else if (!strcmp (*args, "-nosigs"))
|
||||||
|
flags |= PKCS7_NOSIGS;
|
||||||
|
else if (!strcmp (*args, "-stream"))
|
||||||
|
indef = 1;
|
||||||
|
else if (!strcmp (*args, "-indef"))
|
||||||
|
indef = 1;
|
||||||
|
else if (!strcmp (*args, "-noindef"))
|
||||||
|
indef = 0;
|
||||||
|
else if (!strcmp (*args, "-nooldmime"))
|
||||||
|
flags |= PKCS7_NOOLDMIMETYPE;
|
||||||
|
else if (!strcmp (*args, "-crlfeol"))
|
||||||
|
flags |= PKCS7_CRLFEOL;
|
||||||
|
else if (!strcmp(*args,"-rand"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
args++;
|
||||||
|
inrand = *args;
|
||||||
|
need_rand = 1;
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (!strcmp(*args,"-engine"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
engine = *++args;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (!strcmp(*args,"-passin"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
passargin = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-to"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
to = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-from"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
from = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-subject"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
subject = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-signer"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
/* If previous -signer argument add signer to list */
|
||||||
|
|
||||||
|
if (signerfile)
|
||||||
|
{
|
||||||
|
if (!sksigners)
|
||||||
|
sksigners = sk_OPENSSL_STRING_new_null();
|
||||||
|
sk_OPENSSL_STRING_push(sksigners, signerfile);
|
||||||
|
if (!keyfile)
|
||||||
|
keyfile = signerfile;
|
||||||
|
if (!skkeys)
|
||||||
|
skkeys = sk_OPENSSL_STRING_new_null();
|
||||||
|
sk_OPENSSL_STRING_push(skkeys, keyfile);
|
||||||
|
keyfile = NULL;
|
||||||
|
}
|
||||||
|
signerfile = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-recip"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
recipfile = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-md"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
sign_md = EVP_get_digestbyname(*++args);
|
||||||
|
if (sign_md == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Unknown digest %s\n",
|
||||||
|
*args);
|
||||||
|
goto argerr;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-inkey"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
/* If previous -inkey arument add signer to list */
|
||||||
|
if (keyfile)
|
||||||
|
{
|
||||||
|
if (!signerfile)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Illegal -inkey without -signer\n");
|
||||||
|
goto argerr;
|
||||||
|
}
|
||||||
|
if (!sksigners)
|
||||||
|
sksigners = sk_OPENSSL_STRING_new_null();
|
||||||
|
sk_OPENSSL_STRING_push(sksigners, signerfile);
|
||||||
|
signerfile = NULL;
|
||||||
|
if (!skkeys)
|
||||||
|
skkeys = sk_OPENSSL_STRING_new_null();
|
||||||
|
sk_OPENSSL_STRING_push(skkeys, keyfile);
|
||||||
|
}
|
||||||
|
keyfile = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-keyform"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
keyform = str2fmt(*++args);
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-certfile"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
certfile = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-CAfile"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
CAfile = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-CApath"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
CApath = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-in"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
infile = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-inform"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
informat = str2fmt(*++args);
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-outform"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
outformat = str2fmt(*++args);
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-out"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
outfile = *++args;
|
||||||
|
}
|
||||||
|
else if (!strcmp (*args, "-content"))
|
||||||
|
{
|
||||||
|
if (!args[1])
|
||||||
|
goto argerr;
|
||||||
|
contfile = *++args;
|
||||||
|
}
|
||||||
|
else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
|
||||||
|
continue;
|
||||||
|
else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
|
||||||
|
badarg = 1;
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners))
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
|
||||||
|
goto argerr;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (operation & SMIME_SIGNERS)
|
||||||
|
{
|
||||||
|
/* Check to see if any final signer needs to be appended */
|
||||||
|
if (keyfile && !signerfile)
|
||||||
|
{
|
||||||
|
BIO_puts(bio_err, "Illegal -inkey without -signer\n");
|
||||||
|
goto argerr;
|
||||||
|
}
|
||||||
|
if (signerfile)
|
||||||
|
{
|
||||||
|
if (!sksigners)
|
||||||
|
sksigners = sk_OPENSSL_STRING_new_null();
|
||||||
|
sk_OPENSSL_STRING_push(sksigners, signerfile);
|
||||||
|
if (!skkeys)
|
||||||
|
skkeys = sk_OPENSSL_STRING_new_null();
|
||||||
|
if (!keyfile)
|
||||||
|
keyfile = signerfile;
|
||||||
|
sk_OPENSSL_STRING_push(skkeys, keyfile);
|
||||||
|
}
|
||||||
|
if (!sksigners)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "No signer certificate specified\n");
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
signerfile = NULL;
|
||||||
|
keyfile = NULL;
|
||||||
|
need_rand = 1;
|
||||||
|
}
|
||||||
|
else if (operation == SMIME_DECRYPT)
|
||||||
|
{
|
||||||
|
if (!recipfile && !keyfile)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "No recipient certificate or key specified\n");
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (operation == SMIME_ENCRYPT)
|
||||||
|
{
|
||||||
|
if (!*args)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
|
||||||
|
badarg = 1;
|
||||||
|
}
|
||||||
|
need_rand = 1;
|
||||||
|
}
|
||||||
|
else if (!operation)
|
||||||
|
badarg = 1;
|
||||||
|
|
||||||
|
if (badarg)
|
||||||
|
{
|
||||||
|
argerr:
|
||||||
|
BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
|
||||||
|
BIO_printf (bio_err, "where options are\n");
|
||||||
|
BIO_printf (bio_err, "-encrypt encrypt message\n");
|
||||||
|
BIO_printf (bio_err, "-decrypt decrypt encrypted message\n");
|
||||||
|
BIO_printf (bio_err, "-sign sign message\n");
|
||||||
|
BIO_printf (bio_err, "-verify verify signed message\n");
|
||||||
|
BIO_printf (bio_err, "-pk7out output PKCS#7 structure\n");
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
|
BIO_printf (bio_err, "-des3 encrypt with triple DES\n");
|
||||||
|
BIO_printf (bio_err, "-des encrypt with DES\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SEED
|
||||||
|
BIO_printf (bio_err, "-seed encrypt with SEED\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n");
|
||||||
|
BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n");
|
||||||
|
BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_AES
|
||||||
|
BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
|
||||||
|
BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_CAMELLIA
|
||||||
|
BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
|
||||||
|
BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n");
|
||||||
|
BIO_printf (bio_err, "-nosigs don't verify message signature\n");
|
||||||
|
BIO_printf (bio_err, "-noverify don't verify signers certificate\n");
|
||||||
|
BIO_printf (bio_err, "-nocerts don't include signers certificate when signing\n");
|
||||||
|
BIO_printf (bio_err, "-nodetach use opaque signing\n");
|
||||||
|
BIO_printf (bio_err, "-noattr don't include any signed attributes\n");
|
||||||
|
BIO_printf (bio_err, "-binary don't translate message to text\n");
|
||||||
|
BIO_printf (bio_err, "-certfile file other certificates file\n");
|
||||||
|
BIO_printf (bio_err, "-signer file signer certificate file\n");
|
||||||
|
BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n");
|
||||||
|
BIO_printf (bio_err, "-in file input file\n");
|
||||||
|
BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n");
|
||||||
|
BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n");
|
||||||
|
BIO_printf (bio_err, "-keyform arg input private key format (PEM or ENGINE)\n");
|
||||||
|
BIO_printf (bio_err, "-out file output file\n");
|
||||||
|
BIO_printf (bio_err, "-outform arg output format SMIME (default), PEM or DER\n");
|
||||||
|
BIO_printf (bio_err, "-content file supply or override content for detached signature\n");
|
||||||
|
BIO_printf (bio_err, "-to addr to address\n");
|
||||||
|
BIO_printf (bio_err, "-from ad from address\n");
|
||||||
|
BIO_printf (bio_err, "-subject s subject\n");
|
||||||
|
BIO_printf (bio_err, "-text include or delete text MIME headers\n");
|
||||||
|
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||||
|
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||||
|
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
|
||||||
|
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
BIO_printf (bio_err, "-passin arg input file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||||
|
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
|
||||||
|
BIO_printf(bio_err, " the random number generator\n");
|
||||||
|
BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (need_rand)
|
||||||
|
{
|
||||||
|
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
||||||
|
if (inrand != NULL)
|
||||||
|
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||||
|
app_RAND_load_files(inrand));
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = 2;
|
||||||
|
|
||||||
|
if (!(operation & SMIME_SIGNERS))
|
||||||
|
flags &= ~PKCS7_DETACHED;
|
||||||
|
|
||||||
|
if (operation & SMIME_OP)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_ASN1)
|
||||||
|
outmode = "wb";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (flags & PKCS7_BINARY)
|
||||||
|
outmode = "wb";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (operation & SMIME_IP)
|
||||||
|
{
|
||||||
|
if (informat == FORMAT_ASN1)
|
||||||
|
inmode = "rb";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (flags & PKCS7_BINARY)
|
||||||
|
inmode = "rb";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (operation == SMIME_ENCRYPT)
|
||||||
|
{
|
||||||
|
if (!cipher)
|
||||||
|
{
|
||||||
|
#ifndef OPENSSL_NO_RC2
|
||||||
|
cipher = EVP_rc2_40_cbc();
|
||||||
|
#else
|
||||||
|
BIO_printf(bio_err, "No cipher selected\n");
|
||||||
|
goto end;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
encerts = sk_X509_new_null();
|
||||||
|
while (*args)
|
||||||
|
{
|
||||||
|
if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
|
||||||
|
NULL, e, "recipient certificate file")))
|
||||||
|
{
|
||||||
|
#if 0 /* An appropriate message is already printed */
|
||||||
|
BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
|
||||||
|
#endif
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
sk_X509_push(encerts, cert);
|
||||||
|
cert = NULL;
|
||||||
|
args++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (certfile)
|
||||||
|
{
|
||||||
|
if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
|
||||||
|
e, "certificate file")))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (recipfile && (operation == SMIME_DECRYPT))
|
||||||
|
{
|
||||||
|
if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
|
||||||
|
e, "recipient certificate file")))
|
||||||
|
{
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (operation == SMIME_DECRYPT)
|
||||||
|
{
|
||||||
|
if (!keyfile)
|
||||||
|
keyfile = recipfile;
|
||||||
|
}
|
||||||
|
else if (operation == SMIME_SIGN)
|
||||||
|
{
|
||||||
|
if (!keyfile)
|
||||||
|
keyfile = signerfile;
|
||||||
|
}
|
||||||
|
else keyfile = NULL;
|
||||||
|
|
||||||
|
if (keyfile)
|
||||||
|
{
|
||||||
|
key = load_key(bio_err, keyfile, keyform, 0, passin, e,
|
||||||
|
"signing key file");
|
||||||
|
if (!key)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (infile)
|
||||||
|
{
|
||||||
|
if (!(in = BIO_new_file(infile, inmode)))
|
||||||
|
{
|
||||||
|
BIO_printf (bio_err,
|
||||||
|
"Can't open input file %s\n", infile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
in = BIO_new_fp(stdin, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (operation & SMIME_IP)
|
||||||
|
{
|
||||||
|
if (informat == FORMAT_SMIME)
|
||||||
|
p7 = SMIME_read_PKCS7(in, &indata);
|
||||||
|
else if (informat == FORMAT_PEM)
|
||||||
|
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
|
||||||
|
else if (informat == FORMAT_ASN1)
|
||||||
|
p7 = d2i_PKCS7_bio(in, NULL);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!p7)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error reading S/MIME message\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
if (contfile)
|
||||||
|
{
|
||||||
|
BIO_free(indata);
|
||||||
|
if (!(indata = BIO_new_file(contfile, "rb")))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile)
|
||||||
|
{
|
||||||
|
if (!(out = BIO_new_file(outfile, outmode)))
|
||||||
|
{
|
||||||
|
BIO_printf (bio_err,
|
||||||
|
"Can't open output file %s\n", outfile);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if (operation == SMIME_VERIFY)
|
||||||
|
{
|
||||||
|
if (!(store = setup_verify(bio_err, CAfile, CApath)))
|
||||||
|
goto end;
|
||||||
|
X509_STORE_set_verify_cb(store, smime_cb);
|
||||||
|
if (vpm)
|
||||||
|
X509_STORE_set1_param(store, vpm);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
ret = 3;
|
||||||
|
|
||||||
|
if (operation == SMIME_ENCRYPT)
|
||||||
|
{
|
||||||
|
if (indef)
|
||||||
|
flags |= PKCS7_STREAM;
|
||||||
|
p7 = PKCS7_encrypt(encerts, in, cipher, flags);
|
||||||
|
}
|
||||||
|
else if (operation & SMIME_SIGNERS)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
/* If detached data content we only enable streaming if
|
||||||
|
* S/MIME output format.
