mark all block comments that need format preserving so that
indent will not alter them when reformatting comments
(cherry picked from commit 1d97c84351
)
Conflicts:
crypto/bn/bn_lcl.h
crypto/bn/bn_prime.c
crypto/engine/eng_all.c
crypto/rc4/rc4_utl.c
crypto/sha/sha.h
ssl/kssl.c
ssl/t1_lib.c
Conflicts:
crypto/rc4/rc4_enc.c
crypto/x509v3/v3_scts.c
crypto/x509v3/v3nametest.c
ssl/d1_both.c
ssl/s3_srvr.c
ssl/ssl.h
ssl/ssl_locl.h
ssl/ssltest.c
ssl/t1_lib.c
Conflicts:
crypto/asn1/a_sign.c
crypto/bn/bn_div.c
crypto/dsa/dsa_asn1.c
crypto/ec/ecp_nistp224.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp521.c
crypto/ec/ecp_nistputil.c
crypto/modes/gcm128.c
crypto/opensslv.h
ssl/d1_both.c
ssl/heartbeat_test.c
ssl/s3_clnt.c
ssl/s3_srvr.c
ssl/ssl_sess.c
ssl/t1_lib.c
test/testutil.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
parent
569c68744a
commit
f326f6544d
138 changed files with 781 additions and 602 deletions
|
@ -69,7 +69,8 @@
|
|||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
|
||||
/* -inform arg - input format - default PEM (DER or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (DER or PEM)
|
||||
* -in arg - input file - default stdin
|
||||
* -i - indent the details by depth
|
||||
* -offset - where in the file to start
|
||||
|
|
|
@ -2781,7 +2781,8 @@ char *make_revocation_str(int rev_type, char *rev_arg)
|
|||
return str;
|
||||
}
|
||||
|
||||
/* Convert revocation field to X509_REVOKED entry
|
||||
/*-
|
||||
* Convert revocation field to X509_REVOKED entry
|
||||
* return code:
|
||||
* 0 error
|
||||
* 1 OK
|
||||
|
|
|
@ -75,7 +75,8 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
|
|||
#undef PROG
|
||||
#define PROG crl2pkcs7_main
|
||||
|
||||
/* -inform arg - input format - default PEM (DER or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (DER or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -74,7 +74,8 @@
|
|||
#undef PROG
|
||||
#define PROG dh_main
|
||||
|
||||
/* -inform arg - input format - default PEM (DER or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (DER or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -132,7 +132,8 @@
|
|||
|
||||
#define DEFBITS 512
|
||||
|
||||
/* -inform arg - input format - default PEM (DER or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (DER or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -74,7 +74,8 @@
|
|||
#undef PROG
|
||||
#define PROG dsa_main
|
||||
|
||||
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -80,7 +80,8 @@
|
|||
#undef PROG
|
||||
#define PROG dsaparam_main
|
||||
|
||||
/* -inform arg - input format - default PEM (DER or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (DER or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -70,7 +70,8 @@
|
|||
#undef PROG
|
||||
#define PROG ec_main
|
||||
|
||||
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -87,7 +87,8 @@
|
|||
#undef PROG
|
||||
#define PROG ecparam_main
|
||||
|
||||
/* -inform arg - input format - default PEM (DER or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (DER or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -234,7 +234,8 @@ int main(int Argc, char *ARGV[])
|
|||
long errline;
|
||||
|
||||
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
|
||||
/* 2011-03-22 SMS.
|
||||
/*-
|
||||
* 2011-03-22 SMS.
|
||||
* If we have 32-bit pointers everywhere, then we're safe, and
|
||||
* we bypass this mess, as on non-VMS systems. (See ARGV,
|
||||
* above.)
|
||||
|
|
|
@ -43,7 +43,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
|||
char *passwd, BIO *out, int quiet, int table, int reverse,
|
||||
size_t pw_maxlen, int usecrypt, int use1, int useapr1);
|
||||
|
||||
/* -crypt - standard Unix password algorithm (default)
|
||||
/*-
|
||||
* -crypt - standard Unix password algorithm (default)
|
||||
* -1 - MD5-based password algorithm
|
||||
* -apr1 - MD5-based password algorithm, Apache variant
|
||||
* -salt string - salt
|
||||
|
|
|
@ -66,7 +66,8 @@
|
|||
#undef PROG
|
||||
#define PROG rand_main
|
||||
|
||||
/* -out file - write to file
|
||||
/*-
|
||||
* -out file - write to file
|
||||
* -rand file:file - PRNG seed files
|
||||
* -base64 - base64 encode output
|
||||
* -hex - hex encode output
|
||||
|
|
|
@ -105,7 +105,8 @@
|
|||
#undef PROG
|
||||
#define PROG req_main
|
||||
|
||||
/* -inform arg - input format - default PEM (DER or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (DER or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -74,7 +74,8 @@
|
|||
#undef PROG
|
||||
#define PROG rsa_main
|
||||
|
||||
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||
/*-
|
||||
* -inform arg - input format - default PEM (one of DER, NET or PEM)
|
||||
* -outform arg - output format - default PEM
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
|
|
|
@ -421,7 +421,7 @@ redoit:
|
|||
return(0);
|
||||
}
|
||||
|
||||
/*
|
||||
/*-
|
||||
ling.l_onoff=1;
|
||||
ling.l_linger=0;
|
||||
i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
|
||||
|
|
|
@ -73,7 +73,8 @@
|
|||
#undef PROG
|
||||
#define PROG spkac_main
|
||||
|
||||
/* -in arg - input file - default stdin
|
||||
/*-
|
||||
* -in arg - input file - default stdin
|
||||
* -out arg - output file - default stdout
|
||||
*/
|
||||
|
||||
|
|
|
@ -1129,7 +1129,7 @@ static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
|
|||
|
||||
static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx)
|
||||
{
|
||||
/*
|
||||
/*-
|
||||
char buf[256];
|
||||
|
||||
if (!ok)
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
#ifdef USE_DECC_INIT
|
||||
|
||||
/*
|
||||
/*-
|
||||
* 2010-04-26 SMS.
|
||||
*
|
||||
*----------------------------------------------------------------------
|
||||
|
|
|
@ -40,7 +40,7 @@
|
|||
#include "aes_locl.h"
|
||||
|
||||
#ifndef AES_ASM
|
||||
/*
|
||||
/*-
|
||||
Te0[x] = S [x].[02, 01, 01, 03];
|
||||
Te1[x] = S [x].[03, 02, 01, 01];
|
||||
Te2[x] = S [x].[01, 03, 02, 01];
|
||||
|
|
|
@ -103,7 +103,7 @@ typedef unsigned long long u64;
|
|||
})
|
||||
# endif
|
||||
#endif
|
||||
/*
|
||||
/*-
|
||||
Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
|
||||
Te0[x] = S [x].[02, 01, 01, 03];
|
||||
Te1[x] = S [x].[03, 02, 01, 01];
|
||||
|
@ -114,7 +114,7 @@ Te3[x] = S [x].[01, 01, 03, 02];
|
|||
#define Te1 (u32)((u64*)((u8*)Te+3))
|
||||
#define Te2 (u32)((u64*)((u8*)Te+2))
|
||||
#define Te3 (u32)((u64*)((u8*)Te+1))
|
||||
/*
|
||||
/*-
|
||||
Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
|
||||
Td0[x] = Si[x].[0e, 09, 0d, 0b];
|
||||
Td1[x] = Si[x].[0b, 0e, 09, 0d];
|
||||
|
|
|
@ -54,7 +54,8 @@
|
|||
*/
|
||||
|
||||
|
||||
/* This is an implementation of the ASN1 Time structure which is:
|
||||
/*-
|
||||
* This is an implementation of the ASN1 Time structure which is:
|
||||
* Time ::= CHOICE {
|
||||
* utcTime UTCTime,
|
||||
* generalTime GeneralizedTime }
|
||||
|
|
|
@ -63,7 +63,8 @@
|
|||
|
||||
/* UTF8 utilities */
|
||||
|
||||
/* This parses a UTF8 string one character at a time. It is passed a pointer
|
||||
/*-
|
||||
* This parses a UTF8 string one character at a time. It is passed a pointer
|
||||
* to the string and the length of the string. It sets 'value' to the value of
|
||||
* the current character. It returns the number of characters read or a
|
||||
* negative error code:
|
||||
|
|
|
@ -362,7 +362,8 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
|
|||
|
||||
TYPEDEF_D2I2D_OF(void);
|
||||
|
||||
/* The following macros and typedefs allow an ASN1_ITEM
|
||||
/*-
|
||||
* The following macros and typedefs allow an ASN1_ITEM
|
||||
* to be embedded in a structure and referenced. Since
|
||||
* the ASN1_ITEM pointers need to be globally accessible
|
||||
* (possibly from shared libraries) they may exist in
|
||||
|
|
|
@ -129,7 +129,8 @@ extern "C" {
|
|||
|
||||
/* This is a ASN1 type which just embeds a template */
|
||||
|
||||
/* This pair helps declare a SEQUENCE. We can do:
|
||||
/*-
|
||||
* This pair helps declare a SEQUENCE. We can do:
|
||||
*
|
||||
* ASN1_SEQUENCE(stname) = {
|
||||
* ... SEQUENCE components ...
|
||||
|
@ -231,7 +232,8 @@ extern "C" {
|
|||
ASN1_ITEM_end(tname)
|
||||
|
||||
|
||||
/* This pair helps declare a CHOICE type. We can do:
|
||||
/*-
|
||||
* This pair helps declare a CHOICE type. We can do:
|
||||
*
|
||||
* ASN1_CHOICE(chname) = {
|
||||
* ... CHOICE options ...
