Merge of main trunk, no conflicts this time

This commit is contained in:
Richard Levitte 2000-09-09 07:03:02 +00:00
parent 527cc9841c
commit 06b71aec85
22 changed files with 180 additions and 46 deletions

View file

@ -4,6 +4,15 @@
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
*) Add two demo programs for PKCS12_parse() and PKCS12_create().
Update PKCS12_parse() so it copies the friendlyName and the
keyid to the certificates aux info.
[Steve Henson]
*) Fix bug in PKCS7_verify() which caused an infinite loop
if there was more than one signature.
[Sven Uszpelkat <su@celocom.de>]
*) Major change in util/mkdef.pl to include extra information
about each symbol, as well as presentig variables as well
as functions. This change means that there's n more need

12
FAQ
View file

@ -10,6 +10,7 @@ OpenSSL - Frequently Asked Questions
* Why does the linker complain about undefined symbols?
* Where can I get a compiled version of OpenSSL?
* I've compiled a program under Windows and it crashes: why?
* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
* I've called <some function> and it fails, why?
* I just get a load of numbers for the error output, what do they mean?
* Why do I get errors about unknown algorithms?
@ -181,6 +182,17 @@ otherwise the conflict will cause a program to crash: typically on the
first BIO related read or write operation.
* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
This usually happens when you try compiling something using the PKCS#12
macros with a C++ compiler. There is hardly ever any need to use the
PKCS#12 macros in a program, it is much easier to parse and create
PKCS#12 files using the PKCS12_parse() and PKCS12_create() functions
documented in doc/openssl.txt and with examples in demos/pkcs12. The
'pkcs12' application has to use the macros because it prints out
debugging information.
* I've called <some function> and it fails, why?
Before submitting a report or asking in one of the mailing lists, you

View file

@ -154,13 +154,13 @@ $! Define The Application Files.
$!
$ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+-
"CA;PKCS7;CRL2P7;CRL;"+-
"RSA;DSA;DSAPARAM;"+-
"RSA;RSAUTL;DSA;DSAPARAM;"+-
"X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+-
"S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+-
"CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND"
$ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,-
CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
RSA.OBJ,DSA.OBJ,DSAPARAM.OBJ,-
RSA.OBJ,RSAUTL.OBJ,DSA.OBJ,DSAPARAM.OBJ,-
X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,-
CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ

View file

@ -73,7 +73,7 @@
static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose);
static STACK_OF(X509) *load_untrusted(char *file);
static int v_verbose=0;
static int v_verbose=0, issuer_checks = 0;
int MAIN(int, char **);
@ -147,6 +147,8 @@ int MAIN(int argc, char **argv)
}
else if (strcmp(*argv,"-help") == 0)
goto end;
else if (strcmp(*argv,"-issuer_checks") == 0)
issuer_checks=1;
else if (strcmp(*argv,"-verbose") == 0)
v_verbose=1;
else if (argv[0][0] == '-')
@ -284,6 +286,8 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X
X509_STORE_CTX_init(csc,ctx,x,uchain);
if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain);
if(purpose >= 0) X509_STORE_CTX_set_purpose(csc, purpose);
if(issuer_checks)
X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CB_ISSUER_CHECK);
i=X509_verify_cert(csc);
X509_STORE_CTX_free(csc);

View file

@ -67,9 +67,7 @@
#include <openssl/stack.h>
#include <openssl/safestack.h>
#ifdef VMS
#include <openssl/vms_idhacks.h>
#endif
#include <openssl/symhacks.h>
#ifdef __cplusplus
extern "C" {

View file

@ -98,5 +98,13 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
} else BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
if(aux->alias) BIO_printf(out, "%*sAlias: %s\n", indent, "",
aux->alias->data);
if(aux->keyid) {
BIO_printf(out, "%*sKey Id: ", indent, "");
for(i = 0; i < aux->keyid->length; i++)
BIO_printf(out, "%s%02X",
i ? ":" : "",
aux->keyid->data[i]);
BIO_write(out,"\n",1);
}
return 1;
}