|
||||||
|
*/
|
||||||
|
if (operation == SMIME_SIGN)
|
||||||
|
{
|
||||||
|
if (flags & PKCS7_DETACHED)
|
||||||
|
{
|
||||||
|
if (outformat == FORMAT_SMIME)
|
||||||
|
flags |= PKCS7_STREAM;
|
||||||
|
}
|
||||||
|
else if (indef)
|
||||||
|
flags |= PKCS7_STREAM;
|
||||||
|
flags |= PKCS7_PARTIAL;
|
||||||
|
p7 = PKCS7_sign(NULL, NULL, other, in, flags);
|
||||||
|
if (!p7)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
flags |= PKCS7_REUSE_DIGEST;
|
||||||
|
for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
|
||||||
|
{
|
||||||
|
signerfile = sk_OPENSSL_STRING_value(sksigners, i);
|
||||||
|
keyfile = sk_OPENSSL_STRING_value(skkeys, i);
|
||||||
|
signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
|
||||||
|
e, "signer certificate");
|
||||||
|
if (!signer)
|
||||||
|
goto end;
|
||||||
|
key = load_key(bio_err, keyfile, keyform, 0, passin, e,
|
||||||
|
"signing key file");
|
||||||
|
if (!key)
|
||||||
|
goto end;
|
||||||
|
if (!PKCS7_sign_add_signer(p7, signer, key,
|
||||||
|
sign_md, flags))
|
||||||
|
goto end;
|
||||||
|
X509_free(signer);
|
||||||
|
signer = NULL;
|
||||||
|
EVP_PKEY_free(key);
|
||||||
|
key = NULL;
|
||||||
|
}
|
||||||
|
/* If not streaming or resigning finalize structure */
|
||||||
|
if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM))
|
||||||
|
{
|
||||||
|
if (!PKCS7_final(p7, in, flags))
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!p7)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error creating PKCS#7 structure\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = 4;
|
||||||
|
if (operation == SMIME_DECRYPT)
|
||||||
|
{
|
||||||
|
if (!PKCS7_decrypt(p7, key, recip, out, flags))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (operation == SMIME_VERIFY)
|
||||||
|
{
|
||||||
|
STACK_OF(X509) *signers;
|
||||||
|
if (PKCS7_verify(p7, other, store, indata, out, flags))
|
||||||
|
BIO_printf(bio_err, "Verification successful\n");
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Verification failure\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
signers = PKCS7_get0_signers(p7, other, flags);
|
||||||
|
if (!save_certs(signerfile, signers))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error writing signers to %s\n",
|
||||||
|
signerfile);
|
||||||
|
ret = 5;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
sk_X509_free(signers);
|
||||||
|
}
|
||||||
|
else if (operation == SMIME_PK7OUT)
|
||||||
|
PEM_write_bio_PKCS7(out, p7);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (to)
|
||||||
|
BIO_printf(out, "To: %s\n", to);
|
||||||
|
if (from)
|
||||||
|
BIO_printf(out, "From: %s\n", from);
|
||||||
|
if (subject)
|
||||||
|
BIO_printf(out, "Subject: %s\n", subject);
|
||||||
|
if (outformat == FORMAT_SMIME)
|
||||||
|
{
|
||||||
|
if (operation == SMIME_RESIGN)
|
||||||
|
SMIME_write_PKCS7(out, p7, indata, flags);
|
||||||
|
else
|
||||||
|
SMIME_write_PKCS7(out, p7, in, flags);
|
||||||
|
}
|
||||||
|
else if (outformat == FORMAT_PEM)
|
||||||
|
PEM_write_bio_PKCS7_stream(out, p7, in, flags);
|
||||||
|
else if (outformat == FORMAT_ASN1)
|
||||||
|
i2d_PKCS7_bio_stream(out,p7, in, flags);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ret = 0;
|
||||||
|
end:
|
||||||
|
if (need_rand)
|
||||||
|
app_RAND_write_file(NULL, bio_err);
|
||||||
|
if (ret) ERR_print_errors(bio_err);
|
||||||
|
sk_X509_pop_free(encerts, X509_free);
|
||||||
|
sk_X509_pop_free(other, X509_free);
|
||||||
|
if (vpm)
|
||||||
|
X509_VERIFY_PARAM_free(vpm);
|
||||||
|
if (sksigners)
|
||||||
|
sk_OPENSSL_STRING_free(sksigners);
|
||||||
|
if (skkeys)
|
||||||
|
sk_OPENSSL_STRING_free(skkeys);
|
||||||
|
X509_STORE_free(store);
|
||||||
|
X509_free(cert);
|
||||||
|
X509_free(recip);
|
||||||
|
X509_free(signer);
|
||||||
|
EVP_PKEY_free(key);
|
||||||
|
PKCS7_free(p7);
|
||||||
|
BIO_free(in);
|
||||||
|
BIO_free(indata);
|
||||||
|
BIO_free_all(out);
|
||||||
|
if (passin) OPENSSL_free(passin);
|
||||||
|
return (ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int save_certs(char *signerfile, STACK_OF(X509) *signers)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
BIO *tmp;
|
||||||
|
if (!signerfile)
|
||||||
|
return 1;
|
||||||
|
tmp = BIO_new_file(signerfile, "w");
|
||||||
|
if (!tmp) return 0;
|
||||||
|
for(i = 0; i < sk_X509_num(signers); i++)
|
||||||
|
PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
|
||||||
|
BIO_free(tmp);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Minimal callback just to output policy info (if any) */
|
||||||
|
|
||||||
|
static int smime_cb(int ok, X509_STORE_CTX *ctx)
|
||||||
|
{
|
||||||
|
int error;
|
||||||
|
|
||||||
|
error = X509_STORE_CTX_get_error(ctx);
|
||||||
|
|
||||||
|
if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
|
||||||
|
&& ((error != X509_V_OK) || (ok != 2)))
|
||||||
|
return ok;
|
||||||
|
|
||||||
|
policies_print(NULL, ctx);
|
||||||
|
|
||||||
|
return ok;
|
||||||
|
|
||||||
|
}
|
2787
jni/openssl/apps/speed.c
Normal file
2787
jni/openssl/apps/speed.c
Normal file
File diff suppressed because it is too large
Load Diff
308
jni/openssl/apps/spkac.c
Normal file
308
jni/openssl/apps/spkac.c
Normal file
@ -0,0 +1,308 @@
|
|||||||
|
/* apps/spkac.c */
|
||||||
|
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project 1999. Based on an original idea by Massimiliano Pala
|
||||||
|
* (madwolf@openca.org).