|
||||
|
|
|
@ -62,7 +62,8 @@
|
|||
#include <openssl/asn1t.h>
|
||||
#include <openssl/x509.h>
|
||||
|
||||
/* X509_ATTRIBUTE: this has the following form:
|
||||
/*-
|
||||
* X509_ATTRIBUTE: this has the following form:
|
||||
*
|
||||
* typedef struct x509_attributes_st
|
||||
* {
|
||||
|
|
|
@ -61,7 +61,8 @@
|
|||
#include <openssl/asn1t.h>
|
||||
#include <openssl/x509.h>
|
||||
|
||||
/* X509_REQ_INFO is handled in an unusual way to get round
|
||||
/*-
|
||||
* X509_REQ_INFO is handled in an unusual way to get round
|
||||
* invalid encodings. Some broken certificate requests don't
|
||||
* encode the attributes field if it is empty. This is in
|
||||
* violation of PKCS#10 but we need to tolerate it. We do
|
||||
|
|
|
@ -72,7 +72,7 @@ extern "C" {
|
|||
#define BF_ENCRYPT 1
|
||||
#define BF_DECRYPT 0
|
||||
|
||||
/*
|
||||
/*-
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
* ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||
* ! BF_LONG_LOG2 has to be defined along. !
|
||||
|
|
|
@ -94,7 +94,7 @@
|
|||
* on all source code distributions.
|
||||
*/
|
||||
|
||||
/*
|
||||
/*-
|
||||
* This code contains numerious changes and enhancements which were
|
||||
* made by lots of contributors over the last years to Patrick Powell's
|
||||
* original code:
|
||||
|
|
|
@ -190,7 +190,8 @@ extern "C" {
|
|||
#define BIO_GHBN_CTRL_FLUSH 5
|
||||
|
||||
/* Mostly used in the SSL BIO */
|
||||
/* Not used anymore
|
||||
/*-
|
||||
* Not used anymore
|
||||
* #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
|
||||
* #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
|
||||
* #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
|
||||
|
@ -308,7 +309,8 @@ DECLARE_STACK_OF(BIO)
|
|||
|
||||
typedef struct bio_f_buffer_ctx_struct
|
||||
{
|
||||
/* Buffers are setup like this:
|
||||
/*-
|
||||
* Buffers are setup like this:
|
||||
*
|
||||
* <---------------------- size ----------------------->
|
||||
* +---------------------------------------------------+
|
||||
|
@ -653,7 +655,8 @@ int BIO_dump_fp(FILE *fp, const char *s, int len);
|
|||
int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
|
||||
#endif
|
||||
struct hostent *BIO_gethostbyname(const char *name);
|
||||
/* We might want a thread-safe interface too:
|
||||
/*-
|
||||
* We might want a thread-safe interface too:
|
||||
* struct hostent *BIO_gethostbyname_r(const char *name,
|
||||
* struct hostent *result, void *buffer, size_t buflen);
|
||||
* or something similar (caller allocates a struct hostent,
|
||||
|
|
|
@ -436,7 +436,7 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||
ret=(long)data->bind_mode;
|
||||
break;
|
||||
case BIO_CTRL_DUP:
|
||||
/* dbio=(BIO *)ptr;
|
||||
/*- dbio=(BIO *)ptr;
|
||||
if (data->param_port) EAY EAY
|
||||
BIO_set_port(dbio,data->param_port);
|
||||
if (data->param_hostname)
|
||||
|
|
|
@ -269,7 +269,8 @@ static int bio_read(BIO *bio, char *buf, int size_)
|
|||
return size;
|
||||
}
|
||||
|
||||
/* non-copying interface: provide pointer to available data in buffer
|
||||
/*-
|
||||
* non-copying interface: provide pointer to available data in buffer
|
||||
* bio_nread0: return number of available bytes
|
||||
* bio_nread: also advance index
|
||||
* (example usage: bio_nread0(), read from buffer, bio_nread()
|
||||
|
@ -422,7 +423,8 @@ static int bio_write(BIO *bio, const char *buf, int num_)
|
|||
return num;
|
||||
}
|
||||
|
||||
/* non-copying interface: provide pointer to region to write to
|
||||
/*-
|
||||
* non-copying interface: provide pointer to region to write to
|
||||
* bio_nwrite0: check how much space is available
|
||||
* bio_nwrite: also increase length
|
||||
* (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
#if !(defined(__GNUC__) && __GNUC__>=2)
|
||||
# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */
|
||||
#else
|
||||
/*
|
||||
/*-
|
||||
* x86_64 BIGNUM accelerator version 0.1, December 2002.
|
||||
*
|
||||
* Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
|
||||
|
@ -65,7 +65,7 @@
|
|||
#undef mul_add
|
||||
#undef sqr
|
||||
|
||||
/*
|
||||
/*-
|
||||
* "m"(a), "+m"(r) is the way to favor DirectPath µ-code;
|
||||
* "g"(0) let the compiler to decide where does it
|
||||
* want to keep the value of zero;
|
||||
|
|
|
@ -689,7 +689,8 @@ BIGNUM *bn_expand2(BIGNUM *a, int words);
|
|||
BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
|
||||
#endif
|
||||
|
||||
/* Bignum consistency macros
|
||||
/*-
|
||||
* Bignum consistency macros
|
||||
* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
|
||||
* bignum data after direct manipulations on the data. There is also an
|
||||
* "internal" macro, bn_check_top(), for verifying that there are no leading
|
||||
|
|
|
@ -69,7 +69,8 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
|
|||
bn_check_top(a);
|
||||
bn_check_top(b);
|
||||
|
||||
/* a + b a+b
|
||||
/*-
|
||||
* a + b a+b
|
||||
* a + -b a-b
|
||||
* -a + b b-a
|
||||
* -a + -b -(a+b)
|
||||
|
@ -269,7 +270,8 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
|
|||
bn_check_top(a);
|
||||
bn_check_top(b);
|
||||
|
||||
/* a - b a-b
|
||||
/*-
|
||||
* a - b a-b
|
||||
* a - -b a+b
|
||||
* -a - b -(a+b)
|
||||
* -a - -b b-a
|
||||
|
|
|
@ -169,7 +169,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
|
|||
#endif /* OPENSSL_NO_ASM */
|
||||
|
||||
|
||||
/* BN_div[_no_branch] computes dv := num / divisor, rounding towards
|
||||
/*-
|
||||
* BN_div[_no_branch] computes dv := num / divisor, rounding towards
|
||||
* zero, and sets up rm such that dv*divisor + rm = num holds.
|
||||
* Thus:
|
||||
* dv->neg == num->neg ^ divisor->neg (unless the result is zero)
|
||||
|
|
|
@ -170,7 +170,8 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
|
|||
bn_check_top(p);
|
||||
bn_check_top(m);
|
||||
|
||||
/* For even modulus m = 2^k*m_odd, it might make sense to compute
|
||||
/*-
|
||||
* For even modulus m = 2^k*m_odd, it might make sense to compute
|
||||
* a^p mod m_odd and a^p mod 2^k separately (with Montgomery
|
||||
* exponentiation for the odd part), using appropriate exponent
|
||||
* reductions, and combine the results using the CRT.
|
||||
|
|
|
@ -246,7 +246,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
|
|||
if (!BN_nnmod(B, B, A, ctx)) goto err;
|
||||
}
|
||||
sign = -1;
|
||||
/* From B = a mod |n|, A = |n| it follows that
|
||||
/*-
|
||||
* From B = a mod |n|, A = |n| it follows that
|
||||
*
|
||||
* 0 <= B < A,
|
||||
* -sign*X*a == B (mod |n|),
|
||||
|
@ -263,7 +264,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
|
|||
|
||||
while (!BN_is_zero(B))
|
||||
{
|
||||
/*
|
||||
/*-
|
||||
* 0 < B < |n|,
|
||||
* 0 < A <= |n|,
|
||||
* (1) -sign*X*a == B (mod |n|),
|
||||
|
@ -310,7 +311,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
|
|||
}
|
||||
|
||||
|
||||
/* We still have (1) and (2).
|
||||
/*-
|
||||
* We still have (1) and (2).
|
||||
* Both A and B are odd.
|
||||
* The following computations ensure that
|
||||
*
|
||||
|
@ -346,7 +348,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
|
|||
{
|
||||
BIGNUM *tmp;
|
||||
|
||||
/*
|
||||
/*-
|
||||
* 0 < B < A,
|
||||
* (*) -sign*X*a == B (mod |n|),
|
||||
* sign*Y*a == A (mod |n|)
|
||||
|
@ -393,7 +395,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
|
|||
if (!BN_div(D,M,A,B,ctx)) goto err;
|
||||
}
|
||||
|
||||
/* Now
|
||||
/*-
|
||||
* Now
|
||||
* A = D*B + M;
|
||||
* thus we have
|
||||
* (**) sign*Y*a == D*B + M (mod |n|).
|
||||
|
@ -406,7 +409,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
|
|||
B=M;
|
||||
/* ... so we have 0 <= B < A again */
|
||||
|
||||
/* Since the former M is now B and the former B is now A,
|
||||
/*-
|
||||
* Since the former M is now B and the former B is now A,
|
||||
* (**) translates into
|
||||
* sign*Y*a == D*A + B (mod |n|),
|
||||
* i.e.