View file

@ -153,6 +153,14 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len)
return ASN1_STRING_set(aux->alias, name, len);
}
int X509_keyid_set1(X509 *x, unsigned char *id, int len)
{
X509_CERT_AUX *aux;
if(!(aux = aux_get(x))) return 0;
if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
return ASN1_STRING_set(aux->keyid, id, len);
}
unsigned char *X509_alias_get0(X509 *x, int *len)
{
if(!x->aux || !x->aux->alias) return NULL;

View file

@ -524,6 +524,7 @@ BIO * BIO_push(BIO *b,BIO *append);
BIO * BIO_pop(BIO *b);
void BIO_free_all(BIO *a);
BIO * BIO_find_type(BIO *b,int bio_type);
BIO * BIO_next(BIO *b);
BIO * BIO_get_retry_BIO(BIO *bio, int *reason);
int BIO_get_retry_reason(BIO *bio);
BIO * BIO_dup_chain(BIO *in);

View file

@ -418,6 +418,7 @@ BIO *BIO_find_type(BIO *bio, int type)
{
int mt,mask;
if(!bio) return NULL;
mask=type&0xff;
do {
if (bio->method != NULL)
@ -436,6 +437,12 @@ BIO *BIO_find_type(BIO *bio, int type)
return(NULL);
}
BIO *BIO_next(BIO *b)
{
if(!b) return NULL;
return b->next_bio;
}
void BIO_free_all(BIO *bio)
{
BIO *b;

View file

@ -204,7 +204,7 @@ $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
"rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null"
$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl"
$ LIB_DH = "dh_gen,dh_key,dh_lib,dh_check,dh_err"
$ LIB_DSO = "dso_err,dso_lib,dso_null,dso_openssl,dso_vms"
$ LIB_DSO = "dso_err,dso_lib,dso_null,dso_openssl" ! + ",dso_vms"
$ LIB_BUFFER = "buffer,buf_err"
$ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
"bss_mem,bss_null,bss_fd,"+ -
@ -220,15 +220,15 @@ $ LIB_EVP = "encode,digest,evp_enc,evp_key,"+ -
"e_des,e_bf,e_idea,e_des3,"+ -
"e_rc4,names,"+ -
"e_xcbc_d,e_rc2,e_cast,e_rc5,"
$ LIB_EVP_2 = "m_null,m_md2,m_md5,m_sha,m_sha1,m_dss,m_dss1,m_mdc2,"+ -
"m_ripemd,"+ -
$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + -
"m_dss,m_dss1,m_mdc2,m_ripemd,"+ -
"p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ -
"bio_md,bio_b64,bio_enc,evp_err,e_null,"+ -
"c_all,c_allc,c_alld,evp_lib,bio_ok,"+-
"evp_pkey,evp_pbe,p5_crpt,p5_crpt2"
$ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ -
"a_null,a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,a_bmp,"+ -
"a_enum,a_vis,a_utf8,a_sign,a_digest,a_verify,a_mbstr,"+ -
"a_enum,a_vis,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ -
"x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,"+ -
"x_name,x_cinf,x_x509,x_x509a,x_crl,x_info,x_spki,nsseq,"+ -
"d2i_r_pr,i2d_r_pr,d2i_r_pu,i2d_r_pu,"+ -

View file

@ -216,7 +216,7 @@ struct HWCryptoHook_CallerContextValue
#define BN2MPI(mp, bn) \
{mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
#define MPI2BN(bn, mp) \
{mp.size = bn->max * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
{mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
#if 0 /* Card and password management is not yet supported */
/* HWCryptoHook callbacks. insert_card() and get_pass() are not yet