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include "apps.h"
|
||||||
|
#include <openssl/bio.h>
|
||||||
|
#include <openssl/conf.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/lhash.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/pem.h>
|
||||||
|
|
||||||
|
#undef PROG
|
||||||
|
#define PROG spkac_main
|
||||||
|
|
||||||
|
/* -in arg - input file - default stdin
|
||||||
|
* -out arg - output file - default stdout
|
||||||
|
*/
|
||||||
|
|
||||||
|
int MAIN(int, char **);
|
||||||
|
|
||||||
|
int MAIN(int argc, char **argv)
|
||||||
|
{
|
||||||
|
ENGINE *e = NULL;
|
||||||
|
int i,badops=0, ret = 1;
|
||||||
|
BIO *in = NULL,*out = NULL;
|
||||||
|
int verify=0,noout=0,pubkey=0;
|
||||||
|
char *infile = NULL,*outfile = NULL,*prog;
|
||||||
|
char *passargin = NULL, *passin = NULL;
|
||||||
|
const char *spkac = "SPKAC", *spksect = "default";
|
||||||
|
char *spkstr = NULL;
|
||||||
|
char *challenge = NULL, *keyfile = NULL;
|
||||||
|
CONF *conf = NULL;
|
||||||
|
NETSCAPE_SPKI *spki = NULL;
|
||||||
|
EVP_PKEY *pkey = NULL;
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
char *engine=NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
apps_startup();
|
||||||
|
|
||||||
|
if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if (!load_config(bio_err, NULL))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
prog=argv[0];
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
while (argc >= 1)
|
||||||
|
{
|
||||||
|
if (strcmp(*argv,"-in") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
infile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-out") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
outfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-passin") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
passargin= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-key") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
keyfile= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-challenge") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
challenge= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-spkac") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
spkac= *(++argv);
|
||||||
|
}
|
||||||
|
else if (strcmp(*argv,"-spksect") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
spksect= *(++argv);
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
else if (strcmp(*argv,"-engine") == 0)
|
||||||
|
{
|
||||||
|
if (--argc < 1) goto bad;
|
||||||
|
engine= *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
else if (strcmp(*argv,"-noout") == 0)
|
||||||
|
noout=1;
|
||||||
|
else if (strcmp(*argv,"-pubkey") == 0)
|
||||||
|
pubkey=1;
|
||||||
|
else if (strcmp(*argv,"-verify") == 0)
|
||||||
|
verify=1;
|
||||||
|
else badops = 1;
|
||||||
|
argc--;
|
||||||
|
argv++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (badops)
|
||||||
|
{
|
||||||
|
bad:
|
||||||
|
BIO_printf(bio_err,"%s [options]\n",prog);
|
||||||
|
BIO_printf(bio_err,"where options are\n");
|
||||||
|
BIO_printf(bio_err," -in arg input file\n");
|
||||||
|
BIO_printf(bio_err," -out arg output file\n");
|
||||||
|
BIO_printf(bio_err," -key arg create SPKAC using private key\n");
|
||||||
|
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
|
||||||
|
BIO_printf(bio_err," -challenge arg challenge string\n");
|
||||||
|
BIO_printf(bio_err," -spkac arg alternative SPKAC name\n");
|
||||||
|
BIO_printf(bio_err," -noout don't print SPKAC\n");
|
||||||
|
BIO_printf(bio_err," -pubkey output public key\n");
|
||||||
|
BIO_printf(bio_err," -verify verify SPKAC signature\n");
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||||
|
#endif
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if(keyfile) {
|
||||||
|
pkey = load_key(bio_err,
|
||||||
|
strcmp(keyfile, "-") ? keyfile : NULL,
|
||||||
|
FORMAT_PEM, 1, passin, e, "private key");
|
||||||
|
if(!pkey) {
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
spki = NETSCAPE_SPKI_new();
|
||||||
|
if(challenge) ASN1_STRING_set(spki->spkac->challenge,
|
||||||
|
challenge, (int)strlen(challenge));
|
||||||
|
NETSCAPE_SPKI_set_pubkey(spki, pkey);
|
||||||
|
NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
|
||||||
|
spkstr = NETSCAPE_SPKI_b64_encode(spki);
|
||||||
|
|
||||||
|
if (outfile) out = BIO_new_file(outfile, "w");
|
||||||
|
else {
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!out) {
|
||||||
|
BIO_printf(bio_err, "Error opening output file\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
BIO_printf(out, "SPKAC=%s\n", spkstr);
|
||||||
|
OPENSSL_free(spkstr);
|
||||||
|
ret = 0;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
if (infile) in = BIO_new_file(infile, "r");
|
||||||
|
else in = BIO_new_fp(stdin, BIO_NOCLOSE);
|
||||||
|
|
||||||
|
if(!in) {
|
||||||
|
BIO_printf(bio_err, "Error opening input file\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
conf = NCONF_new(NULL);
|
||||||
|
i = NCONF_load_bio(conf, in, NULL);
|
||||||
|
|
||||||
|
if(!i) {
|
||||||
|
BIO_printf(bio_err, "Error parsing config file\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
spkstr = NCONF_get_string(conf, spksect, spkac);
|
||||||
|
|
||||||
|
if(!spkstr) {
|
||||||
|
BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
|
||||||
|
|
||||||
|
if(!spki) {
|
||||||
|
BIO_printf(bio_err, "Error loading SPKAC\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (outfile) out = BIO_new_file(outfile, "w");
|
||||||
|
else {
|
||||||
|
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||||
|
#ifdef OPENSSL_SYS_VMS
|
||||||
|
{
|
||||||
|
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||||
|
out = BIO_push(tmpbio, out);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!out) {
|
||||||
|
BIO_printf(bio_err, "Error opening output file\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!noout) NETSCAPE_SPKI_print(out, spki);
|
||||||
|
pkey = NETSCAPE_SPKI_get_pubkey(spki);
|
||||||
|
if(verify) {
|
||||||
|
i = NETSCAPE_SPKI_verify(spki, pkey);
|
||||||
|
if (i > 0) BIO_printf(bio_err, "Signature OK\n");
|
||||||
|
else {
|
||||||
|
BIO_printf(bio_err, "Signature Failure\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(pubkey) PEM_write_bio_PUBKEY(out, pkey);
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
end:
|
||||||
|
NCONF_free(conf);
|
||||||
|
NETSCAPE_SPKI_free(spki);
|
||||||
|
BIO_free(in);
|
||||||
|
BIO_free_all(out);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
if(passin) OPENSSL_free(passin);
|
||||||
|
apps_shutdown();
|
||||||
|
OPENSSL_EXIT(ret);
|
||||||
|
}
|
8
jni/openssl/apps/testCA.pem
Normal file
8
jni/openssl/apps/testCA.pem
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIIBBzCBsgIBADBNMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEX
|
||||||
|
MBUGA1UEChMOTWluY29tIFB0eSBMdGQxEDAOBgNVBAMTB1RFU1QgQ0EwXDANBgkq
|
||||||
|
hkiG9w0BAQEFAANLADBIAkEAzW9brgA8efT2ODB+NrsflJZj3KKqKsm4OrXTRqfL
|
||||||
|
VETj1ws/zCXl42XJAxdWQMCP0liKfc9Ut4xi1qCVI7N07wIDAQABoAAwDQYJKoZI
|
||||||
|
hvcNAQEEBQADQQBjZZ42Det9Uw0AFwJy4ufUEy5Cv74pxBp5SZnljgHY+Az0Hs2S
|
||||||
|
uNkIegr2ITX5azKi9nOkg9ZmsmGG13FIjiC/
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
217
jni/openssl/apps/testdsa.h
Normal file
217
jni/openssl/apps/testdsa.h
Normal file
@ -0,0 +1,217 @@
|
|||||||
|
/* NOCW */
|
||||||
|
/* used by apps/speed.c */
|
||||||
|
DSA *get_dsa512(void );
|
||||||
|
DSA *get_dsa1024(void );
|
||||||
|
DSA *get_dsa2048(void );
|
||||||
|
static unsigned char dsa512_priv[] = {
|
||||||
|
0x65,0xe5,0xc7,0x38,0x60,0x24,0xb5,0x89,0xd4,0x9c,0xeb,0x4c,
|
||||||
|
0x9c,0x1d,0x7a,0x22,0xbd,0xd1,0xc2,0xd2,
|
||||||
|
};
|
||||||
|
static unsigned char dsa512_pub[] = {
|
||||||
|
0x00,0x95,0xa7,0x0d,0xec,0x93,0x68,0xba,0x5f,0xf7,0x5f,0x07,
|
||||||
|
0xf2,0x3b,0xad,0x6b,0x01,0xdc,0xbe,0xec,0xde,0x04,0x7a,0x3a,
|
||||||
|
0x27,0xb3,0xec,0x49,0xfd,0x08,0x43,0x3d,0x7e,0xa8,0x2c,0x5e,
|
||||||
|
0x7b,0xbb,0xfc,0xf4,0x6e,0xeb,0x6c,0xb0,0x6e,0xf8,0x02,0x12,
|
||||||
|
0x8c,0x38,0x5d,0x83,0x56,0x7d,0xee,0x53,0x05,0x3e,0x24,0x84,
|
||||||
|
0xbe,0xba,0x0a,0x6b,0xc8,
|
||||||
|
};
|
||||||
|
static unsigned char dsa512_p[]={
|
||||||
|
0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86,
|
||||||
|
0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0,
|
||||||
|
0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9,
|
||||||
|
0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD,
|
||||||
|
0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66,
|
||||||
|
0xA2,0x76,0x7D,0x31,
|
||||||
|
};
|
||||||
|
static unsigned char dsa512_q[]={
|
||||||
|
0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A,
|
||||||
|
0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F,
|
||||||
|
};
|
||||||
|
static unsigned char dsa512_g[]={
|
||||||
|
0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49,
|
||||||
|
0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9,
|
||||||
|
0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF,
|
||||||
|
0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE,
|
||||||
|
0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12,
|
||||||
|
0xA2,0x03,0x9D,0x20,
|
||||||
|
};
|
||||||
|
|
||||||
|
DSA *get_dsa512()
|
||||||
|
{
|
||||||
|
DSA *dsa;
|
||||||
|
|
||||||
|
if ((dsa=DSA_new()) == NULL) return(NULL);
|
||||||
|
dsa->priv_key=BN_bin2bn(dsa512_priv,sizeof(dsa512_priv),NULL);
|
||||||
|
dsa->pub_key=BN_bin2bn(dsa512_pub,sizeof(dsa512_pub),NULL);
|
||||||
|
dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL);
|
||||||
|
dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL);
|
||||||
|
dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL);
|
||||||
|
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
|
||||||
|
(dsa->q == NULL) || (dsa->g == NULL))
|
||||||
|
return(NULL);
|
||||||
|
return(dsa);
|
||||||
|
}
|
||||||
|
|
||||||
|
static unsigned char dsa1024_priv[]={
|
||||||
|
0x7d,0x21,0xda,0xbb,0x62,0x15,0x47,0x36,0x07,0x67,0x12,0xe8,
|
||||||
|
0x8c,0xaa,0x1c,0xcd,0x38,0x12,0x61,0x18,
|
||||||
|
};
|
||||||
|
static unsigned char dsa1024_pub[]={
|
||||||
|
0x3c,0x4e,0x9c,0x2a,0x7f,0x16,0xc1,0x25,0xeb,0xac,0x78,0x63,
|
||||||
|