|
||||
|
@ -459,7 +463,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
|
|||
}
|
||||
}
|
||||
|
||||
/*
|
||||
/*-
|
||||
* The while loop (Euclid's algorithm) ends when
|
||||
* A == gcd(a,n);
|
||||
* we have
|
||||
|
@ -547,7 +551,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
|
|||
if (!BN_nnmod(B, pB, A, ctx)) goto err;
|
||||
}
|
||||
sign = -1;
|
||||
/* From B = a mod |n|, A = |n| it follows that
|
||||
/*-
|
||||
* From B = a mod |n|, A = |n| it follows that
|
||||
*
|
||||
* 0 <= B < A,
|
||||
* -sign*X*a == B (mod |n|),
|
||||
|
@ -558,7 +563,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
|
|||
{
|
||||
BIGNUM *tmp;
|
||||
|
||||
/*
|
||||
/*-
|
||||
* 0 < B < A,
|
||||
* (*) -sign*X*a == B (mod |n|),
|
||||
* sign*Y*a == A (mod |n|)
|
||||
|
@ -573,7 +578,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
|
|||
/* (D, M) := (A/B, A%B) ... */
|
||||
if (!BN_div(D,M,pA,B,ctx)) goto err;
|
||||
|
||||
/* Now
|
||||
/*-
|
||||
* Now
|
||||
* A = D*B + M;
|
||||
* thus we have
|
||||
* (**) sign*Y*a == D*B + M (mod |n|).
|
||||
|
@ -586,7 +592,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
|
|||
B=M;
|
||||
/* ... so we have 0 <= B < A again */
|
||||
|
||||
/* Since the former M is now B and the former B is now A,
|
||||
/*-
|
||||
* Since the former M is now B and the former B is now A,
|
||||
* (**) translates into
|
||||
* sign*Y*a == D*A + B (mod |n|),
|
||||
* i.e.
|
||||
|
@ -614,7 +621,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
|
|||
sign = -sign;
|
||||
}
|
||||
|
||||
/*
|
||||
/*-
|
||||
* The while loop (Euclid's algorithm) ends when
|
||||
* A == gcd(a,n);
|
||||
* we have
|
||||
|
|
|
@ -119,7 +119,7 @@ extern "C" {
|
|||
#endif
|
||||
|
||||
|
||||
/*
|
||||
/*-
|
||||
* BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
|
||||
*
|
||||
*
|
||||
|
|
|
@ -71,7 +71,8 @@ const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
|
|||
|
||||
/* This stuff appears to be completely unused, so is deprecated */
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
/* For a 32 bit machine
|
||||
/*-
|
||||
* For a 32 bit machine
|
||||
* 2 - 4 == 128
|
||||
* 3 - 8 == 256
|
||||
* 4 - 16 == 512
|
||||
|
|
|
@ -379,7 +379,8 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
|
|||
/* Karatsuba recursive multiplication algorithm
|
||||
* (cf. Knuth, The Art of Computer Programming, Vol. 2) */
|
||||
|
||||
/* r is 2*n2 words in size,
|
||||
/*-
|
||||
* r is 2*n2 words in size,
|
||||
* a and b are both n2 words in size.
|
||||
* n2 must be a power of 2.
|
||||
* We multiply and return the result.
|
||||
|
@ -500,7 +501,8 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
|
|||
bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p);
|
||||
}
|
||||
|
||||
/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
|
||||
/*-
|
||||
* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
|
||||
* r[10] holds (a[0]*b[0])
|
||||
* r[32] holds (b[1]*b[1])
|
||||
*/
|
||||
|
@ -517,7 +519,8 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
|
|||
c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
|
||||
}
|
||||
|
||||
/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
|
||||
/*-
|
||||
* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
|
||||
* r[10] holds (a[0]*b[0])
|
||||
* r[32] holds (b[1]*b[1])
|
||||
* c1 holds the carry bits
|
||||
|
@ -676,7 +679,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||
}
|
||||
}
|
||||
|
||||
/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
|
||||
/*-
|
||||
* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
|
||||
* r[10] holds (a[0]*b[0])
|
||||
* r[32] holds (b[1]*b[1])
|
||||
*/
|
||||
|
@ -693,7 +697,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||
c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
|
||||
}
|
||||
|
||||
/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
|
||||
/*-
|
||||
* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
|
||||
* r[10] holds (a[0]*b[0])
|
||||
* r[32] holds (b[1]*b[1])
|
||||
* c1 holds the carry bits
|
||||
|
@ -720,7 +725,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||
}
|
||||
}
|
||||
|
||||
/* a and b must be the same size, which is n2.
|
||||
/*-
|
||||
* a and b must be the same size, which is n2.
|
||||
* r needs to be n2 words and t needs to be n2*2
|
||||
*/
|
||||
void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
|
||||
|
@ -749,7 +755,8 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
|
|||
}
|
||||
}
|
||||
|
||||
/* a and b must be the same size, which is n2.
|
||||
/*-
|
||||
* a and b must be the same size, which is n2.
|
||||
* r needs to be n2 words and t needs to be n2*2
|
||||
* l is the low words of the output.
|
||||
* t needs to be n2*3
|
||||
|
@ -820,7 +827,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
|
|||
bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2]));
|
||||
}
|
||||
|
||||
/* s0 == low(al*bl)
|
||||
/*-
|
||||
* s0 == low(al*bl)
|
||||
* s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
|
||||
* We know s0 and s1 so the only unknown is high(al*bl)
|
||||
* high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
|
||||
|
@ -857,16 +865,19 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
|
|||
lp[i]=((~mp[i])+1)&BN_MASK2;
|
||||
}
|
||||
|
||||
/* s[0] = low(al*bl)
|
||||
/*-
|
||||
* s[0] = low(al*bl)
|
||||
* t[3] = high(al*bl)
|
||||
* t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
|
||||
* r[10] = (a[1]*b[1])
|
||||
*/
|
||||
/* R[10] = al*bl
|
||||
/*-
|
||||
* R[10] = al*bl
|
||||
* R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
|
||||
* R[32] = ah*bh
|
||||
*/
|
||||
/* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
|
||||
/*-
|
||||
* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
|
||||
* R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
|
||||
* R[3]=r[1]+(carry/borrow)
|
||||
*/
|
||||
|
|
|
@ -171,7 +171,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
|
|||
i,ctx); /* BN_reciprocal returns i, or -1 for an error */
|
||||
if (recp->shift == -1) goto err;
|
||||
|
||||
/* d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
|
||||
/*-
|
||||
* d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
|
||||
* = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
|
||||
* <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
|
||||
* = |m/N|
|
||||
|
|
|
@ -194,7 +194,8 @@ void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
|
|||
}
|
||||
|
||||
#ifdef BN_RECURSION
|
||||
/* r is 2*n words in size,
|
||||
/*-
|
||||
* r is 2*n words in size,
|
||||
* a and b are both n words in size. (There's not actually a 'b' here ...)
|
||||
* n must be a power of 2.
|
||||
* We multiply and return the result.
|
||||
|
@ -256,7 +257,8 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
|
|||
bn_sqr_recursive(r,a,n,p);
|
||||
bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
|
||||
|
||||
/* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
|
||||
/*-
|
||||
* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
|
||||
* r[10] holds (a[0]*b[0])
|
||||
* r[32] holds (b[1]*b[1])
|
||||
*/
|
||||
|
@ -266,7 +268,8 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
|
|||
/* t[32] is negative */
|
||||
c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
|
||||
|
||||
/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
|
||||
/*-
|
||||
* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
|
||||
* r[10] holds (a[0]*a[0])
|
||||
* r[32] holds (a[1]*a[1])
|
||||
* c1 holds the carry bits
|
||||
|
|
|
@ -135,7 +135,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
|
|||
|
||||
if (e == 1)
|
||||
{
|
||||
/* The easy case: (|p|-1)/2 is odd, so 2 has an inverse
|
||||
/*-
|
||||
* The easy case: (|p|-1)/2 is odd, so 2 has an inverse
|
||||
* modulo (|p|-1)/2, and square roots can be computed
|
||||
* directly by modular exponentiation.
|
||||
* We have
|
||||
|
@ -152,7 +153,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
|
|||
|
||||
if (e == 2)
|
||||
{
|
||||
/* |p| == 5 (mod 8)
|
||||
/*-
|
||||
* |p| == 5 (mod 8)
|
||||
*
|
||||
* In this case 2 is always a non-square since
|
||||
* Legendre(2,p) = (-1)^((p^2-1)/8) for any odd prime.
|
||||
|
@ -262,7 +264,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
|
|||
goto end;
|
||||
}
|
||||
|
||||
/* Now we know that (if p is indeed prime) there is an integer
|
||||
/*-
|
||||
* Now we know that (if p is indeed prime) there is an integer
|
||||
* k, 0 <= k < 2^e, such that
|
||||
*
|
||||
* a^q * y^k == 1 (mod p).
|
||||
|
@ -318,7 +321,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
|
|||
|
||||
while (1)
|
||||
{
|
||||
/* Now b is a^q * y^k for some even k (0 <= k < 2^E
|
||||
/*-
|
||||
* Now b is a^q * y^k for some even k (0 <= k < 2^E
|
||||
* where E refers to the original value of e, which we
|
||||
* don't keep in a variable), and x is a^((q+1)/2) * y^(k/2).
|
||||
*
|
||||
|
|
|
@ -601,7 +601,8 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
|
|||
}
|
||||
e++;
|
||||
}
|
||||
/* So at this point we have
|
||||
/*-
|
||||
* So at this point we have
|
||||
* np which is the start of the name string which is
|
||||
* '\0' terminated.
|
||||
* cp which is the start of the section string which is
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* crypto/constant_time_locl.h */
|
||||
/*
|
||||
/*-
|
||||
* Utilities for constant-time cryptography.