View file

@ -32,14 +32,14 @@ $ IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN -
$ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
CREATE/DIR/LOG WRK_SSLINCLUDE:
$
$ SDIRS := ,MD2,MD5,SHA,MDC2,HMAC,RIPEMD,-
$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
DES,RC2,RC4,RC5,IDEA,BF,CAST,-
BN,RSA,DSA,DH,-
BN,RSA,DSA,DH,DSO,ENGINE,-
BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
EVP,ASN1,PEM,X509,X509V3,-
CONF,TXT_DB,PKCS7,PKCS12,COMP
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP
$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h
$ EXHEADER_MD2 := md2.h
$ EXHEADER_MD4 := md4.h
$ EXHEADER_MD5 := md5.h
$ EXHEADER_SHA := sha.h
$ EXHEADER_MDC2 := mdc2.h
@ -56,13 +56,15 @@ $ EXHEADER_BN := bn.h
$ EXHEADER_RSA := rsa.h
$ EXHEADER_DSA := dsa.h
$ EXHEADER_DH := dh.h
$ EXHEADER_DSO := dso.h
$ EXHEADER_ENGINE := engine.h
$ EXHEADER_BUFFER := buffer.h
$ EXHEADER_BIO := bio.h
$ EXHEADER_STACK := stack.h,safestack.h
$ EXHEADER_LHASH := lhash.h
$ EXHEADER_RAND := rand.h
$ EXHEADER_ERR := err.h
$ EXHEADER_OBJECTS := objects.h
$ EXHEADER_OBJECTS := objects.h,obj_mac.h
$ EXHEADER_EVP := evp.h
$ EXHEADER_ASN1 := asn1.h,asn1_mac.h
$ EXHEADER_PEM := pem.h,pem2.h

View file

@ -86,17 +86,14 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
/* Check for NULL PKCS12 structure */
if(!p12)
{
if(!p12) {
PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
return 0;
}
/* Allocate stack for ca certificates if needed */
if ((ca != NULL) && (*ca == NULL))
{
if (!(*ca = sk_X509_new(NULL)))
{
if ((ca != NULL) && (*ca == NULL)) {
if (!(*ca = sk_X509_new(NULL))) {
PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
return 0;
}
@ -206,12 +203,17 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
{
PKCS8_PRIV_KEY_INFO *p8;
X509 *x509;
ASN1_OCTET_STRING *lkey = NULL;
ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
ASN1_TYPE *attrib;
ASN1_BMPSTRING *fname = NULL;
if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
fname = attrib->value.bmpstring;
if ((attrib = PKCS12_get_attr (bag, NID_localKeyID)))
if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) {
lkey = attrib->value.octet_string;
ckid = lkey;
}
/* Check for any local key id matching (if needed) */
if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
@ -247,6 +249,18 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
return 1;
if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0;
if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length);
if(fname) {
int len;
unsigned char *data;
len = ASN1_STRING_to_UTF8(&data, fname);
if(len > 0) {
X509_alias_set1(x509, data, len);
OPENSSL_free(data);
}
}
if (lkey) {
*keymatch |= MATCH_CERT;
if (cert) *cert = x509;

View file

@ -534,7 +534,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
if (EVP_MD_CTX_type(mdc) == j)
break;
else
btmp=btmp->next_bio;
btmp=BIO_next(btmp);
}
/* We now have the EVP_MD_CTX, lets do the
@ -726,7 +726,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
}
if (EVP_MD_CTX_type(mdc) == md_type)
break;
btmp=btmp->next_bio;
btmp=BIO_next(btmp);
}
/* mdc is the digest ctx that we want, unless there are attributes,

View file

@ -153,7 +153,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
PKCS7_SIGNER_INFO *si;
X509_STORE_CTX cert_ctx;
char buf[4096];
int i, j=0;
int i, j=0, k;
BIO *p7bio;
BIO *tmpout;
@ -193,8 +193,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
/* Now verify the certificates */
if (!(flags & PKCS7_NOVERIFY)) for (i = 0; i < sk_X509_num(signers); i++) {
signer = sk_X509_value (signers, i);
if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
signer = sk_X509_value (signers, k);
if (!(flags & PKCS7_NOCHAIN)) {
X509_STORE_CTX_init(&cert_ctx, store, signer,
p7->d.sign->cert);

View file

@ -62,9 +62,7 @@
#include <openssl/bio.h>
#include <openssl/x509.h>
#ifdef VMS
#include <openssl/vms_idhacks.h>
#endif
#include <openssl/symhacks.h>
#ifdef __cplusplus
extern "C" {