0x90,0x14,0x8c,0x8b,0xf4,0x68,0x43,0x3c,0x2d,0xee,0x65,0x50,
|
||||||
|
0x7d,0x9c,0x8f,0x8c,0x8a,0x51,0xd6,0x11,0x2b,0x99,0xaf,0x1e,
|
||||||
|
0x90,0x97,0xb5,0xd3,0xa6,0x20,0x25,0xd6,0xfe,0x43,0x02,0xd5,
|
||||||
|
0x91,0x7d,0xa7,0x8c,0xdb,0xc9,0x85,0xa3,0x36,0x48,0xf7,0x68,
|
||||||
|
0xaa,0x60,0xb1,0xf7,0x05,0x68,0x3a,0xa3,0x3f,0xd3,0x19,0x82,
|
||||||
|
0xd8,0x82,0x7a,0x77,0xfb,0xef,0xf4,0x15,0x0a,0xeb,0x06,0x04,
|
||||||
|
0x7f,0x53,0x07,0x0c,0xbc,0xcb,0x2d,0x83,0xdb,0x3e,0xd1,0x28,
|
||||||
|
0xa5,0xa1,0x31,0xe0,0x67,0xfa,0x50,0xde,0x9b,0x07,0x83,0x7e,
|
||||||
|
0x2c,0x0b,0xc3,0x13,0x50,0x61,0xe5,0xad,0xbd,0x36,0xb8,0x97,
|
||||||
|
0x4e,0x40,0x7d,0xe8,0x83,0x0d,0xbc,0x4b
|
||||||
|
};
|
||||||
|
static unsigned char dsa1024_p[]={
|
||||||
|
0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47,
|
||||||
|
0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D,
|
||||||
|
0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73,
|
||||||
|
0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9,
|
||||||
|
0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5,
|
||||||
|
0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E,
|
||||||
|
0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7,
|
||||||
|
0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95,
|
||||||
|
0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE,
|
||||||
|
0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80,
|
||||||
|
0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49,
|
||||||
|
};
|
||||||
|
static unsigned char dsa1024_q[]={
|
||||||
|
0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C,
|
||||||
|
0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F,
|
||||||
|
};
|
||||||
|
static unsigned char dsa1024_g[]={
|
||||||
|
0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46,
|
||||||
|
0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D,
|
||||||
|
0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88,
|
||||||
|
0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18,
|
||||||
|
0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61,
|
||||||
|
0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F,
|
||||||
|
0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16,
|
||||||
|
0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6,
|
||||||
|
0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5,
|
||||||
|
0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5,
|
||||||
|
0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8,
|
||||||
|
};
|
||||||
|
|
||||||
|
DSA *get_dsa1024()
|
||||||
|
{
|
||||||
|
DSA *dsa;
|
||||||
|
|
||||||
|
if ((dsa=DSA_new()) == NULL) return(NULL);
|
||||||
|
dsa->priv_key=BN_bin2bn(dsa1024_priv,sizeof(dsa1024_priv),NULL);
|
||||||
|
dsa->pub_key=BN_bin2bn(dsa1024_pub,sizeof(dsa1024_pub),NULL);
|
||||||
|
dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL);
|
||||||
|
dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL);
|
||||||
|
dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL);
|
||||||
|
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
|
||||||
|
(dsa->q == NULL) || (dsa->g == NULL))
|
||||||
|
return(NULL);
|
||||||
|
return(dsa);
|
||||||
|
}
|
||||||
|
|
||||||
|
static unsigned char dsa2048_priv[]={
|
||||||
|
0x32,0x67,0x92,0xf6,0xc4,0xe2,0xe2,0xe8,0xa0,0x8b,0x6b,0x45,
|
||||||
|
0x0c,0x8a,0x76,0xb0,0xee,0xcf,0x91,0xa7,
|
||||||
|
};
|
||||||
|
static unsigned char dsa2048_pub[]={
|
||||||
|
0x17,0x8f,0xa8,0x11,0x84,0x92,0xec,0x83,0x47,0xc7,0x6a,0xb0,
|
||||||
|
0x92,0xaf,0x5a,0x20,0x37,0xa3,0x64,0x79,0xd2,0xd0,0x3d,0xcd,
|
||||||
|
0xe0,0x61,0x88,0x88,0x21,0xcc,0x74,0x5d,0xce,0x4c,0x51,0x47,
|
||||||
|
0xf0,0xc5,0x5c,0x4c,0x82,0x7a,0xaf,0x72,0xad,0xb9,0xe0,0x53,
|
||||||
|
0xf2,0x78,0xb7,0xf0,0xb5,0x48,0x7f,0x8a,0x3a,0x18,0xd1,0x9f,
|
||||||
|
0x8b,0x7d,0xa5,0x47,0xb7,0x95,0xab,0x98,0xf8,0x7b,0x74,0x50,
|
||||||
|
0x56,0x8e,0x57,0xf0,0xee,0xf5,0xb7,0xba,0xab,0x85,0x86,0xf9,
|
||||||
|
0x2b,0xef,0x41,0x56,0xa0,0xa4,0x9f,0xb7,0x38,0x00,0x46,0x0a,
|
||||||
|
0xa6,0xf1,0xfc,0x1f,0xd8,0x4e,0x85,0x44,0x92,0x43,0x21,0x5d,
|
||||||
|
0x6e,0xcc,0xc2,0xcb,0x26,0x31,0x0d,0x21,0xc4,0xbd,0x8d,0x24,
|
||||||
|
0xbc,0xd9,0x18,0x19,0xd7,0xdc,0xf1,0xe7,0x93,0x50,0x48,0x03,
|
||||||
|
0x2c,0xae,0x2e,0xe7,0x49,0x88,0x5f,0x93,0x57,0x27,0x99,0x36,
|
||||||
|
0xb4,0x20,0xab,0xfc,0xa7,0x2b,0xf2,0xd9,0x98,0xd7,0xd4,0x34,
|
||||||
|
0x9d,0x96,0x50,0x58,0x9a,0xea,0x54,0xf3,0xee,0xf5,0x63,0x14,
|
||||||
|
0xee,0x85,0x83,0x74,0x76,0xe1,0x52,0x95,0xc3,0xf7,0xeb,0x04,
|
||||||
|
0x04,0x7b,0xa7,0x28,0x1b,0xcc,0xea,0x4a,0x4e,0x84,0xda,0xd8,
|
||||||
|
0x9c,0x79,0xd8,0x9b,0x66,0x89,0x2f,0xcf,0xac,0xd7,0x79,0xf9,
|
||||||
|
0xa9,0xd8,0x45,0x13,0x78,0xb9,0x00,0x14,0xc9,0x7e,0x22,0x51,
|
||||||
|
0x86,0x67,0xb0,0x9f,0x26,0x11,0x23,0xc8,0x38,0xd7,0x70,0x1d,
|
||||||
|
0x15,0x8e,0x4d,0x4f,0x95,0x97,0x40,0xa1,0xc2,0x7e,0x01,0x18,
|
||||||
|
0x72,0xf4,0x10,0xe6,0x8d,0x52,0x16,0x7f,0xf2,0xc9,0xf8,0x33,
|
||||||
|
0x8b,0x33,0xb7,0xce,
|
||||||
|
};
|
||||||
|
static unsigned char dsa2048_p[]={
|
||||||
|
0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F,
|
||||||
|
0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81,
|
||||||
|
0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2,
|
||||||
|
0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E,
|
||||||
|
0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19,
|
||||||
|
0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58,
|
||||||
|
0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B,
|
||||||
|
0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C,
|
||||||
|
0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF,
|
||||||
|
0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56,
|
||||||
|
0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51,
|
||||||
|
0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62,
|
||||||
|
0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18,
|
||||||
|
0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72,
|
||||||
|
0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C,
|
||||||
|
0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5,
|
||||||
|
0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4,
|
||||||
|
0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8,
|
||||||
|
0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F,
|
||||||
|
0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A,
|
||||||
|
0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE,
|
||||||
|
0xF8,0x68,0xCF,0x9B,
|
||||||
|
};
|
||||||
|
static unsigned char dsa2048_q[]={
|
||||||
|
0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6,
|
||||||
|
0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B,
|
||||||
|
};
|
||||||
|
static unsigned char dsa2048_g[]={
|
||||||
|
0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5,
|
||||||
|
0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E,
|
||||||
|
0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C,
|
||||||
|
0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E,
|
||||||
|
0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29,
|
||||||
|
0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8,
|
||||||
|
0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D,
|
||||||
|
0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A,
|
||||||
|
0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F,
|
||||||
|
0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B,
|
||||||
|
0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E,
|
||||||
|
0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7,
|
||||||
|
0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40,
|
||||||
|
0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6,
|
||||||
|
0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5,
|
||||||
|
0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5,
|
||||||
|
0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72,
|
||||||
|
0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64,
|
||||||
|
0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01,
|
||||||
|
0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99,
|
||||||
|
0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E,
|
||||||
|
0xF8,0xB2,0xE5,0x38,
|
||||||
|
};
|
||||||
|
|
||||||
|
DSA *get_dsa2048()
|
||||||
|
{
|
||||||
|
DSA *dsa;
|
||||||
|
|
||||||
|
if ((dsa=DSA_new()) == NULL) return(NULL);
|
||||||
|
dsa->priv_key=BN_bin2bn(dsa2048_priv,sizeof(dsa2048_priv),NULL);
|
||||||
|
dsa->pub_key=BN_bin2bn(dsa2048_pub,sizeof(dsa2048_pub),NULL);
|
||||||
|
dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL);
|
||||||
|
dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL);
|
||||||
|
dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL);
|
||||||
|
if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
|
||||||
|
(dsa->q == NULL) || (dsa->g == NULL))
|
||||||
|
return(NULL);
|
||||||
|
return(dsa);
|
||||||
|
}
|
||||||
|
|
||||||
|
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
|
||||||
|
static int rnd_fake = 0;
|
518
jni/openssl/apps/testrsa.h
Normal file
518
jni/openssl/apps/testrsa.h
Normal file
@ -0,0 +1,518 @@
|
|||||||
|
/* apps/testrsa.h */
|
||||||
|
/* used by apps/speed.c */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
static unsigned char test512[]={
|
||||||
|
0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00,
|
||||||
|
0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01,
|
||||||
|
0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f,
|
||||||
|
0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde,
|
||||||
|
0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71,
|
||||||
|
0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87,
|
||||||
|
0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83,
|
||||||
|
0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02,
|
||||||
|
0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc,
|
||||||
|
0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66,
|
||||||
|
0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf,
|
||||||
|
0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4,
|
||||||
|
0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf,