|
||||
*
|
||||
* Author: Emilia Kasper (emilia@openssl.org)
|
||||
|
@ -53,7 +53,7 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
/*-
|
||||
* The boolean methods return a bitmask of all ones (0xff...f) for true
|
||||
* and 0 for false. This is useful for choosing a value based on the result
|
||||
* of a conditional in constant time. For example,
|
||||
|
@ -112,7 +112,7 @@ static inline unsigned int constant_time_eq_int(int a, int b);
|
|||
static inline unsigned char constant_time_eq_int_8(int a, int b);
|
||||
|
||||
|
||||
/*
|
||||
/*-
|
||||
* Returns (mask & a) | (~mask & b).
|
||||
*
|
||||
* When |mask| is all 1s or all 0s (as returned by the methods above),
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* crypto/constant_time_test.c */
|
||||
/*
|
||||
/*-
|
||||
* Utilities for constant-time cryptography.
|
||||
*
|
||||
* Author: Emilia Kasper (emilia@openssl.org)
|
||||
|
|
|
@ -519,7 +519,8 @@ int CRYPTO_remove_all_info(void);
|
|||
void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
|
||||
void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
|
||||
void CRYPTO_dbg_free(void *addr,int before_p);
|
||||
/* Tell the debugging code about options. By default, the following values
|
||||
/*-
|
||||
* Tell the debugging code about options. By default, the following values
|
||||
* apply:
|
||||
*
|
||||
* 0: Clear all options.
|
||||
|
|
|
@ -360,7 +360,8 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
/* IP and FP
|
||||
/*-
|
||||
* IP and FP
|
||||
* The problem is more of a geometric problem that random bit fiddling.
|
||||
0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
|
||||
8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
|
||||
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
/*-
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
*
|
||||
* The function names in here are deprecated and are only present to
|
||||
* provide an interface compatible with openssl 0.9.6 and older as
|
||||
|
|
|
@ -380,7 +380,7 @@ int main(int argc, char *argv[])
|
|||
DES_ENCRYPT);
|
||||
DES_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,&ks,&ks2,&ks3,
|
||||
&iv3,&iv2,DES_ENCRYPT);
|
||||
/* if (memcmp(cbc_out,cbc3_ok,
|
||||
/*- if (memcmp(cbc_out,cbc3_ok,
|
||||
(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
|
||||
{
|
||||
printf("des_ede3_cbc_encrypt encrypt error\n");
|
||||
|
|
|
@ -66,7 +66,7 @@
|
|||
OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode,DES_PCBC_MODE)
|
||||
|
||||
|
||||
/*
|
||||
/*-
|
||||
* WARNINGS:
|
||||
*
|
||||
* - The data format used by DES_enc_write() and DES_enc_read()
|
||||
|
|
|
@ -63,7 +63,7 @@
|
|||
#include "des_locl.h"
|
||||
#include <openssl/rand.h>
|
||||
|
||||
/*
|
||||
/*-
|
||||
* WARNINGS:
|
||||
*
|
||||
* - The data format used by DES_enc_write() and DES_enc_read()
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* crypto/des/ncbc_enc.c */
|
||||
/*
|
||||
/*-
|
||||
* #included by:
|
||||
* cbc_enc.c (DES_cbc_encrypt)
|
||||
* des_enc.c (DES_ncbc_encrypt)
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
*/
|
||||
|
||||
/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */
|
||||
/*
|
||||
/*-
|
||||
* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
|
||||
* unrestricted use provided that this legend is included on all tape
|
||||
* media and as a part of the software program in whole or part. Users
|
||||
|
|
|
@ -105,7 +105,8 @@ int DES_check_key_parity(const_DES_cblock *key)
|
|||
return(1);
|
||||
}
|
||||
|
||||
/* Weak and semi week keys as take from
|
||||
/*-
|
||||
* Weak and semi week keys as take from
|
||||
* %A D.W. Davies
|
||||
* %A W.L. Price
|
||||
* %T Security for Computer Networks
|
||||
|
@ -398,7 +399,7 @@ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
|
|||
{
|
||||
return(DES_set_key(key,schedule));
|
||||
}
|
||||
/*
|
||||
/*-
|
||||
#undef des_fixup_key_parity
|
||||
void des_fixup_key_parity(des_cblock *key)
|
||||
{
|
||||
|
|
|
@ -61,7 +61,8 @@
|
|||
#include <openssl/bn.h>
|
||||
#include <openssl/dh.h>
|
||||
|
||||
/* Check that p is a safe prime and
|
||||
/*-
|
||||
* Check that p is a safe prime and
|
||||
* if g is 2, 3 or 5, check that it is a suitable generator
|
||||
* where
|
||||
* for 2, p mod 24 == 11
|
||||
|
|
|
@ -75,7 +75,8 @@ int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *c
|
|||
return dh_builtin_genparams(ret, prime_len, generator, cb);
|
||||
}
|
||||
|
||||
/* We generate DH parameters as follows
|
||||
/*-
|
||||
* We generate DH parameters as follows
|
||||
* find a prime q which is prime_len/2 bits long.
|
||||
* p=(2*q)+1 or (p-1)/2 = q
|
||||
* For this case, g is a generator if
|
||||
|
|
|
@ -213,7 +213,8 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
|
|||
goto decerr;
|
||||
if (sk_ASN1_TYPE_num(ndsa) != 2)
|
||||
goto decerr;
|
||||
/* Handle Two broken types:
|
||||
/*-
|
||||
* Handle Two broken types:
|
||||
* SEQUENCE {parameters, priv_key}
|
||||
* SEQUENCE {pub_key, priv_key}
|
||||
*/
|
||||
|
|
|
@ -88,7 +88,8 @@ NULL,
|
|||
NULL
|
||||
};
|
||||
|
||||
/* These macro wrappers replace attempts to use the dsa_mod_exp() and
|
||||
/*-
|
||||
* These macro wrappers replace attempts to use the dsa_mod_exp() and
|
||||
* bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
|
||||
* having a the macro work as an expression by bundling an "err_instr". So;
|
||||
*
|
||||
|
|
|
@ -174,7 +174,8 @@ static int vms_load(DSO *dso)
|
|||
goto err;
|
||||
}
|
||||
|
||||
/* A file specification may look like this:
|
||||
/*-
|
||||
* A file specification may look like this:
|
||||
*
|
||||
* node::dev:[dir-spec]name.type;ver
|
||||
*
|
||||
|
|
|
@ -118,7 +118,7 @@ typedef enum {
|
|||
typedef struct ec_method_st EC_METHOD;
|
||||
|
||||
typedef struct ec_group_st
|
||||
/*
|
||||
/*-
|
||||
EC_METHOD *meth;
|
||||
-- field definition
|
||||
-- curve coefficients
|
||||
|
|
|
@ -138,7 +138,8 @@ static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM
|
|||
return ret;
|
||||
}
|
||||
|
||||
/* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
|
||||
/*-
|
||||
* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
|
||||
* using Montgomery point multiplication algorithm Mxy() in appendix of
|
||||
* Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
|
||||
* GF(2^m) without precomputation" (CHES '99, LNCS 1717).
|
||||
|
@ -207,7 +208,8 @@ static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIG
|
|||
}
|
||||
|
||||
|
||||
/* Computes scalar*point and stores the result in r.
|
||||
/*-
|
||||
* Computes scalar*point and stores the result in r.
|
||||
* point can not equal r.
|
||||
* Uses a modified algorithm 2P of
|
||||
* Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
|
||||
|
@ -313,7 +315,8 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
|
|||
}
|
||||
|
||||
|
||||
/* Computes the sum
|
||||
/*-
|
||||
* Computes the sum
|
||||
* scalar*group->generator + scalars[0]*points[0] + ... + scalars[num-1]*points[num-1]
|
||||
* gracefully ignoring NULL scalar values.
|
||||
*/
|
||||
|
|
|
@ -901,7 +901,8 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_
|
|||
lh = BN_CTX_get(ctx);
|
||||
if (lh == NULL) goto err;
|
||||
|
||||
/* We have a curve defined by a Weierstrass equation
|
||||
/*-
|
||||
* We have a curve defined by a Weierstrass equation
|
||||
* y^2 + x*y = x^3 + a*x^2 + b.
|
||||
* <=> x^3 + a*x^2 + x*y + b + y^2 = 0
|
||||
* <=> ((x + a) * x + y ) * x + b + y^2 = 0
|
||||
|
@ -921,7 +922,8 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_
|
|||
}
|
||||
|
||||
|
||||
/* Indicates whether two points are equal.
|
||||
/*-
|
||||
* Indicates whether two points are equal.
|
||||
* Return values:
|
||||
* -1 error
|
||||
* 0 equal (in affine coordinates)
|
||||
|
|
|
@ -112,7 +112,8 @@ struct ec_method_st {
|
|||
void (*point_clear_finish)(EC_POINT *);
|
||||
int (*point_copy)(EC_POINT *, const EC_POINT *);
|
||||
|
||||
/* used by EC_POINT_set_to_infinity,
|
||||
/*-
|
||||
* used by EC_POINT_set_to_infinity,
|
||||
* EC_POINT_set_Jprojective_coordinates_GFp,
|
||||
* EC_POINT_get_Jprojective_coordinates_GFp,
|
||||
* EC_POINT_set_affine_coordinates_GFp, ..._GF2m,
|
||||
|
|
|
@ -619,7 +619,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
|||
if (!(tmp = EC_POINT_new(group)))
|
||||
goto err;
|
||||
|
||||
/* prepare precomputed values:
|
||||
/*-
|
||||
* prepare precomputed values:
|
||||
* val_sub[i][0] := points[i]
|
||||
* val_sub[i][1] := 3 * points[i]
|
||||
* val_sub[i][2] := 5 * points[i]
|
||||
|
@ -744,7 +745,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
|||
}
|
||||
|
||||
|
||||
/* ec_wNAF_precompute_mult()
|
||||
/*-
|
||||
* ec_wNAF_precompute_mult()
|
||||
* creates an EC_PRE_COMP object with preprecomputed multiples of the generator
|
||||
* for use with wNAF splitting as implemented in ec_wNAF_mul().