View file

@ -912,6 +912,7 @@ int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
long length);
int X509_alias_set1(X509 *x, unsigned char *name, int len);
int X509_keyid_set1(X509 *x, unsigned char *id, int len);
unsigned char * X509_alias_get0(X509 *x, int *len);
int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);

View file

@ -23,6 +23,7 @@ B<openssl> B<smime>
[B<-recip file>]
[B<-in file>]
[B<-inform SMIME|PEM|DER>]
[B<-passin arg>]
[B<-inkey file>]
[B<-out file>]
[B<-outform SMIME|PEM|DER>]
@ -203,6 +204,11 @@ corresponding certificate. If this option is not specified then the
private key must be included in the certificate file specified with
the B<-recip> or B<-signer> file.
=item B<-passin arg>
the private key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
=item B<-rand file(s)>
a file or files containing random data used to seed the random number

View file

@ -12,6 +12,7 @@ B<openssl> B<verify>
[B<-purpose purpose>]
[B<-untrusted file>]
[B<-help>]
[B<-issuer_checks>]
[B<-verbose>]
[B<->]
[certificates]
@ -57,6 +58,14 @@ prints out a usage message.
print extra information about the operations being performed.
=item B<-issuer_checks>
print out diagnostics relating to searches for the issuer certificate
of the current certificate. This shows why each candidate issuer
certificate was rejected. However the presence of rejection messages
does not itself imply that anything is wrong: during the normal
verify process several rejections may take place.
=item B<->
marks the last option. All arguments following this are assumed to be
@ -88,9 +97,21 @@ The verify operation consists of a number of separate steps.
Firstly a certificate chain is built up starting from the supplied certificate
and ending in the root CA. It is an error if the whole chain cannot be built
up. The chain is built up by looking up a certificate whose subject name
matches the issuer name of the current certificate. If a certificate is found
whose subject and issuer names are identical it is assumed to be the root CA.
up. The chain is built up by looking up the issuers certificate of the current
certificate. If a certificate is found which is its own issuer it is assumed
to be the root CA.
The process of 'looking up the issuers certificate' itself involves a number
of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
subject name matched the issuer of the current certificate was assumed to be
the issuers certificate. In OpenSSL 0.9.6 and later all certificates
whose subject name matches the issuer name of the current certificate are
subject to further tests. The relevant authority key identifier components
of the current certificate (if present) must match the subject key identifier
(if present) and issuer and serial number of the candidate issuer, in addition
the keyUsage extension of the candidate issuer (if present) must permit
certificate signing.
The lookup first looks in the list of untrusted certificates and if no match
is found the remaining lookups are from the trusted certificates. The root CA
is always looked up in the trusted certificate list: if the certificate to
@ -260,12 +281,46 @@ the root CA is not marked as trusted for the specified purpose.
the root CA is marked to reject the specified purpose.
=item B<29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
the current candidate issuer certificate was rejected because its subject name
did not match the issuer name of the current certificate. Only displayed when
the B<-issuer_checks> option is set.
=item B<30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
the current candidate issuer certificate was rejected because its subject key
identifier was present and did not match the authority key identifier current
certificate. Only displayed when the B<-issuer_checks> option is set.
=item B<31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
the current candidate issuer certificate was rejected because its issuer name
and serial number was present and did not match the authority key identifier
of the current certificate. Only displayed when the B<-issuer_checks> option is set.
=item B<32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
the current candidate issuer certificate was rejected because its keyUsage extension
does not permit certificate signing.
=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
an application specific error. Unused.
=back
=head1 BUGS
Although the issuer checks are a considerably improvement over the old technique they still
suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
trusted certificates with matching subject name must either appear in a file (as specified by the
B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
the certificates in the file will be recognised.
Previous versions of OpenSSL assume certificates with matching subject name are identical and
mishandled them.
=head1 SEE ALSO
L<x509(1)|x509(1)>