|
||||||
|
0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26,
|
||||||
|
0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb,
|
||||||
|
0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9,
|
||||||
|
0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a,
|
||||||
|
0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3,
|
||||||
|
0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2,
|
||||||
|
0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53,
|
||||||
|
0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda,
|
||||||
|
0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8,
|
||||||
|
0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d,
|
||||||
|
0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b,
|
||||||
|
0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01,
|
||||||
|
0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11,
|
||||||
|
0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47,
|
||||||
|
0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4,
|
||||||
|
0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99,
|
||||||
|
0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c,
|
||||||
|
0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb,
|
||||||
|
0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c,
|
||||||
|
};
|
||||||
|
|
||||||
|
static unsigned char test1024[]={
|
||||||
|
0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81,
|
||||||
|
0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05,
|
||||||
|
0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5,
|
||||||
|
0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55,
|
||||||
|
0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9,
|
||||||
|
0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96,
|
||||||
|
0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37,
|
||||||
|
0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd,
|
||||||
|
0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24,
|
||||||
|
0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23,
|
||||||
|
0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37,
|
||||||
|
0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94,
|
||||||
|
0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b,
|
||||||
|
0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02,
|
||||||
|
0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f,
|
||||||
|
0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0,
|
||||||
|
0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f,
|
||||||
|
0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f,
|
||||||
|
0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88,
|
||||||
|
0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba,
|
||||||
|
0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c,
|
||||||
|
0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43,
|
||||||
|
0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc,
|
||||||
|
0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee,
|
||||||
|
0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d,
|
||||||
|
0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed,
|
||||||
|
0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20,
|
||||||
|
0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c,
|
||||||
|
0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3,
|
||||||
|
0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02,
|
||||||
|
0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4,
|
||||||
|
0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a,
|
||||||
|
0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc,
|
||||||
|
0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2,
|
||||||
|
0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04,
|
||||||
|
0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52,
|
||||||
|
0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38,
|
||||||
|
0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7,
|
||||||
|
0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20,
|
||||||
|
0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4,
|
||||||
|
0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02,
|
||||||
|
0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b,
|
||||||
|
0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52,
|
||||||
|
0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde,
|
||||||
|
0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f,
|
||||||
|
0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66,
|
||||||
|
0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46,
|
||||||
|
0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad,
|
||||||
|
0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80,
|
||||||
|
0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf,
|
||||||
|
0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84,
|
||||||
|
0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60,
|
||||||
|
0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c,
|
||||||
|
0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b,
|
||||||
|
0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c,
|
||||||
|
0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7,
|
||||||
|
0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53,
|
||||||
|
0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9,
|
||||||
|
0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba,
|
||||||
|
0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14,
|
||||||
|
0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45,
|
||||||
|
};
|
||||||
|
|
||||||
|
static unsigned char test2048[]={
|
||||||
|
0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01,
|
||||||
|
0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f,
|
||||||
|
0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27,
|
||||||
|
0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f,
|
||||||
|
0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde,
|
||||||
|
0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a,
|
||||||
|
0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32,
|
||||||
|
0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f,
|
||||||
|
0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab,
|
||||||
|
0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33,
|
||||||
|
0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f,
|
||||||
|
0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4,
|
||||||
|
0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e,
|
||||||
|
0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29,
|
||||||
|
0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b,
|
||||||
|
0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0,
|
||||||
|
0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34,
|
||||||
|
0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1,
|
||||||
|
0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15,
|
||||||
|
0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c,
|
||||||
|
0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66,
|
||||||
|
0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2,
|
||||||
|
0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27,
|
||||||
|
0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15,
|
||||||
|
0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20,
|
||||||
|
0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1,
|
||||||
|
0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03,
|
||||||
|
0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3,
|
||||||
|
0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa,
|
||||||
|
0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c,
|
||||||
|
0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac,
|
||||||
|
0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40,
|
||||||
|
0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3,
|
||||||
|
0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d,
|
||||||
|
0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01,
|
||||||
|
0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4,
|
||||||
|
0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5,
|
||||||
|
0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9,
|
||||||
|
0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6,
|
||||||
|
0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3,
|
||||||
|
0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e,
|
||||||
|
0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46,
|
||||||
|
0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53,
|
||||||
|
0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59,
|
||||||
|
0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab,
|
||||||
|
0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48,
|
||||||
|
0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca,
|
||||||
|
0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35,
|
||||||
|
0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9,
|
||||||
|
0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b,
|
||||||
|
0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f,
|
||||||
|
0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0,
|
||||||
|
0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33,
|
||||||
|
0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7,
|
||||||
|
0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50,
|
||||||
|
0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c,
|
||||||
|
0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8,
|
||||||
|
0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56,
|
||||||
|
0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f,
|
||||||
|
0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04,
|
||||||
|
0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14,
|
||||||
|
0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c,
|
||||||
|
0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06,
|
||||||
|
0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c,
|
||||||
|
0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28,
|
||||||
|
0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80,
|
||||||
|