|
||||
*
|
||||
|
|
|
@ -312,9 +312,11 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
|
|||
if (!BN_copy(b, &group->b)) goto err;
|
||||
}
|
||||
|
||||
/* check the discriminant:
|
||||
/*-
|
||||
* check the discriminant:
|
||||
* y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p)
|
||||
* 0 =< a, b < p */
|
||||
* 0 =< a, b < p
|
||||
*/
|
||||
if (BN_is_zero(a))
|
||||
{
|
||||
if (BN_is_zero(b)) goto err;
|
||||
|
@ -1326,7 +1328,8 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
|
|||
Z6 = BN_CTX_get(ctx);
|
||||
if (Z6 == NULL) goto err;
|
||||
|
||||
/* We have a curve defined by a Weierstrass equation
|
||||
/*-
|
||||
* We have a curve defined by a Weierstrass equation
|
||||
* y^2 = x^3 + a*x + b.
|
||||
* The point to consider is given in Jacobian projective coordinates
|
||||
* where (X, Y, Z) represents (x, y) = (X/Z^2, Y/Z^3).
|
||||
|
@ -1432,7 +1435,8 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
|
|||
Zb23 = BN_CTX_get(ctx);
|
||||
if (Zb23 == NULL) goto end;
|
||||
|
||||
/* We have to decide whether
|
||||
/*-
|
||||
* We have to decide whether
|
||||
* (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
|
||||
* or equivalently, whether
|
||||
* (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
|
||||
|
|
|
@ -62,7 +62,8 @@
|
|||
#include <openssl/engine.h>
|
||||
#endif
|
||||
|
||||
/* returns
|
||||
/*-
|
||||
* returns
|
||||
* 1: correct signature
|
||||
* 0: incorrect signature
|
||||
* -1: error
|
||||
|
@ -76,7 +77,8 @@ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
|
|||
return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
|
||||
}
|
||||
|
||||
/* returns
|
||||
/*-
|
||||
* returns
|
||||
* 1: correct signature
|
||||
* 0: incorrect signature
|
||||
* -1: error
|
||||
|
|
|
@ -284,7 +284,8 @@ typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
|
|||
typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
|
||||
STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
|
||||
STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
|
||||
/* These callback types are for an ENGINE's handler for cipher and digest logic.
|
||||
/*-
|
||||
* These callback types are for an ENGINE's handler for cipher and digest logic.
|
||||
* These handlers have these prototypes;
|
||||
* int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
|
||||
* int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
|
||||
|
@ -351,13 +352,14 @@ void ENGINE_load_builtin_engines(void);
|
|||
unsigned int ENGINE_get_table_flags(void);
|
||||
void ENGINE_set_table_flags(unsigned int flags);
|
||||
|
||||
/* Manage registration of ENGINEs per "table". For each type, there are 3
|
||||
/*- Manage registration of ENGINEs per "table". For each type, there are 3
|
||||
* functions;
|
||||
* ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
|
||||
* ENGINE_unregister_***(e) - unregister the implementation from 'e'
|
||||
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
|
||||
* Cleanup is automatically registered from each table when required, so
|
||||
* ENGINE_cleanup() will reverse any "register" operations. */
|
||||
* ENGINE_cleanup() will reverse any "register" operations.
|
||||
*/
|
||||
|
||||
int ENGINE_register_RSA(ENGINE *e);
|
||||
void ENGINE_unregister_RSA(ENGINE *e);
|
||||
|
|
|
@ -387,7 +387,7 @@ static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
|||
return(ret);
|
||||
}
|
||||
|
||||
/*
|
||||
/*-
|
||||
void BIO_set_cipher_ctx(b,c)
|
||||
BIO *b;
|
||||
EVP_CIPHER_ctx *c;
|
||||
|
|
|
@ -259,7 +259,7 @@ static int md_gets(BIO *bp, char *buf, int size)
|
|||
return((int)ret);
|
||||
}
|
||||
|
||||
/*
|
||||
/*-
|
||||
static int md_puts(bp,str)
|
||||
BIO *bp;
|
||||
char *str;
|
||||
|
|
|
@ -56,7 +56,7 @@
|
|||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
/*
|
||||
/*-
|
||||
From: Arne Ansper <arne@cyber.ee>
|
||||
|
||||
Why BIO_f_reliable?
|
||||
|
|
|
@ -74,7 +74,8 @@
|
|||
#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f])
|
||||
#endif
|
||||
|
||||
/* 64 char lines
|
||||
/*-
|
||||
* 64 char lines
|
||||
* pad input with 0
|
||||
* left over chars are set to =
|
||||
* 1 byte => xx==
|
||||
|
@ -88,7 +89,8 @@
|
|||
static const unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
|
||||
abcdefghijklmnopqrstuvwxyz0123456789+/";
|
||||
|
||||
/* 0xF0 is a EOLN
|
||||
/*-
|
||||
* 0xF0 is a EOLN
|
||||
* 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
|
||||
* 0xF2 is EOF
|
||||
* 0xE0 is ignore at start of line.
|
||||
|
@ -228,7 +230,8 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
|
|||
ctx->expect_nl=0;
|
||||
}
|
||||
|
||||
/* -1 for error
|
||||
/*-
|
||||
* -1 for error
|
||||
* 0 for last line
|
||||
* 1 for full line
|
||||
*/
|
||||
|
|
|
@ -75,7 +75,7 @@
|
|||
#include <openssl/bio.h>
|
||||
#endif
|
||||
|
||||
/*
|
||||
/*-
|
||||
#define EVP_RC2_KEY_SIZE 16
|
||||
#define EVP_RC4_KEY_SIZE 16
|
||||
#define EVP_BLOWFISH_KEY_SIZE 16
|
||||
|
|
|
@ -185,7 +185,7 @@ BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
|
|||
init_key, cleanup, set_asn1, get_asn1, ctrl)
|
||||
|
||||
|
||||
/*
|
||||
/*-
|
||||
#define BLOCK_CIPHER_defs(cname, kstruct, \
|
||||
nid, block_size, key_len, iv_len, flags,\
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl)\
|
||||
|
|
|
@ -94,7 +94,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek
|
|||
return(npubk);
|
||||
}
|
||||
|
||||
/* MACRO
|
||||
/*- MACRO
|
||||
void EVP_SealUpdate(ctx,out,outl,in,inl)
|
||||
EVP_CIPHER_CTX *ctx;
|
||||
unsigned char *out;
|
||||
|
|
|
@ -100,7 +100,7 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
|
|||
0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
|
||||
0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
|
||||
|
||||
/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
|
||||
/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
|
||||
0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
|
||||
0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
|
||||
};
|
||||
|
|
|
@ -347,7 +347,7 @@ int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx)
|
|||
BIGNUM *t1 = BN_new();
|
||||
BIGNUM *t2 = BN_new();
|
||||
|
||||
/*
|
||||
/*-
|
||||
* X = g^{(xa + xc + xd) * xb * s}
|
||||
* t1 = g^xa
|
||||
*/
|
||||
|
@ -359,7 +359,7 @@ int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx)
|
|||
/* t2 = xb * s */
|
||||
BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx);
|
||||
|
||||
/*
|
||||
/*-
|
||||
* ZKP(xb * s)
|
||||
* XXX: this is kinda funky, because we're using
|
||||
*
|
||||
|
@ -384,7 +384,7 @@ static int compute_key(JPAKE_CTX *ctx, const BIGNUM *gx)
|
|||
BIGNUM *t2 = BN_new();
|
||||
BIGNUM *t3 = BN_new();
|
||||
|
||||
/*
|
||||
/*-
|
||||
* K = (gx/g^{xb * xd * s})^{xb}
|
||||
* = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb}
|
||||
* = (g^{(xa + xc) * xd * s})^{xb}
|
||||
|
@ -417,7 +417,7 @@ int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received)
|
|||
BIGNUM *t2 = BN_new();
|
||||
int ret = 0;
|
||||
|
||||
/*
|
||||
/*-
|
||||
* g' = g^{xc + xa + xb} [from our POV]
|
||||
* t1 = xa + xb
|
||||
*/
|
||||
|
|
|
@ -128,12 +128,12 @@ int main(int argc, char **argv)
|
|||
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
/*
|
||||
/*-
|
||||
BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
|
||||
BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
|
||||
BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
|
||||
*/
|
||||
/*
|
||||
/*-
|
||||
p = BN_new();
|
||||
BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
|
||||
*/
|
||||
|
|
|
@ -71,14 +71,14 @@ extern "C" {
|
|||
|
||||
|
||||
/* ASN.1 from Kerberos RFC 1510
|
||||
*/
|
||||
*/
|
||||
|
||||
/* EncryptedData ::= SEQUENCE {
|
||||
** etype[0] INTEGER, -- EncryptionType
|
||||
** kvno[1] INTEGER OPTIONAL,
|
||||
** cipher[2] OCTET STRING -- ciphertext
|
||||
** }
|
||||
*/
|
||||
/*- EncryptedData ::= SEQUENCE {
|
||||
* etype[0] INTEGER, -- EncryptionType
|
||||
* kvno[1] INTEGER OPTIONAL,
|
||||
* cipher[2] OCTET STRING -- ciphertext
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_encdata_st
|
||||
{
|
||||
ASN1_INTEGER *etype;
|
||||
|
@ -88,11 +88,11 @@ typedef struct krb5_encdata_st
|
|||
|
||||
DECLARE_STACK_OF(KRB5_ENCDATA)
|
||||
|
||||
/* PrincipalName ::= SEQUENCE {
|
||||
** name-type[0] INTEGER,
|
||||
** name-string[1] SEQUENCE OF GeneralString
|
||||
** }
|
||||
*/
|
||||
/*- PrincipalName ::= SEQUENCE {
|
||||
* name-type[0] INTEGER,
|
||||
* name-string[1] SEQUENCE OF GeneralString
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_princname_st
|
||||
{
|
||||
ASN1_INTEGER *nametype;
|
||||
|
@ -102,13 +102,13 @@ typedef struct krb5_princname_st
|
|||
DECLARE_STACK_OF(KRB5_PRINCNAME)
|
||||
|
||||
|
||||
/* Ticket ::= [APPLICATION 1] SEQUENCE {
|
||||
** tkt-vno[0] INTEGER,
|
||||
** realm[1] Realm,
|
||||
** sname[2] PrincipalName,
|
||||
** enc-part[3] EncryptedData
|
||||
** }
|
||||
*/
|
||||
/*- Ticket ::= [APPLICATION 1] SEQUENCE {
|
||||
* tkt-vno[0] INTEGER,
|
||||
* realm[1] Realm,
|
||||
* sname[2] PrincipalName,
|
||||
* enc-part[3] EncryptedData
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_tktbody_st
|
||||
{
|
||||
ASN1_INTEGER *tktvno;
|
||||
|
@ -121,17 +121,17 @@ typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
|
|||
DECLARE_STACK_OF(KRB5_TKTBODY)
|
||||
|
||||
|
||||
/* AP-REQ ::= [APPLICATION 14] SEQUENCE {
|
||||
** pvno[0] INTEGER,
|
||||
** msg-type[1] INTEGER,
|
||||
** ap-options[2] APOptions,
|
||||
** ticket[3] Ticket,
|
||||
** authenticator[4] EncryptedData
|
||||
** }
|
||||
**
|
||||
** APOptions ::= BIT STRING {
|
||||
** reserved(0), use-session-key(1), mutual-required(2) }
|
||||
*/
|
||||
/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
|
||||
* pvno[0] INTEGER,
|
||||
* msg-type[1] INTEGER,
|
||||
* ap-options[2] APOptions,
|
||||
* ticket[3] Ticket,
|
||||
* authenticator[4] EncryptedData
|
||||
* }
|
||||
*
|
||||
* APOptions ::= BIT STRING {
|
||||
* reserved(0), use-session-key(1), mutual-required(2) }
|
||||
*/
|
||||
typedef struct krb5_ap_req_st
|
||||
{
|
||||
ASN1_INTEGER *pvno;
|
||||
|
@ -148,11 +148,11 @@ DECLARE_STACK_OF(KRB5_APREQBODY)
|
|||
/* Authenticator Stuff */
|
||||
|
||||
|
||||
/* Checksum ::= SEQUENCE {
|
||||
** cksumtype[0] INTEGER,
|
||||
** checksum[1] OCTET STRING
|
||||
** }
|
||||
*/
|
||||
/*- Checksum ::= SEQUENCE {
|
||||
* cksumtype[0] INTEGER,
|
||||
* checksum[1] OCTET STRING
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_checksum_st
|
||||
{
|
||||
ASN1_INTEGER *ctype;
|
||||
|
@ -162,11 +162,11 @@ typedef struct krb5_checksum_st
|
|||
DECLARE_STACK_OF(KRB5_CHECKSUM)
|
||||
|
||||
|
||||
/* EncryptionKey ::= SEQUENCE {
|
||||
** keytype[0] INTEGER,
|
||||
** keyvalue[1] OCTET STRING
|
||||
** }
|
||||
*/
|
||||
/*- EncryptionKey ::= SEQUENCE {
|
||||
* keytype[0] INTEGER,
|
||||
* keyvalue[1] OCTET STRING
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_encryptionkey_st
|
||||
{
|
||||
ASN1_INTEGER *ktype;
|
||||
|
@ -176,11 +176,11 @@ typedef struct krb5_encryptionkey_st
|
|||
DECLARE_STACK_OF(KRB5_ENCKEY)
|
||||
|
||||
|
||||
/* AuthorizationData ::= SEQUENCE OF SEQUENCE {
|
||||
** ad-type[0] INTEGER,
|
||||
** ad-data[1] OCTET STRING
|
||||
** }
|
||||
*/
|
||||
/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
|
||||
* ad-type[0] INTEGER,
|
||||
* ad-data[1] OCTET STRING
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_authorization_st
|
||||
{
|
||||
ASN1_INTEGER *adtype;
|
||||
|
@ -190,19 +190,19 @@ typedef struct krb5_authorization_st
|
|||
DECLARE_STACK_OF(KRB5_AUTHDATA)
|
||||
|
||||
|
||||
/* -- Unencrypted authenticator
|
||||
** Authenticator ::= [APPLICATION 2] SEQUENCE {
|
||||
** authenticator-vno[0] INTEGER,
|
||||
** crealm[1] Realm,
|
||||
** cname[2] PrincipalName,
|
||||
** cksum[3] Checksum OPTIONAL,
|
||||
** cusec[4] INTEGER,
|
||||
** ctime[5] KerberosTime,
|
||||
** subkey[6] EncryptionKey OPTIONAL,
|
||||
** seq-number[7] INTEGER OPTIONAL,
|
||||
** authorization-data[8] AuthorizationData OPTIONAL
|
||||
** }
|
||||
*/
|
||||
/*- -- Unencrypted authenticator
|
||||
* Authenticator ::= [APPLICATION 2] SEQUENCE {
|
||||
* authenticator-vno[0] INTEGER,
|
||||
* crealm[1] Realm,
|
||||
* cname[2] PrincipalName,
|
||||
* cksum[3] Checksum OPTIONAL,
|
||||
* cusec[4] INTEGER,
|
||||
* ctime[5] KerberosTime,
|
||||
* subkey[6] EncryptionKey OPTIONAL,
|
||||
* seq-number[7] INTEGER OPTIONAL,
|
||||
* authorization-data[8] AuthorizationData OPTIONAL
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_authenticator_st
|
||||
{
|
||||
ASN1_INTEGER *avno;
|
||||
|
@ -220,15 +220,15 @@ typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
|
|||
DECLARE_STACK_OF(KRB5_AUTHENTBODY)
|
||||
|
||||
|
||||
/* DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
|
||||
** type *name##_new(void);
|
||||
** void name##_free(type *a);
|
||||
** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
|
||||
** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
|
||||
** type *d2i_##name(type **a, const unsigned char **in, long len);
|
||||
** int i2d_##name(type *a, unsigned char **out);
|
||||
** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
|
||||
*/
|
||||
/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
|
||||
* type *name##_new(void);
|
||||
* void name##_free(type *a);
|
||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
|
||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
|
||||
* type *d2i_##name(type **a, const unsigned char **in, long len);
|
||||
* int i2d_##name(type *a, unsigned char **out);
|
||||
* DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
|
||||
*/
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
|
||||
|
|
|
@ -56,7 +56,8 @@
|
|||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
/* Code for dynamic hash table routines
|
||||
/*-
|
||||
* Code for dynamic hash table routines
|
||||
* Author - Eric Young v 2.0
|
||||
*
|
||||
* 2.2 eay - added #include "crypto.h" so the memory leak checking code is
|
||||
|
|
|
@ -49,7 +49,7 @@
|
|||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
/*-
|
||||
* This is a generic 32 bit "collector" for message digest algorithms.
|
||||
* Whenever needed it collects input character stream into chunks of
|
||||
* 32 bit values and invokes a block function that performs actual hash
|
||||
|
|
|
@ -70,7 +70,7 @@ extern "C" {
|
|||
#error MD4 is disabled.
|
||||
#endif
|
||||
|
||||
/*
|
||||
/*-
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
* ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||
* ! MD4_LONG_LOG2 has to be defined along. !
|
||||
|
|
|
@ -148,7 +148,8 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
|
|||
/* Since there was no gmtime_r() to do this stuff for us,
|
||||
we have to do it the hard way. */
|
||||
{
|
||||
/* The VMS epoch is the astronomical Smithsonian date,
|
||||
/*-
|
||||
* The VMS epoch is the astronomical Smithsonian date,
|
||||
if I remember correctly, which is November 17, 1858.