View file

@ -316,7 +316,11 @@ $! Tell The User We Are Partly Rebuilding The [.TEST] Directory.
$!
$ WRITE SYS$OUTPUT "Rebuilding The '[.APPS]MD5.C' And '[.APPS]RMD160.C' Files."
$!
$ DELETE SYS$DISK:[.APPS]MD5.C;*,RMD160.C;*
$ DELETE SYS$DISK:[.APPS]MD4.C;*,MD5.C;*,RMD160.C;*
$!
$! Copy MD4.C from [.CRYPTO.MD4] into [.APPS]
$!
$ COPY SYS$DISK:[.CRYPTO.MD4]MD4.C SYS$DISK:[.APPS]
$!
$! Copy MD5.C from [.CRYPTO.MD5] into [.APPS]
$!
@ -359,14 +363,14 @@ $ COPY 'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL]
$!
$! Copy All The ".H" Files From The [.CRYPTO] Directory Tree.
$!
$ SDIRS := ,MD2,MD5,SHA,MDC2,HMAC,RIPEMD,-
$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
DES,RC2,RC4,RC5,IDEA,BF,CAST,-
BN,RSA,DSA,DH,-
BN,RSA,DSA,DH,DSO,ENGINE,-
BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
EVP,ASN1,PEM,X509,X509V3,-
CONF,TXT_DB,PKCS7,PKCS12,COMP
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP
$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h
$ EXHEADER_MD2 := md2.h
$ EXHEADER_MD4 := md4.h
$ EXHEADER_MD5 := md5.h
$ EXHEADER_SHA := sha.h
$ EXHEADER_MDC2 := mdc2.h
@ -383,13 +387,15 @@ $ EXHEADER_BN := bn.h
$ EXHEADER_RSA := rsa.h
$ EXHEADER_DSA := dsa.h
$ EXHEADER_DH := dh.h
$ EXHEADER_DSO := dso.h
$ EXHEADER_ENGINE := engine.h
$ EXHEADER_BUFFER := buffer.h
$ EXHEADER_BIO := bio.h
$ EXHEADER_STACK := stack.h,safestack.h
$ EXHEADER_LHASH := lhash.h
$ EXHEADER_RAND := rand.h
$ EXHEADER_ERR := err.h
$ EXHEADER_OBJECTS := objects.h
$ EXHEADER_OBJECTS := objects.h,obj_mac.h
$ EXHEADER_EVP := evp.h
$ EXHEADER_ASN1 := asn1.h,asn1_mac.h
$ EXHEADER_PEM := pem.h,pem2.h

View file

@ -143,7 +143,7 @@ $ GOSUB CHECK_OPT_FILE
$!
$! Define The TEST Files.
$!
$ TEST_FILES = "BNTEST,IDEATEST,MD2TEST,MD5TEST,HMACTEST,"+ -
$ TEST_FILES = "BNTEST,IDEATEST,MD2TEST,MD4TEST,MD5TEST,HMACTEST,"+ -
"RC2TEST,RC4TEST,RC5TEST,"+ -
"DESTEST,SHATEST,SHA1TEST,MDC2TEST,RMDTEST,"+ -
"RANDTEST,DHTEST,"+ -

View file

@ -19,7 +19,8 @@ $ then
$ tests = p1
$ else
$ tests := -
test_des,test_idea,test_sha,test_md5,test_hmac,test_md2,test_mdc2,-
test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
test_md2,test_mdc2,-
test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,-
test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
@ -35,6 +36,7 @@ $ SHA1TEST := sha1test
$ MDC2TEST := mdc2test
$ RMDTEST := rmdtest
$ MD2TEST := md2test
$ MD4TEST := md4test
$ MD5TEST := md5test
$ HMACTEST := hmactest
$ RC2TEST := rc2test
@ -74,6 +76,9 @@ $ return
$ test_md5:
$ mcr 'texe_dir''md5test'
$ return
$ test_md4:
$ mcr 'texe_dir''md4test'
$ return
$ test_hmac:
$ mcr 'texe_dir''hmactest'
$ return