0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1,
|
||||||
|
0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc,
|
||||||
|
0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63,
|
||||||
|
0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61,
|
||||||
|
0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94,
|
||||||
|
0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95,
|
||||||
|
0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4,
|
||||||
|
0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84,
|
||||||
|
0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94,
|
||||||
|
0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e,
|
||||||
|
0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11,
|
||||||
|
0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1,
|
||||||
|
0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb,
|
||||||
|
0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80,
|
||||||
|
0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5,
|
||||||
|
0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a,
|
||||||
|
0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29,
|
||||||
|
0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72,
|
||||||
|
0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54,
|
||||||
|
0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8,
|
||||||
|
0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d,
|
||||||
|
0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90,
|
||||||
|
0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27,
|
||||||
|
0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28,
|
||||||
|
0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82,
|
||||||
|
0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90,
|
||||||
|
0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81,
|
||||||
|
0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf,
|
||||||
|
0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01,
|
||||||
|
0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16,
|
||||||
|
0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5,
|
||||||
|
0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3,
|
||||||
|
0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc,
|
||||||
|
0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1,
|
||||||
|
0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8,
|
||||||
|
0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31,
|
||||||
|
0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c,
|
||||||
|
0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b,
|
||||||
|
0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32,
|
||||||
|
0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02,
|
||||||
|
0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9,
|
||||||
|
0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84,
|
||||||
|
0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04,
|
||||||
|
0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a,
|
||||||
|
0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd,
|
||||||
|
0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43,
|
||||||
|
0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46,
|
||||||
|
0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41,
|
||||||
|
0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5,
|
||||||
|
0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b,
|
||||||
|
0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55,
|
||||||
|
0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d,
|
||||||
|
0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4,
|
||||||
|
0x95,
|
||||||
|
};
|
||||||
|
|
||||||
|
static unsigned char test4096[]={
|
||||||
|
0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02,
|
||||||
|
0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43,
|
||||||
|
0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21,
|
||||||
|
0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44,
|
||||||
|
0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28,
|
||||||
|
0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41,
|
||||||
|
0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7,
|
||||||
|
0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd,
|
||||||
|
0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e,
|
||||||
|
0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b,
|
||||||
|
0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6,
|
||||||
|
0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf,
|
||||||
|
0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d,
|
||||||
|
0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e,
|
||||||
|
0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0,
|
||||||
|
0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99,
|
||||||
|
0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90,
|
||||||
|
0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8,
|
||||||
|
0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a,
|
||||||
|
0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda,
|
||||||
|
0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca,
|
||||||
|
0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28,
|
||||||
|
0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7,
|
||||||
|
0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb,
|
||||||
|
0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26,
|
||||||
|
0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c,
|
||||||
|
0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03,
|
||||||
|
0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1,
|
||||||
|
0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09,
|
||||||
|
0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83,
|
||||||
|
0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95,
|
||||||
|
0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc,
|
||||||
|
0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36,
|
||||||
|
0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5,
|
||||||
|
0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc,
|
||||||
|
0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8,
|
||||||
|
0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa,
|
||||||
|
0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca,
|
||||||
|
0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e,
|
||||||
|
0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56,
|
||||||
|
0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48,
|
||||||
|
0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46,
|
||||||
|
0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b,
|
||||||
|
0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe,
|
||||||
|
0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3,
|
||||||
|
0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69,
|
||||||
|
0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe,
|
||||||
|
0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3,
|
||||||
|
0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f,
|
||||||
|
0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed,
|
||||||
|
0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4,
|
||||||
|
0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3,
|
||||||
|
0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02,
|
||||||
|
0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f,
|
||||||
|
0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb,
|
||||||
|
0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd,
|
||||||
|
0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5,
|
||||||
|
0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17,
|
||||||
|
0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52,
|
||||||
|
0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c,
|
||||||
|
0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f,
|
||||||
|
0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12,
|
||||||
|
0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61,
|
||||||
|
0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8,
|
||||||
|
0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4,
|
||||||
|
0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e,
|
||||||
|
0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50,
|
||||||
|
0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea,
|
||||||
|
0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16,
|
||||||
|
0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae,
|
||||||
|
0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6,
|
||||||
|
0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c,
|
||||||
|
0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a,
|
||||||
|
0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e,
|
||||||
|
0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb,
|
||||||
|
0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5,
|
||||||
|
0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6,
|
||||||
|
0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe,
|
||||||
|
0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14,
|
||||||
|
0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88,
|
||||||
|
0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7,
|
||||||
|
0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19,
|
||||||
|
0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40,
|
||||||
|
0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b,
|
||||||
|
0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69,
|
||||||
|
0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9,
|
||||||
|
0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c,
|
||||||
|
0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62,
|
||||||
|
0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2,
|
||||||
|
0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9,
|
||||||
|
0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25,
|
||||||
|
0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d,
|
||||||
|
0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab,
|
||||||
|
0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f,
|
||||||
|