|
||||
Furthermore, time is measure in thenths of microseconds
|
||||
and stored in quadwords (64 bit integers). unix_epoch
|
||||
|
|
|
@ -639,7 +639,8 @@
|
|||
#define NID_ripemd160WithRSA 119
|
||||
#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
|
||||
|
||||
/* Taken from rfc2040
|
||||
/*-
|
||||
* Taken from rfc2040
|
||||
* RC5_CBC_Parameters ::= SEQUENCE {
|
||||
* version INTEGER (v1_0(16)),
|
||||
* rounds INTEGER (8..127),
|
||||
|
@ -1028,7 +1029,7 @@ const void * OBJ_bsearch_ex_(const void *key,const void *base,int num,
|
|||
#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
|
||||
type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
|
||||
|
||||
/*
|
||||
/*-
|
||||
* Unsolved problem: if a type is actually a pointer type, like
|
||||
* nid_triple is, then its impossible to get a const where you need
|
||||
* it. Consider:
|
||||
|
|
|
@ -90,7 +90,7 @@ extern "C" {
|
|||
#define OCSP_RESPID_KEY 0x400
|
||||
#define OCSP_NOTIME 0x800
|
||||
|
||||
/* CertID ::= SEQUENCE {
|
||||
/*- CertID ::= SEQUENCE {
|
||||
* hashAlgorithm AlgorithmIdentifier,
|
||||
* issuerNameHash OCTET STRING, -- Hash of Issuer's DN
|
||||
* issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
|
||||
|
@ -106,7 +106,7 @@ typedef struct ocsp_cert_id_st
|
|||
|
||||
DECLARE_STACK_OF(OCSP_CERTID)
|
||||
|
||||
/* Request ::= SEQUENCE {
|
||||
/*- Request ::= SEQUENCE {
|
||||
* reqCert CertID,
|
||||
* singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
|
||||
*/
|
||||
|
@ -120,7 +120,7 @@ DECLARE_STACK_OF(OCSP_ONEREQ)
|
|||
DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
|
||||
|
||||
|
||||
/* TBSRequest ::= SEQUENCE {
|
||||
/*- TBSRequest ::= SEQUENCE {
|
||||
* version [0] EXPLICIT Version DEFAULT v1,
|
||||
* requestorName [1] EXPLICIT GeneralName OPTIONAL,
|
||||
* requestList SEQUENCE OF Request,
|
||||
|
@ -134,7 +134,7 @@ typedef struct ocsp_req_info_st
|
|||
STACK_OF(X509_EXTENSION) *requestExtensions;
|
||||
} OCSP_REQINFO;
|
||||
|
||||
/* Signature ::= SEQUENCE {
|
||||
/*- Signature ::= SEQUENCE {
|
||||
* signatureAlgorithm AlgorithmIdentifier,
|
||||
* signature BIT STRING,
|
||||
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
|
||||
|
@ -146,7 +146,7 @@ typedef struct ocsp_signature_st
|
|||
STACK_OF(X509) *certs;
|
||||
} OCSP_SIGNATURE;
|
||||
|
||||
/* OCSPRequest ::= SEQUENCE {
|
||||
/*- OCSPRequest ::= SEQUENCE {
|
||||
* tbsRequest TBSRequest,
|
||||
* optionalSignature [0] EXPLICIT Signature OPTIONAL }
|
||||
*/
|
||||
|
@ -156,7 +156,7 @@ typedef struct ocsp_request_st
|
|||
OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
|
||||
} OCSP_REQUEST;
|
||||
|
||||
/* OCSPResponseStatus ::= ENUMERATED {
|
||||
/*- OCSPResponseStatus ::= ENUMERATED {
|
||||
* successful (0), --Response has valid confirmations
|
||||
* malformedRequest (1), --Illegal confirmation request
|
||||
* internalError (2), --Internal error in issuer
|
||||
|
@ -173,7 +173,7 @@ typedef struct ocsp_request_st
|
|||
#define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
|
||||
#define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
|
||||
|
||||
/* ResponseBytes ::= SEQUENCE {
|
||||
/*- ResponseBytes ::= SEQUENCE {
|
||||
* responseType OBJECT IDENTIFIER,
|
||||
* response OCTET STRING }
|
||||
*/
|
||||
|
@ -183,7 +183,7 @@ typedef struct ocsp_resp_bytes_st
|
|||
ASN1_OCTET_STRING *response;
|
||||
} OCSP_RESPBYTES;
|
||||
|
||||
/* OCSPResponse ::= SEQUENCE {
|
||||
/*- OCSPResponse ::= SEQUENCE {
|
||||
* responseStatus OCSPResponseStatus,
|
||||
* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
|
||||
*/
|
||||
|
@ -193,7 +193,7 @@ struct ocsp_response_st
|
|||
OCSP_RESPBYTES *responseBytes;
|
||||
};
|
||||
|
||||
/* ResponderID ::= CHOICE {
|
||||
/*- ResponderID ::= CHOICE {
|
||||
* byName [1] Name,
|
||||
* byKey [2] KeyHash }
|
||||
*/
|
||||
|
@ -211,11 +211,11 @@ struct ocsp_responder_id_st
|
|||
DECLARE_STACK_OF(OCSP_RESPID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
||||
|
||||
/* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
|
||||
/*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
|
||||
* --(excluding the tag and length fields)
|
||||
*/
|
||||
|
||||
/* RevokedInfo ::= SEQUENCE {
|
||||
/*- RevokedInfo ::= SEQUENCE {
|
||||
* revocationTime GeneralizedTime,
|
||||
* revocationReason [0] EXPLICIT CRLReason OPTIONAL }
|
||||
*/
|
||||
|
@ -225,7 +225,7 @@ typedef struct ocsp_revoked_info_st
|
|||
ASN1_ENUMERATED *revocationReason;
|
||||
} OCSP_REVOKEDINFO;
|
||||
|
||||
/* CertStatus ::= CHOICE {
|
||||
/*- CertStatus ::= CHOICE {
|
||||
* good [0] IMPLICIT NULL,
|
||||
* revoked [1] IMPLICIT RevokedInfo,
|
||||
* unknown [2] IMPLICIT UnknownInfo }
|
||||
|
@ -243,7 +243,7 @@ typedef struct ocsp_cert_status_st
|
|||
} value;
|
||||
} OCSP_CERTSTATUS;
|
||||
|
||||
/* SingleResponse ::= SEQUENCE {
|
||||
/*- SingleResponse ::= SEQUENCE {
|
||||
* certID CertID,
|
||||
* certStatus CertStatus,
|
||||
* thisUpdate GeneralizedTime,
|
||||
|
@ -262,7 +262,7 @@ typedef struct ocsp_single_response_st
|
|||
DECLARE_STACK_OF(OCSP_SINGLERESP)
|
||||
DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
|
||||
|
||||
/* ResponseData ::= SEQUENCE {
|
||||
/*- ResponseData ::= SEQUENCE {
|
||||
* version [0] EXPLICIT Version DEFAULT v1,
|
||||
* responderID ResponderID,
|
||||
* producedAt GeneralizedTime,
|
||||
|
@ -278,7 +278,7 @@ typedef struct ocsp_response_data_st
|
|||
STACK_OF(X509_EXTENSION) *responseExtensions;
|
||||
} OCSP_RESPDATA;
|
||||
|
||||
/* BasicOCSPResponse ::= SEQUENCE {
|
||||
/*- BasicOCSPResponse ::= SEQUENCE {
|
||||
* tbsResponseData ResponseData,
|
||||
* signatureAlgorithm AlgorithmIdentifier,
|
||||
* signature BIT STRING,
|
||||
|
@ -308,7 +308,7 @@ typedef struct ocsp_basic_response_st
|
|||
STACK_OF(X509) *certs;
|
||||
} OCSP_BASICRESP;
|
||||
|
||||
/*
|
||||
/*-
|
||||
* CRLReason ::= ENUMERATED {
|
||||
* unspecified (0),
|
||||
* keyCompromise (1),
|
||||
|
@ -329,7 +329,8 @@ typedef struct ocsp_basic_response_st
|
|||
#define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
|
||||
#define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
|
||||
|
||||
/* CrlID ::= SEQUENCE {
|
||||
/*-
|
||||
* CrlID ::= SEQUENCE {
|
||||
* crlUrl [0] EXPLICIT IA5String OPTIONAL,
|
||||
* crlNum [1] EXPLICIT INTEGER OPTIONAL,
|
||||
* crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
|
||||
|
@ -341,7 +342,8 @@ typedef struct ocsp_crl_id_st
|
|||
ASN1_GENERALIZEDTIME *crlTime;
|
||||
} OCSP_CRLID;
|
||||
|
||||
/* ServiceLocator ::= SEQUENCE {
|
||||
/*-
|
||||
* ServiceLocator ::= SEQUENCE {
|
||||
* issuer Name,
|
||||
* locator AuthorityInfoAccessSyntax OPTIONAL }
|
||||
*/
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
#ifndef HEADER_OPENSSLV_H
|
||||
#define HEADER_OPENSSLV_H
|
||||
|
||||
/* Numeric release version identifier:
|
||||
/*-
|
||||
* Numeric release version identifier:
|
||||
* MNNFFPPS: major minor fix patch status
|
||||
* The status nibble has one of the values 0 for development, 1 to e for betas
|
||||
* 1 to 14, and f for release. The patch level is exactly that.
|
||||
|
@ -34,7 +35,8 @@
|
|||
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
||||
/* The macros below are to be used for shared library (.so, .dll, ...)
|
||||
/*-
|
||||
* The macros below are to be used for shared library (.so, .dll, ...)