0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c,
|
||||||
|
0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda,
|
||||||
|
0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd,
|
||||||
|
0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54,
|
||||||
|
0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41,
|
||||||
|
0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7,
|
||||||
|
0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1,
|
||||||
|
0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d,
|
||||||
|
0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65,
|
||||||
|
0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28,
|
||||||
|
0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01,
|
||||||
|
0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d,
|
||||||
|
0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14,
|
||||||
|
0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc,
|
||||||
|
0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37,
|
||||||
|
0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81,
|
||||||
|
0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94,
|
||||||
|
0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e,
|
||||||
|
0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9,
|
||||||
|
0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c,
|
||||||
|
0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24,
|
||||||
|
0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc,
|
||||||
|
0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1,
|
||||||
|
0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc,
|
||||||
|
0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84,
|
||||||
|
0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77,
|
||||||
|
0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21,
|
||||||
|
0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6,
|
||||||
|
0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa,
|
||||||
|
0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14,
|
||||||
|
0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39,
|
||||||
|
0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06,
|
||||||
|
0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3,
|
||||||
|
0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35,
|
||||||
|
0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97,
|
||||||
|
0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed,
|
||||||
|
0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01,
|
||||||
|
0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8,
|
||||||
|
0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4,
|
||||||
|
0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94,
|
||||||
|
0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4,
|
||||||
|
0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d,
|
||||||
|
0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c,
|
||||||
|
0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e,
|
||||||
|
0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1,
|
||||||
|
0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc,
|
||||||
|
0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55,
|
||||||
|
0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61,
|
||||||
|
0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92,
|
||||||
|
0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80,
|
||||||
|
0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13,
|
||||||
|
0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48,
|
||||||
|
0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed,
|
||||||
|
0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9,
|
||||||
|
0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a,
|
||||||
|
0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35,
|
||||||
|
0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7,
|
||||||
|
0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c,
|
||||||
|
0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47,
|
||||||
|
0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8,
|
||||||
|
0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7,
|
||||||
|
0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc,
|
||||||
|
0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82,
|
||||||
|
0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b,
|
||||||
|
0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef,
|
||||||
|
0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6,
|
||||||
|
0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80,
|
||||||
|
0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac,
|
||||||
|
0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b,
|
||||||
|
0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35,
|
||||||
|
0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c,
|
||||||
|
0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e,
|
||||||
|
0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a,
|
||||||
|
0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd,
|
||||||
|
0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5,
|
||||||
|
0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc,
|
||||||
|
0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30,
|
||||||
|
0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f,
|
||||||
|
0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c,
|
||||||
|
0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe,
|
||||||
|
0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f,
|
||||||
|
0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91,
|
||||||
|
0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9,
|
||||||
|
0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf,
|
||||||
|
0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76,
|
||||||
|
0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0,
|
||||||
|
0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78,
|
||||||
|
0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10,
|
||||||
|
0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82,
|
||||||
|
0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00,
|
||||||
|
0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25,
|
||||||
|
0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3,
|
||||||
|
0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b,
|
||||||
|
0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79,
|
||||||
|
0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94,
|
||||||
|
0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8,
|
||||||
|
0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38,
|
||||||
|
0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0,
|
||||||
|
0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44,
|
||||||
|
0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b,
|
||||||
|
0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf,
|
||||||
|
0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f,
|
||||||
|
0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28,
|
||||||
|
0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97,
|
||||||
|
0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f,
|
||||||
|
0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48,
|
||||||
|
0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35,
|
||||||
|
0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84,
|
||||||
|
0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a,
|
||||||
|
0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b,
|
||||||
|
0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e,
|
||||||
|
0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55,
|
||||||
|
0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16,
|
||||||
|
0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c,
|
||||||
|
0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82,
|
||||||
|
0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05,
|
||||||
|
0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3,
|
||||||
|
0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e,
|
||||||
|
0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43,
|
||||||
|
0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e,
|
||||||
|
0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a,
|
||||||
|
0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed,
|
||||||
|
0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7,
|
||||||
|
0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c,
|
||||||
|
0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b,
|
||||||
|
0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e,
|
||||||
|
0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95,
|
||||||
|
0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11,
|
||||||
|
0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb,
|
||||||
|
0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e,
|
||||||
|
0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a,
|
||||||
|
0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc,
|
||||||
|
0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35,
|
||||||
|
0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21,
|
||||||
|
0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a,
|
||||||
|
0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70,
|
||||||
|
0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01,
|
||||||
|
0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c,
|
||||||
|
0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26,
|
||||||
|
0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55,
|
||||||
|
0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17,
|
||||||
|
};
|
67
jni/openssl/apps/timeouts.h
Normal file
67
jni/openssl/apps/timeouts.h
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
/* apps/timeouts.h */
|
||||||
|
/*
|
||||||
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef INCLUDED_TIMEOUTS_H
|
||||||
|
#define INCLUDED_TIMEOUTS_H
|
||||||
|
|
||||||
|
/* numbers in us */
|
||||||
|
#define DGRAM_RCV_TIMEOUT 250000
|
||||||
|
#define DGRAM_SND_TIMEOUT 250000
|
||||||
|
|
||||||
|
#endif /* ! INCLUDED_TIMEOUTS_H */
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user