|
||||
* versioning. That kind of versioning works a bit differently between
|
||||
* operating systems. The most usual scheme is to set a major and a minor
|
||||
* number, and have the runtime loader check that the major number is equal
|
||||
|
|
|
@ -76,7 +76,7 @@ extern "C" {
|
|||
#undef PKCS7_SIGNER_INFO
|
||||
#endif
|
||||
|
||||
/*
|
||||
/*-
|
||||
Encryption_ID DES-CBC
|
||||
Digest_ID MD5
|
||||
Digest_Encryption_ID rsaEncryption
|
||||
|
|
|
@ -58,7 +58,7 @@
|
|||
#include <openssl/rand.h>
|
||||
#include <openssl/buffer.h>
|
||||
|
||||
/*
|
||||
/*-
|
||||
* Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
|
||||
*
|
||||
* This module supplies three routines:
|
||||
|
|
|
@ -129,7 +129,7 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
|
|||
0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
|
||||
0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
|
||||
|
||||
/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
|
||||
/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
|
||||
0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
|
||||
0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
|
||||
};
|
||||
|
|
|
@ -79,7 +79,7 @@ void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
|
|||
d=key->data;
|
||||
|
||||
#if defined(RC4_CHUNK)
|
||||
/*
|
||||
/*-
|
||||
* The original reason for implementing this(*) was the fact that
|
||||
* pre-21164a Alpha CPUs don't have byte load/store instructions
|
||||
* and e.g. a byte store has to be done with 64-bit load, shift,
|
||||
|
@ -126,7 +126,7 @@ void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
|
|||
RC4_CHUNK ichunk,otp;
|
||||
const union { long one; char little; } is_endian = {1};
|
||||
|
||||
/*
|
||||
/*-
|
||||
* I reckon we can afford to implement both endian
|
||||
* cases and to decide which way to take at run-time
|
||||
* because the machine code appears to be very compact
|
||||
|
|
|
@ -84,7 +84,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
|
|||
hLen = EVP_MD_size(Hash);
|
||||
if (hLen < 0)
|
||||
goto err;
|
||||
/*
|
||||
/*-
|
||||
* Negative sLen has special meanings:
|
||||
* -1 sLen == hLen
|
||||
* -2 salt length is autorecovered from signature
|
||||
|
@ -182,7 +182,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
|
|||
hLen = EVP_MD_size(Hash);
|
||||
if (hLen < 0)
|
||||
goto err;
|
||||
/*
|
||||
/*-
|
||||
* Negative sLen has special meanings:
|
||||
* -1 sLen == hLen
|
||||
* -2 salt length is maximized
|
||||
|
|
|
@ -74,7 +74,7 @@ extern "C" {
|
|||
#define FIPS_SHA_SIZE_T size_t
|
||||
#endif
|
||||
|
||||
/*
|
||||
/*-
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
* ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||
* ! SHA_LONG_LOG2 has to be defined along. !
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*/
|
||||
#include <openssl/opensslconf.h>
|
||||
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
|
||||
/*
|
||||
/*-
|
||||
* IMPLEMENTATION NOTES.
|
||||
*
|
||||
* As you might have noticed 32-bit hash algorithms:
|
||||
|
|
|
@ -97,7 +97,8 @@ STACK_OF(type) \
|
|||
#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
|
||||
|
||||
|
||||
/* Strings are special: normally an lhash entry will point to a single
|
||||
/*-
|
||||
* Strings are special: normally an lhash entry will point to a single
|
||||
* (somewhat) mutable object. In the case of strings:
|
||||
*
|
||||
* a) Instead of a single char, there is an array of chars, NUL-terminated.
|
||||
|
@ -106,7 +107,7 @@ STACK_OF(type) \
|
|||
* So, they need their own declarations. Especially important for
|
||||
* type-checking tools, such as Deputy.
|
||||
*
|
||||
o * In practice, however, it appears to be hard to have a const
|
||||
* In practice, however, it appears to be hard to have a const
|
||||
* string. For now, I'm settling for dealing with the fact it is a
|
||||
* string at all.
|
||||
*/
|
||||
|
|
|
@ -101,7 +101,7 @@ extern "C" {
|
|||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
/*
|
||||
/*-
|
||||
MessageImprint ::= SEQUENCE {
|
||||
hashAlgorithm AlgorithmIdentifier,
|
||||
hashedMessage OCTET STRING }
|
||||
|
@ -113,7 +113,7 @@ typedef struct TS_msg_imprint_st
|
|||
ASN1_OCTET_STRING *hashed_msg;
|
||||
} TS_MSG_IMPRINT;
|
||||
|
||||
/*
|
||||
/*-
|
||||
TimeStampReq ::= SEQUENCE {
|
||||
version INTEGER { v1(1) },
|
||||
messageImprint MessageImprint,
|
||||
|
@ -135,7 +135,7 @@ typedef struct TS_req_st
|
|||
STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
|
||||
} TS_REQ;
|
||||
|
||||
/*
|
||||
/*-
|
||||
Accuracy ::= SEQUENCE {
|
||||
seconds INTEGER OPTIONAL,
|
||||
millis [0] INTEGER (1..999) OPTIONAL,
|
||||
|
@ -149,7 +149,7 @@ typedef struct TS_accuracy_st
|
|||
ASN1_INTEGER *micros;
|
||||
} TS_ACCURACY;
|
||||
|
||||
/*
|
||||
/*-
|
||||
TSTInfo ::= SEQUENCE {
|
||||
version INTEGER { v1(1) },
|
||||
policy TSAPolicyId,
|
||||
|
@ -183,7 +183,7 @@ typedef struct TS_tst_info_st
|
|||
STACK_OF(X509_EXTENSION) *extensions;
|
||||
} TS_TST_INFO;
|
||||
|
||||
/*
|
||||
/*-
|
||||
PKIStatusInfo ::= SEQUENCE {
|
||||
status PKIStatus,
|
||||
statusString PKIFreeText OPTIONAL,
|
||||
|
@ -226,7 +226,7 @@ typedef struct TS_status_info_st
|
|||
DECLARE_STACK_OF(ASN1_UTF8STRING)
|
||||
DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
|
||||
|
||||
/*
|
||||
/*-
|
||||
TimeStampResp ::= SEQUENCE {
|
||||
status PKIStatusInfo,
|
||||
timeStampToken TimeStampToken OPTIONAL }
|
||||
|
@ -241,7 +241,7 @@ typedef struct TS_resp_st
|
|||
|
||||
/* The structure below would belong to the ESS component. */
|
||||
|
||||
/*
|
||||
/*-
|
||||
IssuerSerial ::= SEQUENCE {
|
||||
issuer GeneralNames,
|
||||
serialNumber CertificateSerialNumber
|
||||
|
@ -254,7 +254,7 @@ typedef struct ESS_issuer_serial
|
|||
ASN1_INTEGER *serial;
|
||||
} ESS_ISSUER_SERIAL;
|
||||
|
||||
/*
|
||||
/*-
|
||||
ESSCertID ::= SEQUENCE {
|
||||
certHash Hash,
|
||||
issuerSerial IssuerSerial OPTIONAL
|
||||
|
@ -270,7 +270,7 @@ typedef struct ESS_cert_id
|
|||
DECLARE_STACK_OF(ESS_CERT_ID)
|
||||
DECLARE_ASN1_SET_OF(ESS_CERT_ID)
|
||||
|
||||
/*
|
||||
/*-
|
||||
SigningCertificate ::= SEQUENCE {
|
||||
certs SEQUENCE OF ESSCertID,
|
||||
policies SEQUENCE OF PolicyInformation OPTIONAL
|
||||
|
@ -694,7 +694,7 @@ void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
|
|||
void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
|
||||
void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
|
||||
|
||||
/*
|
||||
/*-
|
||||
* If ctx is NULL, it allocates and returns a new object, otherwise
|
||||
* it returns ctx. It initialises all the members as follows:
|
||||
* flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
|
||||
|
|
|
@ -393,7 +393,7 @@ int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
|
|||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
/*-
|
||||
* Verifies whether the 'token' contains a valid time stamp token
|
||||
* with regards to the settings of the context. Only those checks are
|
||||
* carried out that are specified in the context:
|
||||
|
|
|
@ -84,7 +84,8 @@ UI *UI_new(void);
|
|||
UI *UI_new_method(const UI_METHOD *method);
|
||||
void UI_free(UI *ui);
|
||||
|
||||
/* The following functions are used to add strings to be printed and prompt
|
||||
/*-
|
||||
The following functions are used to add strings to be printed and prompt
|
||||
strings to prompt for data. The names are UI_{add,dup}_<function>_string
|
||||
and UI_{add,dup}_input_boolean.
|
||||
|
||||
|
@ -243,7 +244,8 @@ UI_METHOD *UI_OpenSSL(void);
|
|||
|
||||
|
||||
/* ---------- For method writers ---------- */
|
||||
/* A method contains a number of functions that implement the low level
|
||||
/*-
|
||||
A method contains a number of functions that implement the low level
|
||||
of the User Interface. The functions are:
|
||||
|
||||
an opener This function starts a session, maybe by opening
|
||||
|
|
|
@ -140,7 +140,7 @@ void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *_inp,size_t bits)
|
|||
else /* bit-oriented loop */
|
||||
#endif
|
||||
{
|
||||
/*
|
||||
/*-
|
||||
inp
|
||||
|
|
||||
+-------+-------+-------
|
||||
|
|
|
@ -548,7 +548,7 @@ typedef struct Netscape_certificate_sequence
|
|||
STACK_OF(X509) *certs;
|
||||
} NETSCAPE_CERT_SEQUENCE;
|
||||
|
||||
/* Unused (and iv length is wrong)
|
||||
/*- Unused (and iv length is wrong)
|
||||
typedef struct CBCParameter_st
|
||||
{
|
||||
unsigned char iv[8];
|
||||
|
|
|
@ -610,7 +610,8 @@ X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x
|
|||
}
|
||||
|
||||
|
||||
/* Try to get issuer certificate from store. Due to limitations
|
||||
/*-
|
||||
* Try to get issuer certificate from store. Due to limitations
|
||||
* of the API this can only retrieve a single certificate matching
|
||||
* a given subject name. However it will fill the cache with all
|
||||
* matching certificates, so we can examine the cache for all
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue